I'm working on stripe integration and noticed that to generate token I'm able to provide amount and when using generated token I'm able to provide different amount and seems that stripe is fine with that. That's a little bit strange since I'm noticing user about one amount but I'm capable to charge with larger amount for example.
Integration type: https://stripe.com/docs/checkout
Note, that I'm using test account ( Visa Approved: 4242424242424242 ).
For example:
Frontend:
<form action=" method="POST">
<script
src="https://checkout.stripe.com/v2/checkout.js" class="stripe-button"
data-key="pk_test_XXXX"
data-amount="2000"
data-name="Demo Site"
data-description="2 widgets ($20.00)"
data-image="/128x128.png">
</script>
</form>
Backend:
$gateway = Omnipay::create('Stripe');
$gateway->initialize(array(
'apiKey' => 'sk_test_xxxx',
));
$response = $gateway->purchase([
'amount' => 21.00,
'currency' => 'usd',
'name' => "name",
'description' => "description",
'zip_address' => "",
'metadata' => [
'name' => "name",
'user_id' => "id"
],
'token' => "tok_xxx",
])->send();
As you can see here I provided larger amount ( 21USD ) than noticed user ( 20USD ) and Stripe is totaly fine with that, response:
"object" => "charge" "amount" => 2100 "status" => "succeeded"
Is it normal?
