And also STRIPE_ENDPOINT_SECRET just in case it's ever used in tests.
Re-records Stripe tests. But some failed... :'(
Failed examples:
rspec ./spec/lib/stripe/credit_card_cloner_spec.rb:71 # Stripe::CreditCardCloner#find_or_clone when called with a valid customer and payment_method clones both the payment method and the customer
rspec ./spec/lib/stripe/payment_intent_validator_spec.rb[1:1:1:1:17:1:2] # Stripe::PaymentIntentValidator#call when payment intent is valid valid non-3D credit cards are correctly handled behaves like payments intents from UnionPay (debit) captures the payment
We should not need additional hard coded keys other than the API key and the CLIENT_ID; this PR removes hard coded customer ID - creates one instead
Undoes Stripe.api_key deletion
This was a mixup with an ongoing PR in which we remove the need to call api_key in each individual spec.
The second example on this sepec is commented out, and will be addressed on the following commit
Sets user email
We need to set an email for the user we're creating; if we don't, then each time we run the spec, a new user will be created with a random email - as per user factory. This will translate in a (slightly) different HTTP request each time the spec is ran, and will cause a VCR recording error as new cassettes cannot be recorded in under the CI.
Re-recordes cassette after rebase
Re-records cassettes
Creates a bogus publishable key
We need to feed some value to the ENV variables which are picked up from the local test environment, for the build to run. We could also store them all as environment secrets on our repo, but I don'r think this is necessary, as we only run recorderd API/VCR calls on our build, and never real API calls.
It allows us to list enterprises from any OFN server, not just ofn-au.
The app could even accept any enterprise on any server providing its
data in the DFC format.
The app has to provide a webhook URL to be notified when the app is
disconnected. Once we have better token management, we would have a
unique token per app and could revoke it. But for now it's just a
request to disconnect the app.
