As far as I know, that would require me to create what Stripe calls a “platform” and administer all Stripe API calls through my own code on my own server. If this server ever gets hacked or goes out of business, all users of this plugin would be screwed. Or every user of this plugin would have to setup and configure a platform with Stripe. In this case if user’s website gets hacked it doesn’t matter whether they used keys or oauth. Either way I don’t see how it would create a better experience for users of this plugin. They can also create a restricted key if they are concerned about excessive permissions. I’ll add a paragraph about that to readme.
If you are a developer and know how all this works and have experience creating and managing such platforms, contact me at [email protected]. Maybe there’s something I don’t see and if you’re interested I can pay you some $$$ for consulting and/or development.
Thanks!
