laravel验证shopify webhook
如何在laravel中验证我的shopify Webhook? 目前我正在做以下工作:laravel验证shopify webhook,laravel,shopify,sha256,webhooks,verify,Laravel,Shopify,Sha256,Webhooks,Verify,如何在laravel中验证我的shopify Webhook? 目前我正在做以下工作: //Validate secret if ( Request::header( 'X-Shopify-Hmac-Sha256' ) ) { $hmac_header = Request::header( 'X-Shopify-Hmac-Sha256' ); $data = Request::json(); $calculated_hmac = base
//Validate secret
if ( Request::header( 'X-Shopify-Hmac-Sha256' ) ) {
$hmac_header = Request::header( 'X-Shopify-Hmac-Sha256' );
$data = Request::json();
$calculated_hmac = base64_encode( hash_hmac( 'sha256', $data, Config::get( 'constants.SHOPIFY_APP_SECRET' ), true ) );
if ( $hmac_header != $calculated_hmac ) {
return Response::json( array(
'error' => true,
'message' => "invalid secret" ),
403 );
}
}else {
return Response::json( array(
'error' => true,
'message' => "no secret" ),
403 );
}
但它失败了,并显示以下消息:
#0 [internal function]: Illuminate\Exception\Handler->handleError(2, 'hash_hmac() exp...', '/Users/JS/Sites...', 58, Array)
#1 /Users/JS/Sites/xxx/api/app/controllers/CustomerController.php(58): hash_hmac('sha256', Object(Symfony\Component\HttpFoundation\ParameterBag), 'xxxxxxxxxx...', true)
我怀疑这与我获取请求数据的方式有关:
$data = Request::json();
有人有解决办法吗?谢谢 遵循Shopify文档中给出的示例: 替换
$data = Request::json();
与
您仍然可以在其他地方使用
Request::json()
从webhook获取用于处理数据的参数包。遵循Shopify文档中给出的示例:
替换
$data = Request::json();
与
您仍然可以在其他地方使用
Request::json()
从webhook获取用于处理数据的参数包。遵循Shopify文档中给出的示例:
替换
$data = Request::json();
与
您仍然可以在其他地方使用
Request::json()
从webhook获取用于处理数据的参数包。遵循Shopify文档中给出的示例:
替换
$data = Request::json();
与
您仍然可以在其他地方使用
Request::json()
从webhook获取用于处理数据的参数包。这是我的处理程序,效果很好:
public function handle($request, Closure $next)
{
$data = file_get_contents('php://input');
$calculated_hmac = base64_encode(hash_hmac('sha256', $data, [SECRET], true));
if (!$hmac_header = $request->header('X-Shopify-Hmac-Sha256') or
$hmac_header != $calculated_hmac or $request->email == 'jon@doe.ca') {
return Response::json(['error' => true], 403);
}
return $next($request);
}
请注意:
$request->email=='jon@doe.ca“
用于因某种原因未收到测试挂钩的情况
[SECRET]
是webhook回调URL下的商店通知设置中的代码(您的所有webhook都将使用[SECRET]签名,以便您可以验证其完整性。)这是我的处理程序,工作正常:
public function handle($request, Closure $next)
{
$data = file_get_contents('php://input');
$calculated_hmac = base64_encode(hash_hmac('sha256', $data, [SECRET], true));
if (!$hmac_header = $request->header('X-Shopify-Hmac-Sha256') or
$hmac_header != $calculated_hmac or $request->email == 'jon@doe.ca') {
return Response::json(['error' => true], 403);
}
return $next($request);
}
请注意:
$request->email=='jon@doe.ca“
用于因某种原因未收到测试挂钩的情况
[SECRET]
是webhook回调URL下的商店通知设置中的代码(您的所有webhook都将使用[SECRET]签名,以便您可以验证其完整性。)这是我的处理程序,工作正常:
public function handle($request, Closure $next)
{
$data = file_get_contents('php://input');
$calculated_hmac = base64_encode(hash_hmac('sha256', $data, [SECRET], true));
if (!$hmac_header = $request->header('X-Shopify-Hmac-Sha256') or
$hmac_header != $calculated_hmac or $request->email == 'jon@doe.ca') {
return Response::json(['error' => true], 403);
}
return $next($request);
}
请注意:
$request->email=='jon@doe.ca“
用于因某种原因未收到测试挂钩的情况
[SECRET]
是webhook回调URL下的商店通知设置中的代码(您的所有webhook都将使用[SECRET]签名,以便您可以验证其完整性。)这是我的处理程序,工作正常:
public function handle($request, Closure $next)
{
$data = file_get_contents('php://input');
$calculated_hmac = base64_encode(hash_hmac('sha256', $data, [SECRET], true));
if (!$hmac_header = $request->header('X-Shopify-Hmac-Sha256') or
$hmac_header != $calculated_hmac or $request->email == 'jon@doe.ca') {
return Response::json(['error' => true], 403);
}
return $next($request);
}
请注意:
$request->email=='jon@doe.ca“
用于因某种原因未收到测试挂钩的情况
[SECRET]
是webhook回调URL下的商店通知设置中的代码(您的所有webhook都将使用[SECRET]签名,以便您可以验证其完整性。)