I'm attempting to verify the signature of the Order Management refund endpoint. It's important to note that this same exact signature verification method works perfectly for checkout.
We take all of the body fields that start with 'x_' apart from the x_signature, sort them alphabetically generate the hmac and compare it with the provided x_signature.
Here's an example:
1. Received body:
2.Message used for signature
Again, it's generated through the exact same method checkout uses and works as expected. I simply can't figure out what I'm missing. Is it something about the gateway reference being null? This is what shopify sends though.
If we ignore the validation of the request, and move on to sending the response acknowledgment of the responses is also a 422.
Any help is super appreciated, thank you.
|2 hours ago|
|3 hours ago|