Focuses on API authentication, access scopes, and permission management.
Hello, i am folowing this tutorial: Shopify App Development: How To Create Shopify Apps Locally - YouTube
my app installs fine, hmac is verified ,the problem is when requesting the store access token.
here is my code for the token.php file
<?php
// Get our helper functions
require_once("inc/functions.php");
// Set variables for our request
$api_key = "f5700c560e786cc16d2797dcb3563f28";
$shared_secret = "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";
$params = $_GET; // Retrieve all request parameters
$hmac = $_GET['hmac']; // Retrieve HMAC request parameter
$params = array_diff_key($params, array('hmac' => '')); // Remove hmac from params
ksort($params); // Sort params lexographically
$computed_hmac = hash_hmac('sha256', http_build_query($params), $shared_secret);
// Use hmac data to check that the response is from Shopify or not
if (hash_equals($hmac, $computed_hmac)) {
// Set variables for our request
$query = array(
"client_id" => $api_key, // Your API key
"client_secret" => $shared_secret, // Your app credentials (secret key)
"code" => $params['code'] // Grab the access key from the URL
);
// Generate access token URL
$access_token_url = "https://" . $params['shop'] . "/admin/oauth/access_token";
// Configure curl client and execute request
$ch = curl_init();
echo var_dump($ch);
echo var_dump($access_token_url);
echo var_dump($query);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
curl_setopt($ch, CURLOPT_URL, $access_token_url);
curl_setopt($ch, CURLOPT_POST, count($query));
curl_setopt($ch, CURLOPT_POSTFIELDS, http_build_query($query));
echo var_dump(http_build_query($query));
$result = curl_exec($ch);
curl_close($ch);
echo var_dump($result);
// Store the access token
$result = json_decode($result, true);
$access_token = $result['access_token'];
echo var_dump($result);
// Show the access token (don't do this in production!)
echo var_dump($access_token);
echo "<h1>testing heeyyy macarena</h1>" . $access_token;
} else {
// Someone is trying to be shady!
die('This request is NOT from Shopify!');
}
and here what this outputs:
Thank you!
Solved! Go to the solution
This is an accepted solution.
i found how to make it work.
i had to download and then add a certain cacert.pem file to be loaded in my php.ini of my local server.
PHP - SSL certificate error: unable to get local issuer certificate - Stack Overflow
when adding
echo curl_error($ch);
i get "error SSL certificate problem: unable to get local issuer certificate"
Hi @fredbleu
"SSL certificate problem: unable to get local issuer certificate" is a problem you can run into locally when your curl isn't set up to handle https correctly. You'll need to set up SSL in your environment. While I don't have specific instructions on how to set that up, I hope this helps point you towards a solution!
To learn more visit the Shopify Help Center or the Community Blog.
This is an accepted solution.
i found how to make it work.
i had to download and then add a certain cacert.pem file to be loaded in my php.ini of my local server.
PHP - SSL certificate error: unable to get local issuer certificate - Stack Overflow