This link contains examples in other languages but not Coldfusion.
If you are talking about webhooks created in the admin and not through the API its a matter generating an HMAC containing the message body you get from shopify in the reqest body and comparing that to the header x-shopify-hmac-sha256
<cfset shopifyWebhooksecret = [add your secret here]> <cfset httpRequestData= getHttpRequestData()> <cfset httpContent = httpRequestData.content> <cfset shopifyHmac = httpRequestData.headers["X-Shopify-Hmac-SHA256"]> <cfset calculated_hmac = HMAC(httpContent, shopifyWebhooksecret ,"HMACSHA256")> <cfset isValid = calculated_hmac EQ shopifyHmac>
if you are talking about verifying webhooks you added through the webhook api.. I'm trying to find an answer myself still 🙂
After a very long time, I've figured it out so if anyone else out there is having problems verifying webhooks with coldfusion here is the solution
<cfset httpcontent = getHTTPRequestData().content> <cfset shopifySecret = [Your Apps Shared Secret / API Secret Key]> <cfset shopifyhmac = getHttpRequestData().headers["x-shopify-hmac-sha256"]> <cfset calculatedHmac = binaryEncode(binaryDecode(hmac(httpContent, shopifySecret,"HMACSHA256"),"hex"),"base64")> <cfif calculatedhmac EQ shopifyhmac> .... good to go <cfelse> .. don't accept </cfif>
Would you love to unleash the unbridled power of the Google Shopping Channel into your sho...By Gabe Jan 6, 2023
How can you turn a hobby into a career? That’s what Emmanuel did while working as a wa...By Skye Dec 30, 2022