FROM CACHE - en_header
Promotion image

How can I fix HMAC validation failure in PHP for a Shopify App?

How can I fix HMAC validation failure in PHP for a Shopify App?

OlegarioF
Visitor
2 0 0
‎01-06-2022 12:03 PM

Hello, I need help with the hmac validation, I am creating a Shopify App but to confirm installation I need to add the security checks, the problem is to validate the hmac because the documentation has a Ruby example but I need to do it with PHP, I have been doing many test and always I am getting FALSE after compare the hmacs.

 

Here my code:

 

        $hmac = $params['hmac'];
        $secret = 'hush';
        $uri = $request->getUri();

        //get the queries from the URI
        $queryString = $uri->getQuery();

        //remove the hmac from the query string
        $queryString = str_replace('&hmac='.$hmac, '', $queryString);

        //create the hmac
        $crypted = hash_hmac('sha256', $queryString, $secret);
    
        //verify if the hmacs match
        $validation = hash_equals($crypted, $hmac);

        error_log('VALIDATION '.var_export($validation, true));

 

 

Please help me!

Thanks in advance

607 Views
0 Likes
Report
Replies 0 (0)

Community Blog Articles

427225466-7b141305-de27-48eb-8d38-643ba2ed8c3f.jpg
The power of automation: New Shopify Flow fundamentals learning path

Discover how to increase the efficiency of commerce operations with Shopify Academy's l...

By Jacqui Mar 26, 2025
shopp-e-1741972742895593780274096851.png
Canadian merchants: Update account details by March 24, 2025 to continue us...

Shopify and our financial partners regularly review and update verification requiremen...

By Jacqui Mar 14, 2025
Shopify_0-1741780029041.png
New learning path from Shopify Academy: How to create a digital marketing s...

Unlock the potential of marketing on your business growth with Shopify Academy's late...

By Shopify Mar 12, 2025
Terms of Service Privacy Policy