Topics covering webhook creation & management, event handling, Pub/Sub, and Eventbridge, in Shopify apps.
Hi there,
I am following this link https://help.shopify.com/en/api/getting-started/webhooks#verify-webhook
But cannot find the C# demo. Nevertheless the PHP demo can reflect the logic. Just the parameter $data is not very clear. Is it the request header or the body?
function verify_webhook($data, $hmac_header)
{
$calculated_hmac = base64_encode(hash_hmac('sha256', $data, SHOPIFY_APP_SECRET, true));
return hash_equals($hmac_header, $calculated_hmac);
}
Hey!
Data is the request body. The following code snippet, also found in the tutorial you linked, shows how data is set in Ruby.
# Respond to HTTP POST requests sent to this web service
post '/' do
request.body.rewind
data = request.body.read
verified = verify_webhook(data, env["HTTP_X_SHOPIFY_HMAC_SHA256"])
# Output 'true' or 'false'
puts "Webhook verified: #{verified}"
end
You should use the same concept to get the body of the request in C#!
To learn more visit the Shopify Help Center or the Community Blog.
Hi mate,
Thank you for your response.
I have understood that the content is the request Body and, my C# code about encrypt and encode works as well eventually.
Thanks again.
You might want to use the great ShopifySharp library.