FROM CACHE - en_header
New Shopify Certification now available: Liquid Storefronts for Theme Developers

How to verify webhook token by C#

bl-shopify_Admi
Shopify Partner
4 0 0
‎07-20-2018 08:06 AM

Hi there,

I am following this link https://help.shopify.com/en/api/getting-started/webhooks#verify-webhook 

But cannot find the C# demo. Nevertheless the PHP demo can reflect the logic. Just the parameter $data is not very clear. Is it the request header or the body?

function verify_webhook($data, $hmac_header)
{
  $calculated_hmac = base64_encode(hash_hmac('sha256', $data, SHOPIFY_APP_SECRET, true));
  return hash_equals($hmac_header, $calculated_hmac);
}

 

2,406 Views
0 Likes
Report
Replies 3 (3)
Zameer
Shopify Staff
Shopify Staff
297 31 89
‎07-24-2018 10:59 PM

Hey!

Data is the request body. The following code snippet, also found in the tutorial you linked, shows how data is set in Ruby.

# Respond to HTTP POST requests sent to this web service
post '/' do
  request.body.rewind
  data = request.body.read
  verified = verify_webhook(data, env["HTTP_X_SHOPIFY_HMAC_SHA256"])

  # Output 'true' or 'false'
  puts "Webhook verified: #{verified}"
end

You should use the same concept to get the body of the request in C#!

To learn more visit the Shopify Help Center or the Community Blog.

2,406 Views
0 Likes
Report
bl-shopify_Admi
Shopify Partner
4 0 0
‎07-25-2018 07:39 AM

Hi mate,

Thank you for your response. 

I have understood that the content is the request Body and, my C# code about encrypt and encode works as well eventually. 

Thanks again.

2,406 Views
0 Likes
Report
ClementG
Shopify Partner
660 0 129
‎07-30-2018 09:17 AM

You might want to use the great ShopifySharp library.

https://github.com/nozzlegear/ShopifySharp

2,406 Views
0 Likes
Report
Community Browser
Terms of Service Privacy Policy