//THE HIGHLIGHTED @RequestBody event String is the valueToDigest or the notification that we received
@RequestMapping(value = “/LocationChange”, method = RequestMethod.POST)
public ResponseEntity locationChange(
@RequestHeader Map<String, String> headers,
@RequestBody String event) {
//FETCHING THE HMAC HEADER VALUE PROVIDED BY SHOPIFY
String hmacsha256= headers.get(“x-shopify-hmac-sha256”);
//INITIALIZING HTE MAC INSTANCE
Mac mac = Mac.getInstance(“HmacSHA256”);
//TRIED USING BOTH THE KEY PROVIDED IN WEBHOOK LISTINGS PAGE AS WELL AS THE APP SECRET KEY NONE WORKS
SecretKeySpec secretKeySpec = new SecretKeySpec(secret.getBytes(), “HmacSHA256”);
mac.init(secretKeySpec);
//event = THE EVENT MESSAGE THAT WEB HOOK RECEIVES FROM SHOPIFY
byte encoded = mac.doFinal(event.getBytes());
output = Base64.encodeBase64String(encoded);
System.out.println("COMPUTED VALUE = "+output);
System.out.println("HMAC RESPONSE HEADER VALUE = "+hmacsha256); //EXAMPLE VALUE ac3AqT+pBH+qnWYtfCmOU1fcmIwEjkMNnIOS1e5Mkgc=
//THIS NEVER MATCHES
System.out.println("ARE EQUAL? = "+hmacsha256.equals(output)); //EXAMPLE VALUE vMgPGNHHXzIjyjteIJyy0VWZ7IdVrCFWwH5YAAt3Hd4=
}