CODEWITHSUNDEEP
phplaravel
Dev.W
Dev.W

Reputation: 2360

Cant match local token to passed GoCardless token

I'm using laravel 5.3 with the GoCardless API and I'm trying to build out the endpoints so my application can handle events accordingly.

I'm reading the GoCardless documentation and it says do the following:

$token = getenv("GC_WEBHOOK_SECRET");

$raw_payload = file_get_contents('php://input');

$headers = getallheaders();
$provided_signature = $headers["Webhook-Signature"];

$calculated_signature = hash_hmac("sha256", $raw_payload, $token);

if ($provided_signature == $calculated_signature) {

} else {

};

I've converted the above into Laravel friendly controller speak.

public function hook(Request $request)
    {

        $token = env("GC_WEBHOOK_SECRET");

        $raw_payload = $request;

        $provided_signature = $request->header('Webhook-Signature');
        $calculated_signature = hash_hmac("sha256", $raw_payload, $token);

        if ($provided_signature == $calculated_signature) {
            Log::info('It was a match!');
        } else {
            Log::info('Something went wrong!');
        };


    }

but I can't get the $provided_signature to match the $calculated_signature, I've got a feeling it's something to do with the way I'm hashing the token from my env file.

Upvotes: 0

Views: 54

Answers (1)

Dev.W
Dev.W

Reputation: 2360

Solved it guys, all I needed to do was replace 

$raw_payload = $request;

with

$raw_payload = $request->getContent();

Upvotes: 1

Related Questions