What is $_SERVER['HTTP_CB_SIGNATURE'] in coinbase api notification?

Question

Hi I am trying to use coinbase api,api implementation is Working fine but facing problem on notification. Accroding to documentation I have created Notification url and codes are bellow

<?php
   require_once('vendor/autoload.php');

use Coinbase\Wallet\Client;
use Coinbase\Wallet\Configuration;


$apiKey=" xxxx";
$apiSecret="xxxx";



$configuration = Configuration::apiKey($apiKey, $apiSecret);
$client = Client::create($configuration);

$raw_body = file_get_contents('php://input');
$signature = $_SERVER['HTTP_CB_SIGNATURE'];
$authenticity = $client->verifyCallback($raw_body, $signature); // boolean
if($authenticity){
 $data = json_decode($raw_body, true);
    mail("sahid4745@gmail.com","Coinbase Payment Notifications",print_r($order, true));
}
$message=$raw_body;
mail('sahid4745@gmail.com', 'My Subject', $message);



?>    

But this is producing error as Notice:

Undefined index: HTTP_CB_SIGNATURE in /home/exhakduz/api/webhooks.php on line 38

I Don't know actually what is server_cb_signature, if some one can explain that will be great help for me.

Answer 1

All entries in $_SERVER that begin with HTTP_ reflect the contents of HTTP request headers. The header name is converted to uppercase and - is converted to _. So if the client sends a header like Foo-Bar: blah, the value of $_SERVER['HTTP_FOO_BAR'] will be "blah".

The Coinbase documentation says that notifications are secured with a CB-SIGNATURE header, so $_SERVER['HTTP_CB_SIGNATURE'] should contain the contents of this header. I'm not sure why you're not getting it. Your code is exactly like the example code in the documentation.

Maybe there's something in your server configuration that's filtering out nonstandard headers?