/** * @param Request $request * @param StoreEntity $store * @return string * @throws InvalidShopifyHmac */ public function verifyWebhookRequest(Request $request, StoreEntity $store) { $hmac_header = $request->headers->get('X_SHOPIFY_HMAC_SHA256'); $calculated_hmac = base64_encode(hash_hmac('sha256', $request->getContent(), $store->getShopifySecretToken(), true)); if ($hmac_header != $calculated_hmac) { throw new InvalidShopifyHmac(); } return $calculated_hmac; }