v1.2.8 webhook hmacHeader fixed

fareskato · Mar 4, 2024 · c7335dc · c7335dc
1 parent ea81658
commit c7335dc
Show file tree

Hide file tree

Showing 2 changed files with 5 additions and 7 deletions.
diff --git a/main.go b/main.go
@@ -10,7 +10,6 @@ type Shopify struct {
 	storeName       string
 	storeApiVersion string
 	storeWebHookKey string
-	hmacHeader      string
 }
 
 // init the store with store credentials so U can interact
@@ -22,7 +21,6 @@ func New(su, sp, sn, apiV, swhk string) Shopify {
 		storeName:       sn,
 		storeApiVersion: apiV,
 		storeWebHookKey: swhk,
-		hmacHeader:      "X-Shopify-Hmac-SHA256",
 	}
 }
 

diff --git a/webhooks.go b/webhooks.go
@@ -9,26 +9,26 @@ import (
 	"github.com/fareskato/fkshopify/fkutils"
 )
 
-func (s Shopify) verifyWebHook(data []byte) bool {
+func (s Shopify) verifyWebHook(data []byte, hmacHeader string) bool {
 	secret := []byte(s.storeWebHookKey)
 	computedHMAC := hmac.New(sha256.New, secret)
 	computedHMAC.Write(data)
 	expectedHMAC := computedHMAC.Sum(nil)
-	decodedHMAC, err := base64.StdEncoding.DecodeString(s.hmacHeader)
+	decodedHMAC, err := base64.StdEncoding.DecodeString(hmacHeader)
 	if err != nil {
 		return false
 	}
 	return hmac.Equal(expectedHMAC, decodedHMAC)
 }
-func WebHookCreateEntity[T any](s Shopify, t T, reqBody []byte) (*T, error) {
+func WebHookCreateEntity[T any](s Shopify, t T, hmacHeader string, reqBody []byte) (*T, error) {
 	if s.storeWebHookKey == "" {
 		return nil, fkutils.ErrWebHookMissed
 	}
-	if s.hmacHeader == "" {
+	if hmacHeader == "" {
 		return nil, fkutils.ErrHmacHeaderMissed
 	}
 
-	if !s.verifyWebHook(reqBody) {
+	if !s.verifyWebHook(reqBody, hmacHeader) {
 		return nil, fkutils.ErrInvalidWebHookKey
 	}
 	err := json.Unmarshal(reqBody, &t)