Move to HMAC verification of webhooks #1392
Description
I propose to move to verifying the HMAC hashed signature provided by Shopify as explained in the docs. This would be a lot safer than transmitting a plain secret as a query param. The header in question is "x-shopify-hmac-sha256". Should I provide the implementation?
Source: https://shopify.dev/docs/apps/build/webhooks/subscribe/https