Ask a Question
Back to All

Need help with my webhook signature on laravel/PHP

public function test(Request $request){

    $signingSecret = 'sk_test_UVzt5mdhyRgoZxK1C7YimXaV';
    $header_signature = $request->header('Paymongo_Signature');

    $header_signature_res =preg_split("/,/",$header_signature);
    $header_time_no_equal = preg_split("/=/",$header_signature_res[0]);

    //contains the time ex: 1716800978
    $header_time_no_equal_res = $header_time_no_equal[1];

    $header_string_no_equal = preg_split("/=/",$header_signature_res[1]);

    //contains the test mode signature without the 'te=' ex: 1447a89e7ecebeda32sffs62cdca3fa51cad7e77a0e56ff536d0ce8e108d8bd
    $header_string_no_equal_res = $header_string_no_equal[1];

    $payload= $request->getContent();
    //concatinated the time and $request->getContent() ex:1716800978{json response data} and the second value is my secret key ex: sk_test_UVzt5mdhyRgoZxK1C7YimXaV

    $computedSignature = hash_hmac('sha256',$header_time_no_equal_res.$payload, $signingSecret);

    $signature = hash_equals($header_string_no_equal_res.$header_string_no_equal_res,$computedSignature);
    if($signature == 1 || $signature == true){
          'payload' =>'valid',
          'payload' =>'Invalid'


May I ask you guys how to construc a signature validator in paymongo?
when I try running this program, the has_hmac() return value always return 0 instead of true. any help from you guys. Thanks in advance