Verify a Patreon webhook hash with PHP
<?php | |
// This example can be copied and pasted into Laravel. | |
// If you're not using Laravel, change the $request related stuff into PHP's native stuff (e.g. file_get_contents("php:///input") etc.) | |
function verifyPatreonHash(Request $request) { | |
$patreonBody = $request->getContent(); // This is the raw **body** of the request, which will be JSON (but don't json_decode it!) | |
$patreonSignature = $request->header('X-Patreon-Signature'); // And this is the header from Patreon | |
$webhookSecret = "Patreon Webhook Secret Here"; // This'll be the secret Patreon gave you when you created the webhook | |
$webhookHash = hash_hmac('md5', $patreonBody, $webhookSecret); // This is the hash we've calculated, based on the body and the secret | |
if(strtolower($webhookHash) == strtolower($patreonSignature)) { | |
return true; // Verification succeeded | |
} else { | |
return false; // Verification failed | |
} | |
} |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment