laravel_shopify_app_proxy_middleware.php

<?php
namespace App\Http\Middleware;

use Closure;
use Illuminate\Http\Request;
use Illuminate\Support\Arr;

class VerifyProxy
{
    public function handle(Request $request, Closure $next)
    {
        if($request->has('shop') && $request->has('path_prefix') && $request->has('timestamp') && $request->has('signature'))
        {
            $signature_verify_data = [
                'path_prefix' => $request->get('path_prefix'),
                'shop' => $request->get('shop'),
                'logged_in_customer_id' => !empty($request->get('logged_in_customer_id')) ? $request->get('logged_in_customer_id') : '',
                'timestamp' => $request->get('timestamp'),
            ];

            ksort($signature_verify_data);

            $signature = str_replace('&', '', urldecode(Arr::query($signature_verify_data)));

            $verify_signature = hash_hmac('sha256', $signature, env('SHOPIFY_API_SECRET'));

            if(!hash_equals($request->get('signature'), $verify_signature))
            {
                abort(401, 'Proxy verification failed');
            }
        }
        else
        {
            abort(401, 'Proxy verification failed');
        }

        return $next($request);
    }
}

proxy_response_helper.php

<?php
if (! function_exists('proxy_response')) 
{
    function proxy_response($content = '', $status = 200, array $headers = [])
    {
        $headers['Content-Type'] = 'application/liquid';

        return response($content, $status, $headers);
    }
}