Skip to content

Instantly share code, notes, and snippets.

@danilopolani

danilopolani/Controller.php

Created June 29, 2023 09:09
Show Gist options
  • Star 0 You must be signed in to star a gist
  • Fork 0 You must be signed in to fork a gist
  • Save danilopolani/7add9e723636e4c9f3fdd06b8c945cc6 to your computer and use it in GitHub Desktop.
Save danilopolani/7add9e723636e4c9f3fdd06b8c945cc6 to your computer and use it in GitHub Desktop.
Download ZIP
Zendesk webhook signature validation with Laravel
Raw
Controller.php
<?php
// $request comes from your Controller method, but you can adjust with whatever framework you use
$signature = $request->header(ZendeskSupport::WEBHOOK_SIGNATURE_HEADER),
$timestamp = $request->header(ZendeskSupport::WEBHOOK_SIGNATURE_TIMESTAMP_HEADER),
$rawBody = $request->getContent();
$computedSignature = base64_encode(hash_hmac(
'sha256',
$timestamp . $rawBody,
'my_secret_key',
true // <--- Important: retrieve it in binary format, not lowercase hexits!
));
if ($computedSignature !== $signature) {
throw new \Exception('signature mismatching');
}
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment