Context: I'm working on an embedded Shopify App, which utilizes the App Proxy feature for Shopify Apps. This will route requests such as example.myshopify.com/tools/myapp_api to your own server eg. example.com/api, with php-shopify running at /api.
For validation of these App Proxy requests, Shopify adds the following to the request GET (print of $_GET):
I was looking to see if the sdk already provides a way to validate these but it looks like it's not there. In AuthHelper::verifyShopifyRequest(), it looks like signature verification was done before but removed.
For now I am verifying it with my own implementation, but it would be great to just use this function to verify requests.
Hello,
Context: I'm working on an embedded Shopify App, which utilizes the App Proxy feature for Shopify Apps. This will route requests such as example.myshopify.com/tools/myapp_api to your own server eg. example.com/api, with php-shopify running at /api.
For validation of these App Proxy requests, Shopify adds the following to the request GET (print of $_GET):
I was looking to see if the sdk already provides a way to validate these but it looks like it's not there. In AuthHelper::verifyShopifyRequest(), it looks like signature verification was done before but removed.
For now I am verifying it with my own implementation, but it would be great to just use this function to verify requests.
Thanks