1. ホーム
  2. 質問と答え
  3. LaravelのWoocommerce Webフックを確認してください

LaravelのWoocommerce Webフックを確認してください

2017-08-01 12 views
1

Laravelデータベースの商品アイテムを更新するWoocommerceウェブフックからのリクエストにより、データの入力を確認しようとしています。LaravelのWoocommerce Webフックを確認してください

VerifyWoocommerceという名前のミドルウェアを作成しました。これは、ログに表示されているとおり、正しく起動します。

入金リクエストが実際に詐欺師から来たものであることを確認する方法については少し不明です。ここで

は私のVerifyWoocommerce.php

<?php 

namespace App\Http\Middleware; 

use Closure; 
use Request; 
use Log; 

class VerifyWoocommerce 
{ 

    public function handle($request, Closure $next) 
    { 
     $signature = Request::header('x-wc-webhook-signature'); 
     $calculated_hmac = base64_encode(hash_hmac('sha256', $signature, env('WOOCOMMERCE_WEBHOOK_ITEM_UPDATED'), true)); 

     Log::debug($signature); 
     Log::debug($calculated_hmac); 


     return $next($request); 
    } 
}

両方の変数が異なる値を返すのです。私は正しい値を比較していますか?

UPDATE

はここWoocommerceは、あなたが実際にこの権利を得るために非常に近いです

[2017-08-01 15:12:34] local.DEBUG: array (
 
    'id' => 38, 
 
    'name' => 'Long Sleeve Tee', 
 
    'slug' => 'long-sleeve-tee', 
 
    'permalink' => 'http://velvetcake.local/product/long-sleeve-tee/', 
 
    'date_created' => '2017-07-31T07:45:31', 
 
    'date_created_gmt' => '2017-07-31T07:45:31', 
 
    'date_modified' => '2017-08-01T15:12:33', 
 
    'date_modified_gmt' => '2017-08-01T15:12:33', 
 
    'type' => 'simple', 
 
    'status' => 'publish', 
 
    'featured' => false, 
 
    'catalog_visibility' => 'visible', 
 
    'description' => '<p>Pellentesque habitant morbi tristique senectus et netus et malesuada fames ac turpis egestas. Vestibulum tortor quam, feugiat vitae, ultricies eget, tempor sit amet, ante. Donec eu libero sit amet quam egestas semper. Aenean ultricies mi vitae est. Mauris placerat eleifend leo.</p>', 
 
    'short_description' => NULL, 
 
    'sku' => NULL, 
 
    'price' => '25', 
 
    'regular_price' => '25', 
 
    'sale_price' => NULL, 
 
    'date_on_sale_from' => NULL, 
 
    'date_on_sale_from_gmt' => NULL, 
 
    'date_on_sale_to' => NULL, 
 
    'date_on_sale_to_gmt' => NULL, 
 
    'price_html' => '<span class="woocommerce-Price-amount amount"><span class="woocommerce-Price-currencySymbol">&#82;</span>21.93</span>', 
 
    'on_sale' => false, 
 
    'purchasable' => true, 
 
    'total_sales' => 0, 
 
    'virtual' => false, 
 
    'downloadable' => false, 
 
    'downloads' => 
 
    array (
 
), 
 
    'download_limit' => -1, 
 
    'download_expiry' => -1, 
 
    'external_url' => NULL, 
 
    'button_text' => NULL, 
 
    'tax_status' => 'taxable', 
 
    'tax_class' => NULL, 
 
    'manage_stock' => false, 
 
    'stock_quantity' => NULL, 
 
    'in_stock' => true, 
 
    'backorders' => 'no', 
 
    'backorders_allowed' => false, 
 
    'backordered' => false, 
 
    'sold_individually' => false, 
 
    'weight' => NULL, 
 
    'dimensions' => 
 
    array (
 
    'length' => NULL, 
 
    'width' => NULL, 
 
    'height' => NULL, 
 
), 
 
    'shipping_required' => true, 
 
    'shipping_taxable' => true, 
 
    'shipping_class' => NULL, 
 
    'shipping_class_id' => 0, 
 
    'reviews_allowed' => true, 
 
    'average_rating' => '0.00', 
 
    'rating_count' => 0, 
 
    'related_ids' => 
 
    array (
 
    0 => 40, 
 
    1 => 39, 
 
    2 => 41, 
 
), 
 
    'upsell_ids' => 
 
    array (
 
), 
 
    'cross_sell_ids' => 
 
    array (
 
), 
 
    'parent_id' => 0, 
 
    'purchase_note' => NULL, 
 
    'categories' => 
 
    array (
 
    0 => 
 
    array (
 
     'id' => 18, 
 
     'name' => 'Tshirts', 
 
     'slug' => 'tshirts', 
 
    ), 
 
), 
 
    'tags' => 
 
    array (
 
), 
 
    'images' => 
 
    array (
 
    0 => 
 
    array (
 
     'id' => 19, 
 
     'date_created' => '2017-07-31T07:45:31', 
 
     'date_created_gmt' => '2017-07-31T07:45:31', 
 
     'date_modified' => '2017-07-31T07:45:31', 
 
     'date_modified_gmt' => '2017-07-31T07:45:31', 
 
     'src' => 'http://velvetcake.local/wp-content/uploads/2017/07/long-sleeve-tee.jpg', 
 
     'name' => 'Long Sleeve Tee', 
 
     'alt' => NULL, 
 
     'position' => 0, 
 
    ), 
 
), 
 
    'attributes' => 
 
    array (
 
), 
 
    'default_attributes' => 
 
    array (
 
), 
 
    'variations' => 
 
    array (
 
), 
 
    'grouped_products' => 
 
    array (
 
), 
 
    'menu_order' => 0, 
 
    'meta_data' => 
 
    array (
 
), 
 
) 
 
[2017-08-01 15:15:05] local.DEBUG: array (
 
    'id' => 37, 
 
    'name' => 'Hoodie', 
 
    'slug' => 'hoodie', 
 
    'permalink' => 'http://velvetcake.local/product/hoodie/', 
 
    'date_created' => '2017-07-31T07:45:31', 
 
    'date_created_gmt' => '2017-07-31T07:45:31', 
 
    'date_modified' => '2017-08-01T15:15:04', 
 
    'date_modified_gmt' => '2017-08-01T15:15:04', 
 
    'type' => 'simple', 
 
    'status' => 'publish', 
 
    'featured' => true, 
 
    'catalog_visibility' => 'visible', 
 
    'description' => '<p>Pellentesque habitant morbi tristique senectus et netus et malesuada fames ac turpis egestas. Vestibulum tortor quam, feugiat vitae, ultricies eget, tempor sit amet, ante. Donec eu libero sit amet quam egestas semper. Aenean ultricies mi vitae est. Mauris placerat eleifend leo.</p>', 
 
    'short_description' => NULL, 
 
    'sku' => NULL, 
 
    'price' => '42', 
 
    'regular_price' => '45', 
 
    'sale_price' => '42', 
 
    'date_on_sale_from' => NULL, 
 
    'date_on_sale_from_gmt' => NULL, 
 
    'date_on_sale_to' => NULL, 
 
    'date_on_sale_to_gmt' => NULL, 
 
    'price_html' => '<del><span class="woocommerce-Price-amount amount"><span class="woocommerce-Price-currencySymbol">&#82;</span>39.47</span></del> <ins><span class="woocommerce-Price-amount amount"><span class="woocommerce-Price-currencySymbol">&#82;</span>36.84</span></ins>', 
 
    'on_sale' => true, 
 
    'purchasable' => true, 
 
    'total_sales' => 1, 
 
    'virtual' => false, 
 
    'downloadable' => false, 
 
    'downloads' => 
 
    array (
 
), 
 
    'download_limit' => -1, 
 
    'download_expiry' => -1, 
 
    'external_url' => NULL, 
 
    'button_text' => NULL, 
 
    'tax_status' => 'taxable', 
 
    'tax_class' => NULL, 
 
    'manage_stock' => false, 
 
    'stock_quantity' => NULL, 
 
    'in_stock' => true, 
 
    'backorders' => 'no', 
 
    'backorders_allowed' => false, 
 
    'backordered' => false, 
 
    'sold_individually' => false, 
 
    'weight' => NULL, 
 
    'dimensions' => 
 
    array (
 
    'length' => NULL, 
 
    'width' => NULL, 
 
    'height' => NULL, 
 
), 
 
    'shipping_required' => true, 
 
    'shipping_taxable' => true, 
 
    'shipping_class' => NULL, 
 
    'shipping_class_id' => 0, 
 
    'reviews_allowed' => true, 
 
    'average_rating' => '0.00', 
 
    'rating_count' => 0, 
 
    'related_ids' => 
 
    array (
 
    0 => 35, 
 
    1 => 34, 
 
    2 => 36, 
 
), 
 
    'upsell_ids' => 
 
    array (
 
), 
 
    'cross_sell_ids' => 
 
    array (
 
), 
 
    'parent_id' => 0, 
 
    'purchase_note' => NULL, 
 
    'categories' => 
 
    array (
 
    0 => 
 
    array (
 
     'id' => 17, 
 
     'name' => 'Hoodies', 
 
     'slug' => 'hoodies', 
 
    ), 
 
), 
 
    'tags' => 
 
    array (
 
), 
 
    'images' => 
 
    array (
 
    0 => 
 
    array (
 
     'id' => 18, 
 
     'date_created' => '2017-07-31T07:45:31', 
 
     'date_created_gmt' => '2017-07-31T07:45:31', 
 
     'date_modified' => '2017-07-31T07:45:31', 
 
     'date_modified_gmt' => '2017-07-31T07:45:31', 
 
     'src' => 'http://velvetcake.local/wp-content/uploads/2017/07/hoodie.jpg', 
 
     'name' => 'Hoodie', 
 
     'alt' => NULL, 
 
     'position' => 0, 
 
    ), 
 
), 
 
    'attributes' => 
 
    array (
 
), 
 
    'default_attributes' => 
 
    array (
 
), 
 
    'variations' => 
 
    array (
 
), 
 
    'grouped_products' => 
 
    array (
 
), 
 
    'menu_order' => 0, 
 
    'meta_data' => 
 
    array (
 
), 
 
)

出典

2017-08-01 Marcus Christiansen

+0

は[lookeを取りますここに](https://github.com/kloon/WooCommerce-REST-API-Client-Library)、それがあなたを助けることができるかどうかを見てください! – Maraboc

+0

@MarabocはこれをWoocommerceに送信するためのものではありませんか?私はWebHook経由でLaravelのwoocommerceからデータを受け取ります。 –

+0

@MarcusChristiansen下記の私の答えをチェックしてください。計算されたヘッダーに要求されたヘッダーのHMAC Sentと一致する場合は、次の要求に進むことができます。 –

答えて

0

ここに私の最終的な解決策はhash_hmac関数の2番目のパラメータは、私がリクエストから得た文字列としてリクエストボディを必要と

public function handle($request, Closure $next) 
{ 
    $signature = Request::header('x-wc-webhook-signature'); 

    $payload = Request::getContent(); 
    $calculated_hmac = base64_encode(hash_hmac('sha256', $payload, env('WOOCOMMERCE_WEBHOOK_ITEM_UPDATED'), true)); 

    if($signature != $calculated_hmac) { 
     return false; 
    } 

    return $next($request); 
}

です::のgetContent()

出典

2017-08-01 16:36:32

0

を送信して、本体の出力です。私はあなたに、何が起こる必要があるかについての高水準の概要/擬似コードを提供します(または、私はコードを書くことになります、以下を参照)。

public function handle(Request $request, Closure $next) 
    { 
    // Get the HMAC value from request/header from the Woocommerce request, whatever the hmac value you want is called 
    $hmac = $request->get('hmac'); 

    // Get the signature - your secret 
    $signature = Request::header('x-wc-webhook-signature'); 

    /* Get the woocommerce URL 
    * They should give you a code or some kind of ID and also a TIMESTAMP (this is important in your HMAC Calculation) in the request 
    * You'd need to figure out this bit 
    */ 
    $woocommerceData = $request->get('woocomerceData'); 

    // Calculate the HMAC 
    $calculatedHmac = hash_hmac('sha256', $woocommerceData, $secret, true); 

    // encode the calculated HMAC 
    $calculatedHmac = base64_encode($calculatedHmac) 

    // Check if the HMAC and Calculated HMAC Match, if they do continue 
    if ($hmac == $calculatedHmac) { 
     return $next($request); 
    } 
    // If they don't stop processing 
    else { 
     return false; 
    } 
}

出典

2017-08-01 11:19:46

+0

Giolliano。私はタイムスタンプ/ URLとWoocommerceリクエストからのHMAC値を見つけることを争っています。私は間違った場所を探していますか? Woocommerceからのリクエストの元の投稿に更新を追加しました。 –

+0

@MarcusChristiansenこちらをご覧ください:https://docs.woocommerce.com/wp-content/uploads/2015/01/woocommerce-webhook-log.png woocommerceのドキュメントをご覧ください。彼らがどのように 'wc-webhook-signature' +コンテンツの' arg'を持っているかを見てください。そのデータを使用してHMACを試して計算し、投稿要求の日付/時刻を使用してください。 –

関連する問題

 関連する問題