fetchAppProof example

if (isset($data['error']) && \is_string($data['error'])) {
            throw AppException::registrationFailed($appName$data['error']);
        }

        $proof = $data['proof'] ?? '';

        if (!\is_string($proof)) {
            throw AppException::registrationFailed($appName, 'The app server provided no proof');
        }

        if (!hash_equals($handshake->fetchAppProof()trim($proof))) {
            throw AppException::registrationFailed($appName, 'The app server provided an invalid proof');
        }

        return $data;
    }

    /** * @return array<string, string> */
    private function getConfirmationPayload(string $id, string $secretAccessKey, Context $context): array
    {
        
public function testAppProof(): void
    {
        $shopUrl = 'test.shop.com';
        $secret = 'stuff';
        $appEndpoint = 'https://test.com/install';
        $appName = 'testapp';
        $shopId = Random::getAlphanumericString(12);

        $handshake = new PrivateHandshake($shopUrl$secret$appEndpoint$appName$shopId, Kernel::SHOPWARE_FALLBACK_VERSION);

        $appProof = $handshake->fetchAppProof();

        static::assertEquals(hash_hmac('sha256', $shopId . $shopUrl . $appName$secret)$appProof);
    }
}
$appName = 'testapp';
        $shopId = Random::getAlphanumericString(12);

        $storeClientMock = $this->createMock(StoreClient::class);
        $storeClientMock->expects(static::once())
            ->method('signPayloadWithAppSecret')
            ->with($shopId . $shopUrl . $appName$appName)
            ->willReturn('1234');

        $handshake = new StoreHandshake($shopUrl$appEndpoint$appName$shopId$storeClientMock, Kernel::SHOPWARE_FALLBACK_VERSION);

        static::assertEquals('1234', $handshake->fetchAppProof());
    }

    public function testThrowsIfSbpRespondsWithUnauthorized(): void
    {
        $storeClient = $this->createMock(StoreClient::class);
        $json = \json_encode(['code' => 'ShopwarePlatformException-1']);

        static::assertNotFalse($json);

        $storeClient->method('signPayloadWithAppSecret')
            ->willThrowException(new ClientException(
                
Home | Imprint | This part of the site doesn't use cookies.