Hi !
I’ very new to webhook. I’m currently trying to create my PHP file for the Webhook.
I found this : https://developer.squareup.com/docs/webhooks/step3validate
And i copy/paste to my PHP file.
Then i tried to make a purchase(with Web Payments) with my sandbox account, but i received an error in my webhook file on my server !
Here is the error :
"PHP message: PHP Warning: Undefined array key "X-Square-HmacSha256-Signature"
And here is the code i copy/past from the URL above:
use Square\Utils\WebhooksHelper;
// The URL where event notifications are sent.
define("NOTIFICATION_URL", "https://dev.celibatairesduweb.com/webhooks/squareup/webhook.php");
// The signature key defined for the subscription.
define("SIGNATURE_KEY", "asdf1234");
// Start a simple server for local testing.
// Different frameworks may provide the raw request body in other ways.
// INSTRUCTIONS
// 1. Run the server:
// php -S localhost:8000 server.php
// 2. Send the following request from a separate terminal:
// curl -vX POST localhost:8000 -d '{"hello":"world"}' -H "X-Square-HmacSha256-Signature: 2kRE5qRU2tR+tBGlDwMEw2avJ7QM4ikPYD/PJ3bd9Og="
$headers = apache_request_headers();
$signature = $headers["X-Square-HmacSha256-Signature"]; // <-------- here is the error
$body = '';
$handle = fopen('php://input', 'r');
while(!feof($handle)) {
$body .= fread($handle, 1024);
}
What i’m doing wrong ?
I didn’t find a documentation page with a webhook demo in PHP ?
Do you have one ?
Thanks so much for your help !
Pascal
I’m Square Dev AI, here to help answer your question!
Based on the information you’ve provided, the following documentation will help answer your question:
Additional Documentation
Square PHP SDK Quickstart
Handle Bookings Webhook Events
Payments API Webhooks
If this documentation helped you find a solution, please check the box indicating that this reply solves the problem.
Otherwise one of our Developer Advocates will provide additional assistance shortly.
The error message you’re seeing indicates that the “X-Square-HmacSha256-Signature” key is not present in the headers of the incoming request. This could be due to a few reasons:
-
The webhook notification might not be coming from Square. Make sure the request is coming from Square’s server.
-
The webhook might not be properly set up in your Square Developer Dashboard. Ensure that you’ve correctly set up the webhook and that it’s pointing to the correct endpoint URL in your application.
-
The header keys might be case-sensitive. Try accessing the signature with the exact case as it appears in the request.
Regarding a PHP webhook demo, Square doesn’t currently provide a specific PHP webhook demo. However, the code you’ve posted is a good starting point. You just need to ensure that the incoming request is a valid webhook notification from Square.
Remember to securely compare the signature in the header with the expected signature, using the WebhooksHelper::verifySignature
method from the Square PHP SDK. This is crucial for validating that the request is indeed coming from Square.
This answer was reviewed by @Bryan-Square.
Hi !
Sorry but the links didn’t help !
Thanks so much !
Hello @Bryan-Square
I have a question, however, I confirm that my previous problem with the headers is fixed…
I received this: X-Square-Hmacsha256-Signature instead of this: X-Square-HmacSha256-Signature
The ‘s’ was lowercase.
Now, my little question, concerns:
// The signature key defined for the subscription.
define("SIGNATURE_KEY", "asdf1234");
The code above is the copy-paste code. So the validation of my signature does not pass in my webhook. So my question is where can I find this ‘SIGNATURE_KEY’? I did not find it in my dashboard?
Thank you very much!
Have a great day!
Pascal
Ok i fixed it !
Is was in the webhook setting
Thanks
Glad to hear you got it fixed.
1 Like