Hi Bryan,
Thanks for the response.
I don’t know what you mean with “fully qualified UFRL”. The URL points to a php script that is hosted on a subdomain of my website which is hosted by SiteGround.
Having said that, I find it difficult to believe it’s the url that makes the difference.
Code has some reporting included that I left out in the before message for reading clarity.
But…
- When I send a test-event from the production environment of square (so not even the sandbox)
→ code is executed
→ When logging the $HashBase64 that I calculated I can see it to be equal to the signature square included in the message - When I do an actual subscription using a checkout link using real creditcard with real money
→ code is executed
→ When logging the $HashBase64 that I calculated I can see it to be different from the signature square included in the message
[EDIT]
Just updated the receiver:
response 200: Signature validation SUCCEED
response 202: Signature validation FAIL, but merchant_id and message type SUCCEED (match expectation)
response 299: Signature FAIL, merchant_id and/or type FAIL
If your logging can read return payload → I included hash calculation results
Current behaviour:
- Send test event in production environment → signature validation succeeds, response 200
- Actual subscription purchase in production environment → signature validation fails but message content is ok, merchant_id ok, type ok → response 202
So… issue remains… hash-calculation succeeds on test event but fails on real purchase
Any idea on how to proceed?