Webhook validation error : invalid signature passed about razorpay-php HOT 9 CLOSED

Which package version are you currently at?

from razorpay-php.

@captn3m0 2.*
"razorpay/razorpay": "2.*"

from razorpay-php.

@phpnets Can you give us the output of composer show|grep razorpay to give us the exact version?

from razorpay-php.

@captn3m0 the version is 2.0.2

from razorpay-php.

How are you reading the request JSON body?

from razorpay-php.

@captn3m0
I used below both methods both return the same (this is a Laravel project)

$requestBody 	   =  json_encode($oRequest->toArray());
OR
$requestBody 	   = $oRequest->getContent();

the $requestBody contains data I described in the question above

for header I used this code:

$razorPaySignature = $oRequest->header('X-Razorpay-Signature');

from razorpay-php.

1. Looks like you are trying to verify the webhook signature using the Key Secret. You must use the webhook secret that you have specified while setting up the webhook
2. Please make sure you are getting the raw request body correctly. Our webhook requests do not contain newlines.

from razorpay-php.

@captn3m0
Yeah, the new key secret was not updated with webhook. Now It is okay. And could you please clarify that the validation will not return true if it success ? So the try catch is enough to catch the unmatched hash?

try{
    	 $oApi->utility->verifyWebhookSignature($requestBody, $razorPaySignature, $this->RAZOR_PAY_SECRET_KEY) 
    }
    catch(Exception $e) {
    	Log::info('RazorPay Webhook validation Error: '.$e->getMessage());
    	die;
    }

Thank you for you support.

from razorpay-php.

Yes, we throw Razorpay\Errors\SignatureVerificationError in case the signature validation fails. The method will always return null

from razorpay-php.