How can I verfiry the webhook request in PHP?

DreamOfIce · March 4, 2022, 3:30pm

This is my code:

function verifySecret($reqBody, $singature, $secret)
{
    $singature;
    $result = 'sha256=' . hash_hmac('sha256', $reqBody, $secret, false);
    echo $singature."\n".$result;
    return ($result == $singature);
}

//verify
verifySecret(file_get_contents("php://input"), $_SERVER['HTTP_X_HUB_SINGATURE_256'], $_ENV['WEBHOOK_SECRECT'])

But HMAC always doesn’t match,such as:

sha256=7efef67505739aee505dad71047acc1d6a7c66dad6b4d3188290d259e8934de4
sha256=49af42c0d9fa89a927a135e2648fd32a27d191d4225534bcb884c9d0768c2a46

Why?And What should I do?