maybe someone will be able to help me, I am trying out the new direct Storefront/Store-API communication to Appsystem Backend, released in SW6.5.5: https://developer.shopware.com/docs/guides/plugins/apps/clientside-to-app-backend. Generally it works, but I am not able to verify the JWT signature, maybe I am missing something.
As a verifier I generate
base64( hmacSha256( base64( header ) . base64( payload ), appSecret ) ).
However, it does not output the same signature as delivered in the shopware-app-token header. The verification is described somehow vague in the link above, I also tried using hmacSha256 ( shopId, appSecret ) instead of appSecret, but it still does not verify properly. Any ideas on what might be wrong here?
How to verify the JWT token in the new Storefront - App communication in Shopware 6.5.5?
103 Views Asked by realnaliboh At
1
There are 1 best solutions below
Related Questions in JWT
- Generate Databricks personal access token using REST API
- How to share JWT through 2 React.js Frontend
- I'm trying to understand JWT-based authorization between applications
- Error: Cannot invoke "jakarta.servlet.http.HttpSession.getAttribute(String)" because "session" is null
- How to implement Access / Refresh Tokens
- RequestClientCredentialsTokenAsync and ClientAssertion Encoded
- How to prevent users from creating custom client apps?
- Minimizing IdentityServer4 Round Trips in Microservice Architecture with Ocelot
- How to Link JWT User ID with PayPal Custom ID After Payment in Node.js?
- How to verify JWS (x5c chain) is signed by apple using Jose
- getting React Hook "useSetupInterceptors" cannot be called at the top level when try to use useSignOut hook
- System.InvalidOperationException: The AuthorizationPolicy named: 'Admin' was not found
- Wondering if AWS Amplify sdk for SSR automatically verifies user identities or JWT?
- Implementing JWT Token Authorization in .NET 8 using AddJwtBearer() with a Custom Role Based Attributes
- Extracting and Storing Value of a Initial Header in NGINX
Related Questions in SHOPWARE
- How to redirect all shopware logs (monolog) including plugins (bundles) to single target like a file or stderr
- Is it allowed to add snippet with custom key for tranlsation in theme?
- Add existing product to order with shopware 6 api
- How do I execute a custom flow trigger from a plugin in Shopware >=6.5?
- Unable to Use RequestStacks for Adding Content to Line-Item Payload after Shopware 6.5.4.0
- How Does Shopware 6 Import/Export Module Work
- Shopware 6 custom stock handling
- Add data to order overview table
- Usage Error during installation of Shopware 6
- How to use the comments icon for shopware 6
- How to customize invoice document using custom field
- Cart Webhooks / Flow Builder
- Shopware 6 Local Plugin Linting
- How to prevent artefacts in transparent images when generating thumbnails?
- Entity drafts in Shopware
Related Questions in SHOPWARE6
- Creating a modal window in product edit page in Shopware6 and saving data to custom table(repository) from a form within the modal window
- How to redirect all shopware logs (monolog) including plugins (bundles) to single target like a file or stderr
- Is it allowed to add snippet with custom key for tranlsation in theme?
- Add existing product to order with shopware 6 api
- How do I execute a custom flow trigger from a plugin in Shopware >=6.5?
- Shopware 6 mixed content error when using reverse proxy
- Unable to Use RequestStacks for Adding Content to Line-Item Payload after Shopware 6.5.4.0
- Updating the Home category content is not displayed
- How Does Shopware 6 Import/Export Module Work
- Shopware 6 custom stock handling
- Add data to order overview table
- Limit association query via Shopware 6 Admin API
- Usage Error during installation of Shopware 6
- How to use the comments icon for shopware 6
- How to customize invoice document using custom field
Related Questions in SHOPWARE6-API
- Add existing product to order with shopware 6 api
- Unable to Use RequestStacks for Adding Content to Line-Item Payload after Shopware 6.5.4.0
- Shopware 6 - store-api list orders with associated documents
- Access to Shopware API from CLI command without Client Credentials
- How do I query the Store API in a specific language
- How to update the delivery status via Shopware 6 API?
- Shopware 6: when loading a DocumentEntity, the associated Order is loaded with the wrong version
- Add Extension Media Icon via Store API
- Shopware 6 - Multiple Images and Variant Images how to get?
- Same product showing multiple times in the product list page
- Shopware 6 Storefront Login with Store API
- Shopware 6 API - Is there any way to get the full exception in the response?
- Why is my Store API filter on productStreams.name not working?
- Resend activation link for inactive customer with double opt-in
- Get Shopware 6 Product URL
Related Questions in SHOPWARE6-APP
- How to get the shop-id from the storefront or twig template in shopware 6 app?
- Shopware6: Is there a way to get rid of 'Configure' menu item during Application update?
- How do I query the Store API in a specific language
- How to manipulate prices / tax rules
- Shopware 6.5.7.1 Admin Extension SDK requires more unrelated permissions to CMS element
- How to fix Admin SDK custom CMS element not rendered
- Admin-sdk custom CMS element not displaying the Layout assignment
- We have an issue with connecting Shopware 6 with the Droppery plug-in. The auth is not working, so product imports are not possible
- Extending the sw-entity-multi-id-select does not work
- Same product showing multiple times in the product list page
- How to handle cms elements registered with Admin SDK in Shopware v6.5.7.X?
- Delay for message queue not available under Shopware 6.5?
- Calculate shipping costs by weight outside of cart in Shopware 6
- Shopware 6 How can make I create filter with custom field?
- Shopware 6 Storefront Login with Store API
Trending Questions
- UIImageView Frame Doesn't Reflect Constraints
- Is it possible to use adb commands to click on a view by finding its ID?
- How to create a new web character symbol recognizable by html/javascript?
- Why isn't my CSS3 animation smooth in Google Chrome (but very smooth on other browsers)?
- Heap Gives Page Fault
- Connect ffmpeg to Visual Studio 2008
- Both Object- and ValueAnimator jumps when Duration is set above API LvL 24
- How to avoid default initialization of objects in std::vector?
- second argument of the command line arguments in a format other than char** argv or char* argv[]
- How to improve efficiency of algorithm which generates next lexicographic permutation?
- Navigating to the another actvity app getting crash in android
- How to read the particular message format in android and store in sqlite database?
- Resetting inventory status after order is cancelled
- Efficiently compute powers of X in SSE/AVX
- Insert into an external database using ajax and php : POST 500 (Internal Server Error)
Popular # Hahtags
Popular Questions
- How do I undo the most recent local commits in Git?
- How can I remove a specific item from an array in JavaScript?
- How do I delete a Git branch locally and remotely?
- Find all files containing a specific text (string) on Linux?
- How do I revert a Git repository to a previous commit?
- How do I create an HTML button that acts like a link?
- How do I check out a remote Git branch?
- How do I force "git pull" to overwrite local files?
- How do I list all files of a directory?
- How to check whether a string contains a substring in JavaScript?
- How do I redirect to another webpage?
- How can I iterate over rows in a Pandas DataFrame?
- How do I convert a String to an int in Java?
- Does Python have a string 'contains' substring method?
- How do I check if a string contains a specific word?
So the problem was that I tried to use the app secret instead of the shop secret, since it was indicated like this in the documentation. I guess, the documentation should be changed at this point for more clarity.