Get api post request

Hi. I'm trying to save an API POST Request that gets sent from an external service callback to my app. The docs say The callback is a POST request with just JSON object in body and that i need to authenticate, You need to verify the callback authentication by validating the Authorisation header which is the same value as what you use to make a call to our APIs. base64 encoded client_id and secret as below:...

Heres the Auth header I use when sending a request and how i Auth for that:

$request = Http::acceptJson()->withHeaders([
            'Authorization' => 'Basic ' .
            base64_encode(config('settings.service_app_key') . ':' . config('settings.service_app_secret'))
        ])->post('https://www.external_service.com/api/1.0/request/send', $data);

This is my first service that i'm integrating into a project and not quite sure how to authenticate this external post request.

I've managed to use a request to the external service and get information back which worked perfectly, but not sure how to get a callback from them with the information.

Any pointers or references would be grateful.

Cheers

tykus

4 years ago

Level 104

So the inbound request comes with an Authorization header; you can retrieve this from the Request object:

$token = Str::of($request->header('Authorization')->after('Basic')->trim();

After that you simply need to compare with the encoded value; or, base64decode the $token and check it against your values in config:

if ($token) {
	[$serviceAppKey, $serviceAppSecret] = Str::of(base64_decode($token))->explode(':');

	return $serviceAppKey === config('settings.service_app_key') && $serviceAppSecret === config('settings.service_app_secret');
}
return false;

Please or to participate in this conversation.