Bugfix incorrect api_key in SessionToken function

Fixes an issue where the verifyValidity() function checks the api token against the global api_key instead of any shop specific token. Also fixes an infinite loop error that was occurring for myself, possibly related to: gnikyt#962
ClaraLeigh · Nov 1, 2021 · 4a5919d · 4a5919d
1 parent d8c61ae
commit 4a5919d
Showing 1 changed file with 1 addition and 1 deletion.
diff --git a/src/Objects/Values/SessionToken.php b/src/Objects/Values/SessionToken.php
@@ -251,7 +251,7 @@ protected function verifySignature(): void
     protected function verifyValidity(): void
     {
         Assert::that($this->iss)->contains($this->dest, self::EXCEPTION_INVALID);
-        Assert::that($this->aud)->eq(Util::getShopifyConfig('api_key'), self::EXCEPTION_INVALID);
+        Assert::that($this->aud)->eq(Util::getShopifyConfig('api_key', $this->getShopDomain()), self::EXCEPTION_INVALID);
     }
 
     /**