Bugfix incorrect api_key in SessionToken function (#1001)

Fixes an issue where the verifyValidity() function checks the api token against the global api_key instead of any shop specific token. Also fixes an infinite loop error that was occurring for myself, possibly related to: #962
gnikyt · Nov 17, 2021 · a2ea093 · a2ea093
1 parent d8c61ae
commit a2ea093
Showing 1 changed file with 1 addition and 1 deletion.
diff --git a/src/Objects/Values/SessionToken.php b/src/Objects/Values/SessionToken.php
@@ -251,7 +251,7 @@ protected function verifySignature(): void
     protected function verifyValidity(): void
     {
         Assert::that($this->iss)->contains($this->dest, self::EXCEPTION_INVALID);
-        Assert::that($this->aud)->eq(Util::getShopifyConfig('api_key'), self::EXCEPTION_INVALID);
+        Assert::that($this->aud)->eq(Util::getShopifyConfig('api_key', $this->getShopDomain()), self::EXCEPTION_INVALID);
     }
 
     /**