Add temp logging to debug 401 for alliance pro staging

orbit-apps · Aug 15, 2024 · 034aaf3 · 034aaf3
1 parent 19ec73f
commit 034aaf3
Show file tree

Hide file tree

Showing 2 changed files with 15 additions and 6 deletions.
diff --git a/lib/shopify_api/plugs/admin_authenticator.ex b/lib/shopify_api/plugs/admin_authenticator.ex
@@ -103,13 +103,18 @@ defmodule ShopifyAPI.Plugs.AdminAuthenticator do
 
   defp validate_hmac(%ShopifyAPI.App{client_secret: secret}, params) do
     request_hmac = params["hmac"]
+    Logger.warning("Request hmac is #{request_hmac}")
 
-    params
-    |> Enum.reject(fn {key, _} -> key == "hmac" or key == "signature" end)
-    |> Enum.sort_by(&elem(&1, 0))
-    |> Enum.map_join("&", fn {key, value} -> key <> "=" <> value end)
-    |> ShopifyAPI.Security.base16_sha256_hmac(secret)
-    |> then(fn
+    hmac =
+      params
+      |> Enum.reject(fn {key, _} -> key == "hmac" or key == "signature" end)
+      |> Enum.sort_by(&elem(&1, 0))
+      |> Enum.map_join("&", fn {key, value} -> key <> "=" <> value end)
+      |> ShopifyAPI.Security.base16_sha256_hmac(secret)
+
+    Logger.warning("Hmac after checking against secret is #{hmac}")
+
+    then(hmac, fn
       ^request_hmac -> :ok
       _ -> {:error, :invalid_hmac}
     end)

diff --git a/lib/shopify_api/security.ex b/lib/shopify_api/security.ex
@@ -1,5 +1,9 @@
 defmodule ShopifyAPI.Security do
+  require Logger
+
   def base16_sha256_hmac(text, secret) do
+    Logger.warning("Hmac passed into ShopifyAPI.Security is #{text}")
+
     :sha256
     |> hmac(secret, text)
     |> Base.encode16()