# Created on savesnippets.com · https://savesnippets.com/YSge71pxhKuGXS
SECRET="my-shared-secret"
PAYLOAD='{"event":"order.created","id":"o_123"}'

# Compute HMAC-SHA256 as hex
echo -n "$PAYLOAD" | openssl dgst -sha256 -hmac "$SECRET" -binary | xxd -p -c 256
# Or directly as hex (newer openssl)
echo -n "$PAYLOAD" | openssl dgst -sha256 -hmac "$SECRET" -hex
# (stdin)= 7c4a8d09ca3762af61e59520943dc26494f8941b...

# Same in base64
echo -n "$PAYLOAD" | openssl dgst -sha256 -hmac "$SECRET" -binary | base64

# Verify a Stripe-style "t=…,v1=…" header
verify_stripe_sig() {
    local body="$1" sig_header="$2" secret="$3"
    local t v1
    t="$(echo "$sig_header" | grep -oE 't=[0-9]+' | cut -d= -f2)"
    v1="$(echo "$sig_header" | grep -oE 'v1=[0-9a-f]+' | cut -d= -f2)"
    local expected
    expected="$(echo -n "${t}.${body}" | openssl dgst -sha256 -hmac "$secret" -hex | awk '{print $NF}')"
    [[ "$expected" == "$v1" ]]
}