verifier = new EbayWebhookVerifier( verificationToken: 'my-secret-token', endpointUrl: 'https://example.com/webhooks/ebay', ); } public function test_valid_signature_passes(): void { $body = '{"notification":{"data":{"orderId":"123"}}}'; $expected = base64_encode(hash('sha256', $body.'my-secret-tokenhttps://example.com/webhooks/ebay', binary: true)); $this->assertTrue($this->verifier->verify($body, $expected)); } public function test_invalid_signature_fails(): void { $this->assertFalse($this->verifier->verify('{"body":"x"}', 'invalidsignature')); } public function test_challenge_response_returns_correct_hash(): void { $challengeCode = 'abc123'; $expected = hash('sha256', $challengeCode.'my-secret-tokenhttps://example.com/webhooks/ebay'); $this->assertSame($expected, $this->verifier->challengeResponse($challengeCode)); } }