Check HMAC
private function CheckHMAC($sSercet)
{
if (!$sSercet) throw new Exception('Sercet key is not defined');
$sPostData = file_get_contents('php://input');
$sCheckSign = base64_encode(hash_hmac('SHA256', $sPostData, $sSercet, true));
$sRequestSign = isset($_SERVER['HTTP_CONTENT_HMAC']) ? $_SERVER['HTTP_CONTENT_HMAC'] : '';
if ($sCheckSign !== $sRequestSign) {
throw new Exception('Hacking atempt!');
};
return true;
}