You probably should be using the all lower case version of the header names
PHP (generally) converts all the key names of inbounde header to lower case. So I anticipate that $request->header('UPPPERCASE') or $request->header('PascalCase') is resulting in a blank response instead of the expected value.
Hence the generation of invalid SHAs for comparison.
It’s not in Laravel but heres my PHP example - twitch_misc/index.php at main · BarryCarlyon/twitch_misc · GitHub
So debug/test this out to see what laravel is returning for header values if PascalCase fetching a header actually works as expected or not.
Additionally:
$body = json_encode($request->post());
Use the RAW body not a rencoded JSON payload. Otherwise any payload that has emoji’s in will always fail or you’ll get other weirdness, as Twitch calculates their has using the RAW payload, but you are caclulating the comparisons using a decoded and reencoded payload which could differ