The task1 of Skills Assessment II of INTRODUCTION TO DESERIALIZATION ATTACKS

Hello Could someone give me some hints about task1 of Skills Assessment II of INTRODUCTION TO DESERIALIZATION ATTACKS?
I find the the key in page source which is ‘@pp_s3cret!!’ but can’t change the cookie.
Thanks!

This is my php code:

<?php
  $raw = 'YTozOntzOjI6ImlkIjtzOjE6IjMiO3M6ODoidXNlcm5hbWUiO3M6NzoicGVudGVzdCI7czo0OiJyb2xlIjtzOjE6IjEiO30';
  $salt = '@pp_s3cret!!';
  $secret = '@pp_s3cret!!'; 
  $final =  hash_hmac('sha1', $raw.$salt, $secret);
  echo $final

?>

To complete this exercise it is necessary to understand how HMAC works in the section “Patching Deserialization Vulnerabilities” and use the hash_hmac function for php.