Deciding Facebook signed request in Elixir

signed_request.ex

app_secret = Keyword.fetch!(config, :app_secret)
with [encoded_signature, encoded_payload] <- String.split(signed_request, "."),
     {:ok, signature} <- Base.url_decode64(encoded_signature, padding: false),
     {:ok, payload} <- Base.url_decode64(encoded_payload, padding: false),
     {:ok, payload} <- Jason.decode(payload),
     %{"algorithm" => "HMAC-SHA256"} <- payload,
     payload_signature = :crypto.hmac(:sha256, app_secret, encoded_payload),
     true <- Plug.Crypto.secure_compare(signature, payload_signature) do
  {:ok, payload}
else
  _error ->
    {:error, :invalid_signature}
end