histrio/validate_flask_slack_request.py

## validate_flask_slack_request.py
def is_request_valid(request):
    is_token_valid = request.form['token'] == os.environ['SLACK_VERIFICATION_TOKEN']
    is_team_id_valid = request.form['team_id'] == os.environ['SLACK_TEAM_ID']

    slack_signing_secret = os.environ['SLACK_SIGNING_SECRET']
    timestamp = request.headers['X-Slack-Request-Timestamp'].encode()
    is_timestamp_valid = abs(time.time() - int(timestamp)) > 60 * 5

    sig_basestring = 'v0:' + timestamp + ':' + request.get_data()

    my_signature = 'v0=' + hmac.new(slack_signing_secret, msg=sig_basestring, digestmod=hashlib.sha256).hexdigest()
    slack_signature = request.headers['X-Slack-Signature'].encode()
    is_signature_valid = hmac.compare_digest(my_signature, slack_signature)

    return is_token_valid and is_team_id_valid and is_team_id_valid and is_signature_valid
	def is_request_valid(request):
	is_token_valid = request.form['token'] == os.environ['SLACK_VERIFICATION_TOKEN']
	is_team_id_valid = request.form['team_id'] == os.environ['SLACK_TEAM_ID']

	slack_signing_secret = os.environ['SLACK_SIGNING_SECRET']
	timestamp = request.headers['X-Slack-Request-Timestamp'].encode()
	is_timestamp_valid = abs(time.time() - int(timestamp)) > 60 * 5

	sig_basestring = 'v0:' + timestamp + ':' + request.get_data()

	my_signature = 'v0=' + hmac.new(slack_signing_secret, msg=sig_basestring, digestmod=hashlib.sha256).hexdigest()
	slack_signature = request.headers['X-Slack-Signature'].encode()
	is_signature_valid = hmac.compare_digest(my_signature, slack_signature)

	return is_token_valid and is_team_id_valid and is_team_id_valid and is_signature_valid