joawan/message_verification.js

## message_verification.js
const crypto = require('crypto');

const signSecret = process.env.SLACK_SIGN_SECRET;

const validateRequest = (requestSignature, requestTime, rawBody, validFor = 300) => {
  const requestValidFrom = Math.floor(Date.now() / 1000) - validFor;
  if (requestTime < requestValidFrom) {
    throw new Error(`Request outdated: !(${requestTime} < ${requestValidFrom})`);
  }

  const hmac = crypto.createHmac('sha256', signSecret);
  const [version, hash] = requestSignature.split('=');
  hmac.update(`${version}:${requestTime}:${rawBody}`);
  const digest = hmac.digest('hex');
  if (hash !== digest) {
    throw new Error(`Request signature mismatch: !('${hash}' === '${digest}')`);
  }
}
	const crypto = require('crypto');

	const signSecret = process.env.SLACK_SIGN_SECRET;

	const validateRequest = (requestSignature, requestTime, rawBody, validFor = 300) => {
	const requestValidFrom = Math.floor(Date.now() / 1000) - validFor;
	if (requestTime < requestValidFrom) {
	throw new Error(`Request outdated: !(${requestTime} < ${requestValidFrom})`);
	}

	const hmac = crypto.createHmac('sha256', signSecret);
	const [version, hash] = requestSignature.split('=');
	hmac.update(`${version}:${requestTime}:${rawBody}`);
	const digest = hmac.digest('hex');
	if (hash !== digest) {
	throw new Error(`Request signature mismatch: !('${hash}' === '${digest}')`);
	}
	}