Verify whether a request came from your app on Facebook - specifically used for Laravel

facebook-x-hub-verification

    /**
     * Verify whether the given request really comes from your app on FB
     *
     * @param Illuminate\Http\Request $request
     * @return bool
     **/
    public function verifySignature(Request $request)
    {
        if (! $request->hasHeader('X-Hub-Signature')) {
            return false;
        }

        list($algo, $hash) = explode('=', $request->header('X-Hub-Signature'), 2) + array('', '');

        if ($hash !== hash_hmac($algo, $request->getContent(), env('FACEBOOK_APP_SECRET')) {
            return false;
        }

        return true;
    }