class Slack::Events::Request

def valid?

Returns true if the signature coming from Slack is valid.

def valid?
  raise MissingSigningSecret unless signing_secret
  digest = OpenSSL::Digest.new('SHA256')
  signature_basestring = [version, timestamp, body].join(':')
  hex_hash = OpenSSL::HMAC.hexdigest(digest, signing_secret, signature_basestring)
  computed_signature = [version, hex_hash].join('=')
  computed_signature == signature
end

Instance Methods