Ecosyste.ms: Awesome

An open API service indexing awesome lists of open source software.

Awesome Lists | Featured Topics | Projects

https://github.com/kkweon/slack-verify

Slack Verify Request using HMAC
https://github.com/kkweon/slack-verify

Last synced: about 1 month ago
JSON representation

Slack Verify Request using HMAC

Host: GitHub
URL: https://github.com/kkweon/slack-verify
Owner: kkweon
License: mit
Created: 2018-12-20T23:19:29.000Z (about 6 years ago)
Default Branch: master
Last Pushed: 2018-12-21T00:38:10.000Z (about 6 years ago)
Last Synced: 2024-11-14T09:32:21.306Z (2 months ago)
Language: Rust
Homepage: https://kkweon.github.io/slack-verify/
Size: 4.12 MB
Stars: 0
Watchers: 2
Forks: 0
Open Issues: 0
Metadata Files:
- Readme: README.md
- License: LICENSE

Awesome Lists containing this project

README

        # slack-verify

[![Build Status](https://travis-ci.com/kkweon/slack-verify.svg?branch=master)](https://travis-ci.com/kkweon/slack-verify)

[![Coverage Status](https://coveralls.io/repos/github/kkweon/slack-verify/badge.svg?branch=master)](https://coveralls.io/github/kkweon/slack-verify?branch=master)

[Read the official documentation from Slack](https://api.slack.com/docs/verifying-requests-from-slack)

> Slack signs its requests using a secret that's unique to your app.

> Slack creates a unique string for your app and shares it with you. Verify requests from Slack with confidence by verifying signatures using your signing secret.

> On each HTTP request that Slack sends, we add an X-Slack-Signature HTTP header. The signature is created by combining the signing secret with the body of the request we're sending using a standard HMAC-SHA256 keyed hash.

> The resulting signature is unique to each request and doesn't directly contain any secret information. That keeps your app secure, preventing bad actors from causing mischief.