How to use the @slack/events-api/dist/.verifyRequestSignature function in @slack/events-api
To help you get started, we’ve selected a few @slack/events-api examples, based on popular ways it is used in public projects.
Secure your code as it's written. Use Snyk Code to scan source code in minutes - no build needed - and fix issues immediately.
seratch / slack-app-examples / serverless-gcp-template / index.js View on Github 
function handler(req, res) {
// https://cloud.google.com/functions/docs/writing/http
const body = isOnGoogleCloud() ? req.rawBody.toString() : req.body.toString();
console.log(`Request body: ${body}`);
try {
console.log(`X-Slack-Signature: ${req.get('X-Slack-Signature')}`);
// https://github.com/slackapi/node-slack-events-api/blob/v2.2.0/src/http-handler.js#L22-L58
verifyRequestSignature({
signingSecret: config.SLACK_SIGNING_SECRET,
requestSignature: req.get('X-Slack-Signature'),
requestTimestamp: req.get('X-Slack-Request-Timestamp'),
body: body
});
} catch (verificationErr) {
console.error(`Slack signature validation failed: ${verificationErr}`)
return res.status(401).json({ ok: false });
}
if (body.startsWith('{')) {
// application/json
const payload = JSON.parse(body);
if (payload.type === 'url_verification') {
// ------------------------------------
// Events API: url_verification@slack/events-api
Official library for using the Slack Platform's Web API
