]> git.cworth.org Git - turbot/blobdiff - turbot/slack.py
projects / turbot / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
Move some slack utility code into turbot/slack.py
[turbot] / turbot / slack.py
diff --git a/turbot/slack.py b/turbot/slack.py
new file mode 100644 (file)
index 0000000..d2d683d
--- /dev/null
+++ b/turbot/slack.py
@@ -0,0 +1,23 @@
+import hashlib
+import hmac
+import os
+
+slack_signing_secret = bytes(os.environ['SLACK_SIGNING_SECRET'], 'utf-8')
+
+def slack_is_valid_request(slack_signature, timestamp, body):
+    """Returns True if the timestamp and body correspond to signature.
+
+    This implements the Slack signature verification using the slack
+    signing secret (obtained via an SSM parameter in code above)."""
+
+    content = "v0:{}:{}".format(timestamp, body).encode('utf-8')
+
+    signature = 'v0=' + hmac.new(slack_signing_secret,
+                                 content,
+                                 hashlib.sha256).hexdigest()
+
+    if hmac.compare_digest(signature, slack_signature):
+        return True
+    else:
+        print("Bad signature: {} != {}".format(signature, slack_signature))
+        return False
A Slack app for Halibut That Bass