3 releases
0.1.2 | Mar 4, 2020 |
---|---|
0.1.1 | Feb 29, 2020 |
0.1.0 | Feb 29, 2020 |
#36 in #signature-verification
15KB
144 lines
slack-http-verifier
This crate implements verification of Slack's request tokens, as described here.
There is out-of-the-box support for reqwest::blocking::Request, and
http::Request, but you can create a newtype implementing HTTPRequest
to suit
your own needs.
Use the HTTP Request API:
use slack_http_verifier::SlackHTTPVerifier;
let verifier = SlackHTTPVerifier::new("abcd1234...").unwrap();
// ... Receive a request somehow ...
assert!(verifier.verify(&req).is_ok());
Or use the raw API:
use slack_http_verifier::SlackVerifier;
let verifier = SlackVerifier::new("abcd1234...").unwrap();
// ... Receive a request somehow ...
let ts = req.get("X-Slack-Request-Timestamp");
let sig = req.get("X-Slack-Signature");
let body = req.body().as_str();
assert!(verifier.verify(&ts, &body, &sig).is_ok());
Dependencies
~3–7MB
~162K SLoC