Here is a gist for validating the slack slash command via the slack signing secret.

The sample is for Laravel middleware. Since the validation process is written below, you can modify to suit your project.

GitHub gist: https://gist.github.com/pingcheng/f7500adf1b1009df3ed341f511305b0d


<?php

namespace App\Http\Middleware;
use Exception;
use Carbon\Carbon;
use Closure;
use Illuminate\Support\Facades\Log;

class SlackRequest
{
    /**
     * Validate a slack request
     * by the slack signing secret (not the token)
     *
     * @param  \Illuminate\Http\Request $request
     * @param  \Closure $next
     *
     * @return mixed
     * @throws Exception
     */
    public function handle($request, Closure $next)
    {
        // define the version number
        $version = 'v0';

        // load the secret, you also can load it from env(YOUR_OWN_SLACK_SECRET)
        $secret = config('services.slack.signing_secret');

        //

...

[ Read More ]