How to use the tsscmp.timingSafeCompare function in tsscmp

To help you get started, we’ve selected a few tsscmp examples, based on popular ways it is used in public projects.

Secure your code as it's written. Use Snyk Code to scan source code in minutes - no build needed - and fix issues immediately.

slackapi / bolt / src / receiver / middleware / parseRequest.ts View on Github

const ts = Number(req.headers['x-slack-request-timestamp']);

        // Divide current date to match Slack ts format
        // Subtract 5 minutes from current time
        const fiveMinutesAgo = Math.floor(Date.now() / 1000) - (60 * 5);

        if (ts &lt; fiveMinutesAgo) {
          const error = new Error('Slack request signing verification failed');
          next(error);
        }

        const hmac = crypto.createHmac('sha256', signingSecret);
        const [version, hash] = signature.split('=');
        hmac.update(`${version}:${ts}:${body}`);

        if (!timingSafeCompare(hash, hmac.digest('hex'))) {
          const error = new Error('Slack request signing verification failed');
          next(error);
        }

        req.body = parseBody(req.headers['Content-Type'] as string, body);

        next();
      });
  };

How to use the tsscmp.timingSafeCompare function in tsscmp

To help you get started, we’ve selected a few tsscmp examples, based on popular ways it is used in public projects.

tsscmp

Package Health Score

Popular tsscmp functions

Similar packages