function isValidRequestSig()

in src/macie-remediation-handler/macie-remediation-handler.js [73:95]

• 16 lines of code
• 3 McCabe index (conditional complexity)

function isValidRequestSig(requestHeaders, body) {

    const signature = requestHeaders['X-Slack-Signature'];
    const ts = requestHeaders['X-Slack-Request-Timestamp'];

    // Divide current date to match Slack ts format
    // Subtract 5 minutes from current time
    const fiveMinutesAgo = Math.floor(Date.now() / 1000) - (60 * 5);

    if (ts < fiveMinutesAgo) {
      console.error('request is older than 5 minutes');
      throw new Error('Slack request signing verification failed');
    }

    const hmac = crypto.createHmac('sha256', slackSigningSecret);
    const [version, hash] = signature.split('=');
    hmac.update(`${version}:${ts}:${body}`);

    if (!timingSafeCompare(hash, hmac.digest('hex'))) {
      console.error('request signature is not valid');
      throw new Error('Slack request signing verification failed');
    }
}