Error: Slack request signing verification failed. Timestamp is too old

[threesquared]

Description

I am trying to use Steno with a bolt app. However when replaying a transaction the request signing verification fails as the timestamp is too old.

What type of issue is this? (place an x in one of the [ ])

• bug
• enhancement (feature request)
• question
• documentation related
• testing related
• discussion

Requirements (place an x in each of the [ ])

• I've read and understood the Contributing guidelines and have done my best effort to follow them.
• I've read and agree to the Code of Conduct.
• I've searched for any related issues and avoided creating a duplicate issue.

---

Bug Report

Filling out the following details about bugs will help us solve your issue sooner.

Reproducible in:

steno version: 1.2.0

OS version(s): macOS Mojave

Steps to reproduce:

1. Record a simple slash command scenario with ./steno --record
2. Start steno in replay mode
3. Observe the interactions object contains a 500 response from the application

Expected result:

The relayed scenarios should be able to pass the slack request signing verification

Actual result:

The interactions object from the /stop endpoint returns a 500 response as the verification fails.

Attachments:

response: {
      body: '<!DOCTYPE html>\n<html lang="en">\n<head>\n<meta charset="utf-8">\n' +
        '<title>Error</title>\n</head>\n<body>\n<pre>Error: Slack request signing ' +
        'verification failed. Timestamp is too old.<br> &nbsp; &nbsp;at ' +
        'Object.errorWithCode ' +
        '(/Users/ben/Project/node_modules/@slack/bolt/src/errors.ts:23:17)<br> ' +
        '&nbsp; &nbsp;at verifyRequestSignature ' +
        '(/Users/ben/Project/node_modules/@slack/bolt/src/ExpressReceiver.ts:234:19)<br> ' +
        '&nbsp; &nbsp;at ' +
        '/Users/ben/Project/node_modules/@slack/bolt/src/ExpressReceiver.ts:194:15<br> ' +
        '&nbsp; &nbsp;at processTicksAndRejections ' +
        '(internal/process/task_queues.js:89:5)</pre>\n</body>\n</html>\n',
      headers: [Object],
      statusCode: 500,
      timestamp: 1575639064301
    }

[seratch]

I guess you ran the same request after 5 minutes. In that case, this is a proper behavior of Slack apps. If Bolt has an option to turn off the validation for local development, it may be useful for some cases. But unfortunately, the option doesn't exist at the moment.

[SelrahcD]

Hi!

I have the same issue, did you find a solution?
I really feel that Steno and Bolt aren't making a good fit... 😢