= MAX_WEBHOOK_AGE) { return false; } $signedPayload = $timestamp . '.' . json_encode($body, JSON_UNESCAPED_SLASHES); $expected = hash_hmac('sha256', $signedPayload, OPENVIDU_MEET_API_KEY); return hash_equals($expected, $signature); }