Recently Slack moved from using "Validation Tokens" to validate that Slash
Command requests were actually from Slack to signing the requests with a "Client
Signing Secret". This seems like a simple change but turned out to be a huge
pain in the butt to figure out.