diff --git a/spec/api_spec.rb b/spec/api_spec.rb
index 7f659ab..79b9f73 100644
--- a/spec/api_spec.rb
+++ b/spec/api_spec.rb
@@ -1,8 +1,6 @@
 require File.expand_path('../spec_helper', __FILE__)
 
 describe 'API' do
-  include Rack::Test::Methods
-
   let(:api) { API.new(github_client) }
   let(:github_client) { double(Octokit::Client) }
 
diff --git a/spec/signature_verifier_spec.rb b/spec/signature_verifier_spec.rb
new file mode 100644
index 0000000..7f400dd
--- /dev/null
+++ b/spec/signature_verifier_spec.rb
@@ -0,0 +1,30 @@
+require File.expand_path('../spec_helper', __FILE__)
+
+describe 'SignatureVerifier' do
+  let(:signature_verifier) { SignatureVerifier.new }
+  let(:payload) { '{"some_data": "awesome json"}' }
+
+  it 'returns false with a missing header' do
+    result = signature_verifier.verify_signature(payload, nil)
+
+    expect(result).to be_falsey
+  end
+
+  it 'returns false with an invalid signature' do
+    result = signature_verifier.verify_signature(payload, 'some_invalid_signature')
+
+    expect(result).to be_falsey
+  end
+
+  it 'returns true with a valid signature' do
+    valid_signature = 'sha1=' + OpenSSL::HMAC.hexdigest(
+      OpenSSL::Digest.new('sha1'),
+      ENV['WEBHOOK_SECRET_TOKEN'],
+      payload
+    )
+
+    result = signature_verifier.verify_signature(payload, valid_signature)
+
+    expect(result).to be_truthy
+  end
+end
diff --git a/spec/spec_helper.rb b/spec/spec_helper.rb
index 2569ffe..cd4dc0a 100644
--- a/spec/spec_helper.rb
+++ b/spec/spec_helper.rb
@@ -4,7 +4,8 @@
 ENV['WEBHOOK_ENDPOINT'] = '/payload'
 ENV['CONTRIBUTOR_TEAM_ID'] = '1234567'
 ENV['INVITATION_MESSAGE'] = 'Thanks!'
-ENV['GITHUB_TOKEN'] = '12jove8hgowbuv'
+ENV['GITHUB_TOKEN'] = '12jove8hgowbuvf3rw' # random string
+ENV['WEBHOOK_SECRET_TOKEN'] = 'n3iv9aj3v0' # this too
 
 require 'octokit'
 require 'sinatra'