Generate HMAC hash used to validate data on a session expiration. Uses
the unique compose cache ID of the expired message, the username, and
the secret key of the server to generate a reproducible value that can
be validated if session data doesn't exist.