How can I validate the messages sent by AWS SNS usign Spring Cloud SNS

Question

We are trying to receive notifications from AWS SNS service and we decided to use Spring Cloud SNS library to handle the request from AWS SNS. Here is a sample of Spring Cloud SNS library.

Everything works fine, but we don't know how or where to validate the message like Amazon AWS documentation said. There is a sample in here however adding this validation using Spring Cloud SNS is where we get lost.

As an example, I would like to add this validation code before the message reaches the methods: confirmUnsubscribeMessage,receiveNotification and confirmSubscriptionMessage.

private static boolean isMessageSignatureValid(Message msg) {
try {
    URL url = new URL(msg.getSigningCertURL());
    InputStream inStream = url.openStream();
    CertificateFactory cf = CertificateFactory.getInstance("X.509");
    X509Certificate cert = (X509Certificate)cf.generateCertificate(inStream);
    inStream.close();

    Signature sig = Signature.getInstance("SHA1withRSA");
    sig.initVerify(cert.getPublicKey());
    sig.update(getMessageBytesToSign(msg));
    return sig.verify(Base64.decodeBase64(msg.getSignature()));
    }
catch (Exception e) {
        throw new SecurityException("Verify method failed.", e);
    }
}

Thanks in advance.

which part don't you understand? Perhaps you could attach that sample directly on your question. — Rcordoval, Jul 05 '18 at 04:36
Hi due, Did you find the answer? Could you share the solution? — kazaff, Feb 20 '23 at 03:13

How can I validate the messages sent by AWS SNS usign Spring Cloud SNS

0 Answers0