-
Notifications
You must be signed in to change notification settings - Fork 243
CF-1007: Download documents from sumsub #1134
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Merged
filipocelka
merged 3 commits into
GENERALBYTESCOM:feature/1.17-snapshot
from
thoagb:feature/CF-1007-fetch-document-from-sumsub
Feb 6, 2026
Merged
Changes from all commits
Commits
File filter
Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
24 changes: 24 additions & 0 deletions
24
...ytes/batm/server/extensions/extra/identityverification/sumsub/api/DownloadedDocument.java
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,24 @@ | ||
| package com.generalbytes.batm.server.extensions.extra.identityverification.sumsub.api; | ||
|
|
||
| import java.util.Arrays; | ||
| import java.util.Objects; | ||
|
|
||
| record DownloadedDocument(byte[] content, String contentType) { | ||
| @Override | ||
| public boolean equals(Object o) { | ||
| if (!(o instanceof DownloadedDocument that)) return false; | ||
| return Objects.deepEquals(content(), that.content()) && Objects.equals(contentType(), that.contentType()); | ||
| } | ||
|
|
||
| @Override | ||
| public int hashCode() { | ||
| return Objects.hash(Arrays.hashCode(content()), contentType()); | ||
| } | ||
|
|
||
| @Override | ||
| public String toString() { | ||
| return "DownloadedDocument{" + | ||
| "contentType='" + contentType + '\'' + | ||
| '}'; | ||
| } | ||
| } |
113 changes: 113 additions & 0 deletions
113
...es/batm/server/extensions/extra/identityverification/sumsub/api/SumsubDocumentClient.java
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,113 @@ | ||
| package com.generalbytes.batm.server.extensions.extra.identityverification.sumsub.api; | ||
|
|
||
| import com.generalbytes.batm.server.coinutil.Hex; | ||
| import com.generalbytes.batm.server.extensions.common.sumsub.SumsubException; | ||
| import com.google.common.io.ByteStreams; | ||
| import lombok.extern.slf4j.Slf4j; | ||
|
|
||
| import javax.crypto.Mac; | ||
| import javax.crypto.spec.SecretKeySpec; | ||
| import java.io.IOException; | ||
| import java.io.InputStream; | ||
| import java.net.HttpURLConnection; | ||
| import java.net.URL; | ||
| import java.nio.charset.StandardCharsets; | ||
| import java.security.InvalidKeyException; | ||
| import java.security.NoSuchAlgorithmException; | ||
|
|
||
| /** | ||
| * HTTP client for downloading document images from Sumsub API. | ||
| * This class exists because Rescu REST proxy {@link ISumSubApi} does not support binary responses. | ||
| * | ||
| * <p><a href="https://docs.sumsub.com/reference/get-document-images">Get document images</a> | ||
| */ | ||
| @Slf4j | ||
| public class SumsubDocumentClient { | ||
|
|
||
| private static final String ALGORITHM = "HmacSHA256"; | ||
| private static final String HEADER_APP_TOKEN = "X-App-Token"; | ||
| private static final String HEADER_APP_TS = "X-App-Access-Ts"; | ||
| private static final String HEADER_APP_SIG = "X-App-Access-Sig"; | ||
| private static final String DEFAULT_CONTENT_TYPE = "image/jpeg"; | ||
|
|
||
| private final String token; | ||
| private final Mac mac; | ||
| private final String baseUrl; | ||
|
|
||
| public SumsubDocumentClient(String token, String secret, String baseUrl) { | ||
| this.token = token; | ||
| this.baseUrl = baseUrl.endsWith("/") ? baseUrl.substring(0, baseUrl.length() - 1) : baseUrl; | ||
| this.mac = createMac(secret); | ||
| } | ||
|
|
||
| private Mac createMac(String secret) { | ||
| try { | ||
| Mac macInstance = Mac.getInstance(ALGORITHM); | ||
| macInstance.init(new SecretKeySpec(secret.getBytes(StandardCharsets.UTF_8), ALGORITHM)); | ||
| return macInstance; | ||
| } catch (InvalidKeyException e) { | ||
| throw new SumsubException("Failed to initialize SumsubDocumentClient, is the secret key configured properly?", e); | ||
| } catch (NoSuchAlgorithmException e) { | ||
| throw new SumsubException(e); | ||
| } | ||
| } | ||
|
|
||
| /** | ||
| * Downloads a document image by inspection ID and image ID. | ||
| * | ||
| * @param inspectionId the inspection ID from the webhook | ||
| * @param imageId the image ID from {@link com.generalbytes.batm.server.extensions.extra.identityverification.sumsub.api.vo.InspectionImage#getImageId()} | ||
| * @return the downloaded content and its content type | ||
| */ | ||
| DownloadedDocument downloadDocument(String inspectionId, String imageId) throws IOException { | ||
| HttpURLConnection httpConnection = createHttpConnection(inspectionId, imageId); | ||
| validateResponseCode(httpConnection, imageId); | ||
| String contentType = getContentType(httpConnection); | ||
|
|
||
| try (InputStream is = httpConnection.getInputStream()) { | ||
| byte[] content = ByteStreams.toByteArray(is); | ||
| return new DownloadedDocument(content, contentType); | ||
| } | ||
| } | ||
|
|
||
| private HttpURLConnection createHttpConnection(String inspectionId, String imageId) throws IOException { | ||
| String path = "/resources/inspections/" + inspectionId + "/resources/" + imageId; | ||
| String url = baseUrl + path; | ||
|
|
||
| long timestamp = System.currentTimeMillis() / 1000; | ||
| String timestampString = String.valueOf(timestamp); | ||
| String signature = computeSignature(timestampString, path); | ||
| HttpURLConnection httpConnection = (HttpURLConnection) new URL(url).openConnection(); | ||
| httpConnection.setRequestMethod("GET"); | ||
| httpConnection.setRequestProperty(HEADER_APP_TOKEN, token); | ||
| httpConnection.setRequestProperty(HEADER_APP_TS, timestampString); | ||
| httpConnection.setRequestProperty(HEADER_APP_SIG, signature); | ||
| return httpConnection; | ||
| } | ||
|
|
||
| private String getContentType(HttpURLConnection httpConnection) { | ||
| String contentType = httpConnection.getContentType(); | ||
| if (contentType != null && contentType.contains(";")) { | ||
| contentType = contentType.split(";")[0].trim(); | ||
| } | ||
| if (contentType == null || contentType.isBlank()) { | ||
| contentType = DEFAULT_CONTENT_TYPE; | ||
| } | ||
| return contentType; | ||
| } | ||
|
|
||
| private void validateResponseCode(HttpURLConnection httpConnection, String imageId) throws IOException { | ||
| if (httpConnection.getResponseCode() != HttpURLConnection.HTTP_OK) { | ||
| try (InputStream errorStream = httpConnection.getErrorStream()) { | ||
| String errorResponse = errorStream != null ? new String(ByteStreams.toByteArray(errorStream), StandardCharsets.UTF_8) : ""; | ||
| throw new IOException("Error downloading document " + imageId + ": " + httpConnection.getResponseCode() + ": " + errorResponse); | ||
| } | ||
| } | ||
| } | ||
|
|
||
| private String computeSignature(String ts, String path) { | ||
| String combined = ts + "GET" + path; | ||
| mac.update(combined.getBytes(StandardCharsets.UTF_8)); | ||
| return Hex.bytesToHexString(mac.doFinal()); | ||
| } | ||
| } | ||
Oops, something went wrong.
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I'd put this try-catch into a private method