CF-1007: Download documents from sumsub #1134
+863
−12
There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,130 @@ | ||
| package com.generalbytes.batm.server.extensions.extra.identityverification.sumsub.api; | ||
|
|
||
| import com.generalbytes.batm.server.coinutil.Hex; | ||
| import com.generalbytes.batm.server.extensions.common.sumsub.SumsubException; | ||
| import com.google.common.io.ByteStreams; | ||
| import lombok.extern.slf4j.Slf4j; | ||
|
|
||
| import javax.crypto.Mac; | ||
| import javax.crypto.spec.SecretKeySpec; | ||
| import java.io.IOException; | ||
| import java.io.InputStream; | ||
| import java.net.HttpURLConnection; | ||
| import java.net.URL; | ||
| import java.nio.charset.StandardCharsets; | ||
| import java.security.InvalidKeyException; | ||
| import java.security.NoSuchAlgorithmException; | ||
| import java.util.Arrays; | ||
| import java.util.Objects; | ||
|
|
||
| /** | ||
| * HTTP client for downloading document images from Sumsub API. | ||
| * This class exists because Rescu REST proxy {@link ISumSubApi} does not support binary responses. | ||
| * | ||
| * <p><a href="https://docs.sumsub.com/reference/get-document-images">Get document images</a> | ||
| */ | ||
| @Slf4j | ||
| public class SumsubDocumentClient { | ||
|
|
||
| private static final String ALGORITHM = "HmacSHA256"; | ||
| private static final String HEADER_APP_TOKEN = "X-App-Token"; | ||
| private static final String HEADER_APP_TS = "X-App-Access-Ts"; | ||
| private static final String HEADER_APP_SIG = "X-App-Access-Sig"; | ||
| private static final String DEFAULT_CONTENT_TYPE = "image/jpeg"; | ||
|
|
||
| private final String token; | ||
| private final Mac mac; | ||
| private final String baseUrl; | ||
|
|
||
| public SumsubDocumentClient(String token, String secret, String baseUrl) { | ||
| this.token = token; | ||
| this.baseUrl = baseUrl.endsWith("/") ? baseUrl.substring(0, baseUrl.length() - 1) : baseUrl; | ||
| try { | ||
| this.mac = Mac.getInstance(ALGORITHM); | ||
| this.mac.init(new SecretKeySpec(secret.getBytes(StandardCharsets.UTF_8), ALGORITHM)); | ||
| } catch (InvalidKeyException e) { | ||
| throw new SumsubException("Failed to initialize SumsubDocumentClient, is the secret key configured properly?", e); | ||
| } catch (NoSuchAlgorithmException e) { | ||
| throw new SumsubException(e); | ||
| } | ||
| } | ||
|
|
||
| /** | ||
| * Downloads a document image by inspection ID and image ID. | ||
| * | ||
| * @param inspectionId the inspection ID from the webhook | ||
| * @param imageId the image ID from {@link com.generalbytes.batm.server.extensions.extra.identityverification.sumsub.api.vo.InspectionImage#getImageId()} | ||
| * @return the downloaded content and its content type | ||
| */ | ||
| public DownloadedDocument downloadDocument(String inspectionId, String imageId) throws IOException { | ||
| HttpURLConnection httpConnection = createHttpConnection(inspectionId, imageId); | ||
| validateResponseCode(httpConnection, imageId); | ||
| String contentType = getContentType(httpConnection); | ||
|
|
||
| try (InputStream is = httpConnection.getInputStream()) { | ||
| byte[] content = ByteStreams.toByteArray(is); | ||
| return new DownloadedDocument(content, contentType); | ||
| } | ||
| } | ||
|
|
||
| private HttpURLConnection createHttpConnection(String inspectionId, String imageId) throws IOException { | ||
| String path = "/resources/inspections/" + inspectionId + "/resources/" + imageId; | ||
| String url = baseUrl + path; | ||
|
|
||
| long timestamp = System.currentTimeMillis() / 1000; | ||
| String timestampString = String.valueOf(timestamp); | ||
| String signature = computeSignature(timestampString, path); | ||
| HttpURLConnection httpConnection = (HttpURLConnection) new URL(url).openConnection(); | ||
| httpConnection.setRequestMethod("GET"); | ||
| httpConnection.setRequestProperty(HEADER_APP_TOKEN, token); | ||
| httpConnection.setRequestProperty(HEADER_APP_TS, timestampString); | ||
| httpConnection.setRequestProperty(HEADER_APP_SIG, signature); | ||
| return httpConnection; | ||
| } | ||
|
|
||
| private static String getContentType(HttpURLConnection httpConnection) { | ||
|
||
| String contentType = httpConnection.getContentType(); | ||
| if (contentType != null && contentType.contains(";")) { | ||
| contentType = contentType.split(";")[0].trim(); | ||
| } | ||
| if (contentType == null || contentType.isBlank()) { | ||
| contentType = DEFAULT_CONTENT_TYPE; | ||
| } | ||
| return contentType; | ||
| } | ||
|
|
||
| private static void validateResponseCode(HttpURLConnection httpConnection, String imageId) throws IOException { | ||
|
||
| if (httpConnection.getResponseCode() != HttpURLConnection.HTTP_OK) { | ||
| try (InputStream errorStream = httpConnection.getErrorStream()) { | ||
| String errorResponse = errorStream != null ? new String(ByteStreams.toByteArray(errorStream), StandardCharsets.UTF_8) : ""; | ||
| throw new IOException("Error downloading document " + imageId + ": " + httpConnection.getResponseCode() + ": " + errorResponse); | ||
| } | ||
| } | ||
| } | ||
|
|
||
| private String computeSignature(String ts, String path) { | ||
| String combined = ts + "GET" + path; | ||
| mac.update(combined.getBytes(StandardCharsets.UTF_8)); | ||
| return Hex.bytesToHexString(mac.doFinal()); | ||
| } | ||
|
|
||
| public record DownloadedDocument(byte[] content, String contentType) { | ||
|
||
| @Override | ||
| public boolean equals(Object o) { | ||
| if (!(o instanceof DownloadedDocument that)) return false; | ||
| return Objects.deepEquals(content(), that.content()) && Objects.equals(contentType(), that.contentType()); | ||
| } | ||
|
|
||
| @Override | ||
| public int hashCode() { | ||
| return Objects.hash(Arrays.hashCode(content()), contentType()); | ||
| } | ||
|
|
||
| @Override | ||
| public String toString() { | ||
| return "DownloadedDocument{" + | ||
| "contentType='" + contentType + '\'' + | ||
| '}'; | ||
| } | ||
| } | ||
| } | ||
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,124 @@ | ||
| package com.generalbytes.batm.server.extensions.extra.identityverification.sumsub.api; | ||
|
|
||
| import com.generalbytes.batm.server.extensions.IExtensionContext; | ||
| import com.generalbytes.batm.server.extensions.IIdentityPiece; | ||
| import com.generalbytes.batm.server.extensions.extra.identityverification.sumsub.api.vo.InspectionImage; | ||
| import com.generalbytes.batm.server.extensions.extra.identityverification.sumsub.api.vo.enums.SumSubDocumentType; | ||
| import lombok.extern.slf4j.Slf4j; | ||
|
|
||
| import java.io.IOException; | ||
| import java.util.ArrayList; | ||
| import java.util.Collections; | ||
| import java.util.List; | ||
| import java.util.concurrent.TimeUnit; | ||
|
|
||
| /** | ||
| * Orchestrates downloading document images from Sumsub and storing them as identity pieces. | ||
| * Uses {@link SumsubDocumentClient} for HTTP download and {@link SumsubIdentityPieceCreator} for piece creation. | ||
| * | ||
| * <p><a href="https://docs.sumsub.com/reference/get-document-images">Get document images</a> | ||
| */ | ||
| @Slf4j | ||
| public class SumsubDocumentDownloader { | ||
|
|
||
| private final SumsubDocumentClient client; | ||
| private final SumsubIdentityPieceCreator creator; | ||
| private final int maxDownloadRetries; | ||
| private final int retryDelaySeconds; // with increasing backoff (attemptNumber * retryDelaySeconds) | ||
|
|
||
| public SumsubDocumentDownloader(SumsubDocumentClient client, SumsubIdentityPieceCreator creator, | ||
| int maxDownloadRetries, int retryDelaySeconds) { | ||
|
Contributor
There was a problem hiding this comment. I would make
Contributor
Author
There was a problem hiding this comment. I refactored it to use constants in the calling class, but kept the constructor injection for easier testability. |
||
| this.client = client; | ||
| this.creator = creator; | ||
| this.maxDownloadRetries = maxDownloadRetries; | ||
| this.retryDelaySeconds = retryDelaySeconds; | ||
| } | ||
|
|
||
| /** | ||
| * Filters images to mappable types, downloads each, and stores as identity pieces. | ||
| * Unmappable document types are skipped. | ||
| */ | ||
| public void downloadAndStoreDocuments(String identityPublicId, String inspectionId, | ||
| List<InspectionImage> images, IExtensionContext ctx) { | ||
| if (images == null || images.isEmpty()) { | ||
| return; | ||
| } | ||
|
|
||
| List<InspectionImage> mappableImages = images.stream() | ||
| .filter(img -> { | ||
|
||
| if (img.getImageId() == null || img.getIdDocDef() == null) { | ||
|
||
| log.warn("Skipping image with null imageId or idDocDef"); | ||
| return false; | ||
| } | ||
| SumSubDocumentType docType = img.getIdDocDef().getIdDocType(); | ||
| if (!SumsubIdentityPieceCreator.isMappableDocumentType(docType)) { | ||
| log.debug("Skipping unmappable document type from Sumsub: {}", docType); | ||
| return false; | ||
| } | ||
| return true; | ||
| }) | ||
| .toList(); | ||
|
|
||
| if (mappableImages.isEmpty()) { | ||
| return; | ||
| } | ||
|
|
||
| List<InspectionImage> failedImages = retryDownload(mappableImages, identityPublicId, inspectionId, ctx, 1); | ||
|
|
||
| if (!failedImages.isEmpty()) { | ||
| List<String> failedImageDetails = failedImages.stream() | ||
| .map(img -> img.getImageId() + " (" + (img.getIdDocDef() != null ? img.getIdDocDef().getIdDocType() : "unknown") + ")") | ||
|
||
| .toList(); | ||
| log.error("Failed to download the following images after {} attempts: {}", maxDownloadRetries, failedImageDetails); | ||
| } | ||
| } | ||
|
|
||
| private List<InspectionImage> retryDownload(List<InspectionImage> images, String identityPublicId, String inspectionId, | ||
| IExtensionContext extensionContext, int attempt) { | ||
| if (attempt > maxDownloadRetries) { | ||
| return images; | ||
| } | ||
|
|
||
| List<InspectionImage> failedThisRound = attemptDownload(images, identityPublicId, inspectionId, extensionContext, attempt); | ||
|
|
||
| if (failedThisRound.isEmpty()) { | ||
| log.info("All images downloaded successfully for applicantId: {}", identityPublicId); | ||
| return Collections.emptyList(); | ||
| } | ||
|
|
||
| addRetryDelay(attempt); | ||
| return retryDownload(failedThisRound, identityPublicId, inspectionId, extensionContext, attempt + 1); | ||
| } | ||
|
|
||
| private List<InspectionImage> attemptDownload(List<InspectionImage> images, | ||
| String identityPublicId, | ||
| String inspectionId, | ||
| IExtensionContext ctx, | ||
| int attempt) { | ||
| List<InspectionImage> failedImages = new ArrayList<>(); | ||
| for (InspectionImage image : images) { | ||
| try { | ||
| SumSubDocumentType docType = image.getIdDocDef().getIdDocType(); | ||
| log.info("Attempt {}: Downloading image ({}) for applicantId: {}", attempt, docType, identityPublicId); | ||
| SumsubDocumentClient.DownloadedDocument download = client.downloadDocument(inspectionId, String.valueOf(image.getImageId())); | ||
| IIdentityPiece piece = creator.createIdentityPiece(docType, download.contentType(), download.content()); | ||
| ctx.addIdentityPiece(identityPublicId, piece); | ||
| int fileSizeKiloBytes = download.content().length / 1000; | ||
| log.info("Sumsub document ({}, {}) downloaded: {} kB", docType, image.getImageId(), fileSizeKiloBytes); | ||
| } catch (IOException e) { | ||
| log.warn("Attempt {} failed for image ID: {}, type: {}, error: {}", attempt, image.getImageId(), image.getIdDocDef().getIdDocType(), e.getMessage()); | ||
| failedImages.add(image); | ||
| } | ||
| } | ||
| return failedImages; | ||
| } | ||
|
|
||
| private void addRetryDelay(int attempt) { | ||
|
||
| try { | ||
| TimeUnit.SECONDS.sleep((long) attempt * retryDelaySeconds); | ||
| } catch (InterruptedException e) { | ||
| Thread.currentThread().interrupt(); | ||
| log.error("Retry interrupted", e); | ||
| } | ||
| } | ||
| } | ||
Oops, something went wrong.
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I'd put this try-catch into a private method