public boolean isValid()

in amazon-sns-trigger-server/src/main/java/jetbrains/buildServer/clouds/amazon/sns/trigger/utils/AwsSnsSignatureVerification.java [53:90]

• 30 lines of code
• 8 McCabe index (conditional complexity)

    public boolean isValid() {
        // Signature Certificate URL is mandatory for verification
        if (mySignatureCertUrl == null || mySignatureCertUrl.trim().isEmpty()) {
            LOG.warn("SignatureCertUrl is mandatory for message validation but it's empty");
            return false;
        }

        // Message type must be defined
        if (SnsMessageType.UNDEFINED.equals(myMessageType)) {
            LOG.warn("Incoming message type wasn't recognized as Subscription, Notification or Unsubscription");
            return false;
        }

        if (mySignature == null || mySignature.trim().isEmpty()) {
            LOG.warn("Signature string is empty but it is mandatory for message validation");
            return false;
        }

        String stringToSign = payloadToStringToSign();
        // Empty payload is impossible
        if (stringToSign.isEmpty()) {
            LOG.warn("Message metadata required for message verification is empty");
            return false;
        }

        try {
            byte[] decodedSignature = decodeSignature();
            PublicKey publicKey = getSigningCertificate();

            Signature sigChecker = getSignatureCheckerForVersion();
            sigChecker.initVerify(publicKey);
            sigChecker.update(stringToSign.getBytes(StandardCharsets.UTF_8));
            return sigChecker.verify(decodedSignature);
        } catch (Exception e) {
            LOG.warn("Signature verification failed", e);
            return false;
        }
    }