I believe that a custom HandlerMethodArgumentResolver is your best option. For that I suggest you create a custom annotation as follows:
@Target({ElementType.PARAMETER}) @Retention(RetentionPolicy.RUNTIME) public @interface ValidJsonSignature { }
Now you need to implement the custom HandlerMethodArgumentResolver:
public class JsonSignatureValidationArgumentResolver implements HandlerMethodArgumentResolver { private final ObjectMapper objectMapper; public JsonSignatureValidationArgumentResolver(ObjectMapper objectMapper) { this.objectMapper = objectMapper; } @Override public boolean supportsParameter(MethodParameter methodParameter) { return methodParameter.getParameterAnnotation(ValidJsonSignature.class) != null; } @Override public Object resolveArgument(MethodParameter methodParameter, ModelAndViewContainer modelAndViewContainer, NativeWebRequest nativeWebRequest, WebDataBinderFactory webDataBinderFactory) throws Exception { HttpServletRequest httpServletRequest = nativeWebRequest.getNativeRequest(HttpServletRequest.class); String jsonPayload = StreamUtils.copyToString(httpServletRequest.getInputStream(), StandardCharsets.UTF_8); // Do actual validation here if (// Valid) { // If valid, then convert String to method parameter type and return it return objectMapper.treeToValue(objectMapper.readTree(jsonPayload), methodParameter.getParameterType()); } else { // Throw exception if validation failed } } }
Next, you need to register JsonSignatureValidationArgumentResolver as an argument resolver:
@Configuration public class JsonSignatureValidationConfiguraion implements WebMvcConfigurer { @Autowired private ObjectMapper objectMapper; @Override public void addArgumentResolvers(List<HandlerMethodArgumentResolver> resolvers) { resolvers.add(new JsonSignatureValidationArgumentResolver(objectMapper)); } }
Last but not the least, you need to annotate the Controller attribute with @ValidJsonSignature as follows:
@RestController @RequestMapping("/example") public class ExampleController { @PostMapping("") public void example(@ValidJsonSignature ExampleRequest exampleRequest) { } }
Stringto do some validation? What kind of validation?