Creating Custom Annotations for Validation in Spring Boot

⚡eric6166 - Jul 24 - - Dev Community

Creating Custom Annotations for Validation in Spring Boot

1. Overview

While Spring standard annotations (@NotBlank, @NotNull, @Min, @Size, etc.) cover many use cases when validating user input, there are times when we need to create custom validation logic for a more specific type of input. In this article, I will demonstrate how to create custom annotations for validation.

2. Setup

We need to add the spring-boot-starter-validation dependency to our pom.xml file.


<dependency>
    <groupId>org.springframework.boot</groupId>
    <artifactId>spring-boot-starter-validation</artifactId>
</dependency>
Enter fullscreen mode Exit fullscreen mode

3. Custom Field Level Validation

3.1 Creating the Annotation

Let’s create custom annotations to validate file attributes, such as file extension, file size, and MIME type.

  • ValidFileExtension 

@Target({ElementType.FIELD})
@Retention(RetentionPolicy.RUNTIME)
@Documented
@Constraint(
        validatedBy = {FileExtensionValidator.class}
)
public @interface ValidFileExtension {
    String[] extensions() default {};

    String message() default "{constraints.ValidFileExtension.message}";

    Class<?>[] groups() default {};

    Class<? extends Payload>[] payload() default {};
}
Enter fullscreen mode Exit fullscreen mode
  • ValidFileMaxSize 

@Target({ElementType.FIELD})
@Retention(RetentionPolicy.RUNTIME)
@Documented
@Constraint(
        validatedBy = {FileMaxSizeValidator.class}
)
public @interface ValidFileMaxSize {
    long maxSize() default Long.MAX_VALUE; // MB

    String message() default "{constraints.ValidFileMaxSize.message}";

    Class<?>[] groups() default {};

    Class<? extends Payload>[] payload() default {};
}
Enter fullscreen mode Exit fullscreen mode
  • FileMimeTypeValidator 

@Target({ElementType.FIELD})
@Retention(RetentionPolicy.RUNTIME)
@Documented
@Constraint(
        validatedBy = {FileMimeTypeValidator.class}
)
public @interface ValidFileMimeType {
    String[] mimeTypes() default {};

    String message() default "{constraints.ValidFileMimeType.message}";

    Class<?>[] groups() default {};

    Class<? extends Payload>[] payload() default {};
}
Enter fullscreen mode Exit fullscreen mode

Let's break down these annotations' components:

  • @Constraint: Specifies the validator class responsible for the validation logic.
  • @Target({ElementType.FIELD}): Indicates that this annotation can only be applied to fields.
  • message(): The default error message if the validation fails.

3.2 Creating the Validator

  • FileExtensionValidator 
public class FileExtensionValidator implements ConstraintValidator<ValidFileExtension, MultipartFile> {

    private List<String> extensions;

    @Override
    public void initialize(ValidFileExtension constraintAnnotation) {
        extensions = List.of(constraintAnnotation.extensions());
    }

    @Override
    public boolean isValid(MultipartFile file, ConstraintValidatorContext constraintValidatorContext) {
        if (file == null || file.isEmpty()) {
            return true;
        }
        var extension = FilenameUtils.getExtension(file.getOriginalFilename());
        return StringUtils.isNotBlank(extension) && extensions.contains(extension.toLowerCase());
    }
}
Enter fullscreen mode Exit fullscreen mode
  • FileMaxSizeValidator 
public class FileMaxSizeValidator implements ConstraintValidator<ValidFileMaxSize, MultipartFile> {

    private long maxSizeInBytes;

    @Override
    public void initialize(ValidFileMaxSize constraintAnnotation) {
        maxSizeInBytes = constraintAnnotation.maxSize() * 1024 * 1024;
    }

    @Override
    public boolean isValid(MultipartFile file, ConstraintValidatorContext constraintValidatorContext) {
        return file == null || file.isEmpty() || file.getSize() <= maxSizeInBytes;
    }
}
Enter fullscreen mode Exit fullscreen mode
  • FileMimeTypeValidator 

@RequiredArgsConstructor
public class FileMimeTypeValidator implements ConstraintValidator<ValidFileMimeType, MultipartFile> {

    private final Tika tika;
    private List<String> mimeTypes;

    @Override
    public void initialize(ValidFileMimeType constraintAnnotation) {
        mimeTypes = List.of(constraintAnnotation.mimeTypes());
    }

    @SneakyThrows
    @Override
    public boolean isValid(MultipartFile file, ConstraintValidatorContext constraintValidatorContext) {
        if (file == null || file.isEmpty()) {
            return true;
        }
        var detect = tika.detect(TikaInputStream.get(file.getInputStream()));
        return mimeTypes.contains(detect);
    }
}
Enter fullscreen mode Exit fullscreen mode

These classes are implementations of the ConstraintValidator interface and contain the actual validation logic.
For FileMimeTypeValidator, we will use Apache Tika (a toolkit designed to extract metadata and content from numerous types of documents).

3.3 Applying the Annotation

Let's create a TestUploadRequest class intended for handling file uploads, specifically for a PDF file.


@Data
public class TestUploadRequest {

    @NotNull
    @ValidFileMaxSize(maxSize = 10)
    @ValidFileExtension(extensions = {"pdf"})
    @ValidFileMimeType(mimeTypes = {"application/pdf"})
    private MultipartFile pdfFile;

}
Enter fullscreen mode Exit fullscreen mode 

@RestController
@Validated
@RequestMapping("/test")
public class TestController {

    @PostMapping(value = "/upload", consumes = {MediaType.MULTIPART_FORM_DATA_VALUE})
    public ResponseEntity<String> testUpload(@Valid @ModelAttribute TestUploadRequest request) {
        return ResponseEntity.ok("test upload");
    }
}
Enter fullscreen mode Exit fullscreen mode

4. Custom Class Level Validation

A custom validation annotation can also be defined at the class level to validate a combination of fields within a class.

4.1 Creating the Annotation

Let’s create @PasswordMatches annotation to ensure that two password fields match in a class.


@Target({ElementType.TYPE})
@Retention(RetentionPolicy.RUNTIME)
@Documented
@Constraint(
        validatedBy = {PasswordMatchesValidator.class}
)
public @interface PasswordMatches {
    String message() default "{constraints.PasswordMatches.message}";

    Class<?>[] groups() default {};

    Class<? extends Payload>[] payload() default {};
}
Enter fullscreen mode Exit fullscreen mode
  • @Target({ElementType.TYPE}): Indicates that this annotation targets a type declaration.

4.2 Creating the Validator

  • PasswordDto 
public interface PasswordDto {
    String getPassword();

    String getConfirmPassword();
}
Enter fullscreen mode Exit fullscreen mode
  • PasswordMatchesValidator 
public class PasswordMatchesValidator implements ConstraintValidator<PasswordMatches, PasswordDto> {

    @Override
    public boolean isValid(PasswordDto password, ConstraintValidatorContext constraintValidatorContext) {
        return StringUtils.equals(password.getPassword(), password.getConfirmPassword());
    }
}
Enter fullscreen mode Exit fullscreen mode

The PasswordDto interface is an interface for objects that contain a password and a confirm password field.
The PasswordMatchesValidator class implements the ConstraintValidator interface and contains the logic for validating that the password and confirm password fields match.

4.3 Applying the Annotation

Let's create a RegisterAccountRequest class intended for handling user registration data.


@PasswordMatches
@Data
public class RegisterAccountRequest implements PasswordDto {

    @NotBlank
    private String username;

    @NotBlank
    @Email
    private String email;

    @NotBlank
    @ToString.Exclude
    private String password;

    @NotBlank
    @ToString.Exclude
    private String confirmPassword;
}
Enter fullscreen mode Exit fullscreen mode 

@RestController
@Validated
@RequestMapping("/auth")
public class AuthController {

    @PostMapping("/register")
    public ResponseEntity<String> register(@RequestBody @Valid RegisterAccountRequest request) {
        return ResponseEntity.ok("register success");
    }
}
Enter fullscreen mode Exit fullscreen mode

5. Summary

In this short article, we discovered how easy it is to create custom annotations to verify a field or class. The code from this article is available over on my Github.

6. References

Image
Exploring the Future of Waterproofing with Silicone Sealants

news
Image
Commercial Vehicle Online Platform TrucksBuses.com

trucks, buses, minitruck, pickup
Image
CSS One-Liners to Improve (Almost) Every Project

css, webdev, listicle
Image
2. Creating a Sandbox Environment

vim, neovim
Image
How I got 50 Followers on ProductHunt in 5 Minutes using AI
Image
Is tail call optimization truly necessary?

functional, scala
Image
How to Apply a Magento 2 Patch

magento, security, patch
Image
Asynchronous Programming in C#: Async/Await Patterns

csharp, dotnet, aspdotnet, webdev
Image
SSRF Vulnerability in HiTranslate: A Technical Breakdown

security, tecno, cybersecurity, bounty
Image
1. Introduction
Image
Understanding LINQ While Writing Your Own

dotnet, linq, csharp
Image
Automating User Creation: A Streamlined Approach

webdev, devops, hng, bashscript
Image
Alight Motion vs. Other Video Editing Apps: A Comparison

productivity
Image
Optimizing Kubernetes Deployments: Tips and Tricks

kubernetes, tips, tricks, optimization
Image
bartowski/Phi-3.1-mini-4k-instruct-GGUF-torrent

ai, machinelearning, chatgpt, beginners
Image
Use the MGT SearchBox control in a SPFx solution

development, mgt, spfx
Image
Restaurant Bookkeeping services India

accounting, bookkeeping, tax, payroll
Image
If you are a WeChat mini-program developer, WeTest penetration testing is a must

miniprogram, softwaredevelopment, webdev, javascript
Image
How Amazom Dyanamo DB Works?

amazon, amazondynanamodb, dyanamodb, fundamentalsofdynamodb
. .