I am adding a POST endpoint to a Spring Boot REST service to allow it to accept file uploads from web apps and other sources:
@PostMapping("/fileUpload")
public ResponseEntity uploadFile(@RequestParam("file") MultipartFile file) {
// ...
}
I'd like to run a security check against this file and see if there's anything malicious inside of it. Does Spring have any tools or libs to help with such an effort?
Spring Security does not provide any type of scanning for malicious files. You will need to use an anti virus tool that provides a Java API that you can use in your application. Off the top of my head I know Symantec offers a Java API, have a look here.