We previously shared a solution for one of our customers, a Swedish railway company, who needed help translating information sent to their passengers, some of which are unfamiliar with the Swedish language. We built an integration with Amazon’s translation API “AWS Translate” and used this as a gateway. If the phone number was non-Swedish, the workflow automatically translated the text message before delivering it to the endpoint. This gateway is an application built with Bosbec WE and is available as a template to use in any messaging solution.
Bosbec WE is a next-generation low-code platform used to automate repetitive and monotonous tasks. Building workflows to improve your business no longer has to be done “the old-fashioned way” by coding the application by hand; with a cloud-based development platform, you can build your own IT solutions with pre-defined building blocks, with minimal to no coding experience required.
The AWS Translate application is built on this platform. Amazon’s translation API will receive a request containing the original message, and return a translated version. You can add this translation function to any messaging solution on your Bosbec account by importing it into your workflow.
The translation is done in two steps. The first step is your template, it is the workflow you configure and interact with, defining what text should be translated and what to do with the result.
The second step is the request to Amazon, and it’s done by another workflow that acts as a background process. To verify the integrity of the transmission between Bosbec and AWS, we add hashed parameters to the request that Amazon’s API will verify. These parameters are hashed with AWS Signing v4, which currently uses SHA-256. Hashing is a one-way encryption, meaning that it’s practically impossible to decrypt hashed keys, the encrypted value is instead used as an ID. Let’s have a look at how this is done in more detail.
1. Defining parameters
Our request contains several parameters which define how we want to use the AWS service, such as service type, region, and what text should be translated. Along with the AWS key and secret, our authentication credentials, we hash this request body with SHA-256. We use the Data Operations job to hash, so if AWS chooses to alter the signing process, we can easily adapt and update the hash algorithm.
2. Hashing the signature
The request signature is also hashed and is an important step in the security measures taken with this type of request. Our signature contains our credentials and the timestamp of the request. As finicky as it may be, this is a way to prevent man-in-the-middle attacks. Let’s say a malicious hacker tries to intercept the transmission and re-send the request at a later time, or even try to reforge it. AWS will hash the public data in the same way we did and will get a hashed value of our parameters. If this malicious hacker has altered the public data, the hash key received from us and the hash key encrypted by AWS would be different.
Cryptography is a very interesting field and used in almost everything we do online. We can only explain so much to keep this blog post from turning into a thesis, but if you are interested in learning more about SHA-256 encryption, take a look at this Wiki post about Secure Hash Algorithms. To see the encryption in action, there’s an interactive site on Github where you can hash your own input.
3. The actual request
Now we have our public data and a hashed key that represents that data, both sent to AWS. If the request is successful our template will receive the translated message. Remember, it’s the template you import to your workflow that handles the input and the output, all the hashing is done by another workflow.
This is the guide for using the AWS Translate template in your workflow:
AWS Translate extension – EN
Our previous blogpost describing the use case for how we used the template for our customer:
Bosbec & AWS Translate simplifying daily commute in public train transport
Low-code and automation can improve your business, and if you want to learn more about working with Bosbec WE, see our Documentation page for other types of integrations and guides. If you ever need help in your development or want to get started building your own IT solutions, reach out to our support team at firstname.lastname@example.org and we’ll happily help!Sign up