From bd345fb2a8e6f9269583c5a278a8d8f4c27ff3ee Mon Sep 17 00:00:00 2001 From: Steve Riesenberg <5248162+sjohnr@users.noreply.github.com> Date: Thu, 29 Feb 2024 12:15:30 -0600 Subject: [PATCH] Polish gh-11758 --- .../SwitchUserGrantedAuthorityMixIn.java | 10 +++++----- .../web/jackson2/WebServletJackson2Module.java | 14 +++++++------- ...> SwitchUserGrantedAuthorityMixInTests.java} | 17 ++++++++--------- 3 files changed, 20 insertions(+), 21 deletions(-) rename web/src/test/java/org/springframework/security/web/jackson2/{SwitchUserGrantedAuthorityMixInTest.java => SwitchUserGrantedAuthorityMixInTests.java} (83%) diff --git a/web/src/main/java/org/springframework/security/web/jackson2/SwitchUserGrantedAuthorityMixIn.java b/web/src/main/java/org/springframework/security/web/jackson2/SwitchUserGrantedAuthorityMixIn.java index 463995af933..4fff7ffdc41 100644 --- a/web/src/main/java/org/springframework/security/web/jackson2/SwitchUserGrantedAuthorityMixIn.java +++ b/web/src/main/java/org/springframework/security/web/jackson2/SwitchUserGrantedAuthorityMixIn.java @@ -1,5 +1,5 @@ /* - * Copyright 2002-2022 the original author or authors. + * Copyright 2002-2024 the original author or authors. * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. @@ -29,15 +29,15 @@ * Jackson mixin class to serialize/deserialize {@link SwitchUserGrantedAuthority}. * * @author Markus Heiden - * @since 5.8 + * @since 6.3 * @see WebServletJackson2Module * @see org.springframework.security.jackson2.SecurityJackson2Modules */ -@JsonTypeInfo(use = JsonTypeInfo.Id.CLASS, include = JsonTypeInfo.As.PROPERTY) -@JsonIgnoreProperties(ignoreUnknown = true) +@JsonTypeInfo(use = JsonTypeInfo.Id.CLASS) @JsonAutoDetect(fieldVisibility = JsonAutoDetect.Visibility.ANY, getterVisibility = JsonAutoDetect.Visibility.NONE, isGetterVisibility = JsonAutoDetect.Visibility.NONE) -public abstract class SwitchUserGrantedAuthorityMixIn { +@JsonIgnoreProperties(ignoreUnknown = true) +abstract class SwitchUserGrantedAuthorityMixIn { @JsonCreator SwitchUserGrantedAuthorityMixIn(@JsonProperty("role") String role, @JsonProperty("source") Authentication source) { diff --git a/web/src/main/java/org/springframework/security/web/jackson2/WebServletJackson2Module.java b/web/src/main/java/org/springframework/security/web/jackson2/WebServletJackson2Module.java index f2c9d46f76c..70b098e4fed 100644 --- a/web/src/main/java/org/springframework/security/web/jackson2/WebServletJackson2Module.java +++ b/web/src/main/java/org/springframework/security/web/jackson2/WebServletJackson2Module.java @@ -1,5 +1,5 @@ /* - * Copyright 2015-2016 the original author or authors. + * Copyright 2015-2024 the original author or authors. * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. @@ -27,12 +27,12 @@ import org.springframework.security.web.savedrequest.SavedCookie; /** - * Jackson module for spring-security-web related to servlet. This module register - * {@link CookieMixin}, {@link SavedCookieMixin}, {@link DefaultSavedRequestMixin} and - * {@link WebAuthenticationDetailsMixin}. If no default typing enabled by default then - * it'll enable it because typing info is needed to properly serialize/deserialize - * objects. In order to use this module just add this module into your ObjectMapper - * configuration. + * Jackson module for spring-security-web related to servlet. This module registers + * {@link CookieMixin}, {@link SavedCookieMixin}, {@link DefaultSavedRequestMixin}, + * {@link WebAuthenticationDetailsMixin}, and {@link SwitchUserGrantedAuthorityMixIn}. If + * no default typing is enabled by default then it will be enabled, because typing info is + * needed to properly serialize/deserialize objects. In order to use this module just add + * this module into your ObjectMapper configuration. * *
* ObjectMapper mapper = new ObjectMapper(); diff --git a/web/src/test/java/org/springframework/security/web/jackson2/SwitchUserGrantedAuthorityMixInTest.java b/web/src/test/java/org/springframework/security/web/jackson2/SwitchUserGrantedAuthorityMixInTests.java similarity index 83% rename from web/src/test/java/org/springframework/security/web/jackson2/SwitchUserGrantedAuthorityMixInTest.java rename to web/src/test/java/org/springframework/security/web/jackson2/SwitchUserGrantedAuthorityMixInTests.java index 29694717315..703811658c6 100644 --- a/web/src/test/java/org/springframework/security/web/jackson2/SwitchUserGrantedAuthorityMixInTest.java +++ b/web/src/test/java/org/springframework/security/web/jackson2/SwitchUserGrantedAuthorityMixInTests.java @@ -1,5 +1,5 @@ /* - * Copyright 2002-2022 the original author or authors. + * Copyright 2002-2024 the original author or authors. * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. @@ -31,9 +31,9 @@ /** * @author Markus Heiden - * @since 5.8 + * @since 6.3 */ -public class SwitchUserGrantedAuthorityMixInTest extends AbstractMixinTests { +public class SwitchUserGrantedAuthorityMixInTests extends AbstractMixinTests { // language=JSON private static final String SWITCH_JSON = """ @@ -50,25 +50,24 @@ public class SwitchUserGrantedAuthorityMixInTest extends AbstractMixinTests { } } """.formatted(SimpleGrantedAuthorityMixinTests.AUTHORITIES_ARRAYLIST_JSON); - SwitchUserGrantedAuthority expected; - Authentication source; + private Authentication source; @BeforeEach - public void setupExpected() { + public void setUp() { this.source = new UsernamePasswordAuthenticationToken("principal", "credentials", AuthorityUtils.createAuthorityList("ROLE_USER")); - this.expected = new SwitchUserGrantedAuthority("switched", this.source); } @Test public void serializeWhenPrincipalCredentialsAuthoritiesThenSuccess() throws Exception { - String serializedJson = this.mapper.writeValueAsString(this.expected); + SwitchUserGrantedAuthority expected = new SwitchUserGrantedAuthority("switched", this.source); + String serializedJson = this.mapper.writeValueAsString(expected); JSONAssert.assertEquals(SWITCH_JSON, serializedJson, true); } @Test - public void deserializeAuthenticatedUsernamePasswordAuthenticationTokenMixinTest() throws Exception { + public void deserializeWhenSourceIsUsernamePasswordAuthenticationTokenThenSuccess() throws Exception { SwitchUserGrantedAuthority deserialized = this.mapper.readValue(SWITCH_JSON, SwitchUserGrantedAuthority.class); assertThat(deserialized).isNotNull(); assertThat(deserialized.getAuthority()).isEqualTo("switched");