OAuth2AuthenticationExceptionMixin doesn't work in JDK 17 #11893
Description
Describe the bug
With Redis session enabled, GenericJackson2JsonRedisSerializer based on ObjectMapper with OAuth2ClientJackson2Module an exception is thrown in JDK 17 while serializing:
com.fasterxml.jackson.databind.exc.InvalidDefinitionException: Invalid type definition for type `org.springframework.security.oauth2.core.OAuth2AuthenticationException`: Failed to construct BeanSerializer for [simple type, class org.springframework.security.oauth2.core.OAuth2AuthenticationException]: (java.lang.IllegalArgumentException) Failed to call `setAccess()` on Field 'detailMessage' (of class `java.lang.Throwable`) due to `java.lang.reflect.InaccessibleObjectException`, problem: Unable to make field private java.lang.String java.lang.Throwable.detailMessage accessible: module java.base does not "opens java.lang" to unnamed module @5aebe890
To Reproduce
Spring boot 2.7.2:
@EnableRedisRepositories
@Configuration
public class RedisSessionConfig implements BeanClassLoaderAware {
private ClassLoader loader;
/**
* Workaround for https://github.com/spring-projects/spring-session/issues/124.
*/
@Bean
public ConfigureRedisAction configureRedisAction() {
return ConfigureRedisAction.NO_OP;
}
@Bean
public RedisSerializer<Object> springSessionDefaultRedisSerializer() {
return new GenericJackson2JsonRedisSerializer(objectMapper());
}
private ObjectMapper objectMapper() {
ObjectMapper om = new ObjectMapper();
om.activateDefaultTyping(om.getPolymorphicTypeValidator(), ObjectMapper.DefaultTyping.NON_FINAL, JsonTypeInfo.As.PROPERTY);
om.registerModules(SecurityJackson2Modules.getModules(this.loader));
om.registerModule(new OidcSecurityUserModule());
return om;
}
@Override
public void setBeanClassLoader(ClassLoader classLoader) {
this.loader = classLoader;
}Expected behavior
OAuth2AuthenticationException object is successfully serialized in JDK 17.
Workaround
VM option --add-opens java.base/java.lang=ALL-UNNAMED as usual.