Skip to content

Change Immutability for OAuth2AuthorizedClient  #8905

New issue
New issue
Closed
Closed
Change Immutability for OAuth2AuthorizedClient #8905
Assignees
jgrandja
Labels
in: oauth2An issue in OAuth2 modules (oauth2-core, oauth2-client, oauth2-resource-server, oauth2-jose)status: duplicateA duplicate of another issue
@dgempiuc

Description

@dgempiuc
dgempiuc
opened on Aug 4, 2020

Expected Behavior

OAuth2AuthorizedClient and its nested classes are designed immutable. Can you change this behaviour?

Current Behavior

There are currently only "final" fields, full-args constructor and getter methods.

Context

I want to store this class in Redis and it's fine by using Jackson. But, there is exception during Deserialization, because it first creates object with no-arg constructor, then uses setter methods. Because of that, I can't retrieve record from Redis.

Caused by: com.fasterxml.jackson.databind.exc.InvalidDefinitionException: Cannot construct instance of org.springframework.security.oauth2.client.OAuth2AuthorizedClient (no Creators, like default constructor, exist): cannot deserialize from Object value (no delegate- or property-based Creator)

There is an option provided by Jackson to solve this. mix-in classes. (https://github.com/FasterXML/jackson-docs/wiki/JacksonMixInAnnotations)

I have created a mix-in class for OAuth2AuthorizedClient, but this time, its inner classes need their own mixin classes. so there will be some many dummy mixin classes and configurations, so it will causes complexity.

public class RedisObjectMapper implements RedisSerializer<OAuth2AuthorizedClient> {

    private final ObjectMapper om;

    public RedisObjectMapper() {
        this.om = new ObjectMapper()
               .addMixIn(OAuth2AuthorizedClient.class, TargetDataMixin.class);
    }

    @Override
    public byte[] serialize(OAuth2AuthorizedClient o) throws SerializationException {
        try {
            return om.writeValueAsBytes(o);
        } catch (JsonProcessingException e) {
            ...
        }
    }

    @Override
    public OAuth2AuthorizedClient deserialize(byte[] bytes) throws SerializationException {
        if(bytes == null){
            return null;
        }
        try {
            return  om.readValue(bytes, OAuth2AuthorizedClient.class);
        } catch (Exception e) {
            ...
        }
    }

}

public abstract class TargetDataMixin {
    @JsonCreator
    public TargetDataMixin(@JsonProperty("clientRegistration") ClientRegistration clientRegistration,
                           @JsonProperty("principalName") String principalName,
                           @JsonProperty("accessToken") OAuth2AccessToken accessToken,
                           @JsonProperty("refreshToken") OAuth2RefreshToken refreshToken) {
    }
}

Metadata

Metadata

Assignees

Labels

in: oauth2An issue in OAuth2 modules (oauth2-core, oauth2-client, oauth2-resource-server, oauth2-jose)status: duplicateA duplicate of another issue

Type

No type

Projects

No projects

Milestone

No milestone

Relationships

None yet

Development

No branches or pull requests

Issue actions