OAuth2Authorization does not work well with Jackson

[pokemzok]

Expected Behavior
Deserializing and serializing with Jackson should work.

Current Behavior
During deserializing some classes can't be deserialized because they miss default empty constructor. Here are few examples:

1. OAuth2Authorization.Token
2. AuthorizationGrantType

Here is code snippet to reproduce the issue (it assumes you have authorization object already created):

// OAuth2Authorization object which is not initialized here  is called auth
Jackson2JsonRedisSerializer<OAuth2Authorization> serializer = new Jackson2JsonRedisSerializer<>(OAuth2Authorization.class);
byte[] serializationResult = serializer.serialize(auth);
serializer.deserialize(serializationResult);

That would throw exception similar to this:
Cannot construct instance of `org.springframework.security.oauth2.server.authorization.OAuth2Authorization$Token` (no Creators, like default constructor, exist)

Context
I am trying to implement Redis based authorization server and I need a way to serialize and deserialize OAuth2Authorization object. I am using jackson library as it is most common one.

[sjohnr]

Hi @pokemzok, welcome to the project!

This is related to gh-558 which is aimed at providing support for this and similar use cases.

As mentioned in this comment, there are examples of doing this with JPA, and the same approach should be used for Redis support. See the JpaOAuth2AuthorizationService (which will be moved into a new directory shortly) for an example.

Note that gh-588 will eventually be updated to provide much easier support for this, but it fell in priority and I'm working on the 0.3.0 release (reference documentation!) before revisiting it. I don't believe we will be providing support for directly serializing OAuth2Authorization, but will provide a means to do so through an abstraction. For that reason, I'm going to close this as a duplicate of gh-558.