Skip to content

OAuth2AccessTokenResponse cannot be serialized by Jackson #9628

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Closed
NotFound403 opened this issue Apr 13, 2021 · 1 comment
Closed

OAuth2AccessTokenResponse cannot be serialized by Jackson #9628

NotFound403 opened this issue Apr 13, 2021 · 1 comment
Assignees
@jgrandja
Labels
in: oauth2 An issue in OAuth2 modules (oauth2-core, oauth2-client, oauth2-resource-server, oauth2-jose) status: invalid An issue that we don't feel is valid

Comments

@NotFound403
Copy link

Expected Behavior

OAuth2AccessTokenResponse can be serialized.

Token storing with redis is popular .

    @Bean
    public RedisTemplate<Object, Object> redisTemplate(RedisConnectionFactory redisConnectionFactory) {
        RedisTemplate<Object, Object> redisTemplate = new RedisTemplate<>();
        redisTemplate.setConnectionFactory(redisConnectionFactory);
        //  use Jackson2JsonRedisSerialize  
        Jackson2JsonRedisSerializer<Object> jackson2JsonRedisSerializer = initJacksonSerializer();
        //  keySerial and valueSerial
        redisTemplate.setValueSerializer(jackson2JsonRedisSerializer);
        redisTemplate.setKeySerializer(new StringRedisSerializer());
        redisTemplate.afterPropertiesSet();
        return redisTemplate;
    }

Current Behavior
Now it is a final class.

public final class OAuth2AccessTokenResponse {
 //  ignore
}

Context

Cause :

Caused by: com.fasterxml.jackson.databind.exc.MismatchedInputException: Unexpected token (START_OBJECT), expected START_ARRAY: need JSON Array to contain As.WRAPPER_ARRAY type information for class java.lang.Object
 at [Source: (byte[])"{"accessToken":["org.springframework.security.oauth2.core.OAuth2AccessToken"

When I make ObjectMapper that :

    //  jackson
    ObjectMapper om = new ObjectMapper();
   om.activateDefaultTyping(om.getPolymorphicTypeValidator(), ObjectMapper.DefaultTyping.NON_FINAL);

Cause :

java.lang.ClassCastException: java.util.LinkedHashMap cannot be cast to org.springframework.security.oauth2.core.endpoint.OAuth2AccessTokenResponse
@NotFound403 NotFound403 added status: waiting-for-triage An issue we've not yet triaged type: enhancement A general enhancement labels Apr 13, 2021
@jgrandja
Copy link
Contributor

@NotFound403 This is by design that OAuth2AccessTokenResponse is not meant to be Serializable. However, it's member's OAuth2AccessToken and OAuth2RefreshToken are via the supported OAuth2AccessTokenMixin and OAuth2RefreshTokenMixin.

For further details please see gh-4886, gh-7873 and gh-7889.

@jgrandja jgrandja self-assigned this Apr 13, 2021
@jgrandja jgrandja added in: oauth2 An issue in OAuth2 modules (oauth2-core, oauth2-client, oauth2-resource-server, oauth2-jose) status: invalid An issue that we don't feel is valid and removed status: waiting-for-triage An issue we've not yet triaged type: enhancement A general enhancement labels Apr 13, 2021
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@jgrandja jgrandja

Labels
in: oauth2 An issue in OAuth2 modules (oauth2-core, oauth2-client, oauth2-resource-server, oauth2-jose) status: invalid An issue that we don't feel is valid
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@jgrandja @NotFound403