From 0e281beb87e323cae20a27760942ba5b1036a93f Mon Sep 17 00:00:00 2001 From: Markus Heiden Date: Sat, 27 Aug 2022 13:08:36 +0200 Subject: [PATCH 1/7] Add SwitchUserGrantedAuthorityMixIn --- .../SwitchUserGrantedAuthorityMixIn.java | 46 +++++++++++++++++++ 1 file changed, 46 insertions(+) create mode 100644 web/src/main/java/org/springframework/security/web/jackson2/SwitchUserGrantedAuthorityMixIn.java diff --git a/web/src/main/java/org/springframework/security/web/jackson2/SwitchUserGrantedAuthorityMixIn.java b/web/src/main/java/org/springframework/security/web/jackson2/SwitchUserGrantedAuthorityMixIn.java new file mode 100644 index 00000000000..d5fd0bfd48c --- /dev/null +++ b/web/src/main/java/org/springframework/security/web/jackson2/SwitchUserGrantedAuthorityMixIn.java @@ -0,0 +1,46 @@ +/* + * Copyright 2015-2016 the original author or authors. + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * https://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +package org.springframework.security.web.jackson2; + +import org.springframework.security.core.Authentication; +import org.springframework.security.web.authentication.switchuser.SwitchUserGrantedAuthority; + +import com.fasterxml.jackson.annotation.JsonAutoDetect; +import com.fasterxml.jackson.annotation.JsonCreator; +import com.fasterxml.jackson.annotation.JsonIgnoreProperties; +import com.fasterxml.jackson.annotation.JsonProperty; +import com.fasterxml.jackson.annotation.JsonTypeInfo; + +/** + * Jackson mixin class to serialize/deserialize {@link SwitchUserGrantedAuthority}. + * + * @author Markus Heiden + * @since 5.8 + * @see WebServletJackson2Module + * @see org.springframework.security.jackson2.SecurityJackson2Modules + */ +@JsonTypeInfo(use = JsonTypeInfo.Id.CLASS, include = JsonTypeInfo.As.PROPERTY) +@JsonIgnoreProperties(ignoreUnknown = true) +@JsonAutoDetect(fieldVisibility = JsonAutoDetect.Visibility.ANY, getterVisibility = JsonAutoDetect.Visibility.NONE, + isGetterVisibility = JsonAutoDetect.Visibility.NONE) +public abstract class SwitchUserGrantedAuthorityMixIn { + + @JsonCreator + SwitchUserGrantedAuthorityMixIn(@JsonProperty("role") String role, @JsonProperty("source") Authentication source) { + } + +} From 40f99a837808b33a13ff9e37905dae495e37c7f5 Mon Sep 17 00:00:00 2001 From: Markus Heiden Date: Sat, 27 Aug 2022 13:34:51 +0200 Subject: [PATCH 2/7] Add tests --- .../jackson2/WebServletJackson2Module.java | 10 +-- .../SwitchUserGrantedAuthorityMixInTest.java | 62 +++++++++++++++++++ 2 files changed, 68 insertions(+), 4 deletions(-) create mode 100644 web/src/test/java/org/springframework/security/web/jackson2/SwitchUserGrantedAuthorityMixInTest.java diff --git a/web/src/main/java/org/springframework/security/web/jackson2/WebServletJackson2Module.java b/web/src/main/java/org/springframework/security/web/jackson2/WebServletJackson2Module.java index 3a95a3c082a..72f1e931ae8 100644 --- a/web/src/main/java/org/springframework/security/web/jackson2/WebServletJackson2Module.java +++ b/web/src/main/java/org/springframework/security/web/jackson2/WebServletJackson2Module.java @@ -16,15 +16,16 @@ package org.springframework.security.web.jackson2; -import com.fasterxml.jackson.core.Version; -import com.fasterxml.jackson.databind.module.SimpleModule; -import jakarta.servlet.http.Cookie; - import org.springframework.security.jackson2.SecurityJackson2Modules; import org.springframework.security.web.authentication.WebAuthenticationDetails; +import org.springframework.security.web.authentication.switchuser.SwitchUserGrantedAuthority; import org.springframework.security.web.savedrequest.DefaultSavedRequest; import org.springframework.security.web.savedrequest.SavedCookie; +import com.fasterxml.jackson.core.Version; +import com.fasterxml.jackson.databind.module.SimpleModule; +import jakarta.servlet.http.Cookie; + /** * Jackson module for spring-security-web related to servlet. This module register * {@link CookieMixin}, {@link SavedCookieMixin}, {@link DefaultSavedRequestMixin} and @@ -56,6 +57,7 @@ public void setupModule(SetupContext context) { context.setMixInAnnotations(SavedCookie.class, SavedCookieMixin.class); context.setMixInAnnotations(DefaultSavedRequest.class, DefaultSavedRequestMixin.class); context.setMixInAnnotations(WebAuthenticationDetails.class, WebAuthenticationDetailsMixin.class); + context.setMixInAnnotations(SwitchUserGrantedAuthority.class, SwitchUserGrantedAuthorityMixIn.class); } } diff --git a/web/src/test/java/org/springframework/security/web/jackson2/SwitchUserGrantedAuthorityMixInTest.java b/web/src/test/java/org/springframework/security/web/jackson2/SwitchUserGrantedAuthorityMixInTest.java new file mode 100644 index 00000000000..85fe2c0ad3e --- /dev/null +++ b/web/src/test/java/org/springframework/security/web/jackson2/SwitchUserGrantedAuthorityMixInTest.java @@ -0,0 +1,62 @@ +package org.springframework.security.web.jackson2; + +import org.springframework.security.authentication.UsernamePasswordAuthenticationToken; +import org.springframework.security.core.Authentication; +import org.springframework.security.core.authority.AuthorityUtils; +import org.springframework.security.jackson2.AbstractMixinTests; +import org.springframework.security.jackson2.SimpleGrantedAuthorityMixinTests; +import org.springframework.security.web.authentication.switchuser.SwitchUserGrantedAuthority; + +import org.junit.jupiter.api.BeforeEach; +import org.junit.jupiter.api.Test; +import org.skyscreamer.jsonassert.JSONAssert; + +import static org.assertj.core.api.Assertions.assertThat; + +/** + * @author Markus Heiden + * @since 5.8 + */ +public class SwitchUserGrantedAuthorityMixInTest extends AbstractMixinTests { + + // language=JSON + private static final String SWITCH_JSON = """ + { + "@class": "org.springframework.security.web.authentication.switchuser.SwitchUserGrantedAuthority", + "role": "switched", + "source": { + "@class": "org.springframework.security.authentication.UsernamePasswordAuthenticationToken", + "principal": "principal", + "credentials": "credentials", + "authenticated": true, + "details": null, + "authorities": %s + } + } + """.formatted(SimpleGrantedAuthorityMixinTests.AUTHORITIES_ARRAYLIST_JSON); + SwitchUserGrantedAuthority expected; + Authentication source; + + @BeforeEach + public void setupExpected() { + this.source = new UsernamePasswordAuthenticationToken( + "principal", "credentials", + AuthorityUtils.createAuthorityList("ROLE_USER")); + this.expected = new SwitchUserGrantedAuthority("switched", this.source); + } + + @Test + public void serializeWhenPrincipalCredentialsAuthoritiesThenSuccess() throws Exception { + String serializedJson = this.mapper.writeValueAsString(this.expected); + JSONAssert.assertEquals(SWITCH_JSON, serializedJson, true); + } + + @Test + public void deserializeAuthenticatedUsernamePasswordAuthenticationTokenMixinTest() throws Exception { + SwitchUserGrantedAuthority deserialized = this.mapper.readValue(SWITCH_JSON, SwitchUserGrantedAuthority.class); + assertThat(deserialized).isNotNull(); + assertThat(deserialized.getAuthority()).isEqualTo("switched"); + assertThat(deserialized.getSource()).isEqualTo(this.source); + } + +} From 9f82a0041e08618e522f1174486860ff3464d3ff Mon Sep 17 00:00:00 2001 From: Markus Heiden Date: Sat, 27 Aug 2022 13:42:54 +0200 Subject: [PATCH 3/7] Add license --- .../SwitchUserGrantedAuthorityMixIn.java | 2 +- .../SwitchUserGrantedAuthorityMixInTest.java | 16 ++++++++++++++++ 2 files changed, 17 insertions(+), 1 deletion(-) diff --git a/web/src/main/java/org/springframework/security/web/jackson2/SwitchUserGrantedAuthorityMixIn.java b/web/src/main/java/org/springframework/security/web/jackson2/SwitchUserGrantedAuthorityMixIn.java index d5fd0bfd48c..f63d867dbad 100644 --- a/web/src/main/java/org/springframework/security/web/jackson2/SwitchUserGrantedAuthorityMixIn.java +++ b/web/src/main/java/org/springframework/security/web/jackson2/SwitchUserGrantedAuthorityMixIn.java @@ -1,5 +1,5 @@ /* - * Copyright 2015-2016 the original author or authors. + * Copyright 2002-2022 the original author or authors. * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. diff --git a/web/src/test/java/org/springframework/security/web/jackson2/SwitchUserGrantedAuthorityMixInTest.java b/web/src/test/java/org/springframework/security/web/jackson2/SwitchUserGrantedAuthorityMixInTest.java index 85fe2c0ad3e..7695f7d491d 100644 --- a/web/src/test/java/org/springframework/security/web/jackson2/SwitchUserGrantedAuthorityMixInTest.java +++ b/web/src/test/java/org/springframework/security/web/jackson2/SwitchUserGrantedAuthorityMixInTest.java @@ -1,3 +1,19 @@ +/* + * Copyright 2002-2022 the original author or authors. + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * https://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + package org.springframework.security.web.jackson2; import org.springframework.security.authentication.UsernamePasswordAuthenticationToken; From 5cb1d1eaa1f91d0f8626c0959eea883cc1dcd089 Mon Sep 17 00:00:00 2001 From: Markus Heiden Date: Sat, 27 Aug 2022 18:44:02 +0200 Subject: [PATCH 4/7] Fix format --- .../SwitchUserGrantedAuthorityMixIn.java | 8 +++--- .../SwitchUserGrantedAuthorityMixInTest.java | 26 +++++++++---------- 2 files changed, 17 insertions(+), 17 deletions(-) diff --git a/web/src/main/java/org/springframework/security/web/jackson2/SwitchUserGrantedAuthorityMixIn.java b/web/src/main/java/org/springframework/security/web/jackson2/SwitchUserGrantedAuthorityMixIn.java index f63d867dbad..a2e44178b58 100644 --- a/web/src/main/java/org/springframework/security/web/jackson2/SwitchUserGrantedAuthorityMixIn.java +++ b/web/src/main/java/org/springframework/security/web/jackson2/SwitchUserGrantedAuthorityMixIn.java @@ -36,11 +36,11 @@ @JsonTypeInfo(use = JsonTypeInfo.Id.CLASS, include = JsonTypeInfo.As.PROPERTY) @JsonIgnoreProperties(ignoreUnknown = true) @JsonAutoDetect(fieldVisibility = JsonAutoDetect.Visibility.ANY, getterVisibility = JsonAutoDetect.Visibility.NONE, - isGetterVisibility = JsonAutoDetect.Visibility.NONE) + isGetterVisibility = JsonAutoDetect.Visibility.NONE) public abstract class SwitchUserGrantedAuthorityMixIn { - @JsonCreator - SwitchUserGrantedAuthorityMixIn(@JsonProperty("role") String role, @JsonProperty("source") Authentication source) { - } + @JsonCreator + SwitchUserGrantedAuthorityMixIn(@JsonProperty("role") String role, @JsonProperty("source") Authentication source) { + } } diff --git a/web/src/test/java/org/springframework/security/web/jackson2/SwitchUserGrantedAuthorityMixInTest.java b/web/src/test/java/org/springframework/security/web/jackson2/SwitchUserGrantedAuthorityMixInTest.java index 7695f7d491d..998a02e152d 100644 --- a/web/src/test/java/org/springframework/security/web/jackson2/SwitchUserGrantedAuthorityMixInTest.java +++ b/web/src/test/java/org/springframework/security/web/jackson2/SwitchUserGrantedAuthorityMixInTest.java @@ -37,19 +37,19 @@ public class SwitchUserGrantedAuthorityMixInTest extends AbstractMixinTests { // language=JSON private static final String SWITCH_JSON = """ - { - "@class": "org.springframework.security.web.authentication.switchuser.SwitchUserGrantedAuthority", - "role": "switched", - "source": { - "@class": "org.springframework.security.authentication.UsernamePasswordAuthenticationToken", - "principal": "principal", - "credentials": "credentials", - "authenticated": true, - "details": null, - "authorities": %s - } - } - """.formatted(SimpleGrantedAuthorityMixinTests.AUTHORITIES_ARRAYLIST_JSON); + { + "@class": "org.springframework.security.web.authentication.switchuser.SwitchUserGrantedAuthority", + "role": "switched", + "source": { + "@class": "org.springframework.security.authentication.UsernamePasswordAuthenticationToken", + "principal": "principal", + "credentials": "credentials", + "authenticated": true, + "details": null, + "authorities": %s + } + } + """.formatted(SimpleGrantedAuthorityMixinTests.AUTHORITIES_ARRAYLIST_JSON); SwitchUserGrantedAuthority expected; Authentication source; From ac6e7fa680f115c2d04a2d4fdebff128c6a50436 Mon Sep 17 00:00:00 2001 From: Markus Heiden Date: Sat, 27 Aug 2022 18:58:54 +0200 Subject: [PATCH 5/7] Fix format --- .../web/jackson2/SwitchUserGrantedAuthorityMixInTest.java | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/web/src/test/java/org/springframework/security/web/jackson2/SwitchUserGrantedAuthorityMixInTest.java b/web/src/test/java/org/springframework/security/web/jackson2/SwitchUserGrantedAuthorityMixInTest.java index 998a02e152d..4a1308e4d91 100644 --- a/web/src/test/java/org/springframework/security/web/jackson2/SwitchUserGrantedAuthorityMixInTest.java +++ b/web/src/test/java/org/springframework/security/web/jackson2/SwitchUserGrantedAuthorityMixInTest.java @@ -51,12 +51,12 @@ public class SwitchUserGrantedAuthorityMixInTest extends AbstractMixinTests { } """.formatted(SimpleGrantedAuthorityMixinTests.AUTHORITIES_ARRAYLIST_JSON); SwitchUserGrantedAuthority expected; + Authentication source; @BeforeEach public void setupExpected() { - this.source = new UsernamePasswordAuthenticationToken( - "principal", "credentials", + this.source = new UsernamePasswordAuthenticationToken("principal", "credentials", AuthorityUtils.createAuthorityList("ROLE_USER")); this.expected = new SwitchUserGrantedAuthority("switched", this.source); } From f41a310abad47c8b81012e3044dbac995f2fdcfd Mon Sep 17 00:00:00 2001 From: Markus Heiden Date: Sat, 27 Aug 2022 20:39:30 +0200 Subject: [PATCH 6/7] Fix import order --- .../security/web/jackson2/WebServletJackson2Module.java | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/web/src/main/java/org/springframework/security/web/jackson2/WebServletJackson2Module.java b/web/src/main/java/org/springframework/security/web/jackson2/WebServletJackson2Module.java index 72f1e931ae8..f2c9d46f76c 100644 --- a/web/src/main/java/org/springframework/security/web/jackson2/WebServletJackson2Module.java +++ b/web/src/main/java/org/springframework/security/web/jackson2/WebServletJackson2Module.java @@ -16,16 +16,16 @@ package org.springframework.security.web.jackson2; +import com.fasterxml.jackson.core.Version; +import com.fasterxml.jackson.databind.module.SimpleModule; +import jakarta.servlet.http.Cookie; + import org.springframework.security.jackson2.SecurityJackson2Modules; import org.springframework.security.web.authentication.WebAuthenticationDetails; import org.springframework.security.web.authentication.switchuser.SwitchUserGrantedAuthority; import org.springframework.security.web.savedrequest.DefaultSavedRequest; import org.springframework.security.web.savedrequest.SavedCookie; -import com.fasterxml.jackson.core.Version; -import com.fasterxml.jackson.databind.module.SimpleModule; -import jakarta.servlet.http.Cookie; - /** * Jackson module for spring-security-web related to servlet. This module register * {@link CookieMixin}, {@link SavedCookieMixin}, {@link DefaultSavedRequestMixin} and From 0f332277213b1020582588b3cd82e7d5a89c2969 Mon Sep 17 00:00:00 2001 From: Markus Heiden Date: Sat, 27 Aug 2022 20:45:17 +0200 Subject: [PATCH 7/7] Fix order of imports --- .../web/jackson2/SwitchUserGrantedAuthorityMixIn.java | 6 +++--- .../web/jackson2/SwitchUserGrantedAuthorityMixInTest.java | 8 ++++---- 2 files changed, 7 insertions(+), 7 deletions(-) diff --git a/web/src/main/java/org/springframework/security/web/jackson2/SwitchUserGrantedAuthorityMixIn.java b/web/src/main/java/org/springframework/security/web/jackson2/SwitchUserGrantedAuthorityMixIn.java index a2e44178b58..463995af933 100644 --- a/web/src/main/java/org/springframework/security/web/jackson2/SwitchUserGrantedAuthorityMixIn.java +++ b/web/src/main/java/org/springframework/security/web/jackson2/SwitchUserGrantedAuthorityMixIn.java @@ -16,15 +16,15 @@ package org.springframework.security.web.jackson2; -import org.springframework.security.core.Authentication; -import org.springframework.security.web.authentication.switchuser.SwitchUserGrantedAuthority; - import com.fasterxml.jackson.annotation.JsonAutoDetect; import com.fasterxml.jackson.annotation.JsonCreator; import com.fasterxml.jackson.annotation.JsonIgnoreProperties; import com.fasterxml.jackson.annotation.JsonProperty; import com.fasterxml.jackson.annotation.JsonTypeInfo; +import org.springframework.security.core.Authentication; +import org.springframework.security.web.authentication.switchuser.SwitchUserGrantedAuthority; + /** * Jackson mixin class to serialize/deserialize {@link SwitchUserGrantedAuthority}. * diff --git a/web/src/test/java/org/springframework/security/web/jackson2/SwitchUserGrantedAuthorityMixInTest.java b/web/src/test/java/org/springframework/security/web/jackson2/SwitchUserGrantedAuthorityMixInTest.java index 4a1308e4d91..29694717315 100644 --- a/web/src/test/java/org/springframework/security/web/jackson2/SwitchUserGrantedAuthorityMixInTest.java +++ b/web/src/test/java/org/springframework/security/web/jackson2/SwitchUserGrantedAuthorityMixInTest.java @@ -16,6 +16,10 @@ package org.springframework.security.web.jackson2; +import org.junit.jupiter.api.BeforeEach; +import org.junit.jupiter.api.Test; +import org.skyscreamer.jsonassert.JSONAssert; + import org.springframework.security.authentication.UsernamePasswordAuthenticationToken; import org.springframework.security.core.Authentication; import org.springframework.security.core.authority.AuthorityUtils; @@ -23,10 +27,6 @@ import org.springframework.security.jackson2.SimpleGrantedAuthorityMixinTests; import org.springframework.security.web.authentication.switchuser.SwitchUserGrantedAuthority; -import org.junit.jupiter.api.BeforeEach; -import org.junit.jupiter.api.Test; -import org.skyscreamer.jsonassert.JSONAssert; - import static org.assertj.core.api.Assertions.assertThat; /**