Polish gh-11758

web/src/main/java/org/springframework/security/web/jackson2/SwitchUserGrantedAuthorityMixIn.java

@@ -1,5 +1,5 @@
 /*
- * Copyright 2002-2022 the original author or authors.
+ * Copyright 2002-2024 the original author or authors.
  *
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
@@ -29,15 +29,15 @@ import org.springframework.security.web.authentication.switchuser.SwitchUserGran
  * Jackson mixin class to serialize/deserialize {@link SwitchUserGrantedAuthority}.
  *
  * @author Markus Heiden
- * @since 5.8
+ * @since 6.3
  * @see WebServletJackson2Module
  * @see org.springframework.security.jackson2.SecurityJackson2Modules
  */
-@JsonTypeInfo(use = JsonTypeInfo.Id.CLASS, include = JsonTypeInfo.As.PROPERTY)
-@JsonIgnoreProperties(ignoreUnknown = true)
+@JsonTypeInfo(use = JsonTypeInfo.Id.CLASS)
 @JsonAutoDetect(fieldVisibility = JsonAutoDetect.Visibility.ANY, getterVisibility = JsonAutoDetect.Visibility.NONE,
 		isGetterVisibility = JsonAutoDetect.Visibility.NONE)
-public abstract class SwitchUserGrantedAuthorityMixIn {
+@JsonIgnoreProperties(ignoreUnknown = true)
+abstract class SwitchUserGrantedAuthorityMixIn {
 
 	@JsonCreator
 	SwitchUserGrantedAuthorityMixIn(@JsonProperty("role") String role, @JsonProperty("source") Authentication source) {

web/src/main/java/org/springframework/security/web/jackson2/WebServletJackson2Module.java

@@ -1,5 +1,5 @@
 /*
- * Copyright 2015-2016 the original author or authors.
+ * Copyright 2015-2024 the original author or authors.
  *
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
@@ -27,12 +27,12 @@ import org.springframework.security.web.savedrequest.DefaultSavedRequest;
 import org.springframework.security.web.savedrequest.SavedCookie;
 
 /**
- * Jackson module for spring-security-web related to servlet. This module register
- * {@link CookieMixin}, {@link SavedCookieMixin}, {@link DefaultSavedRequestMixin} and
- * {@link WebAuthenticationDetailsMixin}. If no default typing enabled by default then
- * it'll enable it because typing info is needed to properly serialize/deserialize
- * objects. In order to use this module just add this module into your ObjectMapper
- * configuration.
+ * Jackson module for spring-security-web related to servlet. This module registers
+ * {@link CookieMixin}, {@link SavedCookieMixin}, {@link DefaultSavedRequestMixin},
+ * {@link WebAuthenticationDetailsMixin}, and {@link SwitchUserGrantedAuthorityMixIn}. If
+ * no default typing is enabled by default then it will be enabled, because typing info is
+ * needed to properly serialize/deserialize objects. In order to use this module just add
+ * this module into your ObjectMapper configuration.
  *
  * <pre>
  *     ObjectMapper mapper = new ObjectMapper();

web/src/test/java/org/springframework/security/web/jackson2/SwitchUserGrantedAuthorityMixInTest.java → web/src/test/java/org/springframework/security/web/jackson2/SwitchUserGrantedAuthorityMixInTests.java

@@ -1,5 +1,5 @@
 /*
- * Copyright 2002-2022 the original author or authors.
+ * Copyright 2002-2024 the original author or authors.
  *
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
@@ -31,9 +31,9 @@ import static org.assertj.core.api.Assertions.assertThat;
 
 /**
  * @author Markus Heiden
- * @since 5.8
+ * @since 6.3
  */
-public class SwitchUserGrantedAuthorityMixInTest extends AbstractMixinTests {
+public class SwitchUserGrantedAuthorityMixInTests extends AbstractMixinTests {
 
 	// language=JSON
 	private static final String SWITCH_JSON = """
@@ -50,25 +50,24 @@ public class SwitchUserGrantedAuthorityMixInTest extends AbstractMixinTests {
 				}
 			}
 			""".formatted(SimpleGrantedAuthorityMixinTests.AUTHORITIES_ARRAYLIST_JSON);
-	SwitchUserGrantedAuthority expected;
 
-	Authentication source;
+	private Authentication source;
 
 	@BeforeEach
-	public void setupExpected() {
+	public void setUp() {
 		this.source = new UsernamePasswordAuthenticationToken("principal", "credentials",
 				AuthorityUtils.createAuthorityList("ROLE_USER"));
-		this.expected = new SwitchUserGrantedAuthority("switched", this.source);
 	}
 
 	@Test
 	public void serializeWhenPrincipalCredentialsAuthoritiesThenSuccess() throws Exception {
-		String serializedJson = this.mapper.writeValueAsString(this.expected);
+		SwitchUserGrantedAuthority expected = new SwitchUserGrantedAuthority("switched", this.source);
+		String serializedJson = this.mapper.writeValueAsString(expected);
 		JSONAssert.assertEquals(SWITCH_JSON, serializedJson, true);
 	}
 
 	@Test
-	public void deserializeAuthenticatedUsernamePasswordAuthenticationTokenMixinTest() throws Exception {
+	public void deserializeWhenSourceIsUsernamePasswordAuthenticationTokenThenSuccess() throws Exception {
 		SwitchUserGrantedAuthority deserialized = this.mapper.readValue(SWITCH_JSON, SwitchUserGrantedAuthority.class);
 		assertThat(deserialized).isNotNull();
 		assertThat(deserialized.getAuthority()).isEqualTo("switched");