6 anni fa · e218ac2e40
--- a/core/src/main/java/org/springframework/security/jackson2/SecurityJackson2Modules.java
+++ b/core/src/main/java/org/springframework/security/jackson2/SecurityJackson2Modules.java
@@ -57,6 +57,7 @@ import java.util.Set;
 
				  *     mapper.registerModule(new CoreJackson2Module());
			
 
				  *     mapper.registerModule(new CasJackson2Module());
			
 
				  *     mapper.registerModule(new WebJackson2Module());
			
 
				+ *     mapper.registerModule(new WebServletJackson2Module());
			
 
				  * </pre>
			
 
				  *
			
 
				  * @author Jitendra Singh.
			
@@ -70,6 +71,8 @@ public final class SecurityJackson2Modules {
 
				 			"org.springframework.security.cas.jackson2.CasJackson2Module",
			
 
				 			"org.springframework.security.web.jackson2.WebJackson2Module"
			
 
				 	);
			
 
				+	private static final String webServletJackson2ModuleClass =
			
 
				+			"org.springframework.security.web.jackson2.WebServletJackson2Module";
			
 
				 
			
 
				 	private SecurityJackson2Modules() {
			
 
				 	}
			
@@ -109,14 +112,26 @@ public final class SecurityJackson2Modules {
 
				 	public static List<Module> getModules(ClassLoader loader) {
			
 
				 		List<Module> modules = new ArrayList<>();
			
 
				 		for (String className : securityJackson2ModuleClasses) {
			
 
				-			Module module = loadAndGetInstance(className, loader);
			
 
				-			if (module != null) {
			
 
				-				modules.add(module);
			
 
				-			}
			
 
				+			addToModulesList(loader, modules, className);
			
 
				+		}
			
 
				+		if (ClassUtils.isPresent("javax.servlet.http.Cookie", loader)) {
			
 
				+			addToModulesList(loader, modules, webServletJackson2ModuleClass);
			
 
				 		}
			
 
				 		return modules;
			
 
				 	}
			
 
				 
			
 
				+	/**
			
 
				+	 * @param loader    the ClassLoader to use
			
 
				+	 * @param modules   list of the modules to add
			
 
				+	 * @param className name of the class to instantiate
			
 
				+	 */
			
 
				+	private static void addToModulesList(ClassLoader loader, List<Module> modules, String className) {
			
 
				+		Module module = loadAndGetInstance(className, loader);
			
 
				+		if (module != null) {
			
 
				+			modules.add(module);
			
 
				+		}
			
 
				+	}
			
 
				+
			
 
				 	/**
			
 
				 	 * Creates a TypeResolverBuilder that performs whitelisting.
			
 
				 	 * @return a TypeResolverBuilder that performs whitelisting.
			
--- a/web/src/main/java/org/springframework/security/web/jackson2/CookieMixin.java
+++ b/web/src/main/java/org/springframework/security/web/jackson2/CookieMixin.java
@@ -25,11 +25,11 @@ import com.fasterxml.jackson.databind.annotation.JsonDeserialize;
 
				  *
			
 
				  * <pre>
			
 
				  *     ObjectMapper mapper = new ObjectMapper();
			
 
				- *     mapper.registerModule(new WebJackson2Module());
			
 
				+ *     mapper.registerModule(new WebServletJackson2Module());
			
 
				  * </pre>
			
 
				  *
			
 
				  * @author Jitendra Singh
			
 
				- * @see WebJackson2Module
			
 
				+ * @see WebServletJackson2Module
			
 
				  * @see org.springframework.security.jackson2.SecurityJackson2Modules
			
 
				  * @since 4.2
			
 
				  */
			
--- a/web/src/main/java/org/springframework/security/web/jackson2/DefaultSavedRequestMixin.java
+++ b/web/src/main/java/org/springframework/security/web/jackson2/DefaultSavedRequestMixin.java
@@ -29,11 +29,11 @@ import org.springframework.security.web.savedrequest.DefaultSavedRequest;
 
				  * <p>
			
 
				  * <pre>
			
 
				  *     ObjectMapper mapper = new ObjectMapper();
			
 
				- *     mapper.registerModule(new WebJackson2Module());
			
 
				+ *     mapper.registerModule(new WebServletJackson2Module());
			
 
				  * </pre>
			
 
				  *
			
 
				  * @author Jitendra Singh
			
 
				- * @see WebJackson2Module
			
 
				+ * @see WebServletJackson2Module
			
 
				  * @see org.springframework.security.jackson2.SecurityJackson2Modules
			
 
				  * @since 4.2
			
 
				  */
			
--- a/web/src/main/java/org/springframework/security/web/jackson2/SavedCookieMixin.java
+++ b/web/src/main/java/org/springframework/security/web/jackson2/SavedCookieMixin.java
@@ -24,11 +24,11 @@ import com.fasterxml.jackson.annotation.*;
 
				  *
			
 
				  * <pre>
			
 
				  * 		ObjectMapper mapper = new ObjectMapper();
			
 
				- *		mapper.registerModule(new WebJackson2Module());
			
 
				+ *		mapper.registerModule(new WebServletJackson2Module());
			
 
				  * </pre>
			
 
				  *
			
 
				  * @author Jitendra Singh.
			
 
				- * @see WebJackson2Module
			
 
				+ * @see WebServletJackson2Module
			
 
				  * @see org.springframework.security.jackson2.SecurityJackson2Modules
			
 
				  * @since 4.2
			
 
				  */
			
--- a/web/src/main/java/org/springframework/security/web/jackson2/WebAuthenticationDetailsMixin.java
+++ b/web/src/main/java/org/springframework/security/web/jackson2/WebAuthenticationDetailsMixin.java
@@ -23,11 +23,11 @@ import com.fasterxml.jackson.annotation.*;
 
				  *
			
 
				  * <pre>
			
 
				  * 	ObjectMapper mapper = new ObjectMapper();
			
 
				- *	mapper.registerModule(new WebJackson2Module());
			
 
				+ *	mapper.registerModule(new WebServletJackson2Module());
			
 
				  * </pre>
			
 
				  *
			
 
				  * @author Jitendra Singh
			
 
				- * @see WebJackson2Module
			
 
				+ * @see WebServletJackson2Module
			
 
				  * @see org.springframework.security.jackson2.SecurityJackson2Modules
			
 
				  * @since 4.2
			
 
				  */
			
--- a/web/src/main/java/org/springframework/security/web/jackson2/WebJackson2Module.java
+++ b/web/src/main/java/org/springframework/security/web/jackson2/WebJackson2Module.java
@@ -16,23 +16,17 @@
 
				 
			
 
				 package org.springframework.security.web.jackson2;
			
 
				 
			
 
				-import javax.servlet.http.Cookie;
			
 
				-
			
 
				 import org.springframework.security.jackson2.SecurityJackson2Modules;
			
 
				-import org.springframework.security.web.authentication.WebAuthenticationDetails;
			
 
				 import org.springframework.security.web.authentication.preauth.PreAuthenticatedAuthenticationToken;
			
 
				 import org.springframework.security.web.csrf.DefaultCsrfToken;
			
 
				-import org.springframework.security.web.savedrequest.DefaultSavedRequest;
			
 
				-import org.springframework.security.web.savedrequest.SavedCookie;
			
 
				 
			
 
				 import com.fasterxml.jackson.core.Version;
			
 
				-import com.fasterxml.jackson.databind.ObjectMapper;
			
 
				 import com.fasterxml.jackson.databind.module.SimpleModule;
			
 
				 
			
 
				 /**
			
 
				- * Jackson module for spring-security-web. This module register {@link CookieMixin},
			
 
				- * {@link DefaultCsrfTokenMixin}, {@link DefaultSavedRequestMixin} and {@link WebAuthenticationDetailsMixin}. If no
			
 
				- * default typing enabled by default then it'll enable it because typing info is needed to properly serialize/deserialize objects.
			
 
				+ * Jackson module for spring-security-web. This module register {@link DefaultCsrfTokenMixin} and
			
 
				+ * {@link PreAuthenticatedAuthenticationTokenMixin}. If no default typing enabled by default then it'll enable
			
 
				+ * it because typing info is needed to properly serialize/deserialize objects.
			
 
				  * In order to use this module just add this module into your ObjectMapper configuration.
			
 
				  *
			
 
				  * <pre>
			
@@ -53,12 +47,8 @@ public class WebJackson2Module extends SimpleModule {
 
				 
			
 
				 	@Override
			
 
				 	public void setupModule(SetupContext context) {
			
 
				-		SecurityJackson2Modules.enableDefaultTyping((ObjectMapper) context.getOwner());
			
 
				-		context.setMixInAnnotations(Cookie.class, CookieMixin.class);
			
 
				-		context.setMixInAnnotations(SavedCookie.class, SavedCookieMixin.class);
			
 
				+		SecurityJackson2Modules.enableDefaultTyping(context.getOwner());
			
 
				 		context.setMixInAnnotations(DefaultCsrfToken.class, DefaultCsrfTokenMixin.class);
			
 
				-		context.setMixInAnnotations(DefaultSavedRequest.class, DefaultSavedRequestMixin.class);
			
 
				-		context.setMixInAnnotations(WebAuthenticationDetails.class, WebAuthenticationDetailsMixin.class);
			
 
				 		context.setMixInAnnotations(PreAuthenticatedAuthenticationToken.class, PreAuthenticatedAuthenticationTokenMixin.class);
			
 
				 	}
			
 
				 }
			
--- a/web/src/main/java/org/springframework/security/web/jackson2/WebServletJackson2Module.java
+++ b/web/src/main/java/org/springframework/security/web/jackson2/WebServletJackson2Module.java
@@ -0,0 +1,59 @@
 
				+/*
			
 
				+ * Copyright 2015-2016 the original author or authors.
			
 
				+ *
			
 
				+ * Licensed under the Apache License, Version 2.0 (the "License");
			
 
				+ * you may not use this file except in compliance with the License.
			
 
				+ * You may obtain a copy of the License at
			
 
				+ *
			
 
				+ *      http://www.apache.org/licenses/LICENSE-2.0
			
 
				+ *
			
 
				+ * Unless required by applicable law or agreed to in writing, software
			
 
				+ * distributed under the License is distributed on an "AS IS" BASIS,
			
 
				+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
			
 
				+ * See the License for the specific language governing permissions and
			
 
				+ * limitations under the License.
			
 
				+ */
			
 
				+
			
 
				+package org.springframework.security.web.jackson2;
			
 
				+
			
 
				+import javax.servlet.http.Cookie;
			
 
				+
			
 
				+import org.springframework.security.jackson2.SecurityJackson2Modules;
			
 
				+import org.springframework.security.web.authentication.WebAuthenticationDetails;
			
 
				+import org.springframework.security.web.savedrequest.DefaultSavedRequest;
			
 
				+import org.springframework.security.web.savedrequest.SavedCookie;
			
 
				+
			
 
				+import com.fasterxml.jackson.core.Version;
			
 
				+import com.fasterxml.jackson.databind.module.SimpleModule;
			
 
				+
			
 
				+/**
			
 
				+ * Jackson module for spring-security-web related to servlet. This module register {@link CookieMixin},
			
 
				+ * {@link SavedCookieMixin}, {@link DefaultSavedRequestMixin} and {@link WebAuthenticationDetailsMixin}. If no
			
 
				+ * default typing enabled by default then it'll enable it because typing info is needed to properly serialize/deserialize objects.
			
 
				+ * In order to use this module just add this module into your ObjectMapper configuration.
			
 
				+ *
			
 
				+ * <pre>
			
 
				+ *     ObjectMapper mapper = new ObjectMapper();
			
 
				+ *     mapper.registerModule(new WebServletJackson2Module());
			
 
				+ * </pre>
			
 
				+ * <b>Note: use {@link SecurityJackson2Modules#getModules(ClassLoader)} to get list of all security modules.</b>
			
 
				+ *
			
 
				+ * @author Boris Finkelshteyn
			
 
				+ * @see SecurityJackson2Modules
			
 
				+ * @since 5.1
			
 
				+ */
			
 
				+public class WebServletJackson2Module extends SimpleModule {
			
 
				+
			
 
				+	public WebServletJackson2Module() {
			
 
				+		super(WebJackson2Module.class.getName(), new Version(1, 0, 0, null, null, null));
			
 
				+	}
			
 
				+
			
 
				+	@Override
			
 
				+	public void setupModule(SetupContext context) {
			
 
				+		SecurityJackson2Modules.enableDefaultTyping(context.getOwner());
			
 
				+		context.setMixInAnnotations(Cookie.class, CookieMixin.class);
			
 
				+		context.setMixInAnnotations(SavedCookie.class, SavedCookieMixin.class);
			
 
				+		context.setMixInAnnotations(DefaultSavedRequest.class, DefaultSavedRequestMixin.class);
			
 
				+		context.setMixInAnnotations(WebAuthenticationDetails.class, WebAuthenticationDetailsMixin.class);
			
 
				+	}
			
 
				+}