- edited description
- changed title to nimbus-jose-jwt change from JSON Smart to Gson upgrade has breaking changes on serialization and desrialization for jsonObject
Change from JSON Smart to Gson upgrade has breaking changes on serialization and desrialization for jsonObject
Issue Description:
When generating JWTToken,
Before upgrading to version 9.24+, serialization and de-serialization of a 'JSONObject' containing a class object with a field of type 'Map<String, List>' worked correctly. This was because the getter method was being called during serialization, ensuring proper handling of the data. However, after upgrading to version 9.24+, issues arose where serialization is performed directly on the field type, neglecting to use the getter method for serialization.
Steps to Reproduce:
- Define a class with a field of type
Map<String, List<String>>
. - Ensure the class has appropriate getter and setter methods for the field (In my case it is manipulated to have List<String> type for handling client side use case).
- Serialize an instance of this class using
JSONObject
. - Deserialize the JSON object back into an instance of the class.
Expected Behavior:
- The getter method for the field should be invoked during serialization, ensuring correct handling of the data.
Actual Behavior:
- Serialization occurs directly on the field type, bypassing the getter method.
Additional Information:
- This issue started occurring after upgrading to version 9.24+.
- for token encryption, using EncryptedJWT class and in the encrypt there is process of getPayload().toByetes() in the Payload class where toString() is called and next it goes to the condition where JSONObjectUtils.toJsonString(jsonObject) is called. further the serialization taking place using Gson lib.
- JSON to Gson change has the impact. Tried using TypeAdapterFactory class to use custom TypeAdapter but that is not getting invoked/used by gson on execution.
Tech stack:
- Java Version: 17+
- Library/Tool Version: Spring 3+
- OS: any
Comments (5)
-
reporter -
- changed status to wontfix
Thanks for the detailed report. This document has an explanation what the current serialization contract for the library:
https://connect2id.com/products/nimbus-jose-jwt/examples/json-entity-mapping
In it there is an example how to update your code. This is indeed a breaking change that will require code update for cases likes yours.
-
reporter - changed title to Change from JSON Smart to Gson upgrade has breaking changes on serialization and desrialization for jsonObject
-
reporter thanks @Vladimir Dzhuvinov, examples helped in resolving the issue for my use case.
-
reporter - changed status to closed
provided examples in the doc, resolved the issue for the mentioned use case. hence closing this.
- Log in to comment