GitHub-Spring
/
spring-security
mirror of https://github.com/spring-projects/spring-security.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity
Browse Source

Merge branch 'gh-18643-6.5.x' into gh-18643-7.0.x

pull/18897/head
Ziqin Wang 1 week ago
parent
5b4fc73878 e726c05e76
commit
a013bfaaec
No known key found for this signature in database
GPG Key ID: B4A9D243A3DD5D9B
2 changed files with 46 additions and 6 deletions
Whitespace
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Unified View
Diff Options
Show Stats Download Patch File Download Diff File
  1. 11
      webauthn/src/main/java/org/springframework/security/web/webauthn/jackson/AuthenticationExtensionsClientOutputsJackson2Deserializer.java
  2. 41
      webauthn/src/test/java/org/springframework/security/web/webauthn/jackson/Jackson2Tests.java

11
webauthn/src/main/java/org/springframework/security/web/webauthn/jackson/AuthenticationExtensionsClientOutputsJackson2Deserializer.java
Unescape View File

@ -62,11 +62,8 @@ class AuthenticationExtensionsClientOutputsJackson2Deserializer
throws IOException, JacksonException { throws IOException, JacksonException {
List<AuthenticationExtensionsClientOutput<?>> outputs = new ArrayList<>(); List<AuthenticationExtensionsClientOutput<?>> outputs = new ArrayList<>();
for (String key = parser.nextFieldName(); key != null; key = parser.nextFieldName()) { for (String key = parser.nextFieldName(); key != null; key = parser.nextFieldName()) {
JsonToken startObject = parser.nextValue(); JsonToken next = parser.nextToken();
if (startObject != JsonToken.START_OBJECT) { if (next == JsonToken.START_OBJECT && CredentialPropertiesOutput.EXTENSION_ID.equals(key)) {
break;
}
if (CredentialPropertiesOutput.EXTENSION_ID.equals(key)) {
CredentialPropertiesOutput output = parser.readValueAs(CredentialPropertiesOutput.class); CredentialPropertiesOutput output = parser.readValueAs(CredentialPropertiesOutput.class);
outputs.add(output); outputs.add(output);
} }
@ -74,7 +71,9 @@ class AuthenticationExtensionsClientOutputsJackson2Deserializer
if (logger.isDebugEnabled()) { if (logger.isDebugEnabled()) {
logger.debug("Skipping unknown extension with id " + key); logger.debug("Skipping unknown extension with id " + key);
} }
parser.nextValue(); if (next.isStructStart()) {
parser.skipChildren();
}
} }
} }

41
webauthn/src/test/java/org/springframework/security/web/webauthn/jackson/Jackson2Tests.java
Unescape View File

@ -122,6 +122,47 @@ class Jackson2Tests {
assertThat(outputs).usingRecursiveComparison().isEqualTo(credProps); assertThat(outputs).usingRecursiveComparison().isEqualTo(credProps);
} }
@Test
void readAuthenticationExtensionsClientOutputsWhenAppId() throws Exception {
String json = """
{
"appid": false,
"credProps": {
"rk": false
}
}
""";
CredentialPropertiesOutput credProps = new CredentialPropertiesOutput(false);
AuthenticationExtensionsClientOutputs outputs = this.mapper.readValue(json,
AuthenticationExtensionsClientOutputs.class);
assertThat(outputs.getOutputs()).usingRecursiveFieldByFieldElementComparator().contains(credProps);
}
@Test
void readAuthenticationExtensionsClientOutputsWhenUnknownExtension() throws Exception {
String json = """
{
"unknownObject1": {
"key": "value"
},
"unknownArray": [
{ "key": "value1" },
{ "key": "value2" }
],
"credProps": {
"rk": false
},
"unknownObject2": {}
}
""";
CredentialPropertiesOutput credProps = new CredentialPropertiesOutput(false);
AuthenticationExtensionsClientOutputs outputs = this.mapper.readValue(json,
AuthenticationExtensionsClientOutputs.class);
assertThat(outputs.getOutputs()).usingRecursiveFieldByFieldElementComparator().contains(credProps);
}
@Test @Test
void readAuthenticationExtensionsClientOutputsWhenFieldAfter() throws Exception { void readAuthenticationExtensionsClientOutputsWhenFieldAfter() throws Exception {
String json = """ String json = """

Write Preview
Loading…
Cancel
Save