Make WebAuthenticationDetails constructor public

Closes gh-10564
4 years ago · d6cbacb27a
2 changed files with 14 additions and 4 deletions
--- a/web/src/main/java/org/springframework/security/web/authentication/WebAuthenticationDetails.java
+++ b/web/src/main/java/org/springframework/security/web/authentication/WebAuthenticationDetails.java
@ -43,9 +43,7 @@ public class WebAuthenticationDetails implements Serializable {
				@@ -43,9 +43,7 @@ public class WebAuthenticationDetails implements Serializable {
 	 * @param request that the authentication request was received from
 	 */
 	public WebAuthenticationDetails(HttpServletRequest request) {
-		this.remoteAddress = request.getRemoteAddr();
-		HttpSession session = request.getSession(false);
-		this.sessionId = (session != null) ? session.getId() : null;
+		this(request.getRemoteAddr(), extractSessionId(request));
 	}

 	/**
@ -53,11 +51,16 @@ public class WebAuthenticationDetails implements Serializable {
				@@ -53,11 +51,16 @@ public class WebAuthenticationDetails implements Serializable {
 	 * @param remoteAddress remote address of current request
 	 * @param sessionId session id
 	 */
-	private WebAuthenticationDetails(final String remoteAddress, final String sessionId) {
+	public WebAuthenticationDetails(String remoteAddress, String sessionId) {
 		this.remoteAddress = remoteAddress;
 		this.sessionId = sessionId;
 	}

+	private static String extractSessionId(HttpServletRequest request) {
+		HttpSession session = request.getSession(false);
+		return (session != null) ? session.getId() : null;
+	}
+
 	@Override
 	public boolean equals(Object obj) {
 		if (obj instanceof WebAuthenticationDetails) {
--- a/web/src/test/java/org/springframework/security/web/jackson2/WebAuthenticationDetailsMixinTests.java
+++ b/web/src/test/java/org/springframework/security/web/jackson2/WebAuthenticationDetailsMixinTests.java
@ -64,6 +64,13 @@ public class WebAuthenticationDetailsMixinTests extends AbstractMixinTests {
				@@ -64,6 +64,13 @@ public class WebAuthenticationDetailsMixinTests extends AbstractMixinTests {
 		JSONAssert.assertEquals(AUTHENTICATION_DETAILS_JSON, actualJson, true);
 	}

+	@Test
+	public void webAuthenticationDetailsJackson2SerializeTest() throws JsonProcessingException, JSONException {
+		WebAuthenticationDetails details = new WebAuthenticationDetails("/localhost", "1");
+		String actualJson = this.mapper.writeValueAsString(details);
+		JSONAssert.assertEquals(AUTHENTICATION_DETAILS_JSON, actualJson, true);
+	}
+
 	@Test
 	public void webAuthenticationDetailsDeserializeTest() throws IOException {
 		WebAuthenticationDetails details = this.mapper.readValue(AUTHENTICATION_DETAILS_JSON,