Implement to/fromJson methods in PublicKeyCredentialCreationOptions and AssertionRequest

emlun · emlun · commit 0763da990a06 · 2021-09-28T20:33:33.000+02:00
diff --git a/NEWS b/NEWS
@@ -39,6 +39,10 @@ New features:
   `PublicKeyCredentialRequestOptions.toCredentialsGetJson()` and
   `AssertionRequest.toCredentialsGetJson()` for serializing to JSON without
   having to use Jackson directly.
+* Added methods `PublicKeyCredentialCreationOptions.toJson()` and
+  `.fromJson(String)` suitable for encoding to and decoding from JSON.
+* Added methods `AssertionRequest.toJson()` and `.fromJson(String)` suitable for
+  encoding to and decoding from JSON.
 
 Fixes:
 
diff --git a/webauthn-server-core/src/main/java/com/yubico/webauthn/AssertionRequest.java b/webauthn-server-core/src/main/java/com/yubico/webauthn/AssertionRequest.java
@@ -27,6 +27,7 @@
 import com.fasterxml.jackson.annotation.JsonCreator;
 import com.fasterxml.jackson.annotation.JsonProperty;
 import com.fasterxml.jackson.core.JsonProcessingException;
+import com.yubico.internal.util.JacksonCodecs;
 import com.yubico.webauthn.data.ByteArray;
 import com.yubico.webauthn.data.PublicKeyCredentialRequestOptions;
 import java.util.Optional;
@@ -101,12 +102,36 @@ public String toCredentialsGetJson() throws JsonProcessingException {
     return publicKeyCredentialRequestOptions.toCredentialsGetJson();
   }
 
+  /**
+   * Encode this {@link AssertionRequest} to JSON. The inverse of {@link #fromJson(String)}.
+   *
+   * <p>This method is suitable for encoding the {@link AssertionRequest} for temporary storage so
+   * that it can later be passed as an argument to {@link
+   * RelyingParty#finishAssertion(FinishAssertionOptions)}. The {@link #fromJson(String)} factory
+   * function is guaranteed to restore an identical {@link AssertionRequest} instance.
+   *
+   * <p>Note that encoding might not be needed if you can simply keep the {@link AssertionRequest}
+   * instance in server memory.
+   *
+   * @return this {@link AssertionRequest} encoded to JSON.
+   * @throws JsonProcessingException
+   */
   public String toJson() throws JsonProcessingException {
-    return "";
+    return JacksonCodecs.json().writeValueAsString(this);
   }
 
+  /**
+   * Decode an {@link AssertionRequest} from JSON. The inverse of {@link #toJson()}.
+   *
+   * <p>If the JSON was generated by the {@link #toJson()} method, then {@link #fromJson(String)} in
+   * the same library version guarantees to restore an identical {@link AssertionRequest} instance.
+   * This is not guaranteed between different library versions.
+   *
+   * @return a {@link AssertionRequest} decoded from the input JSON.
+   * @throws JsonProcessingException
+   */
   public static AssertionRequest fromJson(String json) throws JsonProcessingException {
-    return null;
+    return JacksonCodecs.json().readValue(json, AssertionRequest.class);
   }
 
   public static AssertionRequestBuilder.MandatoryStages builder() {
diff --git a/webauthn-server-core/src/main/java/com/yubico/webauthn/data/PublicKeyCredentialCreationOptions.java b/webauthn-server-core/src/main/java/com/yubico/webauthn/data/PublicKeyCredentialCreationOptions.java
@@ -31,6 +31,8 @@
 import com.fasterxml.jackson.databind.node.ObjectNode;
 import com.yubico.internal.util.CollectionUtil;
 import com.yubico.internal.util.JacksonCodecs;
+import com.yubico.webauthn.FinishRegistrationOptions;
+import com.yubico.webauthn.RelyingParty;
 import java.util.List;
 import java.util.Optional;
 import java.util.Set;
@@ -169,12 +171,41 @@ public String toCredentialsCreateJson() throws JsonProcessingException {
     return json.writeValueAsString(result);
   }
 
+  /**
+   * Encode this {@link PublicKeyCredentialCreationOptions} to JSON. The inverse of {@link
+   * #fromJson(String)}.
+   *
+   * <p>This method is suitable for encoding the {@link PublicKeyCredentialCreationOptions} for
+   * temporary storage so that it can later be passed as an argument to {@link
+   * RelyingParty#finishRegistration(FinishRegistrationOptions)}. The {@link #fromJson(String)}
+   * factory function is guaranteed to restore an identical {@link
+   * PublicKeyCredentialCreationOptions} instance.
+   *
+   * <p>Note that encoding might not be needed if you can simply keep the {@link
+   * PublicKeyCredentialCreationOptions} instance in server memory.
+   *
+   * @return this {@link PublicKeyCredentialCreationOptions} encoded to JSON.
+   * @throws JsonProcessingException
+   */
   public String toJson() throws JsonProcessingException {
-    return "";
+    return JacksonCodecs.json().writeValueAsString(this);
   }
 
-  public static PublicKeyCredentialCreationOptions fromJson(String json) throws JsonProcessingException {
-    return null;
+  /**
+   * Decode an {@link PublicKeyCredentialCreationOptions} from JSON. The inverse of {@link
+   * #toJson()}.
+   *
+   * <p>If the JSON was generated by the {@link #toJson()} method, then {@link #fromJson(String)} in
+   * the same library version guarantees to restore an identical {@link
+   * PublicKeyCredentialCreationOptions} instance. This is not guaranteed between different library
+   * versions.
+   *
+   * @return a {@link PublicKeyCredentialCreationOptions} decoded from the input JSON.
+   * @throws JsonProcessingException
+   */
+  public static PublicKeyCredentialCreationOptions fromJson(String json)
+      throws JsonProcessingException {
+    return JacksonCodecs.json().readValue(json, PublicKeyCredentialCreationOptions.class);
   }
 
   public Optional<Long> getTimeout() {
