Add more missing mixins and deserializers

Author: justincranford

web/src/main/java/org/springframework/security/web/webauthn/jackson/PublicKeyCredentialCreationOptionsMixin.java

@@ -35,20 +35,21 @@
  * Jackson mixin for {@link PublicKeyCredentialCreationOptions}
  *
  * @author Rob Winch
+ * @author Justin Cranford
  * @since 6.4
  */
 public abstract class PublicKeyCredentialCreationOptionsMixin {
 	@JsonCreator
 	public PublicKeyCredentialCreationOptionsMixin(
-			@JsonProperty("rp") PublicKeyCredentialRpEntity rp,
-			@JsonProperty("user") PublicKeyCredentialUserEntity user,
-			@JsonProperty("challenge") Bytes challenge,
-			@JsonProperty("pubKeyCredParams") List<PublicKeyCredentialParameters> pubKeyCredParams,
-			@JsonProperty("timeout") Duration timeout,
-			@JsonProperty("excludeCredentials") List<PublicKeyCredentialDescriptor> excludeCredentials,
-			@JsonProperty("authenticatorSelection") AuthenticatorSelectionCriteria authenticatorSelection,
-			@JsonProperty("attestation") AttestationConveyancePreference attestation,
-			@JsonProperty("extensions") AuthenticationExtensionsClientInputs extensions
+		@JsonProperty("rp") PublicKeyCredentialRpEntity rp,
+		@JsonProperty("user") PublicKeyCredentialUserEntity user,
+		@JsonProperty("challenge") Bytes challenge,
+		@JsonProperty("pubKeyCredParams") List<PublicKeyCredentialParameters> pubKeyCredParams,
+		@JsonProperty("timeout") Duration timeout,
+		@JsonProperty("excludeCredentials") List<PublicKeyCredentialDescriptor> excludeCredentials,
+		@JsonProperty("authenticatorSelection") AuthenticatorSelectionCriteria authenticatorSelection,
+		@JsonProperty("attestation") AttestationConveyancePreference attestation,
+		@JsonProperty("extensions") AuthenticationExtensionsClientInputs extensions
 	) {
 	}
 }

web/src/main/java/org/springframework/security/web/webauthn/jackson/PublicKeyCredentialRequestOptionsDeserializer.java

@@ -16,10 +16,16 @@
 
 package org.springframework.security.web.webauthn.jackson;
 
-import com.fasterxml.jackson.annotation.JsonInclude;
-import com.fasterxml.jackson.databind.annotation.JsonDeserialize;
-import com.fasterxml.jackson.databind.annotation.JsonSerialize;
+import com.fasterxml.jackson.annotation.JsonCreator;
+import com.fasterxml.jackson.annotation.JsonProperty;
+import org.springframework.security.web.webauthn.api.AuthenticationExtensionsClientInputs;
+import org.springframework.security.web.webauthn.api.Bytes;
+import org.springframework.security.web.webauthn.api.PublicKeyCredentialDescriptor;
 import org.springframework.security.web.webauthn.api.PublicKeyCredentialRequestOptions;
+import org.springframework.security.web.webauthn.api.UserVerificationRequirement;
+
+import java.time.Duration;
+import java.util.List;
 
 /**
  * Jackson mixin for {@link PublicKeyCredentialRequestOptions}
@@ -28,8 +34,15 @@
  * @author Justin Cranford
  * @since 6.4
  */
-@JsonSerialize(using = PublicKeyCredentialRequestOptionsSerializer.class)
-@JsonDeserialize(using = PublicKeyCredentialRequestOptionsDeserializer.class)
-@JsonInclude(content = JsonInclude.Include.NON_NULL)
 class PublicKeyCredentialRequestOptionsMixin {
+	@JsonCreator
+	public PublicKeyCredentialRequestOptionsMixin(
+		@JsonProperty("challenge") Bytes challenge,
+		@JsonProperty("timeout") Duration timeout,
+		@JsonProperty("rpId") String rpId,
+		@JsonProperty("allowCredentials") List<PublicKeyCredentialDescriptor> allowCredentials,
+		@JsonProperty("userVerification") UserVerificationRequirement userVerification,
+		@JsonProperty("extensions") AuthenticationExtensionsClientInputs extensions
+	) {
+	}
 }

web/src/main/java/org/springframework/security/web/webauthn/jackson/PublicKeyCredentialRequestOptionsMixin.java

@@ -0,0 +1,21 @@
+package org.springframework.security.web.webauthn.jackson;
+
+import org.springframework.security.web.webauthn.api.AuthenticationExtensionsClientInput;
+
+// ImmutableAuthenticationExtensionsClientInputs wraps a List<AuthenticationExtensionsClientInput<T>>.
+// Since only CredProtectAuthenticationExtensionsClientInput implements AuthenticationExtensionsClientInput<T>,
+// a second class is needed to help test with two extensions.
+/**
+ * Implements <a href=
+ * "https://fidoalliance.org/specs/fido-v2.2-rd-20230321/fido-client-to-authenticator-protocol-v2.2-rd-20230321.html#sctn-minpinlength-extension">
+ * Minimum PIN Length Extension (minPinLength)</a>.
+ *
+ * @author Justin Cranford
+ * @since 6.5
+ */
+record MinPinLengthAuthenticationExtensionsClientInput(Boolean getInput) implements AuthenticationExtensionsClientInput<Boolean> {
+	@Override
+	public String getExtensionId() {
+		return "minPinLength";
+	}
+}

web/src/main/java/org/springframework/security/web/webauthn/jackson/PublicKeyCredentialRequestOptionsSerializer.java

@@ -1,7 +1,6 @@
 package org.springframework.security.web.webauthn.jackson;
 
 import org.springframework.security.web.webauthn.api.AttestationConveyancePreference;
-import org.springframework.security.web.webauthn.api.AuthenticationExtensionsClientInput;
 import org.springframework.security.web.webauthn.api.AuthenticatorAttachment;
 import org.springframework.security.web.webauthn.api.AuthenticatorSelectionCriteria;
 import org.springframework.security.web.webauthn.api.AuthenticatorTransport;
@@ -111,22 +110,4 @@ public static PublicKeyCredentialCreationOptions create() {
 			)
 			.build();
 	}
-
-	// ImmutableAuthenticationExtensionsClientInputs wraps a List<AuthenticationExtensionsClientInput<T>>.
-	// Since only CredProtectAuthenticationExtensionsClientInput implements AuthenticationExtensionsClientInput<T>,
-	// a second class is needed to help test with two extensions.
-	/**
-	 * Implements <a href=
-	 * "https://fidoalliance.org/specs/fido-v2.2-rd-20230321/fido-client-to-authenticator-protocol-v2.2-rd-20230321.html#sctn-minpinlength-extension">
-	 * Minimum PIN Length Extension (minPinLength)</a>.
-	 *
-	 * @author Justin Cranford
-	 * @since 6.5
-	 */
-	record MinPinLengthAuthenticationExtensionsClientInput(Boolean getInput) implements AuthenticationExtensionsClientInput<Boolean> {
-		@Override
-		public String getExtensionId() {
-			return "minPinLength";
-		}
-	}
 }

web/src/test/java/org/springframework/security/web/webauthn/jackson/MinPinLengthAuthenticationExtensionsClientInput.java

@@ -16,13 +16,11 @@
 
 package org.springframework.security.web.webauthn.jackson;
 
-import com.fasterxml.jackson.databind.DeserializationFeature;
 import com.fasterxml.jackson.databind.ObjectMapper;
 import com.fasterxml.jackson.databind.SerializationFeature;
 import com.fasterxml.jackson.datatype.jsr310.JavaTimeModule;
 import org.junit.jupiter.api.BeforeEach;
 import org.junit.jupiter.api.Test;
-import org.springframework.security.web.webauthn.api.ImmutablePublicKeyCredentialUserEntity;
 import org.springframework.security.web.webauthn.api.PublicKeyCredentialCreationOptions;
 
 import static org.junit.jupiter.api.Assertions.assertDoesNotThrow;
@@ -41,27 +39,23 @@ class PublicKeyCredentialCreationOptionsTests {
 	void setup() {
 		this.mapper = new ObjectMapper();
 		this.mapper.enable(SerializationFeature.INDENT_OUTPUT);
-//		this.mapper.configure(DeserializationFeature.FAIL_ON_UNKNOWN_PROPERTIES, false);
 		this.mapper.registerModule(new WebauthnJackson2Module());
-//		this.mapper.addMixin(PublicKeyCredentialRequestOptions.class, PublicKeyCredentialRequestOptionsMixin.class);
-//		this.mapper.addMixin(ImmutableAuthenticationExtensionsClientInputs.class, AuthenticationExtensionsClientInputsMixin.class);
-//		this.mapper.addMixin(AuthenticationExtensionsClientInputs.class, AuthenticationExtensionsClientInputsMixin.class);
-//		this.mapper.addMixin(AuthenticationExtensionsClientInput.class, AuthenticationExtensionsClientInputMixin.class);
-//		this.mapper.addMixin(PublicKeyCredentialDescriptor.class, PublicKeyCredentialDescriptorMixin.class);
-//		this.mapper.addMixin(CredProtectAuthenticationExtensionsClientInput.class, CredProtectAuthenticationExtensionsClientInputMixin.class);
-//		this.mapper.addMixin(CredProtect.class, CredProtectMixin.class);
 		this.mapper.registerModule(new JavaTimeModule());
 	}
 
 	@Test
 	public void testSerializeDeserialize() {
 		final PublicKeyCredentialCreationOptions given = PublicKeyCredentialCreationOptionsGivens.create();
+
 		final String serialized = assertDoesNotThrow(() -> this.mapper.writeValueAsString(given));
 		System.out.println("serialized:\n" + serialized + "\n\n");
+
 		final PublicKeyCredentialCreationOptions deserialized = assertDoesNotThrow(() -> this.mapper.readValue(serialized, PublicKeyCredentialCreationOptions.class));
 		System.out.println("deserialized:\n" + deserialized + "\n\n");
+
 		final String serializedAgain = assertDoesNotThrow(() -> this.mapper.writeValueAsString(deserialized));
 		System.out.println("serializedAgain:\n" + serializedAgain + "\n\n");
+
 		assertEquals(serialized, serializedAgain);
 	}
 }

web/src/test/java/org/springframework/security/web/webauthn/jackson/PublicKeyCredentialCreationOptionsGivens.java

@@ -16,7 +16,7 @@
 import java.util.Set;
 
 /**
- * Object for {@code PublicKeyCredentialRequestOptionsHelper}
+ * Object for {@code PublicKeyCredentialRequestOptions}
  *
  * @author Justin Cranford
  * @since 6.5
@@ -34,14 +34,40 @@ public static PublicKeyCredentialRequestOptions create() {
 					PublicKeyCredentialDescriptor.builder()
 						.id(Bytes.random())
 						.type(PublicKeyCredentialType.PUBLIC_KEY)
-						.transports(Set.of(AuthenticatorTransport.INTERNAL, AuthenticatorTransport.HYBRID))
+						.transports(Set.of(AuthenticatorTransport.USB))
+						.build(),
+					PublicKeyCredentialDescriptor.builder()
+						.id(Bytes.random())
+						.type(PublicKeyCredentialType.PUBLIC_KEY)
+						.transports(Set.of(AuthenticatorTransport.NFC))
+						.build(),
+					PublicKeyCredentialDescriptor.builder()
+						.id(Bytes.random())
+						.type(PublicKeyCredentialType.PUBLIC_KEY)
+						.transports(Set.of(AuthenticatorTransport.BLE))
+						.build(),
+					PublicKeyCredentialDescriptor.builder()
+						.id(Bytes.random())
+						.type(PublicKeyCredentialType.PUBLIC_KEY)
+						.transports(Set.of(AuthenticatorTransport.SMART_CARD))
+						.build(),
+					PublicKeyCredentialDescriptor.builder()
+						.id(Bytes.random())
+						.type(PublicKeyCredentialType.PUBLIC_KEY)
+						.transports(Set.of(AuthenticatorTransport.HYBRID))
+						.build(),
+					PublicKeyCredentialDescriptor.builder()
+						.id(Bytes.random())
+						.type(PublicKeyCredentialType.PUBLIC_KEY)
+						.transports(Set.of(AuthenticatorTransport.INTERNAL))
 						.build()
 				)
 			)
 			.userVerification(UserVerificationRequirement.PREFERRED)
 			.extensions(
 				new ImmutableAuthenticationExtensionsClientInputs(
-					new CredProtectAuthenticationExtensionsClientInput(new CredProtect(ProtectionPolicy.USER_VERIFICATION_REQUIRED, true))
+					new CredProtectAuthenticationExtensionsClientInput(new CredProtect(ProtectionPolicy.USER_VERIFICATION_REQUIRED, true)),
+					new MinPinLengthAuthenticationExtensionsClientInput(true)
 				)
 			)
 			.build();