Package com.alpaca.security.oauth2

Class AuthRequestDeserializer

java.lang.Object
com.fasterxml.jackson.databind.JsonDeserializer<org.springframework.security.oauth2.core.endpoint.OAuth2AuthorizationRequest>
com.fasterxml.jackson.databind.deser.std.StdDeserializer<org.springframework.security.oauth2.core.endpoint.OAuth2AuthorizationRequest>
com.alpaca.security.oauth2.AuthRequestDeserializer
All Implemented Interfaces:
com.fasterxml.jackson.databind.deser.NullValueProvider, com.fasterxml.jackson.databind.deser.ValueInstantiator.Gettable, Serializable
public class AuthRequestDeserializer extends com.fasterxml.jackson.databind.deser.std.StdDeserializer<org.springframework.security.oauth2.core.endpoint.OAuth2AuthorizationRequest>
Custom Jackson deserializer for OAuth2AuthorizationRequest, enabling reconstruction of authorization requests from JSON data. This is particularly useful for restoring saved OAuth2 Authorization Requests that were serialized into JSON (e.g., stored in cookies or other stateless media).

The deserializer reads a JSON object, extracts essential fields (clientId, authorizationUri, redirectUri, state), and also handles optional arrays (scopes) and maps (attributes, additionalParameters). It validates that required fields are present, and throws a JsonMappingException if any are missing.

By extending StdDeserializer, this class integrates smoothly with Jackson's deserialization pipeline. It meticulously reconstructs a fully functional OAuth2AuthorizationRequest by calling its builder.

Intended for use when the default storage (such as HTTP session) is replaced with a stateless mechanism (for example, storing requests in cookies), and you need to deserialize requests back into usable objects for the OAuth2 authorization flow.

See Also:

  • Nested Class Summary

    Nested classes/interfaces inherited from class com.fasterxml.jackson.databind.JsonDeserializer

    com.fasterxml.jackson.databind.JsonDeserializer.None

  • Field Summary

    Fields
    Modifier and Type
    Field
    Description
    private static final com.fasterxml.jackson.databind.ObjectReader
    MAP_READER
     
    private static final com.fasterxml.jackson.core.type.TypeReference<Map<String,Object>>
    MAP_TYPE
     

    Fields inherited from class com.fasterxml.jackson.databind.deser.std.StdDeserializer

    _valueClass, _valueType, F_MASK_INT_COERCIONS

  • Constructor Summary

    Constructors
    Constructor
    Description
    AuthRequestDeserializer()
    Default constructor, informing Jackson of the handled type.

  • Method Summary

    Modifier and Type
    Method
    Description
    org.springframework.security.oauth2.core.endpoint.OAuth2AuthorizationRequest
    deserialize(com.fasterxml.jackson.core.JsonParser p, com.fasterxml.jackson.databind.DeserializationContext ct)
     
    Class<org.springframework.security.oauth2.core.endpoint.OAuth2AuthorizationRequest>
    handledType()
     
    private static Set<String>
    parseScopes(com.fasterxml.jackson.core.JsonParser p)
    Parses the JSON array of scopes into a Set<String>.
    private static String
    requireField(String value, String name, com.fasterxml.jackson.core.JsonParser p)
    Validates presence of required fields.

    Methods inherited from class com.fasterxml.jackson.databind.deser.std.StdDeserializer

    _byteOverflow, _checkBooleanToStringCoercion, _checkCoercionFail, _checkDoubleSpecialValue, _checkFloatSpecialValue, _checkFloatToIntCoercion, _checkFloatToStringCoercion, _checkFromStringCoercion, _checkFromStringCoercion, _checkIntToFloatCoercion, _checkIntToStringCoercion, _checkTextualNull, _checkToStringCoercion, _coerceBooleanFromInt, _coercedTypeDesc, _coercedTypeDesc, _coerceIntegral, _deserializeFromArray, _deserializeFromEmptyString, _deserializeFromString, _deserializeWrappedValue, _findCoercionFromBlankString, _findCoercionFromEmptyArray, _findCoercionFromEmptyString, _findNullProvider, _hasTextualNull, _intOverflow, _isBlank, _isFalse, _isIntNumber, _isNaN, _isNegInf, _isPosInf, _isTrue, _neitherNull, _nonNullNumber, _parseBoolean, _parseBooleanPrimitive, _parseBytePrimitive, _parseDate, _parseDate, _parseDateFromArray, _parseDouble, _parseDouble, _parseDoublePrimitive, _parseDoublePrimitive, _parseDoublePrimitive, _parseFloatPrimitive, _parseFloatPrimitive, _parseInteger, _parseInteger, _parseIntPrimitive, _parseIntPrimitive, _parseLong, _parseLong, _parseLongPrimitive, _parseLongPrimitive, _parseShortPrimitive, _parseString, _reportFailedNullCoerce, _shortOverflow, _verifyEndArrayForSingle, _verifyNullForPrimitive, _verifyNullForPrimitiveCoercion, deserializeWithType, findContentNullProvider, findContentNullStyle, findConvertingContentDeserializer, findDeserializer, findFormatFeature, findFormatOverrides, findValueNullProvider, getValueInstantiator, getValueType, getValueType, handleMissingEndArrayForSingle, handleNestedArrayForSingle, handleUnknownProperty, isDefaultDeserializer, isDefaultKeyDeserializer

    Methods inherited from class com.fasterxml.jackson.databind.JsonDeserializer

    deserialize, deserializeWithType, findBackReference, getAbsentValue, getDelegatee, getEmptyAccessPattern, getEmptyValue, getKnownPropertyNames, getNullAccessPattern, getNullValue, getObjectIdReader, isCachable, logicalType, replaceDelegatee, supportsUpdate, unwrappingDeserializer

    Methods inherited from class java.lang.Object

    clone, equals, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

  • Field Details

    • MAP_TYPE

      private static final com.fasterxml.jackson.core.type.TypeReference<Map<String,Object>> MAP_TYPE

    • MAP_READER

      private static final com.fasterxml.jackson.databind.ObjectReader MAP_READER

  • Constructor Details

    • AuthRequestDeserializer

      public AuthRequestDeserializer()
      Default constructor, informing Jackson of the handled type.

  • Method Details

    • deserialize

      public org.springframework.security.oauth2.core.endpoint.OAuth2AuthorizationRequest deserialize(com.fasterxml.jackson.core.JsonParser p, com.fasterxml.jackson.databind.DeserializationContext ct) throws IOException
      Specified by:
      deserialize in class com.fasterxml.jackson.databind.JsonDeserializer<org.springframework.security.oauth2.core.endpoint.OAuth2AuthorizationRequest>
      Throws:
      IOException

    • requireField

      private static String requireField(String value, String name, com.fasterxml.jackson.core.JsonParser p) throws com.fasterxml.jackson.databind.JsonMappingException
      Validates presence of required fields.
      Parameters:
      value - the value to check
      name - field name
      p - current JsonParser instance
      Returns:
      the value if valid
      Throws:
      com.fasterxml.jackson.databind.JsonMappingException - if value is null

    • parseScopes

      private static Set<String> parseScopes(com.fasterxml.jackson.core.JsonParser p) throws IOException
      Parses the JSON array of scopes into a Set<String>. Skips non-string entries and returns an immutable set.
      Parameters:
      p - current JsonParser
      Returns:
      a Set of scope strings
      Throws:
      IOException - on parse error

    • handledType

      public Class<org.springframework.security.oauth2.core.endpoint.OAuth2AuthorizationRequest> handledType()
      Overrides:
      handledType in class com.fasterxml.jackson.databind.deser.std.StdDeserializer<org.springframework.security.oauth2.core.endpoint.OAuth2AuthorizationRequest>