Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Support round trip serialization of AuthenticationProperties with System.Text.Json #31330

Merged
merged 3 commits into from
Mar 31, 2021
Merged

Support round trip serialization of AuthenticationProperties with System.Text.Json #31330

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
3 commits
Select commit Hold shift + click to select a range
bf81ce3
Support roundtrip serialization with S.T.Json
martincostello Mar 28, 2021
89e21ba
Refactor test
martincostello Mar 28, 2021
51a7085
Add comment for clarity
martincostello Mar 29, 2021
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
2 changes: 2 additions & 0 deletions src/Http/Authentication.Abstractions/src/AuthenticationProperties.cs
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -4,6 +4,7 @@
using System;
using System.Collections.Generic;
using System.Globalization;
using System.Text.Json.Serialization;

namespace Microsoft.AspNetCore.Authentication
{
Expand All @@ -30,6 +31,7 @@ public AuthenticationProperties()
/// Initializes a new instance of the <see cref="AuthenticationProperties"/> class.
/// </summary>
/// <param name="items">State values dictionary to use.</param>
[JsonConstructor]
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Why this one?

Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I went with this one as the comment on the Parameters property said it wasn't intended to be used for serialisation/persistence.

I did consider adding [JsonIgnore] to that property, but adding the attribute here had the same effect.

public AuthenticationProperties(IDictionary<string, string?> items)
: this(items, parameters: null)
{ }
Expand Down
37 changes: 37 additions & 0 deletions src/Http/Authentication.Core/test/AuthenticationPropertiesTests.cs
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -2,6 +2,7 @@
using System.Collections.Generic;
using System.Globalization;
using System.Linq;
using System.Text.Json;
using Xunit;

namespace Microsoft.AspNetCore.Authentication.Core.Test
Expand Down Expand Up @@ -302,6 +303,42 @@ public void GetBool()
Assert.Equal("BAR", props.Items["foo"]);
}

[Fact]
public void Roundtrip_Serializes_With_SystemTextJson()
{
var props = new AuthenticationProperties()
{
AllowRefresh = true,
ExpiresUtc = new DateTimeOffset(2021, 03, 28, 13, 47, 00, TimeSpan.Zero),
IssuedUtc = new DateTimeOffset(2021, 03, 28, 12, 47, 00, TimeSpan.Zero),
IsPersistent = true,
RedirectUri = "/foo/bar"
};

props.Items.Add("foo", "bar");

props.Parameters.Add("baz", "quux");

var json = JsonSerializer.Serialize(props);
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Can you give a quick example of the serialized output? I want to make sure it doesn't contain the Parameters collection. This test only verifies the that the Parameters are not deserialized.

Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Sure - will post something shortly.

Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

So .NET 5.0 and this PR serialize it like this:

{
  "Items": {
    ".refresh": "True",
    ".expires": "Sun, 28 Mar 2021 13:47:00 GMT",
    ".issued": "Sun, 28 Mar 2021 12:47:00 GMT",
    ".persistent": "",
    ".redirect": "/foo/bar",
    "foo": "bar"
  },
  "Parameters": {
    "baz": "quux"
  },
  "IsPersistent": true,
  "RedirectUri": "/foo/bar",
  "IssuedUtc": "2021-03-28T12:47:00+00:00",
  "ExpiresUtc": "2021-03-28T13:47:00+00:00",
  "AllowRefresh": true
}

If I add [JsonIgnore] to Parameters, then I get this:

{
  "Items": {
    ".refresh": "True",
    ".expires": "Sun, 28 Mar 2021 13:47:00 GMT",
    ".issued": "Sun, 28 Mar 2021 12:47:00 GMT",
    ".persistent": "",
    ".redirect": "/foo/bar",
    "foo": "bar"
  },
  "IsPersistent": true,
  "RedirectUri": "/foo/bar",
  "IssuedUtc": "2021-03-28T12:47:00+00:00",
  "ExpiresUtc": "2021-03-28T13:47:00+00:00",
  "AllowRefresh": true
}

Would you like me to open a PR to explicitly exclude Parameters from the serialized payload?

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Yes please.

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Actually, we should take this further and avoid serializing any of the properties, only the Items.

Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

#31414

var deserialized = JsonSerializer.Deserialize<AuthenticationProperties>(json);

Assert.NotNull(deserialized);

Assert.Equal(props.AllowRefresh, deserialized!.AllowRefresh);
Assert.Equal(props.ExpiresUtc, deserialized.ExpiresUtc);
Assert.Equal(props.IssuedUtc, deserialized.IssuedUtc);
Assert.Equal(props.IsPersistent, deserialized.IsPersistent);
Assert.Equal(props.RedirectUri, deserialized.RedirectUri);

Assert.NotNull(deserialized.Items);
Assert.True(deserialized.Items.ContainsKey("foo"));
Assert.Equal(props.Items["foo"], deserialized.Items["foo"]);

// Ensure that parameters are not round-tripped
Assert.NotNull(deserialized.Parameters);
HaoK marked this conversation as resolved.
Show resolved Hide resolved
Assert.Equal(0, deserialized.Parameters.Count);
}

public class MyAuthenticationProperties : AuthenticationProperties
{
public new DateTimeOffset? GetDateTimeOffset(string key)
Expand Down