Fix backwards incompatibility with TokenPolicy deserialization

[#115205329] https://www.pivotaltracker.com/story/show/115205329 Signed-off-by: Madhura Bhave <mbhave@pivotal.io> Signed-off-by: Jonathan Lo <jlo@us.ibm.com>
cloudfoundry · Mar 8, 2016 · f1be853 · f1be853
1 parent c45cd30
commit f1be853
Show file tree

Hide file tree

Showing 2 changed files with 55 additions and 23 deletions.
diff --git a/model/src/main/java/org/cloudfoundry/identity/uaa/zone/TokenPolicy.java b/model/src/main/java/org/cloudfoundry/identity/uaa/zone/TokenPolicy.java
@@ -1,8 +1,12 @@
 package org.cloudfoundry.identity.uaa.zone;
 
+import com.fasterxml.jackson.annotation.JsonGetter;
+import com.fasterxml.jackson.annotation.JsonIgnore;
+import com.fasterxml.jackson.annotation.JsonIgnoreProperties;
+import com.fasterxml.jackson.annotation.JsonSetter;
 import org.springframework.util.StringUtils;
 
-import java.util.Collection;
+import java.util.HashMap;
 import java.util.Map;
 import java.util.Optional;
 import java.util.Set;
@@ -23,14 +27,29 @@
  *******************************************************************************/
 
 public class TokenPolicy {
-    private static final Collector<? super Map.Entry<String, String>, ?, ? extends Map<String, KeyInformation>> inputCollector
+    private static final Collector<? super Map.Entry<String, String>, ?, ? extends Map<String, KeyInformation>> outputCollector = Collectors.toMap(e -> e.getKey(), e -> {
-            = Collectors.toMap(e -> e.getKey(), e -> new KeyInformation(e.getValue()));
+        KeyInformation keyInformation = new KeyInformation();
-    private static final Collector<? super Map.Entry<String, KeyInformation>, ?, ? extends Map<String, String>> outputCollector
+        keyInformation.setSigningKey(e.getValue());
+        return keyInformation;
+    });
+    private static final Collector<? super Map.Entry<String, KeyInformation>, ?, ? extends Map<String, String>> inputCollector
             = Collectors.toMap(e -> e.getKey(), e -> e.getValue().getSigningKey());
 
     private int accessTokenValidity;
     private int refreshTokenValidity;
-    private Map<String, KeyInformation> keys;
+
+    @JsonGetter("keys")
+    public Map<String, KeyInformation> getKeysLegacy() {
+        Map<String, String> keys = getKeys();
+        return keys == null ? null : keys.entrySet().stream().collect(outputCollector);
+    }
+
+    @JsonSetter("keys")
+    public void setKeysLegacy(Map<String, KeyInformation> keys) {
+        setKeys(keys == null ? null : keys.entrySet().stream().collect(inputCollector));
+    }
+
+    private Map<String, String> keys;
     private String primaryKeyId;
 
     public TokenPolicy() {
@@ -64,35 +83,41 @@ public void setRefreshTokenValidity(int refreshTokenValidity) {
         this.refreshTokenValidity = refreshTokenValidity;
     }
 
-    public Map<String, String> getKeys() { return this.keys == null ? null : this.keys.entrySet().stream().collect(outputCollector); }
+    @JsonIgnore
-
+    public Map<String, String> getKeys() {
-    public static class KeyInformation {
+        return this.keys == null ? null : new HashMap<>(this.keys);
-        private final String signingKey;
-
-        public KeyInformation(String signingKey) {
-            this.signingKey = signingKey;
-        }
-
-        public String getSigningKey() {
-            return signingKey;
-        }
     }
+
+    @JsonIgnore
     public void setKeys(Map<String, String> keys) {
-        this.keys = keys == null ? null : keys.entrySet().stream().collect(inputCollector);
+        if (keys != null) {
-        if(keys != null) {
             keys.entrySet().stream().forEach(e -> {
-                if(!StringUtils.hasText(e.getValue()) || !StringUtils.hasText(e.getKey())) {
+                if (!StringUtils.hasText(e.getValue()) || !StringUtils.hasText(e.getKey())) {
                     throw new IllegalArgumentException("KeyId and Signing key should not be null or empty");
                 }
             });
             Set<String> keyIds = keys.keySet();
-            if(primaryKeyId == null || !keyIds.contains(primaryKeyId)) {
+            if (primaryKeyId == null || !keyIds.contains(primaryKeyId)) {
                 Optional<String> firstKeyId = keyIds.stream().findFirst();
-                if(firstKeyId.isPresent()) {
+                if (firstKeyId.isPresent()) {
                     primaryKeyId = firstKeyId.get();
                 }
             }
         }
+        this.keys = keys == null ? null : new HashMap<>(keys);
+    }
+
+    @JsonIgnoreProperties(ignoreUnknown = true)
+    public static class KeyInformation {
+        private String signingKey;
+
+        public String getSigningKey() {
+            return signingKey;
+        }
+
+        public void setSigningKey(String signingKey) {
+            this.signingKey = signingKey;
+        }
     }
 
     public String getPrimaryKeyId() {

diff --git a/model/src/test/java/org/cloudfoundry/identity/uaa/zone/TokenPolicyTest.java b/model/src/test/java/org/cloudfoundry/identity/uaa/zone/TokenPolicyTest.java
@@ -28,7 +28,7 @@ public void json_has_expected_properties() throws Exception {
         Map keys = (Map) properties.get("keys");
         assertNotNull(keys);
         assertEquals(keys.size(), 1);
-        assertEquals("KeyKeyKey", keys.get("aKeyId"));
+        assertEquals("KeyKeyKey", ((Map)keys.get("aKeyId")).get("signingKey"));
     }
 
     @Test(expected = IllegalArgumentException.class)
@@ -54,4 +54,11 @@ public void emptyKeyId() throws Exception {
         TokenPolicy tokenPolicy = new TokenPolicy();
         tokenPolicy.setKeys(Collections.singletonMap(" ", "signing-key"));
     }
+
+    @Test
+    public void deserializationOfTokenPolicyWithVerificationKey_doesNotFail() {
+        String jsonTokenPolicy = "{\"keys\":{\"key-id-1\":{\"verificationKey\":\"some-verification-key-1\",\"signingKey\":\"some-signing-key-1\"}}}";
+        TokenPolicy tokenPolicy = JsonUtils.readValue(jsonTokenPolicy, TokenPolicy.class);
+        assertEquals(tokenPolicy.getKeys().get("key-id-1"), "some-signing-key-1");
+    }
 }