From 0b9a16e74f1aef687dc1dd397b0b8495ef64a1af Mon Sep 17 00:00:00 2001
From: Thomas <>
Date: Tue, 6 Jun 2023 08:21:12 +0200
Subject: fix(core): add some more allowed classes to Exception
 deserialization.

---
 .../eaaf/core/impl/data/ExceptionContainer.java    |  3 ++-
 .../test/utils/EaafSerializationUtilsTest.java     | 29 ++++++++++++++++++++++
 2 files changed, 31 insertions(+), 1 deletion(-)

(limited to 'eaaf_core_utils')

diff --git a/eaaf_core_utils/src/main/java/at/gv/egiz/eaaf/core/impl/data/ExceptionContainer.java b/eaaf_core_utils/src/main/java/at/gv/egiz/eaaf/core/impl/data/ExceptionContainer.java
index 586e819d..e7f952e4 100644
--- a/eaaf_core_utils/src/main/java/at/gv/egiz/eaaf/core/impl/data/ExceptionContainer.java
+++ b/eaaf_core_utils/src/main/java/at/gv/egiz/eaaf/core/impl/data/ExceptionContainer.java
@@ -56,7 +56,8 @@ public class ExceptionContainer implements Serializable {
   private static final long serialVersionUID = 5355860753609684995L;
 
   private static final Set<Class<?>> ALLOWED_CLASS_TYPES = Stream.of(
-      Throwable.class, StackTraceElement.class, StackTraceElement[].class, Collections.EMPTY_LIST.getClass())
+      Throwable.class, StackTraceElement.class, StackTraceElement[].class, Collections.EMPTY_LIST.getClass(),
+      Integer.class, Long.class, Double.class, Float.class, String.class, Number.class)
       .collect(Collectors.toUnmodifiableSet());
       
   /**
diff --git a/eaaf_core_utils/src/test/java/at/gv/egiz/eaaf/core/test/utils/EaafSerializationUtilsTest.java b/eaaf_core_utils/src/test/java/at/gv/egiz/eaaf/core/test/utils/EaafSerializationUtilsTest.java
index 3535b217..898b336a 100644
--- a/eaaf_core_utils/src/test/java/at/gv/egiz/eaaf/core/test/utils/EaafSerializationUtilsTest.java
+++ b/eaaf_core_utils/src/test/java/at/gv/egiz/eaaf/core/test/utils/EaafSerializationUtilsTest.java
@@ -158,6 +158,35 @@ public class EaafSerializationUtilsTest {
 
   }
 
+  @Test
+  public void typeModeWithExceptionsAndParams() {
+    EaafException error1 = new EaafException(rand());
+    EaafAuthenticationException error2 = new EaafAuthenticationException(rand(),
+        new Object[] {
+            Integer.valueOf(17),
+            String.valueOf(17.1),
+            Float.valueOf("18.3")
+        },
+        error1);
+
+    byte[] object = EaafSerializationUtils.serialize(error2);
+
+    // check if less allowed classes throw a deserialization exception
+    assertThrows(IllegalArgumentException.class, () -> EaafSerializationUtils.typeSpecificDeserialize(
+        object, Sets.newHashSet(Throwable.class), Throwable.class));
+    assertThrows(IllegalArgumentException.class, () -> EaafSerializationUtils.typeSpecificDeserialize(
+        object, Sets.newHashSet(Throwable.class, StackTraceElement[].class, StackTraceElement.class),
+        Throwable.class));
+
+    // minimum allowed classes to de-serialize an Throwable
+    assertNotNull(EaafSerializationUtils.typeSpecificDeserialize(
+        object, Sets.newHashSet(Throwable.class, StackTraceElement[].class,
+            StackTraceElement.class, Collections.EMPTY_LIST.getClass(),
+            Integer.class, Long.class, Double.class, Float.class, String.class, Number.class),
+        Throwable.class));
+
+  }
+
   private String rand() {
     return RandomStringUtils.randomAlphanumeric(10);
   }
-- 
cgit v1.2.3