Error on serialization with @JsonIdentityInfo on partial encrypted class #4
Description
Hi!
I have a class which has some properties annotated with @Encrypt.
Also I want to use @JsonIdentityInfo(generator = JSOGGenerator.class) annotation on classes to handle potential circular references and also minimising JSON output.
However the conjunction may result in Objects whcih have id X to be decrypted, and later be referenced by another cleartext property as "@ref":X. This reference cannot be resolved until deserialized.
Since the encrypted part should not be accesible /manipulatable in the frontend (e.g. a browser) but the visible properties of the response should be visible this is an issue.
{
"@id" : "1",
"somEncryptedProperty" : {
"iv" : "OgEe3ag[....]sbQ==",
"salt" : "gHnRbP[....]41MpFOgA=",
"value" : "m/Xw9/hMG4[....]WO58LYVrDsmU="
},
"broken_visibleProperty" : {
"@ref" : "5"
},
"somOtherEncryptedThing" : {
"iv" : "OgEe[....]EnsbQ==",
"salt" : "H8N[....]pFOgA=",
"value" : "ltDDA/RnYT9szpCZklXYwA8XbQ0Rcvtxy1sV[....]3PzVXs"
},
"somthing_visible" : {
"@id" : "7",
"event" : null,
"id" : "_eeClIR47EemIFYn30KSx0A",
"inputs" : { }
}
}