Add de-serializer configuration so that you can de-serialize this w/ any Jackson ObjectMapper w/out having to register the handlers yourself.

Author: robotdan

.gitignore

@@ -2,4 +2,5 @@ build
 *.iws
 .idea
 target
-.DS_Store
+.DS_Store
+.savant/cache

CHANGES

@@ -1,5 +1,10 @@
 FusionAuth JWT Changes
 
+Changes in 5.2.4
+
+ * Bind a deserializer using @JsonDeserialize the JWT object for all ZoneDateTime objects. This allows
+   you to use any Jackson Object Mapper w/out explicitly binding these deserializers.
+
 Changes in 5.2.3
 
  * Upgraded Jackson Core to 2.14.0

README.md

@@ -41,23 +41,23 @@ We are very interested in compensating anyone that can identify a security relat
 <dependency>
   <groupId>io.fusionauth</groupId>
   <artifactId>fusionauth-jwt</artifactId>
-  <version>5.2.3</version>
+  <version>5.2.4</version>
 </dependency>
  ```
 
 ### Gradle
 ```groovy
-implementation 'io.fusionauth:fusionauth-jwt:5.2.3'
+implementation 'io.fusionauth:fusionauth-jwt:5.2.4'
 ```
 
 ### Gradle Kotlin
 ```kotlin
-implementation("io.fusionauth:fusionauth-jwt:5.2.3")
+implementation("io.fusionauth:fusionauth-jwt:5.2.4")
 ```
 
 ### Savant 
 ```groovy
-dependency(id: "io.fusionauth:fusionauth-jwt:5.2.3")
+dependency(id: "io.fusionauth:fusionauth-jwt:5.2.4")
 ```
 
 For others see [https://search.maven.org](https://search.maven.org/artifact/io.fusionauth/fusionauth-jwt/4.0.1/jar).

build.savant

@@ -16,7 +16,7 @@
 
 jacksonVersion = "2.14.0"
 
-project(group: "io.fusionauth", name: "fusionauth-jwt", version: "5.2.3", licenses: ["ApacheV2_0"]) {
+project(group: "io.fusionauth", name: "fusionauth-jwt", version: "5.2.4", licenses: ["ApacheV2_0"]) {
 
   workflow {
     fetch {

src/main/java/io/fusionauth/jwt/domain/JWT.java

@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2016-2022, FusionAuth, All Rights Reserved
+ * Copyright (c) 2016-2023, FusionAuth, All Rights Reserved
  *
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
@@ -20,11 +20,13 @@
 import com.fasterxml.jackson.annotation.JsonAnySetter;
 import com.fasterxml.jackson.annotation.JsonIgnore;
 import com.fasterxml.jackson.annotation.JsonProperty;
+import com.fasterxml.jackson.databind.annotation.JsonDeserialize;
 import com.fasterxml.jackson.databind.annotation.JsonSerialize;
 import io.fusionauth.jwt.JWTDecoder;
 import io.fusionauth.jwt.JWTEncoder;
 import io.fusionauth.jwt.TimeMachineJWTDecoder;
 import io.fusionauth.jwt.json.Mapper;
+import io.fusionauth.jwt.json.ZonedDateTimeDeserializer;
 import io.fusionauth.jwt.json.ZonedDateTimeSerializer;
 
 import java.math.BigDecimal;
@@ -71,6 +73,7 @@ public class JWT {
    * processing. The expiration time is expected to provided in UNIX time, or the number of seconds since Epoch.
    */
   @JsonProperty("exp")
+  @JsonDeserialize(using = ZonedDateTimeDeserializer.class)
   @JsonSerialize(using = ZonedDateTimeSerializer.class)
   public ZonedDateTime expiration;
 
@@ -81,6 +84,7 @@ public class JWT {
    * UNIX time, or the number of seconds since Epoch.
    */
   @JsonProperty("iat")
+  @JsonDeserialize(using = ZonedDateTimeDeserializer.class)
   @JsonSerialize(using = ZonedDateTimeSerializer.class)
   public ZonedDateTime issuedAt;
 
@@ -97,9 +101,10 @@ public class JWT {
    * Registered Claim <code>nbf</code> as defined by RFC 7519 Section 4.1.5. Use of this claim is OPTIONAL.
    * <p>
    * This claim identifies the time before which the JWT MUST NOT be accepted for processing. The not before value is
-   * expected to provided in UNIX time, or the number of seconds since Epoch.
+   * expected to be provided in UNIX time, or the number of seconds since Epoch.
    */
   @JsonProperty("nbf")
+  @JsonDeserialize(using = ZonedDateTimeDeserializer.class)
   @JsonSerialize(using = ZonedDateTimeSerializer.class)
   public ZonedDateTime notBefore;