Fix infinite recursion on object serialization

iam-login-service/src/main/java/it/infn/mw/iam/audit/events/account/multi_factor_authentication/MultiFactorEvent.java

@@ -15,13 +15,18 @@
  */
 package it.infn.mw.iam.audit.events.account.multi_factor_authentication;
 
+import com.fasterxml.jackson.databind.annotation.JsonSerialize;
+
 import it.infn.mw.iam.audit.events.account.AccountEvent;
+import it.infn.mw.iam.audit.utils.IamTotpMfaSerializer;
 import it.infn.mw.iam.persistence.model.IamAccount;
 import it.infn.mw.iam.persistence.model.IamTotpMfa;
 
 public class MultiFactorEvent extends AccountEvent {
 
   private static final long serialVersionUID = 1L;
+
+  @JsonSerialize(using=IamTotpMfaSerializer.class)
   private final IamTotpMfa totpMfa;
 
   protected MultiFactorEvent(Object source, IamAccount account, IamTotpMfa totpMfa,

iam-login-service/src/main/java/it/infn/mw/iam/audit/utils/IamTotpMfaSerializer.java

@@ -0,0 +1,40 @@
+/**
+ * Copyright (c) Istituto Nazionale di Fisica Nucleare (INFN). 2016-2021
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package it.infn.mw.iam.audit.utils;
+
+import java.io.IOException;
+
+import com.fasterxml.jackson.core.JsonGenerator;
+import com.fasterxml.jackson.databind.JsonSerializer;
+import com.fasterxml.jackson.databind.SerializerProvider;
+
+import it.infn.mw.iam.persistence.model.IamTotpMfa;
+
+public class IamTotpMfaSerializer extends JsonSerializer<IamTotpMfa> {
+
+  @Override
+  public void serialize(IamTotpMfa value, JsonGenerator gen, SerializerProvider serializers)
+      throws IOException {
+
+    gen.writeStartObject();
+    gen.writeStringField("account", value.getAccount().getUsername());
+    gen.writeStringField("creationTime", value.getCreationTime().toString());
+    gen.writeStringField("lastUpdateTime", value.getLastUpdateTime().toString());
+    gen.writeStringField("active", String.valueOf(value.isActive()));
+    gen.writeEndObject();
+  }
+
+}

iam-persistence/src/main/java/it/infn/mw/iam/persistence/model/IamAccount.java

@@ -48,7 +48,6 @@
 import javax.persistence.TemporalType;
 import javax.validation.constraints.NotNull;
 
-import com.fasterxml.jackson.annotation.JsonIgnore;
 import com.google.common.base.Preconditions;
 
 @Entity
@@ -91,7 +90,6 @@ public class IamAccount implements Serializable {
 
   @OneToOne(cascade = CascadeType.ALL)
   @JoinColumn(name = "user_info_id")
-  @JsonIgnore
   private IamUserInfo userInfo;
 
   @Temporal(TemporalType.TIMESTAMP)
@@ -105,17 +103,14 @@ public class IamAccount implements Serializable {
   private Set<IamAuthority> authorities = new HashSet<>();
 
   @OneToMany(mappedBy = "account", cascade = CascadeType.ALL, orphanRemoval = true)
-  @JsonIgnore
   private Set<IamAccountGroupMembership> groups = new HashSet<>();
 
   @OneToMany(mappedBy = "account", cascade = CascadeType.ALL, fetch = FetchType.EAGER,
       orphanRemoval = true)
-  @JsonIgnore
   private Set<IamSamlId> samlIds = new HashSet<>();
 
   @OneToMany(mappedBy = "account", cascade = CascadeType.ALL, fetch = FetchType.EAGER,
       orphanRemoval = true)
-  @JsonIgnore
   private Set<IamOidcId> oidcIds = new HashSet<>();
 
   @OneToMany(mappedBy = "account", cascade = CascadeType.ALL, fetch = FetchType.EAGER,
@@ -124,7 +119,6 @@ public class IamAccount implements Serializable {
 
   @OneToMany(mappedBy = "account", cascade = CascadeType.ALL, fetch = FetchType.EAGER,
       orphanRemoval = true)
-  @JsonIgnore
   private Set<IamX509Certificate> x509Certificates = new HashSet<>();
 
   @Column(name = "confirmation_key", unique = true, length = 36)

iam-persistence/src/main/java/it/infn/mw/iam/persistence/model/IamTotpMfa.java

@@ -23,6 +23,7 @@
 import javax.persistence.GeneratedValue;
 import javax.persistence.GenerationType;
 import javax.persistence.Id;
+import javax.persistence.JoinColumn;
 import javax.persistence.OneToOne;
 import javax.persistence.Table;
 import javax.persistence.Temporal;
@@ -38,7 +39,8 @@ public class IamTotpMfa implements Serializable {
   @GeneratedValue(strategy = GenerationType.IDENTITY)
   private Long id;
 
-  @OneToOne()
+  @OneToOne
+  @JoinColumn(name = "account_id")
   private IamAccount account;
 
   @Column(name = "secret", nullable = false)