Description
Affects:
Spring Web 6.0.0-M6
Kotlin 1.7.10
Caused by #29068
(De-)Serialization behaviour changed (probably unintentionally when going ) due to a change in how serializer is looked up by spring web framwork, if Kotlin is used. The relevant change happened fixing issue mentioned above. Worked fine in Spring Web 6.0.0-M5 .
Contrary to what the new method name might imply, the call SerializersKt.serializerOrNull(type); does NOT always return null if no valid serializer is found, but might also throw an IllegalArgumentExcepton if the type variable is not an instance of a certain predefined type:
throw IllegalArgumentException("typeToken should be an instance of Class<?>, GenericArray, ParametrizedType or WildcardType, but actual type is $it ${it::class}")
Previously, spring used the SerializersKt.serializer(...) method and caught all exceptions. Now it no longer catches exceptions at the places where SerializersKt.serializerOrNull(type); is used.
Spring doesn't ensure that type is any of these instances before calling SerializersKt.serializerOrNull(type);, therefore this exception will get thrown and not caught (I noticed it in one of my projects when calling the HealthCheck actuator endpoint).
Potential fixes would be to roll back the above change, or still have a try/catch block, but potentially narrowed down to only cover the
SerializersKt.serializerOrNull(type); calls instead.