How to deserialize JSON to objects of the correct type, without having to define the type before hand?

by

Json.NET has the ability to record the .Net object type of polymorphic types during serialization, by using the setting TypeNameHandling = TypeNameHandling.Auto. When the setting is enabled the .Net type of polymorphic objects will appear as a synthetic property called "$type", for instance:

"$type": "Newtonsoft.Json.Samples.Stockholder, Newtonsoft.Json.Tests"

However, the "$type" property is never emitted for the root object if you call the conventional methods JsonConvert.SerializeObject(Object) or JsonSerializer.Serialize(TextWriter, Object). Instead, you must use one of the serialization methods that accepts an “expected” root type, for instance SerializeObject(Object, Type, JsonSerializerSettings) or JsonSerializer.Serialize(TextWriter, Object, Type). Passing typeof(object) as the expected type guarantees the type property will appear:

var settings = new JsonSerializerSettings { TypeNameHandling = TypeNameHandling.Auto };
var json = JsonConvert.SerializeObject(rootObject, typeof(object), settings);

If you create your JSON files using this setting, the JSON itself will remember the type of object serialized. This type will be used by Json.NET during deserialization, as long as you use set TypeNameHandling to something other than TypeNameHandling.None. e.g.:

var settings = new Newtonsoft.Json.JsonSerializerSettings { TypeNameHandling = Newtonsoft.Json.TypeNameHandling.Auto };
b1 = Newtonsoft.Json.JsonConvert.DeserializeObject(fileText, settings);

Working sample .Net fiddle here.

Caveats: this way of storing .Net types in JSON is nonstandard. Other serializers such as DataContractJsonSerializer do not process type information in this format.

Note also this caution from the Newtonsoft docs:

TypeNameHandling should be used with caution when your application deserializes JSON from an external source. Incoming types should be validated with a custom SerializationBinder when deserializing with a value other than None.

For a discussion of why this may be necessary, see TypeNameHandling caution in Newtonsoft Json, How to configure Json.NET to create a vulnerable web API, and Alvaro Muñoz & Oleksandr Mirosh’s blackhat paper https://www.blackhat.com/docs/us-17/thursday/us-17-Munoz-Friday-The-13th-JSON-Attacks-wp.pdf.

More Related Contents:

  1. How can I serialize and deserialize a type with a string member that contains “raw” JSON, without escaping the JSON in the process
  2. Json.NET: Deserializing nested dictionaries
  3. NewtonSoft.Json Serialize and Deserialize class with property of type IEnumerable
  4. JSON.NET Error Self referencing loop detected for type
  5. Cannot deserialize the JSON array (e.g. [1,2,3]) into type ‘ ‘ because type requires JSON object (e.g. {“name”:”value”}) to deserialize correctly
  6. Deserializing JSON to .NET object using Newtonsoft (or LINQ to JSON maybe?)
  7. Getting ServiceStack to retain type information
  8. Detect if deserialized object is missing a field with the JsonConvert class in Json.NET
  9. Json.net serialize/deserialize derived types?
  10. How to ignore JsonProperty(PropertyName = “someName”) when serializing json?
  11. Json.Net: Serialize/Deserialize property as a value, not as an object
  12. Fastest way to serialize and deserialize .NET objects
  13. How to serialize/deserialize a custom collection with additional properties using Json.Net
  14. Deserializing JSON to abstract class
  15. Custom Deserialization using Json.NET
  16. Force JSON.NET to include milliseconds when serializing DateTime (even if ms component is zero)
  17. Handling decimal values in Newtonsoft.Json
  18. How to use default serialization in a custom System.Text.Json JsonConverter?
  19. C# automatic property deserialization of JSON
  20. Cannot deserialize the current JSON array (e.g. [1,2,3]) into type
  21. Cannot deserialize the current JSON array (e.g. [1,2,3])
  22. Repeated serialization and deserialization creates duplicate items
  23. How to prevent a single object property from being converted to a DateTime when it is a string
  24. Serializing an interface/abstract object using NewtonSoft.JSON
  25. object to deserialize has a C# keyword
  26. JSonNet boolean serialization
  27. Json.net deserialization null guid case
  28. Ignore Base Class Properties in Json.NET Serialization
  29. How to globally set default options for System.Text.Json.JsonSerializer?
  30. Json.net serialization of custom collection implementing IEnumerable

Leave a Comment