serialization - JSON deserialization of derived types

Question

class Attribute1
{
}

class Attribute2 : Attribute1
{
}
class class1
{
    Attribute1 attr1;
}

class class2  : class1
{
    Attribute2 attr2;
}


var serializerSettings = new JsonSerializerSettings(){TypeNameHandling = TypeNameHandling.Objects};
class2 a = SomeValidObjectoftype Class2;
string serializedClass2 = JsonConvert.SerializeObject(a, serializerSettings);
var am =  JsonConvert.DeserializeObject<Class2>(serializedClass1);

All the above are JSON properties and objects. What I am trying to do is serialize and deserialize and not lose the type. While deserializing I lose the type of am.attr2. Currently it is coming back as Attribute1. I want it as Attribute2. Is that possible? If so could someone point me to the right way of doing it. I included SerializationSettings and still hit the same issue.

Answer 1

You have to pass TypeNameHandling = TypeNameHandling.Objects (or All or Auto) when deserializing as well as serializing:

var am =  JsonConvert.DeserializeObject<Class2>(serializedClass1, serializerSettings );

I believe this is for security reasons: it means that an unexpected type cannot be injected during deserialization using default settings. From the docs:

TypeNameHandling should be used with caution when your application deserializes JSON from an external source. Incoming types should be validated with a custom SerializationBinder when deserializing with a value other than TypeNameHandling.None.

For a discussion of the need for this caution see TypeNameHandling caution in Newtonsoft Json.

Sample fiddle.