Globally configured serializer context

Contributed by
Antoine Bluchet
in #38542.

The Serializer context controls the (de)serialization of resources. In current Symfony versions, this context is passed to all normalizers. In Symfony 5.4 we're improving the Serializer component configuration to allow you configure the default context globally. For example:

1
2
3
4

# config/packages/serializer.yaml
serializer:
    default_context:
        enable_max_depth: true

This example shows the YAML configuration, but you can also use XML and PHP.

Custom serializer for Symfony Messenger

Contributed by
Mathieu Santostefano
in #42257.

JSON-encoded messages consumed by Symfony Messenger are expected to have the following structure:

1
2
3
4
5
6

{
    "message": {
        "body": {},
        "headers": []
    }
}

However, when consuming messages generated by different third-parties, you won't get that message structure. That's why in Symfony 5.4 you can use your own serializer to JSON-decode messages.

Collect Denormalization Type Errors

Contributed by
Grégoire Pineau
in #42502.

In previous Serializer versions, when using typed PHP properties you could see errors in certain situations. For example, consider the following simple DTO:

1
2
3
4
5
6

class MyDto
{
    public string $property1;
    public int $property2;
    public array $property3;
}

If your JSON data is like the following:

1
2
3
4
5

{
    "property1": null,
    "property2": 7,
    "property3": []
}

When trying to deserialize that data you'll see a 500 error because the type of property1 is string and you're passing a null value. In Symfony 5.4 we've improved this behavior thanks to the new COLLECT_DENORMALIZATION_ERRORS option.

If you pass that option, the PHP exception will include the detailed list of errors. Then you can process it like in the following example that handles some API:

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24

#[Route('/api', methods:['POST'])]
public function apiPost(SerializerInterface $serializer, Request $request): Response
{
    try {
       $dto = $serializer->deserialize($request->getContent(), MyDto::class, 'json', [
            DenormalizerInterface::COLLECT_DENORMALIZATION_ERRORS => true,
        ]);
    } catch (PartialDenormalizationException $e) {
        $violations = new ConstraintViolationList();
        /** @var NotNormalizableValueException */
        foreach ($e->getErrors() as $exception) {
            $message = sprintf('The type must be one of "%s" ("%s" given).', implode(', ', $exception->getExpectedTypes()), $exception->getCurrentType());
            $parameters = [];
            if ($exception->canUseMessageForUser()) {
                $parameters['hint'] = $exception->getMessage();
            }
            $violations->add(new ConstraintViolation($message, '', $parameters, null, $exception->getPath(), null));
        };

        return $this->json($violations, 400);
    }

    return $this->json($dto);
}