Cwikius-Spring/spring-security
1
0
Fork 0
mirror of synced 2026-05-22 21:33:16 +00:00
Code Issues Packages Projects Releases Wiki Activity

Add Missing Serialization Support

Browse Source 
Closed gh-19012

Signed-off-by: Josh Cummings <3627351+jzheaux@users.noreply.github.com>
This commit is contained in:
Josh Cummings
2026-03-31 13:56:37 -06:00
parent acabacb971
commit 08fca57d12
9 changed files with 17 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files
config/src/test/java/org/springframework/security/SerializationSamples.java
+4
View File
@@ -211,6 +211,7 @@ import org.springframework.security.web.webauthn.api.AuthenticationExtensionsCli
import org.springframework.security.web.webauthn.api.AuthenticationExtensionsClientOutputs; import org.springframework.security.web.webauthn.api.AuthenticationExtensionsClientOutputs;
import org.springframework.security.web.webauthn.api.AuthenticatorAssertionResponse; import org.springframework.security.web.webauthn.api.AuthenticatorAssertionResponse;
import org.springframework.security.web.webauthn.api.AuthenticatorAttachment; import org.springframework.security.web.webauthn.api.AuthenticatorAttachment;
import org.springframework.security.web.webauthn.api.AuthenticatorAttestationResponse;
import org.springframework.security.web.webauthn.api.AuthenticatorTransport; import org.springframework.security.web.webauthn.api.AuthenticatorTransport;
import org.springframework.security.web.webauthn.api.Bytes; import org.springframework.security.web.webauthn.api.Bytes;
import org.springframework.security.web.webauthn.api.CredProtectAuthenticationExtensionsClientInput; import org.springframework.security.web.webauthn.api.CredProtectAuthenticationExtensionsClientInput;
@@ -225,6 +226,7 @@ import org.springframework.security.web.webauthn.api.PublicKeyCredentialRequestO
import org.springframework.security.web.webauthn.api.PublicKeyCredentialType; import org.springframework.security.web.webauthn.api.PublicKeyCredentialType;
import org.springframework.security.web.webauthn.api.PublicKeyCredentialUserEntity; import org.springframework.security.web.webauthn.api.PublicKeyCredentialUserEntity;
import org.springframework.security.web.webauthn.api.TestAuthenticationAssertionResponses; import org.springframework.security.web.webauthn.api.TestAuthenticationAssertionResponses;
import org.springframework.security.web.webauthn.api.TestAuthenticatorAttestationResponses;
import org.springframework.security.web.webauthn.api.TestBytes; import org.springframework.security.web.webauthn.api.TestBytes;
import org.springframework.security.web.webauthn.api.TestPublicKeyCredentialRequestOptions; import org.springframework.security.web.webauthn.api.TestPublicKeyCredentialRequestOptions;
import org.springframework.security.web.webauthn.api.TestPublicKeyCredentialUserEntities; import org.springframework.security.web.webauthn.api.TestPublicKeyCredentialUserEntities;
@@ -654,6 +656,8 @@ final class SerializationSamples {
generatorByClassName.put(CredentialPropertiesOutput.class, (o) -> credentialOutput); generatorByClassName.put(CredentialPropertiesOutput.class, (o) -> credentialOutput);
generatorByClassName.put(ImmutableAuthenticationExtensionsClientOutputs.class, (o) -> outputs); generatorByClassName.put(ImmutableAuthenticationExtensionsClientOutputs.class, (o) -> outputs);
generatorByClassName.put(AuthenticatorAssertionResponse.class, (r) -> response); generatorByClassName.put(AuthenticatorAssertionResponse.class, (r) -> response);
generatorByClassName.put(AuthenticatorAttestationResponse.class,
(r) -> TestAuthenticatorAttestationResponses.createAuthenticatorAttestationResponse().build());
generatorByClassName.put(RelyingPartyAuthenticationRequest.class, (r) -> authRequest); generatorByClassName.put(RelyingPartyAuthenticationRequest.class, (r) -> authRequest);
generatorByClassName.put(PublicKeyCredential.class, (r) -> credential); generatorByClassName.put(PublicKeyCredential.class, (r) -> credential);
generatorByClassName.put(WebAuthnAuthenticationRequestToken.class, (r) -> requestToken); generatorByClassName.put(WebAuthnAuthenticationRequestToken.class, (r) -> requestToken);
config/src/test/resources/serialized/6.5.x/org.springframework.security.web.webauthn.api.AuthenticatorAttestationResponse.serialized
BIN
View File
Binary file not shown.
core/src/main/java/org/springframework/security/authorization/method/ExpressionAttributeAuthorizationDecision.java
+1
View File
@@ -28,6 +28,7 @@ import org.springframework.security.authorization.AuthorizationDecision;
* instead * instead
*/ */
@Deprecated @Deprecated
@SuppressWarnings("serial")
public class ExpressionAttributeAuthorizationDecision extends AuthorizationDecision { public class ExpressionAttributeAuthorizationDecision extends AuthorizationDecision {
private final ExpressionAttribute expressionAttribute; private final ExpressionAttribute expressionAttribute;
oauth2/oauth2-client/src/main/java/org/springframework/security/oauth2/client/web/OAuth2AuthorizationRequestRedirectFilter.java
+1
View File
@@ -269,6 +269,7 @@ public class OAuth2AuthorizationRequestRedirectFilter extends OncePerRequestFilt
} }
@SuppressWarnings("serial")
private static final class OAuth2AuthorizationRequestException extends AuthenticationException { private static final class OAuth2AuthorizationRequestException extends AuthenticationException {
OAuth2AuthorizationRequestException(Throwable cause) { OAuth2AuthorizationRequestException(Throwable cause) {
oauth2/oauth2-jose/src/main/java/org/springframework/security/oauth2/jwt/DPoPProofJwtDecoderFactory.java
+1
View File
@@ -185,6 +185,7 @@ public final class DPoPProofJwtDecoderFactory implements JwtDecoderFactory<DPoPP
return Base64.getUrlEncoder().withoutPadding().encodeToString(digest); return Base64.getUrlEncoder().withoutPadding().encodeToString(digest);
} }
@SuppressWarnings("serial")
private static final class JtiCache extends LinkedHashMap<String, Long> { private static final class JtiCache extends LinkedHashMap<String, Long> {
private static final int MAX_SIZE = 1000; private static final int MAX_SIZE = 1000;
saml2/saml2-service-provider/src/main/java/org/springframework/security/saml2/provider/service/authentication/Saml2AuthenticationToken.java
+4
View File
@@ -16,6 +16,7 @@
package org.springframework.security.saml2.provider.service.authentication; package org.springframework.security.saml2.provider.service.authentication;
import java.io.Serial;
import java.util.Collections; import java.util.Collections;
import org.springframework.security.authentication.AbstractAuthenticationToken; import org.springframework.security.authentication.AbstractAuthenticationToken;
@@ -33,6 +34,9 @@ import org.springframework.util.Assert;
*/ */
public class Saml2AuthenticationToken extends AbstractAuthenticationToken { public class Saml2AuthenticationToken extends AbstractAuthenticationToken {
@Serial
private static final long serialVersionUID = 5225098478444036532L;
private final RelyingPartyRegistration relyingPartyRegistration; private final RelyingPartyRegistration relyingPartyRegistration;
private final String saml2Response; private final String saml2Response;
saml2/saml2-service-provider/src/main/java/org/springframework/security/saml2/provider/service/registration/OpenSamlRelyingPartyRegistration.java
+1
View File
@@ -42,6 +42,7 @@ import org.springframework.security.saml2.core.Saml2X509Credential;
* </pre> * </pre>
*/ */
@Deprecated @Deprecated
@SuppressWarnings("serial")
public final class OpenSamlRelyingPartyRegistration extends RelyingPartyRegistration { public final class OpenSamlRelyingPartyRegistration extends RelyingPartyRegistration {
OpenSamlRelyingPartyRegistration(RelyingPartyRegistration registration) { OpenSamlRelyingPartyRegistration(RelyingPartyRegistration registration) {
web/src/main/java/org/springframework/security/web/access/expression/WebExpressionConfigAttribute.java
+1
View File
@@ -32,6 +32,7 @@ import org.springframework.security.web.FilterInvocation;
* {@link AuthorizationManager}. * {@link AuthorizationManager}.
*/ */
@Deprecated @Deprecated
@SuppressWarnings("serial")
class WebExpressionConfigAttribute implements ConfigAttribute, EvaluationContextPostProcessor<FilterInvocation> { class WebExpressionConfigAttribute implements ConfigAttribute, EvaluationContextPostProcessor<FilterInvocation> {
private final Expression authorizeExpression; private final Expression authorizeExpression;
web/src/main/java/org/springframework/security/web/webauthn/api/AuthenticatorAttestationResponse.java
+4
View File
@@ -16,6 +16,7 @@
package org.springframework.security.web.webauthn.api; package org.springframework.security.web.webauthn.api;
import java.io.Serial;
import java.util.Arrays; import java.util.Arrays;
import java.util.List; import java.util.List;
@@ -34,6 +35,9 @@ import java.util.List;
*/ */
public final class AuthenticatorAttestationResponse extends AuthenticatorResponse { public final class AuthenticatorAttestationResponse extends AuthenticatorResponse {
@Serial
private static final long serialVersionUID = -1628559840895428945L;
private final Bytes attestationObject; private final Bytes attestationObject;
private final List<AuthenticatorTransport> transports; private final List<AuthenticatorTransport> transports;