Merge branch '6.5.x' into 7.0.x

2026-05-22 13:23:17 +00:00 · 2026-03-31 15:27:58 -06:00
parent 067f79dde5 08fca57d12
commit 43b132bec6
4 changed files with 12 additions and 0 deletions
@@ -249,6 +249,7 @@ import org.springframework.security.web.webauthn.api.AuthenticationExtensionsCli
 import org.springframework.security.web.webauthn.api.AuthenticationExtensionsClientOutputs;
 import org.springframework.security.web.webauthn.api.AuthenticatorAssertionResponse;
 import org.springframework.security.web.webauthn.api.AuthenticatorAttachment;
+import org.springframework.security.web.webauthn.api.AuthenticatorAttestationResponse;
 import org.springframework.security.web.webauthn.api.AuthenticatorTransport;
 import org.springframework.security.web.webauthn.api.Bytes;
 import org.springframework.security.web.webauthn.api.CredProtectAuthenticationExtensionsClientInput;
@@ -263,6 +264,7 @@ import org.springframework.security.web.webauthn.api.PublicKeyCredentialRequestO
 import org.springframework.security.web.webauthn.api.PublicKeyCredentialType;
 import org.springframework.security.web.webauthn.api.PublicKeyCredentialUserEntity;
 import org.springframework.security.web.webauthn.api.TestAuthenticationAssertionResponses;
+import org.springframework.security.web.webauthn.api.TestAuthenticatorAttestationResponses;
 import org.springframework.security.web.webauthn.api.TestBytes;
 import org.springframework.security.web.webauthn.api.TestPublicKeyCredentialRequestOptions;
 import org.springframework.security.web.webauthn.api.TestPublicKeyCredentialUserEntities;
@@ -858,6 +860,8 @@ final class SerializationSamples {
 		generatorByClassName.put(CredentialPropertiesOutput.class, (o) -> credentialOutput);
 		generatorByClassName.put(ImmutableAuthenticationExtensionsClientOutputs.class, (o) -> outputs);
 		generatorByClassName.put(AuthenticatorAssertionResponse.class, (r) -> response);
+		generatorByClassName.put(AuthenticatorAttestationResponse.class,
+				(r) -> TestAuthenticatorAttestationResponses.createAuthenticatorAttestationResponse().build());
 		generatorByClassName.put(RelyingPartyAuthenticationRequest.class, (r) -> authRequest);
 		generatorByClassName.put(PublicKeyCredential.class, (r) -> credential);
 		generatorByClassName.put(WebAuthnAuthenticationRequestToken.class, (r) -> requestToken);
@@ -16,6 +16,7 @@

 package org.springframework.security.saml2.provider.service.authentication;

+import java.io.Serial;
 import java.util.Collections;

 import org.springframework.security.authentication.AbstractAuthenticationToken;
@@ -33,6 +34,9 @@ import org.springframework.util.Assert;
 */
 public class Saml2AuthenticationToken extends AbstractAuthenticationToken {

+	@Serial
+	private static final long serialVersionUID = 5225098478444036532L;
+
 	private final RelyingPartyRegistration relyingPartyRegistration;

 	private final String saml2Response;
@@ -16,6 +16,7 @@

 package org.springframework.security.web.webauthn.api;

+import java.io.Serial;
 import java.util.Arrays;
 import java.util.List;

@@ -36,6 +37,9 @@ import org.jspecify.annotations.Nullable;
 */
 public final class AuthenticatorAttestationResponse extends AuthenticatorResponse {

+	@Serial
+	private static final long serialVersionUID = -1628559840895428945L;
+
 	private final Bytes attestationObject;

 	private final @Nullable List<AuthenticatorTransport> transports;