From d04f7071c27398543206ef040696a65e54965f16 Mon Sep 17 00:00:00 2001
From: Josh Cummings <3627351+jzheaux@users.noreply.github.com>
Date: Mon, 5 May 2025 12:43:08 -0600
Subject: [PATCH] Add Missing Serialization Samples

Closes gh-17038
---
 ...ringSecurityCoreVersionSerializableTests.java |  13 +++++++++++++
 ...uth2AuthorizedClientRefreshedEvent.serialized | Bin 0 -> 3632 bytes
 ...ation.event.OidcUserRefreshedEvent.serialized | Bin 0 -> 3770 bytes
 ...entication.DPoPAuthenticationToken.serialized | Bin 0 -> 756 bytes
 .../event/AuthorizationGrantedEvent.java         |   1 -
 5 files changed, 13 insertions(+), 1 deletion(-)
 create mode 100644 config/src/test/resources/serialized/6.5.x/org.springframework.security.oauth2.client.event.OAuth2AuthorizedClientRefreshedEvent.serialized
 create mode 100644 config/src/test/resources/serialized/6.5.x/org.springframework.security.oauth2.client.oidc.authentication.event.OidcUserRefreshedEvent.serialized
 create mode 100644 config/src/test/resources/serialized/6.5.x/org.springframework.security.oauth2.server.resource.authentication.DPoPAuthenticationToken.serialized

diff --git a/config/src/test/java/org/springframework/security/SpringSecurityCoreVersionSerializableTests.java b/config/src/test/java/org/springframework/security/SpringSecurityCoreVersionSerializableTests.java
index a743507e73..64ff084274 100644
--- a/config/src/test/java/org/springframework/security/SpringSecurityCoreVersionSerializableTests.java
+++ b/config/src/test/java/org/springframework/security/SpringSecurityCoreVersionSerializableTests.java
@@ -139,6 +139,8 @@ import org.springframework.security.oauth2.client.authentication.OAuth2Authoriza
 import org.springframework.security.oauth2.client.authentication.OAuth2LoginAuthenticationToken;
 import org.springframework.security.oauth2.client.authentication.TestOAuth2AuthenticationTokens;
 import org.springframework.security.oauth2.client.authentication.TestOAuth2AuthorizationCodeAuthenticationTokens;
+import org.springframework.security.oauth2.client.event.OAuth2AuthorizedClientRefreshedEvent;
+import org.springframework.security.oauth2.client.oidc.authentication.event.OidcUserRefreshedEvent;
 import org.springframework.security.oauth2.client.oidc.authentication.logout.OidcLogoutToken;
 import org.springframework.security.oauth2.client.oidc.authentication.logout.TestOidcLogoutTokens;
 import org.springframework.security.oauth2.client.oidc.session.OidcSessionInformation;
@@ -160,6 +162,7 @@ import org.springframework.security.oauth2.core.TestOAuth2AuthenticatedPrincipal
 import org.springframework.security.oauth2.core.endpoint.OAuth2AuthorizationExchange;
 import org.springframework.security.oauth2.core.endpoint.OAuth2AuthorizationRequest;
 import org.springframework.security.oauth2.core.endpoint.OAuth2AuthorizationResponse;
+import org.springframework.security.oauth2.core.endpoint.TestOAuth2AccessTokenResponses;
 import org.springframework.security.oauth2.core.endpoint.TestOAuth2AuthorizationExchanges;
 import org.springframework.security.oauth2.core.endpoint.TestOAuth2AuthorizationRequests;
 import org.springframework.security.oauth2.core.endpoint.TestOAuth2AuthorizationResponses;
@@ -184,6 +187,7 @@ import org.springframework.security.oauth2.server.resource.BearerTokenErrors;
 import org.springframework.security.oauth2.server.resource.InvalidBearerTokenException;
 import org.springframework.security.oauth2.server.resource.authentication.BearerTokenAuthentication;
 import org.springframework.security.oauth2.server.resource.authentication.BearerTokenAuthenticationToken;
+import org.springframework.security.oauth2.server.resource.authentication.DPoPAuthenticationToken;
 import org.springframework.security.oauth2.server.resource.authentication.JwtAuthenticationToken;
 import org.springframework.security.oauth2.server.resource.introspection.BadOpaqueTokenException;
 import org.springframework.security.oauth2.server.resource.introspection.OAuth2IntrospectionAuthenticatedPrincipal;
@@ -364,6 +368,13 @@ class SpringSecurityCoreVersionSerializableTests {
 						new RuntimeException()));
 		generatorByClassName.put(ClientAuthorizationRequiredException.class,
 				(r) -> new ClientAuthorizationRequiredException("id"));
+		generatorByClassName
+			.put(OAuth2AuthorizedClientRefreshedEvent.class, (r) -> new OAuth2AuthorizedClientRefreshedEvent(
+					TestOAuth2AccessTokenResponses.accessTokenResponse().build(),
+					new OAuth2AuthorizedClient(clientRegistration, "principal", TestOAuth2AccessTokens.noScopes())));
+		generatorByClassName.put(OidcUserRefreshedEvent.class,
+				(r) -> new OidcUserRefreshedEvent(TestOAuth2AccessTokenResponses.accessTokenResponse().build(),
+						TestOidcUsers.create(), TestOidcUsers.create(), authentication));
 
 		// oauth2-jose
 		generatorByClassName.put(BadJwtException.class, (r) -> new BadJwtException("token", new RuntimeException()));
@@ -411,6 +422,8 @@ class SpringSecurityCoreVersionSerializableTests {
 				(r) -> new BadOpaqueTokenException("message", new RuntimeException()));
 		generatorByClassName.put(OAuth2IntrospectionException.class,
 				(r) -> new OAuth2IntrospectionException("message", new RuntimeException()));
+		generatorByClassName.put(DPoPAuthenticationToken.class,
+				(r) -> applyDetails(new DPoPAuthenticationToken("token", "proof", "method", "uri")));
 
 		// config
 		generatorByClassName.put(AlreadyBuiltException.class, (r) -> new AlreadyBuiltException("message"));
diff --git a/config/src/test/resources/serialized/6.5.x/org.springframework.security.oauth2.client.event.OAuth2AuthorizedClientRefreshedEvent.serialized b/config/src/test/resources/serialized/6.5.x/org.springframework.security.oauth2.client.event.OAuth2AuthorizedClientRefreshedEvent.serialized
new file mode 100644
index 0000000000000000000000000000000000000000..9588433f2b137e0f14b3a31f403174e9d5d2a4e4
GIT binary patch
literal 3632
zcmcImO=w(I6uy}>X{Py4n`o;IQX^<---|_DBn@%$W1ITgN|Pxx{)9X4-I=+`oA+Mt
zyOT@|kt|w}LJ@=%#gz-83s)joTGyf!!3v@aU3Arjh;&ihNb%fz=jG1NqduX{Vj%b3
zdw#z2o$s74{zPpdLs_2{j4)u-E94n2ku{&K7$LFCjPiBE$7NnTX4ozz9yiFU_&u8u
zXX3|a^gZHC%a7+so{_LfoLO<{?zck^`wy?~N}(1D^$8=jcR8B2z^&Qf){NYm%B`u~
zn(+?DD-0cp3*PoUPAc5U1c6I!%&G6mm~xl?So+|^4|gG^Qz*@8iG&=N0x&bUj90Ny
z=F~Oh&9k{>Vsq<i`pna%&Fd+IDgi<**FL-T&3AxUCeCRTdIMtdp(FX1a#LuRg*vfq
zlQ3NHR{%G3JQ*-PBM~h6^|*xw6lCW}frgyP+&Qw6*_358S<O>3Dy_B#KDq^2Y#Lzq
z4Df}c0ZYJVy4Wk2^IQ-KE_E@*hiY0A$wJU+Rp}(3k5>YKeJl~|U?C!?2IlAQdyM-N
zdB8hmq4v=B11LS}RdI{5oAZQ2&}lA;u&^FLR<Hlxh%?&XhzwiU5hOjHIPgqP6wT&}
zHPVQtN-M-iDglKq%W#hNs^|rc%{dR4?1>CIXc(4>li?T9`;Z{oBQrXW-7*m;9TLfI
zNq6zmm?v!eol7^LIdt;NE<y9PZeTk?#RKQB4qv(VaU~S5`lHkRZQa9He)_AzQQGs5
zDjcCQFX;A}_FWfR2U;#1$$BN<p?QjPE&+VE4t{j!!%w%eqMe{~|ND)$wSNk2-G2A)
zVW}o9Hb+A>rPJ3GPln?y&z1td4q*&FU<bcyz5Sx>Y6yNNadoP_99L#tC6K$e)f%`t
zYM&yQ5eBYKC32;twzdt8<~Gz0_gH8s(pTB<Cm2vcaX6El!;zfVn*c@~P>LeHgFaRD
z^fUoMcQ~3&?m*=bXGYLgIhk`LNrATNf1xkclP+~KPi#gcxjQV>6P<Amq5~cMR<dvs
z3EjxFyatSs#v#bwfcdM`A#8?lOkMEz_T%*TX1#TA*vW_k?QZidqg5DsYI(5(S5?x)
zoi5qolZlunv@*W#nqJL(9>CRUE~&C)`wjtaPbc=MaE&9vqrC1_wO)cb3j|oo;gEt3
zq}AzB3S8_|hM!YIsk{0`-G=}#BnmK5^EFVT*mlPp{p6noP^U%I%gDtt6b-8B=ieaf
zusMM9#mDHpfhQWY-8Gw*tc|A4AnZhWS}3cH0J;}DnB)2pcp3-5xwIT0Og~L8udP56
z=!14%q~XY@ARBn>kOM}4?JI|b&3So$)^h@%dN8R<Pq0fyvJLKF25|IJk@FxNGfh%~
z1<xgh?Uzi~FHlcymS#j@!Q2GX3!u6G`SpkV!R{$Ff=VL$QQ2yb8aMFn!mIl(FaCD#
zM>%d_YR5#z(QwRZv;zbD!rAj29f`YDmz5k%OR^%6*vgY5T@&n@g|N}?6Yw?<i^*g>
z5IbO;IsiEp^<EZu9I{Yrc}Erp1?xoP!)C;2uFT2K=#WL4NCZWshmE1@<eJs6y+|;O
z1QF6Pj-HK5gac~Sl263PQA+5PxdGxuvdrByH(=L;RcSM-wa`*?qh8`Sp-XE|K<ngE
zHV74dO0PN=^;U>;5{E@-)?eLU7Po&t4EvH;wfgm~>i3&7m$$Fo`1+Mrx$?o{hx#U8
VlUcTarZUKAOav_Uyq#S?_!m_R4ru@Y

literal 0
HcmV?d00001

diff --git a/config/src/test/resources/serialized/6.5.x/org.springframework.security.oauth2.client.oidc.authentication.event.OidcUserRefreshedEvent.serialized b/config/src/test/resources/serialized/6.5.x/org.springframework.security.oauth2.client.oidc.authentication.event.OidcUserRefreshedEvent.serialized
new file mode 100644
index 0000000000000000000000000000000000000000..22588d03ef900718e19622e3cdc639d6a037312a
GIT binary patch
literal 3770
zcmbVOU2GIp6h6CK*cK>kY4{64ffPb4oe2ehpe3;MkA<a6T53qE*4vp|c3^g9oViP<
z7zid9eGwD21Y>;g!GstR6BDCB6EQycV0=ImH7X{&_@X@cU^I%vbMEYPW=mbRHtE^9
zKj-Iu=R4=#tG8j1=farno=`l;HLMepE-UdV+dZXtTr0bVm{x377R63QGYxJD#Wr+J
zp&1+)8WV<XDf~386mVt4<L(fjbh%gLdLK=<-P-hLy4+|bA(e;a)rtZ-^XOWg<5~?}
ztD5a{HCyGZD-TO8J{39>u(!5}Ao{=(#jchyL^V_=YqqI}!)M?eBz+gQ&j*NRTY~#S
z$vTc%Ik`OH#D!nRUmW=IRuU42ph*}d?g>_M(9Ein>@-u#!Y~!NvoLXzYa;(r)8N|D
z*(*r^-vLNmdh4T)zridN=5rcCF&A<I+QL*FWuAxW(yKu_W}o5~$iJkSge0C)bGc3_
zW2PryWu78aO=g`?gP;(ICL(}lILss%(is21LL$mec*13xm?x62-`RG~8qk*`2S%Ye
z#sRKlWHh#sX$Im3tAof0GquMyO~eZshS8;UE|_6@L2OO}0oxkE8*TO4My!&p8<Pf`
zFnQka#GMsecD(=V#SG>r4-F>H2*||T(4H<z`u)vCZq^-u^Itsm#{<%6LZhgfd<TPS
zjjUu{mrav(|GBR=y#6_RGX;qpG<e1tPKk%aR0By=I#3g6ssfpRLTOqVHcF1k2V919
zlzEraQMT!nu5I$_G!F|Z?=IgF&@@!Y_l=JX_YL_JcgCT(JMSL?RZb-f3h^&;nI44}
zrfGKB5`(tY=Q{?nZ4@%mT;A4B(bTFK593?Y+@gHl!-o~IL=AI+L}+v>l&9EN;+Vps
zQjlZcN#GxzXG@faC~MW^KzrvmymI5^H_nexEs}mSYPLk0$6U^F*UigEU!A%A!dQwb
z7I*Y79IG}e3z?`MyW}vJ2|I=#nhm%>F|_&umOpFRwsST-s(=PMCAzN7l(1D3VW`<D
zq^0!oNme#R*yMit=dT~%E#~gZzK}L_*(?NfEwGQ0xm=)3Ss_n3Ytk0b{XYziRJ5rM
z_tiu<e#ENN5x|{fC!!_ZI7^s7;!l(XHJ3P<jxYzqjyE5|esvx)#HDPgb(l|AcvT;#
z(Clw-U%4xOPag<cLy6SeByHA2#L62Mmcv2j6;WZ=^}#1H=Jmf(VH6|MH12r?tTY$F
zh>@|fdr|uPPd{7z^o<lG`(cS`Grb?XuI=XV?kUp6i}#uD?AtG4ST@y&zZv{b3rKn8
z2?1%8bPeH{m37%q*W%gc4Gy{go%!wP%*}_e(ZRjp;QF=R=VvZ`_`xn&8&k{3Tg7(*
zJ5BIt=rDBTbc&t9=Ce4MLPitLxMi|znj3@fl;L5P))a+s_Nc09Ys@U#o=|bR%w4pA
zeG@}%mN?Qys|<5@=E)1!)^9%e9=gUVYQ{JLitAc8Jb1j}HS%gOArHA{c5P9!T=SuF
zc*>Ak6?zK2^wv$osM5j`n=STF*5A>0T>Rm1RjrY~O|g=p@n!@!Ten9^{K72bXWh}+
z0qDxFroQAL-ta7JLNtNBa}^mHjPsoaauJcH->p(^yO&P1*iK?Qi4GD9iJc^Nk$9NI
zBP1Rr@feBSB)Uj+li2G6GN6#_?UC0JO|>KRyXyu*LLciyKMSr671v*twTDz=MoAu^
z4dLys+iLif2@sz1m_lTmkcW7~dDtbOHMpRNjcU%qm!BmsDM?v9E9giEu?-1&kv-1L
za)>T1NFeqKXf*T=xuGWHi%BJbjlLo%qclW7&rJxD-Gx1MBQT3AHB@Tr5wq}lQ3dRL
zJW0v6L$8}8g&GAIaH3LqEdrJd_Y{uyjk}x$od~Cv22)e`*5UF_mfAV8Gbr)dSQDjm
zwZjg%d99SyHJ+f2ozlZj`uuOsO6911U~B1awWMPAoF(imv{bXRkgxqxZy~jHoYd|U
zCv6!eAxSdk1AX_AXqW!_XE%(|*P)t0L~N6rCEKL&D4BEE77MWgz>#@8)JY8ra7e1R
O(C0A;w{*>Dtp5vq2bjbF

literal 0
HcmV?d00001

diff --git a/config/src/test/resources/serialized/6.5.x/org.springframework.security.oauth2.server.resource.authentication.DPoPAuthenticationToken.serialized b/config/src/test/resources/serialized/6.5.x/org.springframework.security.oauth2.server.resource.authentication.DPoPAuthenticationToken.serialized
new file mode 100644
index 0000000000000000000000000000000000000000..176b50cfeea3a45fcace81c4b95b151ad81e4ac7
GIT binary patch
literal 756
zcmah{%}N|W5U!nFjk5TILcoKbOpp*}QF2>6Y$B*I;6fq+4?@pO?b<p!J*lpBM-QSe
z;N62SAYStfIe60-@B!jEmmE^PW7t)K>BIDNb=6m2ef?cOz=$Q-G1T^LMmlY`NOiDh
z=)kuabxHG)Z&a7}R^&{FNIs!8U5e0mQA}A!inU4owWet{o`k-b15AUNd;Q_v>X-+W
z0IDjA(Axe5!%VQR4pl8tX}k8BUGsVX<FVj0$(YtRIDt|CqaEZu6F;7+f7@@9?uT-M
z^%vPcquB^8lZyBsRPU~qPSW*w(u492Obpdw?5N9ZM)c5V8D1CEyR4JiCzB)?ISqvV
zs~B17L{f&Q+Y0w3qn>9VV!w4$`>xa<l-kAZv}0o3(ke_a(3XEsy;=VL^L*NKB2*HI
zFia1%bvbpJ{{8>q25sg(!s*TKuZ2EnDRK&y^Grz14p16I>d2wzXSeegKh$LzN}Euz
z`WR&ZS-pz;=B~IZr5i8G-^1{^Q@&#ORQ<I=GlvS`B_4PIOb~VqV<V2`#qHzkk6ZZ{
hp*IUV<Qc<gk;gE&V;Es)J=rs7BuOef#84JT{{gJ41f2i?

literal 0
HcmV?d00001

diff --git a/core/src/main/java/org/springframework/security/authorization/event/AuthorizationGrantedEvent.java b/core/src/main/java/org/springframework/security/authorization/event/AuthorizationGrantedEvent.java
index 26115a5100..9dc75ccd9b 100644
--- a/core/src/main/java/org/springframework/security/authorization/event/AuthorizationGrantedEvent.java
+++ b/core/src/main/java/org/springframework/security/authorization/event/AuthorizationGrantedEvent.java
@@ -33,7 +33,6 @@ import org.springframework.security.core.Authentication;
  * @author Josh Cummings
  * @since 5.7
  */
-@SuppressWarnings("serial")
 public class AuthorizationGrantedEvent<T> extends AuthorizationEvent implements ResolvableTypeProvider {
 
 	@Serial