From d4678c8e04a12c79685dd9f7e839b3e71f9f3e75 Mon Sep 17 00:00:00 2001 From: Josh Cummings <3627351+jzheaux@users.noreply.github.com> Date: Tue, 31 Mar 2026 15:54:49 -0600 Subject: [PATCH] Add Missing Serialization Support Closes gh-19013 Signed-off-by: Josh Cummings <3627351+jzheaux@users.noreply.github.com> --- .../cas/jackson/CasJacksonModule.java | 1 + .../security/SerializationSamples.java | 73 ++++++++++++++++++ ...ion.FactorAuthorizationDecision.serialized | Bin 0 -> 906 bytes ...ty.authorization.RequiredFactor.serialized | Bin 0 -> 208 bytes ...thorization.RequiredFactorError.serialized | Bin 0 -> 574 bytes ...ization.OAuth2AuthorizationCode.serialized | Bin 0 -> 335 bytes ...rizationCodeAuthenticationToken.serialized | Bin 0 -> 1656 bytes ...eRequestAuthenticationException.serialized | Bin 0 -> 13577 bytes ...tCredentialsAuthenticationToken.serialized | Bin 0 -> 1741 bytes ...h2DeviceCodeAuthenticationToken.serialized | Bin 0 -> 1640 bytes ...RefreshTokenAuthenticationToken.serialized | Bin 0 -> 1767 bytes ...cation.OAuth2TokenExchangeActor.serialized | Bin 0 -> 315 bytes ...okenExchangeAuthenticationToken.serialized | Bin 0 -> 2157 bytes ...ngeCompositeAuthenticationToken.serialized | Bin 0 -> 1803 bytes ...uthenticatorAttestationResponse.serialized | Bin 0 -> 1056 bytes .../FactorAuthorizationDecision.java | 4 + .../authorization/RequiredFactor.java | 7 +- .../authorization/RequiredFactorError.java | 7 +- .../NonBuildableAuthenticationToken.java | 1 + .../InMemoryOAuth2AuthorizationService.java | 1 + .../OAuth2AuthorizationCode.java | 4 + ...2AuthorizationCodeAuthenticationToken.java | 4 + ...ionCodeRequestAuthenticationException.java | 5 ++ ...2ClientCredentialsAuthenticationToken.java | 4 + .../OAuth2DeviceCodeAuthenticationToken.java | 4 + ...OAuth2RefreshTokenAuthenticationToken.java | 4 + .../OAuth2TokenExchangeActor.java | 7 +- ...Auth2TokenExchangeAuthenticationToken.java | 4 + ...nExchangeCompositeAuthenticationToken.java | 4 + .../token/OAuth2AccessTokenGenerator.java | 1 + .../TestOidcAuthorizationRequest.java | 1 + .../DefaultEqualsGrantedAuthority.java | 1 + 32 files changed, 134 insertions(+), 3 deletions(-) create mode 100644 config/src/test/resources/serialized/7.0.x/org.springframework.security.authorization.FactorAuthorizationDecision.serialized create mode 100644 config/src/test/resources/serialized/7.0.x/org.springframework.security.authorization.RequiredFactor.serialized create mode 100644 config/src/test/resources/serialized/7.0.x/org.springframework.security.authorization.RequiredFactorError.serialized create mode 100644 config/src/test/resources/serialized/7.0.x/org.springframework.security.oauth2.server.authorization.OAuth2AuthorizationCode.serialized create mode 100644 config/src/test/resources/serialized/7.0.x/org.springframework.security.oauth2.server.authorization.authentication.OAuth2AuthorizationCodeAuthenticationToken.serialized create mode 100644 config/src/test/resources/serialized/7.0.x/org.springframework.security.oauth2.server.authorization.authentication.OAuth2AuthorizationCodeRequestAuthenticationException.serialized create mode 100644 config/src/test/resources/serialized/7.0.x/org.springframework.security.oauth2.server.authorization.authentication.OAuth2ClientCredentialsAuthenticationToken.serialized create mode 100644 config/src/test/resources/serialized/7.0.x/org.springframework.security.oauth2.server.authorization.authentication.OAuth2DeviceCodeAuthenticationToken.serialized create mode 100644 config/src/test/resources/serialized/7.0.x/org.springframework.security.oauth2.server.authorization.authentication.OAuth2RefreshTokenAuthenticationToken.serialized create mode 100644 config/src/test/resources/serialized/7.0.x/org.springframework.security.oauth2.server.authorization.authentication.OAuth2TokenExchangeActor.serialized create mode 100644 config/src/test/resources/serialized/7.0.x/org.springframework.security.oauth2.server.authorization.authentication.OAuth2TokenExchangeAuthenticationToken.serialized create mode 100644 config/src/test/resources/serialized/7.0.x/org.springframework.security.oauth2.server.authorization.authentication.OAuth2TokenExchangeCompositeAuthenticationToken.serialized create mode 100644 config/src/test/resources/serialized/7.0.x/org.springframework.security.web.webauthn.api.AuthenticatorAttestationResponse.serialized diff --git a/cas/src/main/java/org/springframework/security/cas/jackson/CasJacksonModule.java b/cas/src/main/java/org/springframework/security/cas/jackson/CasJacksonModule.java index 0e5e2cc4d1..a7e8bdd164 100644 --- a/cas/src/main/java/org/springframework/security/cas/jackson/CasJacksonModule.java +++ b/cas/src/main/java/org/springframework/security/cas/jackson/CasJacksonModule.java @@ -48,6 +48,7 @@ import org.springframework.security.jackson.SecurityJacksonModules; * @since 7.0 * @see SecurityJacksonModules */ +@SuppressWarnings("serial") public class CasJacksonModule extends SecurityJacksonModule { public CasJacksonModule() { diff --git a/config/src/test/java/org/springframework/security/SerializationSamples.java b/config/src/test/java/org/springframework/security/SerializationSamples.java index 1da24bb551..2a2d0d1e63 100644 --- a/config/src/test/java/org/springframework/security/SerializationSamples.java +++ b/config/src/test/java/org/springframework/security/SerializationSamples.java @@ -20,6 +20,7 @@ import java.io.IOException; import java.io.Serializable; import java.lang.reflect.Field; import java.security.Principal; +import java.time.Duration; import java.time.Instant; import java.util.Collection; import java.util.Date; @@ -85,6 +86,9 @@ import org.springframework.security.authentication.password.CompromisedPasswordE import org.springframework.security.authorization.AuthorityAuthorizationDecision; import org.springframework.security.authorization.AuthorizationDecision; import org.springframework.security.authorization.AuthorizationDeniedException; +import org.springframework.security.authorization.FactorAuthorizationDecision; +import org.springframework.security.authorization.RequiredFactor; +import org.springframework.security.authorization.RequiredFactorError; import org.springframework.security.authorization.event.AuthorizationEvent; import org.springframework.security.authorization.event.AuthorizationGrantedEvent; import org.springframework.security.cas.authentication.CasAssertionAuthenticationToken; @@ -161,6 +165,7 @@ import org.springframework.security.oauth2.jwt.JwtException; import org.springframework.security.oauth2.jwt.JwtValidationException; import org.springframework.security.oauth2.jwt.TestJwts; import org.springframework.security.oauth2.server.authorization.OAuth2Authorization; +import org.springframework.security.oauth2.server.authorization.OAuth2AuthorizationCode; import org.springframework.security.oauth2.server.authorization.OAuth2AuthorizationConsent; import org.springframework.security.oauth2.server.authorization.OAuth2AuthorizationServerMetadata; import org.springframework.security.oauth2.server.authorization.OAuth2ClientRegistration; @@ -168,15 +173,22 @@ import org.springframework.security.oauth2.server.authorization.OAuth2TokenIntro import org.springframework.security.oauth2.server.authorization.OAuth2TokenType; import org.springframework.security.oauth2.server.authorization.TestOAuth2Authorizations; import org.springframework.security.oauth2.server.authorization.authentication.OAuth2AccessTokenAuthenticationToken; +import org.springframework.security.oauth2.server.authorization.authentication.OAuth2AuthorizationCodeRequestAuthenticationException; import org.springframework.security.oauth2.server.authorization.authentication.OAuth2AuthorizationCodeRequestAuthenticationToken; import org.springframework.security.oauth2.server.authorization.authentication.OAuth2AuthorizationConsentAuthenticationToken; import org.springframework.security.oauth2.server.authorization.authentication.OAuth2AuthorizationGrantAuthenticationToken; import org.springframework.security.oauth2.server.authorization.authentication.OAuth2ClientAuthenticationToken; +import org.springframework.security.oauth2.server.authorization.authentication.OAuth2ClientCredentialsAuthenticationToken; import org.springframework.security.oauth2.server.authorization.authentication.OAuth2ClientRegistrationAuthenticationToken; import org.springframework.security.oauth2.server.authorization.authentication.OAuth2DeviceAuthorizationConsentAuthenticationToken; import org.springframework.security.oauth2.server.authorization.authentication.OAuth2DeviceAuthorizationRequestAuthenticationToken; +import org.springframework.security.oauth2.server.authorization.authentication.OAuth2DeviceCodeAuthenticationToken; import org.springframework.security.oauth2.server.authorization.authentication.OAuth2DeviceVerificationAuthenticationToken; import org.springframework.security.oauth2.server.authorization.authentication.OAuth2PushedAuthorizationRequestAuthenticationToken; +import org.springframework.security.oauth2.server.authorization.authentication.OAuth2RefreshTokenAuthenticationToken; +import org.springframework.security.oauth2.server.authorization.authentication.OAuth2TokenExchangeActor; +import org.springframework.security.oauth2.server.authorization.authentication.OAuth2TokenExchangeAuthenticationToken; +import org.springframework.security.oauth2.server.authorization.authentication.OAuth2TokenExchangeCompositeAuthenticationToken; import org.springframework.security.oauth2.server.authorization.authentication.OAuth2TokenIntrospectionAuthenticationToken; import org.springframework.security.oauth2.server.authorization.authentication.OAuth2TokenRevocationAuthenticationToken; import org.springframework.security.oauth2.server.authorization.client.RegisteredClient; @@ -190,6 +202,7 @@ import org.springframework.security.oauth2.server.authorization.settings.Authori import org.springframework.security.oauth2.server.authorization.settings.ClientSettings; import org.springframework.security.oauth2.server.authorization.settings.OAuth2TokenFormat; import org.springframework.security.oauth2.server.authorization.settings.TokenSettings; +import org.springframework.security.oauth2.server.authorization.token.OAuth2TokenClaimNames; import org.springframework.security.oauth2.server.resource.BearerTokenError; import org.springframework.security.oauth2.server.resource.BearerTokenErrors; import org.springframework.security.oauth2.server.resource.InvalidBearerTokenException; @@ -429,6 +442,8 @@ final class SerializationSamples { generatorByClassName.put(RegisteredClient.class, (r) -> registeredClient); generatorByClassName.put(OAuth2Authorization.class, (r) -> authorization); generatorByClassName.put(OAuth2Authorization.Token.class, (r) -> authorization.getAccessToken()); + generatorByClassName.put(OAuth2AuthorizationCode.class, + (r) -> new OAuth2AuthorizationCode("code", Instant.now(), Instant.now().plusSeconds(300))); generatorByClassName.put(OAuth2AuthorizationConsent.class, (r) -> OAuth2AuthorizationConsent.withId("registeredClientId", "principalName") .scope("scope1") @@ -454,6 +469,58 @@ final class SerializationSamples { authenticationToken.setDetails(details); return authenticationToken; }); + generatorByClassName.put( + org.springframework.security.oauth2.server.authorization.authentication.OAuth2AuthorizationCodeAuthenticationToken.class, + (r) -> { + org.springframework.security.oauth2.server.authorization.authentication.OAuth2AuthorizationCodeAuthenticationToken token = new org.springframework.security.oauth2.server.authorization.authentication.OAuth2AuthorizationCodeAuthenticationToken( + "code", principal, "https://localhost/callback", Map.of("custom_param", "custom_value")); + token.setDetails(details); + return token; + }); + generatorByClassName.put(OAuth2AuthorizationCodeRequestAuthenticationException.class, (r) -> { + OAuth2AuthorizationCodeRequestAuthenticationToken authToken = new OAuth2AuthorizationCodeRequestAuthenticationToken( + "https://localhost/authorize", "clientId", principal, "https://localhost/callback", "state", + authorizationRequest.getScopes(), authorizationRequest.getAdditionalParameters()); + return new OAuth2AuthorizationCodeRequestAuthenticationException( + new OAuth2Error("invalid_request", "Missing required parameter", "https://example.com/error"), + authToken); + }); + generatorByClassName.put(OAuth2ClientCredentialsAuthenticationToken.class, (r) -> { + OAuth2ClientCredentialsAuthenticationToken token = new OAuth2ClientCredentialsAuthenticationToken(principal, + Set.of("scope1", "scope2"), Map.of("custom_param", "custom_value")); + token.setDetails(details); + return token; + }); + generatorByClassName.put(OAuth2DeviceCodeAuthenticationToken.class, (r) -> { + OAuth2DeviceCodeAuthenticationToken token = new OAuth2DeviceCodeAuthenticationToken("device-code", + principal, Map.of("custom_param", "custom_value")); + token.setDetails(details); + return token; + }); + generatorByClassName.put(OAuth2RefreshTokenAuthenticationToken.class, (r) -> { + OAuth2RefreshTokenAuthenticationToken token = new OAuth2RefreshTokenAuthenticationToken("refresh-token", + principal, Set.of("scope1", "scope2"), Map.of("custom_param", "custom_value")); + token.setDetails(details); + return token; + }); + generatorByClassName.put(OAuth2TokenExchangeAuthenticationToken.class, (r) -> { + OAuth2TokenExchangeAuthenticationToken token = new OAuth2TokenExchangeAuthenticationToken( + "urn:ietf:params:oauth:token-type:access_token", "subject-token", + "urn:ietf:params:oauth:token-type:jwt", principal, "actor-token", + "urn:ietf:params:oauth:token-type:jwt", Set.of("https://resource.example.com"), Set.of("audience"), + Set.of("scope1"), Map.of("custom_param", "custom_value")); + token.setDetails(details); + return token; + }); + OAuth2TokenExchangeActor actor = new OAuth2TokenExchangeActor(Map.of(OAuth2TokenClaimNames.ISS, + "https://issuer.example.com", OAuth2TokenClaimNames.SUB, "actor-subject")); + generatorByClassName.put(OAuth2TokenExchangeActor.class, (r) -> actor); + generatorByClassName.put(OAuth2TokenExchangeCompositeAuthenticationToken.class, (r) -> { + AbstractAuthenticationToken token = new OAuth2TokenExchangeCompositeAuthenticationToken(authentication, + List.of(actor)); + token.setDetails(details); + return token; + }); generatorByClassName.put(OAuth2AuthorizationConsentAuthenticationToken.class, (r) -> { OAuth2AuthorizationConsentAuthenticationToken authenticationToken = new OAuth2AuthorizationConsentAuthenticationToken( "authorizationUri", "clientId", principal, "state", authorizationRequest.getScopes(), @@ -670,6 +737,12 @@ final class SerializationSamples { generatorByClassName.put(AuthorizationDecision.class, (r) -> new AuthorizationDecision(true)); generatorByClassName.put(AuthorityAuthorizationDecision.class, (r) -> new AuthorityAuthorizationDecision(true, AuthorityUtils.createAuthorityList("ROLE_USER"))); + RequiredFactor factor = RequiredFactor.withAuthority("authority").validDuration(Duration.ofSeconds(5)).build(); + generatorByClassName.put(RequiredFactor.class, (r) -> factor); + RequiredFactorError error = RequiredFactorError.createMissing(factor); + generatorByClassName.put(RequiredFactorError.class, (r) -> error); + generatorByClassName.put(FactorAuthorizationDecision.class, + (r) -> new FactorAuthorizationDecision(List.of(error))); generatorByClassName.put(CycleInRoleHierarchyException.class, (r) -> new CycleInRoleHierarchyException()); generatorByClassName.put(AuthorizationEvent.class, (r) -> new AuthorizationEvent(new SerializableSupplier<>(authentication), "source", diff --git a/config/src/test/resources/serialized/7.0.x/org.springframework.security.authorization.FactorAuthorizationDecision.serialized b/config/src/test/resources/serialized/7.0.x/org.springframework.security.authorization.FactorAuthorizationDecision.serialized new file mode 100644 index 0000000000000000000000000000000000000000..747fc7d2e83a89fa5f401b7fcba9040a1ef27bec GIT binary patch literal 906 zcmZ4UmVvdnh`}wtC|$3(peQphJ*_A)H?=&!C|j>MHMz7Xv!qflv9u&3zbLaRu_QA; zPtPqexg@{H5n0S7H94~wDEDVZ9Fr2;@`+3gj6MuJX<&t}MMe2V#U%^^K3R!niTb4_ znK}ACnZ+g66$LW(V$dOM0K#BNCx(X8ao^>@#xN$AFo+>J3ZV?*G(l98gHwyb`&MtW zl3pRm%)sc$z+94;UQxinz`$6}0wRH)u_GZAgHj7iGmBDFAfX8kBx$BN{qFsRtxOC| zJ`8L{sfoq;c_j?)K0s6T(c(rQ7B~7RaifpLRFxpGLDoJDd_^dBmM~b8Z!|E7>WUa# zDf2MYX~56}10e>4-PbcX*wfD)7}}O(Th1bR<;0w1 zVODTJb3#L~q_TuT2$CE?mg@(XfN}#c*m%nlb23w0N{hhBzl1>qqNpS@H&q`d3Ji`C s282mK*YSeA0aBy~OgU3yTXsn+d2HeVdaMHMz7Xv!qflv9u&3zbLaRu_QA; zPcJC7ur#wMHN`D4xg@`cMe@ptImyDTObkpu44hDvC6y%%LOxlEWr_MZiFxVz!6hJ* zt$i4H%Mx=kQ(Q`mz($oYh(HvTWag&o!$hqs3QCYn0=kYDWRf08kzR0W(bU+MUD8S( Un|K%)DhkSZ85tme6+~440RJpTCIA2c literal 0 HcmV?d00001 diff --git a/config/src/test/resources/serialized/7.0.x/org.springframework.security.authorization.RequiredFactorError.serialized b/config/src/test/resources/serialized/7.0.x/org.springframework.security.authorization.RequiredFactorError.serialized new file mode 100644 index 0000000000000000000000000000000000000000..db9a321996e289ef4118ec28c2d464fe259bbe14 GIT binary patch literal 574 zcmZ4UmVvdnh`}zuC|$3(peQphJ*_A)H?=&!C|j>MHMz7Xv!qflv9u&3zbLaRu_QA; zPcJC7ur#wMHN`D4xg@{HwWuh+NSY~5zk7dSD-#2g4+C3KYGQGIUI~M{571P7G*k6q zrs|`Zs*lA~l_0P|);(g6IkWx5>!# literal 0 HcmV?d00001 diff --git a/config/src/test/resources/serialized/7.0.x/org.springframework.security.oauth2.server.authorization.OAuth2AuthorizationCode.serialized b/config/src/test/resources/serialized/7.0.x/org.springframework.security.oauth2.server.authorization.OAuth2AuthorizationCode.serialized new file mode 100644 index 0000000000000000000000000000000000000000..2035cac048ca0a6dc448a1675d617f17eda5c906 GIT binary patch literal 335 zcma)%u}T9$5Qc}-fQo6fw6hiFK56bj*5o0T%uKtoUMnM zN5mKh%lb-*wg&gJxQlI??btqT+|ldX`x+$xo?-Jp_`)(_cH)FpArtJO9gu;)N~#2A za+oJyYbKY8z;b@BMk*COq;$_XQARpB%xUKu>SuBR*O26}AQ5t;s)huXCMT6LW!jaf z+wpbqZ$}bF5_XAik8hq=R(Bs4!}ImH9UK7k$Mz5QUhch%+}1SR`o!MTmlv2Vg7z=P C#&n1P literal 0 HcmV?d00001 diff --git a/config/src/test/resources/serialized/7.0.x/org.springframework.security.oauth2.server.authorization.authentication.OAuth2AuthorizationCodeAuthenticationToken.serialized b/config/src/test/resources/serialized/7.0.x/org.springframework.security.oauth2.server.authorization.authentication.OAuth2AuthorizationCodeAuthenticationToken.serialized new file mode 100644 index 0000000000000000000000000000000000000000..261b9100f97f4b62074ba42f131e5452bc5f91b3 GIT binary patch literal 1656 zcmcJP&rcIU6vt=VLir&U(U3@@(L{^~vl}^hkVGgbKav`VKukP{)7^m%On26qDQ!6r z{Rg~z@JM2eS5BUc2M(Upn^!L$^ni)+V$}C$OSdJYo@~--XZOvU_df6Y-m7nI*a>rz{A8 zasei-YFH?4fW>$%BB0jGs1g?;yU9^~X(cSnfUj{{6s*9t`IQ^Jw)gevV2U`PFab{t z8Em;0Z7}<*|8|#Lb9Rb6e)r(#dF#~iQIOeM1VNonyyTUlb@X0)^5NXGefm62oOzPb ze49Z6@Tq2St>NJu9G&Zkzsib7yX+n-q9&4}+=`i@S3*+4_SAr4WocMG2o%%Wc20rx zYWNSJ=YzPFB15`kJJa$GVj4}-Ns@183<5vceev7;$WFyH%IGs~X`D)q&rw|h)2{5N zH*bd@zE6|X4Cxb+1~VWcspd(qDM5rKDS}!wF=unh_!Vtrc{RdDOSW57 zR9Fo{o#=?KF}zUuE<$V0rDh}98!a`^Ntboogfr9-Z9MH(aZJIDGaYZlBS~r8Wso~e zvi5@65g1=g99yn_ALbk$qrw)e2a1IQ*)}%D(_{70?bx?{c0GxZte8>|)l|o*EPzHf zFw>WKITFk=U;)MkTui+UMMg=%nk2gKE);IB=Iy-~K{a+eWn;P!fsB%1&EYs7DH#*# T8=fbmPen;;4+PP2H4Y=Mxx5rP4S6w$E>vUb zwjxihRs*M{>WA?it;ncKA3@|@a+DV|`AasH=jzXyQ39nV1sMx!a!x+klCh%x40xjL z%8-z}y7>AvfA{>)|FkSh)8ar5f6vKEyl)yzj}(|5NthndOyirF9?2o)uZ)k8^)S5< zT#(IU?MO@xqB1v#WHm#d(M)Ck#OXha{&(Wsue0nMWE2IF5=RFTjgTAOCukmVb#Gs; zn4KO*xPJKE2mkr97JQ{4Q}JIo zxADZ*BOm&gvJe2gA_GhzzVq4*@7#Or`mc9DEYzdmqO<7BAAIAkTkpO2@~cB)cv@_5 zomMQBxN4ekjS$h16!O@#*j|&$@%&RVj-6$|?Y7|N6)k{ckBY6aa@-3Gk>dhl|D!pO zWMIOV4QL1`uZ&w^7y+TIrCi5K?9|g*%JWC2y;vPQefJX;o6l-TNfO?kT2Sd`JUxZL%fIGzrinv70^k0-@bV(YZnQIi-Tb&S!t>D|2K`O<>g z3cl+>E!Pv&S~-~Q4eohFMlqH;BWi~wAxb}1V#pzt9O~<{^D^=r--MfarxE%HBw|mu z?kcGQiuawyV$G?*h=@y-yY2}?7GM{siX+6q6-wMgM7<_pnywe%7YxvJ{OYo7%E(bc zRBd>%TRo9{j!QT<^(%2rXQ!dO+02$U#fJ^WclMxIcbYXH+NqvFteS@_`JSw$Bxa+) zg=-PrxAg}wJnV*7r?cl|-13#p%~8Y6{cnhylbTm0ZtBX588)130Vkade8@0xpa%mf z?~{%Tr&Qv~LJwmnB>Qc-&N5nRD%9Mf#I9v+J9!!#&?AoDvaM47IKwN^i;bzoH71(N zST10r&|`$$o=_=L5Py?$^ego1b|tnYu(QGWz-IoBJ3-w@I!ewgo|kUUelHh5>2t)! zb-n1KX?2|gxHxT1KC74 zx?Dk&5|!*M@@9j-VtCr$gQwBZn?gK*V$HAAHF8V-#Z)8r(XV4lY}8b3TF)9Gw)3r~r>ddvDB9|(ZqR51&A3WCaCJ_r2i|!GpD@prg&t#rZCXQ`cA_WR zuKvqVI?{&{B?5@l7BPzF=uzV8jGXC91)H_Vh&v3KqZyg=tW*_4jnU%KCUu(Sg`a+;F)k#IcQ7i8D1ZH zv%C_Xx)PTgiXKalr{x-2^8?XJygZdN@xZi0)-tan)Q?e<^RnZH;sbArVt3pljGLN} z0hHL`(h3=EGFw@Qr=0iJ0x*5%;y^tGxIn-7GY7D^7Ql%DfD&7^5yDPEVpv1mjL&o>^uD(LJqylm1zG~IQ{BtJ~`wMxG(;nbq_m9c7T?b8Kt`uv~`Fu4}M zml!~aW9t-^l4s&+!HF**r?x+hc-I+K8!6`~If}g%>91A}+bn8j6B{3(<|%4&GGtjW zCu1L0q7UjrHtOe$aMnIHkR3@HBq;Qs5oV(k1+8YzWB-VeQ!@Ztx$w58#CjjHQSa{5 zqAjQ@@Is$C9rED^$J<|9rXtn%Sf1abHdCi?F?U@I@pf4 zCqIqGw|GmlxRAmLg2)tdX0a{?Qimo6UIGJe&lrdm9HvnPzY~sIp9$ki`m-{#g!BPB za@rFo-r(Rw5_T{~=wAW)10CprN8&K#%2_Xzbahp^vvNo$)cO8Y-JdT?t$C;3&rIiH{elDd@NK8W7*qq2JL(DB5vV;*VJQ#V%vS&2A8` zB4Z4?A^$1M{}megDi+Gc$O)0XjrE=(o(DU(bg+}Hux$Ae($67S$Q9gs;g~Q_?=QG{ zcl<7#h%YiH+0yt{H=uvZvAa3J+y%6}06uT-;IqRmX(}(Em%1Quyae>!OR_pR{>|YEIcVr>DQhKSUD{x2EdM35D4h-NC4=)VX_6o$ zSs|8sk{Q@pVYM)UK662$JL~x6?4AeV%@O5{DUmj2!iSn>??g z0{LG~Et8slx;~{6^w0iZo1F(Leb^-RXz!z6zh^7z2=yTD@S{rMcD~>JO0P30?tOX< zbq_!M-~$FG)_KnCpkf{Yuj@Y0op|zMU|n^kw-Ub7YPxk?>Ql)?RlhOnVGi zz-x{MH})B2!Z`m)zPyzh(zd{l*aB!uJE_@)AhSeobCD+2Wd;Wu3KeDsAxI+?#T-r{ z`vK^C&kRHMB5&BtU&8SwXW_%q?xLsa)1#pl7l<0PARb(-FiOaaWCVPKNI=eH{n) z3qD~^pu8j|mbmgGO+`w#ps#d*26B$A?LlKVQ}ebQ0DMloAA9tZB-(Q1pk$-!gkJXk zs&GLXR~6PRgwRis>1u!Y3?3$D&ATL}O)O4Y+EFpr$k?>gK^f~6O43)>n9uU!6w2>z zahyk!sDK1;LlW!`YO1)Qr<<5Kt{gm=Uh)voRCzOsP6w7!!e;pL>==$V+8gGj$=20zqIoHqK`+5x-xU&X^7-r=ctk{W(Y=>~)+a~gjaHPh5|0Fgo~5Rc!(jY7So zwyEaDSaNRNdY>LQU3itm`JCP|u>T~TMzqbzyhMjYLAuv&*SX?@858eb0?zR?6 zCkJBzm}={Fpo`BEqIk~jJ($`vNAA5K$04Vuz;KoJYC>VO=7hL-t0do8uT$x>c3R@H zr`w!_e)fEp6l3frf5HN6uO6;ec5-jh%*~R@1h^ZxpQ1CtP(2k4NZQWjVZZ+Lq1Yt>P9P#qfKsahSVs_fdIS}P6n#LXoTe3#{% z{Rz&m#!5CusVYy`J#gsOE}Kxlb!{MHqG7xqrUx@(<|M1;Ea~l0YTlbDm6DtZ(j<27 z`-}<(VEP2_Oqwyan7FFgm1w0jYtu@PxFsr6D4|SYm@b|H5{VnKyF9Z~LG^KEq7f>- z)4ufbH80-(ColXX&av&VO*8lfC0?VRoKs(29L<$tqz_zb`(-gSEiOx*fkBGYfSS}T zlB%4kBHVNgp*)>`wn>X(2NngQFqMd$qv~2L7i2GWrNa2WkrCPE+EJS3%BSbfNkN%HFwx{Kv2T;Hk$xIeTAOl+TJS%rmZOYtv#^jt&W{#9aTX z>wcB)S?zhQ9-peRpLwfl@V ztBU%R6QbODXHG+Bj0;SQ%`OUOn`)|-xC^xKHxdjnhw)z+xEc2zcKV~iVm_(_h; zyrin`4OBj?Jq^n0UlvFlS>BK+WHi^!B7gt$w>{N7QQH9@KP$Fd^T_s>8OfAKEM09$ zo-I3Ywn>+;1H>*~*QK2(G8b@c>lH1V8duIVQH<>^c~s>?m$5&;{FXz1`R^ay$uPof4M74N7pM(M_s*rM?A9oGZD)(#(hh}aO~;$}2E=~o*Mv`G;0QT*oD zgIJ}1P=e)|Iv%*j4Q-!@V%ZyEjW={8A6?vp=;B`q;Q?-eYSkLKm*dlErW7I++P+;1 zS!>M_k4D_KFuTkuErYA$eYxT|oVea5>Id+Zv>&}zgRB8OUKemFSeZ*+#Ez&A?+ zo9V{6ndymhqfGaiDnelZ literal 0 HcmV?d00001 diff --git a/config/src/test/resources/serialized/7.0.x/org.springframework.security.oauth2.server.authorization.authentication.OAuth2ClientCredentialsAuthenticationToken.serialized b/config/src/test/resources/serialized/7.0.x/org.springframework.security.oauth2.server.authorization.authentication.OAuth2ClientCredentialsAuthenticationToken.serialized new file mode 100644 index 0000000000000000000000000000000000000000..b4b92f420aa689f8b2914bb23ba2e6ae54cd7113 GIT binary patch literal 1741 zcmb`IO=uHA6vrnYP5NotDg_S}6e}JiON+N2YSP*dSZT2>f(PqlciL<_* zD7Rp5R4@}?QSRYxXf@}oF#BMC>sxGdcRflXI!Snj<1$Z@l)g+?saBL0*Jha<_670& zuQrrYl|Lbq+=>@rC* zI^>`=@YN3aY5`x(a0Jti%0n06JY^`TGjK^2O0;$^g|kUG*7XJv3n~7^zaTJ)sO#&f34!5T;j(ZTt43EFs(um?4;Ss~c>*D+;);T*Y*SSV07?S@FwbYL zg3Fnjeax(Ik>xrRap7=QC6Ty3tzTWpsJQ2#YSc2TG@W&!j6$*hRy{D;H~Js$J=ofq shkI6jI^kqP;egfav3rjmzj}E&23BsV6C`$5sw4_B)St%S;g2Ez51E5tjsO4v literal 0 HcmV?d00001 diff --git a/config/src/test/resources/serialized/7.0.x/org.springframework.security.oauth2.server.authorization.authentication.OAuth2DeviceCodeAuthenticationToken.serialized b/config/src/test/resources/serialized/7.0.x/org.springframework.security.oauth2.server.authorization.authentication.OAuth2DeviceCodeAuthenticationToken.serialized new file mode 100644 index 0000000000000000000000000000000000000000..db2b28832d815219e5089978a6a11a9d9e0315b1 GIT binary patch literal 1640 zcmb`Hzi-n(6vxj=+w=!*3RIOCKp;`X(AuJ7DpZn|{*a7X(E<_!EC_h-T;imy!a}4(dG@<^-}iYxo_-JW{etY_ao{NCM3k+e-lsOxe}mWpMHbQF`JBH37NRdHcmp}~|*M(KgrtBrsulD8oT zYad_hFJCL>YdOAT)=eNCicL)&OB!eyIm}`@PJrasDAT`=TYQ`6WIY<+7%D7BXF2JR=^h?DJ@R*7M z13L2@wuFh0&E#l!_L^7mUB1p~Q81f_>SuQB!p`UW!@8-u1Uyk>xaC^(!R*KX9WJ@% zM1kCWdF#h19n^5{kZqEQ0uXgPiISI+HZXd0@Ab(CyYyk27>lGUb?dNAIOA362v@M OmWWkkAjUO;xc>=sunR literal 0 HcmV?d00001 diff --git a/config/src/test/resources/serialized/7.0.x/org.springframework.security.oauth2.server.authorization.authentication.OAuth2RefreshTokenAuthenticationToken.serialized b/config/src/test/resources/serialized/7.0.x/org.springframework.security.oauth2.server.authorization.authentication.OAuth2RefreshTokenAuthenticationToken.serialized new file mode 100644 index 0000000000000000000000000000000000000000..8eefaebfefcb6dc1baf41f1d257fab91dd7526d4 GIT binary patch literal 1767 zcmb`IO=uHA6vtQk8;-3W^mEnx(~C4>hs&16Er4f#AV9*_}4qPIlMXNwevp z)Pq+Gf`W+PMG(<_RahFz5l#C{X*J& zK?<%|O#7a&oy7$~3#{ad<+RVtqOfH-?b4#m55iikFpNW>srqRv>7L&g$ap*p9|qCO)rp&^5``=;wL zUy@|yZBg1>pJ8$+5XAq#sbjje>c#|hgeRG3 zO7#-;po(6)$MmJ=4=$QT6v_0i*B@_Rg6p;17eF-4;% zJU&kSJean{KfHR~du=C5BBSI0cd0cBB67t9Nyt174wqYjH+)`|pp`nX5cq16beTn8 zx`lZUFIu=RUB$QO*ntI!*ev`;Y=_mqO zWm{&YYRA-|c9`rlcERIJjX7rRB9Y|=3NhhwR)f$!J!xE=U3Krm{VRXH8^KtW-$ zl2n16tpfW8A;C~z@4LOTaesXdTCV(dLs3l{0;?AzH}BkizI84NR$i$KQcmp(CIV@x L|BHd@!(i|S*9~Tm literal 0 HcmV?d00001 diff --git a/config/src/test/resources/serialized/7.0.x/org.springframework.security.oauth2.server.authorization.authentication.OAuth2TokenExchangeActor.serialized b/config/src/test/resources/serialized/7.0.x/org.springframework.security.oauth2.server.authorization.authentication.OAuth2TokenExchangeActor.serialized new file mode 100644 index 0000000000000000000000000000000000000000..7fb91346d487a84332ff3f388572da3a6e131dbb GIT binary patch literal 315 zcmY+9Jx&8b428Yf02M+hffh<;CCVU*1W_ObQ2?UF878}v%pWt}WTD^))LZ~564ac5 z%TQ3HMa(P}jpgsj_IrN+g0|Gme@8m?{Scy3M{kr_2)yA+rnCW|Xf~;Nd{a?Qn{^t4Z zqrbcC<&d30PFOY$0P;mQ)-FLF>M_A4rkDq@pGL>1$`AwYR75WHiy~4Te-{mErv&3x FH@`l!Zh-&* literal 0 HcmV?d00001 diff --git a/config/src/test/resources/serialized/7.0.x/org.springframework.security.oauth2.server.authorization.authentication.OAuth2TokenExchangeAuthenticationToken.serialized b/config/src/test/resources/serialized/7.0.x/org.springframework.security.oauth2.server.authorization.authentication.OAuth2TokenExchangeAuthenticationToken.serialized new file mode 100644 index 0000000000000000000000000000000000000000..ee60626a7c18f942225153fa69b4f4d5e66739e2 GIT binary patch literal 2157 zcmb_dL1-Lh6#jR!X_6*s)+!Of2$oi~bZ2Psv^lgJ+oXY!6q6$4VElLHPj-^ond$$( z$<9_N@!(ZKsUYG}5b;_RJ&A`NJXH^h;K_>zd#E5@M1AkgW@mOAwjK;**!TbMz5l)M zeeb=`?u&7wMHuNF%f#9bceb@`t4^f%ETh~+`_Q!_nLz6T%6eaEi-bt~HzoK{$dU@d zcQbLVL8=?ko(iv|ZcBzcicWG3zB={Bdz%aMm%3#!>4@Xfg-G)`h?CB)+?RHMhW0v8 zJd2Jvk!x&pV|7E^5+z4W$;9(j=qdwZE;CEO5A1aXXme7l8wp-1k3ARdv@%hm(T*II z9dXRKQQVhiOw!y{F0fhescP}8?<&>8{J*#nRDEbyv<%@0@P4(w`u&%G?%pYjF-JTh zJ}?Y$n&>- z*$kB98~AJP%=tUNysOE6Dzp9#p=wHq- zBdZRZKw(BWy*1m&O+_ zaSEl*Bqf6XB@i=iVjya7#nfoIxG#f5r5NhPk?{3~C^6q6&<6XQ8i`+I)DWO?cH0NX zPIOrJ6>Qh}byH_|^&OfKH9+G!(9Er=-q6KxmPdwDXbKwR8`ujtYzM2!BQT3fl(?4D zu2vrPpbWT@Q&>sb8r=01>=ct}qQtk;{GB5NnQ3K=YH4Itj1GlH{n@qF{dOEE9)!y4 zfd<_HoGLmBvW>tTdS%VIven>sPa&mPT;iCXjgez{uz+)b_D+p)19AFjfHPDX;N1@V zH$LJ5I#_u3-a8*2Tu0{cO;DA}rp2dHJo| z?|LEKpOdc-56h!TjDM%N$p4sB07^AcNJvZ$2=@vk2>b8BjDlL^t dDuv}n?X+N78@9}L>3NK1wzo4gfQcI~{0nbJ8%>n*!USsT%jN>Dztt_Iuy^-q+W=q(MotEMzgQ z0?Ga2oTMcN@nTvrr!2W%Nef!m^8*meB_`7t2+3Ee=E64-^EG!W;Y0>gr^O=kM?ziE0H(H#0sQIZxix>(ZHtq{ENQJe z$6TAVU<}k~&Y+8vRb31V&ja*881~{aO}Pgt$15ow&}2=R{)WOJ2J<+J1f-FGbaYhp z<^7Uy`5dPOk0CMN+xsuR`LfXwCo!8OJ$Q1PtdSV>d;ZS_qQc!-vi|PIw=0A0dL1JShsrV`j142k_If-{Tl&woO&gVcvAgvrP1s)rf z)Yr^KzLCBas03HstMny>$7;FCX;dn3rAhPDggtUIpBtG95qAp!xLOy$GAkSv?F=i_ zj{0(CKoJa3XRBl-0U~x?$&|uxwc4av!Ec!Am}?#&pvFobAUk|#vQy@M3~EMH-KvZ9 z|JE*p%e1o>&u(7oUNA&9Iv(XEkX?I~GOy79cm&q^qghAFsFfV#etog^L+_=s6{(c4 z>r>`m2kK%qJ5dIN`^I310|m23emsCm%oAy?;FcS;*Cuf9I<2&^hqWhDr*Wiui-F6?3Xg TMU%EWz7WCPgH|<3VwXPw4EAY< literal 0 HcmV?d00001 diff --git a/config/src/test/resources/serialized/7.0.x/org.springframework.security.web.webauthn.api.AuthenticatorAttestationResponse.serialized b/config/src/test/resources/serialized/7.0.x/org.springframework.security.web.webauthn.api.AuthenticatorAttestationResponse.serialized new file mode 100644 index 0000000000000000000000000000000000000000..b728aa265f81163ccc7ceefeb36e75e789c30362 GIT binary patch literal 1056 zcmb`GUr19?9LLWllW7@hk)RLRijdTM@n4!NYMUa&)O4EWC_1}4+pgZ-dp-BJxe*mb zh!6xu^dM4#TCfJmz#ySOA}OLm!%*`=gvmaTYnzTJqPYNzt8#pzTXr7 zh)fzqEeiE>no334@1r zBDWJwRb-89_$nad%kBq8WOSlD{BuLAr=Sc(yRf%wtB48&4n-T_lc|C-qi6XSv}2wqu{iJ$rGf*_0qbl>!bb>DnBADgZ2sT^I*nNBXQUNwYT z=4QCJFAlAk^R``gmMooNCD6=Dr|(|u_@2kN8u3VHeh$j587^B-&P(e0(}}E&#As~N zV9YpBY}ngfycR9JBNi3*o^D>rAdbGfBS%-0W45!eYipG8;cMnDOLy`8OYtGQ`QTE) z^6ht1&x#DD>A`QE6X&vbZSMOp$v+xo-WBS>;q>5eHcD|++n<{B5G_v}dGcx~b0KAs z0R!6U-in!oWk0`_Uu(**Cbu5qzkM|w=^$H`#Cvz?=fiDj(~azc4gaHZB5S+nQ@p7# nm19#FOCbU%{}(kb&>uWg11K{P^-$59ayJi factorErrors; /** diff --git a/core/src/main/java/org/springframework/security/authorization/RequiredFactor.java b/core/src/main/java/org/springframework/security/authorization/RequiredFactor.java index b6ff187c78..d33a839e9f 100644 --- a/core/src/main/java/org/springframework/security/authorization/RequiredFactor.java +++ b/core/src/main/java/org/springframework/security/authorization/RequiredFactor.java @@ -16,6 +16,8 @@ package org.springframework.security.authorization; +import java.io.Serial; +import java.io.Serializable; import java.time.Duration; import java.util.Objects; @@ -40,7 +42,10 @@ import org.springframework.util.Assert; * @author Rob Winch * @since 7.0 */ -public final class RequiredFactor { +public final class RequiredFactor implements Serializable { + + @Serial + private static final long serialVersionUID = 295501208651764485L; private final String authority; diff --git a/core/src/main/java/org/springframework/security/authorization/RequiredFactorError.java b/core/src/main/java/org/springframework/security/authorization/RequiredFactorError.java index 0d6cada187..d1580d92bb 100644 --- a/core/src/main/java/org/springframework/security/authorization/RequiredFactorError.java +++ b/core/src/main/java/org/springframework/security/authorization/RequiredFactorError.java @@ -16,6 +16,8 @@ package org.springframework.security.authorization; +import java.io.Serial; +import java.io.Serializable; import java.util.Objects; import org.springframework.security.core.authority.FactorGrantedAuthority; @@ -27,7 +29,10 @@ import org.springframework.util.Assert; * @author Rob Winch * @since 7.0 */ -public class RequiredFactorError { +public class RequiredFactorError implements Serializable { + + @Serial + private static final long serialVersionUID = 1946221547278528901L; private final RequiredFactor requiredFactor; diff --git a/core/src/test/java/org/springframework/security/authentication/NonBuildableAuthenticationToken.java b/core/src/test/java/org/springframework/security/authentication/NonBuildableAuthenticationToken.java index 8099b826f3..ef4e416158 100644 --- a/core/src/test/java/org/springframework/security/authentication/NonBuildableAuthenticationToken.java +++ b/core/src/test/java/org/springframework/security/authentication/NonBuildableAuthenticationToken.java @@ -16,6 +16,7 @@ package org.springframework.security.authentication; +@SuppressWarnings("serial") public class NonBuildableAuthenticationToken extends TestingAuthenticationToken { public NonBuildableAuthenticationToken(String user, String password, String... authorities) { diff --git a/oauth2/oauth2-authorization-server/src/main/java/org/springframework/security/oauth2/server/authorization/InMemoryOAuth2AuthorizationService.java b/oauth2/oauth2-authorization-server/src/main/java/org/springframework/security/oauth2/server/authorization/InMemoryOAuth2AuthorizationService.java index a4fb51e2d7..1ec19f897c 100644 --- a/oauth2/oauth2-authorization-server/src/main/java/org/springframework/security/oauth2/server/authorization/InMemoryOAuth2AuthorizationService.java +++ b/oauth2/oauth2-authorization-server/src/main/java/org/springframework/security/oauth2/server/authorization/InMemoryOAuth2AuthorizationService.java @@ -226,6 +226,7 @@ public final class InMemoryOAuth2AuthorizationService implements OAuth2Authoriza return userCode != null && userCode.getToken().getTokenValue().equals(token); } + @SuppressWarnings("serial") private static final class MaxSizeHashMap extends LinkedHashMap { private final int maxSize; diff --git a/oauth2/oauth2-authorization-server/src/main/java/org/springframework/security/oauth2/server/authorization/OAuth2AuthorizationCode.java b/oauth2/oauth2-authorization-server/src/main/java/org/springframework/security/oauth2/server/authorization/OAuth2AuthorizationCode.java index 56b8bb185a..2fce5ab24a 100644 --- a/oauth2/oauth2-authorization-server/src/main/java/org/springframework/security/oauth2/server/authorization/OAuth2AuthorizationCode.java +++ b/oauth2/oauth2-authorization-server/src/main/java/org/springframework/security/oauth2/server/authorization/OAuth2AuthorizationCode.java @@ -16,6 +16,7 @@ package org.springframework.security.oauth2.server.authorization; +import java.io.Serial; import java.time.Instant; import org.springframework.security.oauth2.core.AbstractOAuth2Token; @@ -32,6 +33,9 @@ import org.springframework.security.oauth2.core.AbstractOAuth2Token; */ public class OAuth2AuthorizationCode extends AbstractOAuth2Token { + @Serial + private static final long serialVersionUID = 3789328028057414501L; + /** * Constructs an {@code OAuth2AuthorizationCode} using the provided parameters. * @param tokenValue the token value diff --git a/oauth2/oauth2-authorization-server/src/main/java/org/springframework/security/oauth2/server/authorization/authentication/OAuth2AuthorizationCodeAuthenticationToken.java b/oauth2/oauth2-authorization-server/src/main/java/org/springframework/security/oauth2/server/authorization/authentication/OAuth2AuthorizationCodeAuthenticationToken.java index 74e9825a0a..8ffdbb90f6 100644 --- a/oauth2/oauth2-authorization-server/src/main/java/org/springframework/security/oauth2/server/authorization/authentication/OAuth2AuthorizationCodeAuthenticationToken.java +++ b/oauth2/oauth2-authorization-server/src/main/java/org/springframework/security/oauth2/server/authorization/authentication/OAuth2AuthorizationCodeAuthenticationToken.java @@ -16,6 +16,7 @@ package org.springframework.security.oauth2.server.authorization.authentication; +import java.io.Serial; import java.util.Map; import org.springframework.lang.Nullable; @@ -36,6 +37,9 @@ import org.springframework.util.Assert; */ public class OAuth2AuthorizationCodeAuthenticationToken extends OAuth2AuthorizationGrantAuthenticationToken { + @Serial + private static final long serialVersionUID = 4629166286850598162L; + private final String code; private final String redirectUri; diff --git a/oauth2/oauth2-authorization-server/src/main/java/org/springframework/security/oauth2/server/authorization/authentication/OAuth2AuthorizationCodeRequestAuthenticationException.java b/oauth2/oauth2-authorization-server/src/main/java/org/springframework/security/oauth2/server/authorization/authentication/OAuth2AuthorizationCodeRequestAuthenticationException.java index 023f2a2bb0..0f65dbfb3a 100644 --- a/oauth2/oauth2-authorization-server/src/main/java/org/springframework/security/oauth2/server/authorization/authentication/OAuth2AuthorizationCodeRequestAuthenticationException.java +++ b/oauth2/oauth2-authorization-server/src/main/java/org/springframework/security/oauth2/server/authorization/authentication/OAuth2AuthorizationCodeRequestAuthenticationException.java @@ -16,6 +16,8 @@ package org.springframework.security.oauth2.server.authorization.authentication; +import java.io.Serial; + import org.springframework.lang.Nullable; import org.springframework.security.core.Authentication; import org.springframework.security.oauth2.core.OAuth2AuthenticationException; @@ -33,6 +35,9 @@ import org.springframework.security.oauth2.core.OAuth2Error; */ public class OAuth2AuthorizationCodeRequestAuthenticationException extends OAuth2AuthenticationException { + @Serial + private static final long serialVersionUID = -3791188557904282453L; + private final OAuth2AuthorizationCodeRequestAuthenticationToken authorizationCodeRequestAuthentication; /** diff --git a/oauth2/oauth2-authorization-server/src/main/java/org/springframework/security/oauth2/server/authorization/authentication/OAuth2ClientCredentialsAuthenticationToken.java b/oauth2/oauth2-authorization-server/src/main/java/org/springframework/security/oauth2/server/authorization/authentication/OAuth2ClientCredentialsAuthenticationToken.java index f634cfa4f5..456f332b64 100644 --- a/oauth2/oauth2-authorization-server/src/main/java/org/springframework/security/oauth2/server/authorization/authentication/OAuth2ClientCredentialsAuthenticationToken.java +++ b/oauth2/oauth2-authorization-server/src/main/java/org/springframework/security/oauth2/server/authorization/authentication/OAuth2ClientCredentialsAuthenticationToken.java @@ -16,6 +16,7 @@ package org.springframework.security.oauth2.server.authorization.authentication; +import java.io.Serial; import java.util.Collections; import java.util.HashSet; import java.util.Map; @@ -36,6 +37,9 @@ import org.springframework.security.oauth2.core.AuthorizationGrantType; */ public class OAuth2ClientCredentialsAuthenticationToken extends OAuth2AuthorizationGrantAuthenticationToken { + @Serial + private static final long serialVersionUID = -220223451609576578L; + private final Set scopes; /** diff --git a/oauth2/oauth2-authorization-server/src/main/java/org/springframework/security/oauth2/server/authorization/authentication/OAuth2DeviceCodeAuthenticationToken.java b/oauth2/oauth2-authorization-server/src/main/java/org/springframework/security/oauth2/server/authorization/authentication/OAuth2DeviceCodeAuthenticationToken.java index 653ca0b62c..e2239b5389 100644 --- a/oauth2/oauth2-authorization-server/src/main/java/org/springframework/security/oauth2/server/authorization/authentication/OAuth2DeviceCodeAuthenticationToken.java +++ b/oauth2/oauth2-authorization-server/src/main/java/org/springframework/security/oauth2/server/authorization/authentication/OAuth2DeviceCodeAuthenticationToken.java @@ -16,6 +16,7 @@ package org.springframework.security.oauth2.server.authorization.authentication; +import java.io.Serial; import java.util.Map; import org.springframework.lang.Nullable; @@ -34,6 +35,9 @@ import org.springframework.util.Assert; */ public class OAuth2DeviceCodeAuthenticationToken extends OAuth2AuthorizationGrantAuthenticationToken { + @Serial + private static final long serialVersionUID = 8364555864666204030L; + private final String deviceCode; /** diff --git a/oauth2/oauth2-authorization-server/src/main/java/org/springframework/security/oauth2/server/authorization/authentication/OAuth2RefreshTokenAuthenticationToken.java b/oauth2/oauth2-authorization-server/src/main/java/org/springframework/security/oauth2/server/authorization/authentication/OAuth2RefreshTokenAuthenticationToken.java index 2cb8e6569b..f2a467b7e5 100644 --- a/oauth2/oauth2-authorization-server/src/main/java/org/springframework/security/oauth2/server/authorization/authentication/OAuth2RefreshTokenAuthenticationToken.java +++ b/oauth2/oauth2-authorization-server/src/main/java/org/springframework/security/oauth2/server/authorization/authentication/OAuth2RefreshTokenAuthenticationToken.java @@ -16,6 +16,7 @@ package org.springframework.security.oauth2.server.authorization.authentication; +import java.io.Serial; import java.util.Collections; import java.util.HashSet; import java.util.Map; @@ -36,6 +37,9 @@ import org.springframework.util.Assert; */ public class OAuth2RefreshTokenAuthenticationToken extends OAuth2AuthorizationGrantAuthenticationToken { + @Serial + private static final long serialVersionUID = 328697547826078993L; + private final String refreshToken; private final Set scopes; diff --git a/oauth2/oauth2-authorization-server/src/main/java/org/springframework/security/oauth2/server/authorization/authentication/OAuth2TokenExchangeActor.java b/oauth2/oauth2-authorization-server/src/main/java/org/springframework/security/oauth2/server/authorization/authentication/OAuth2TokenExchangeActor.java index f2a6967d1c..3d2720462c 100644 --- a/oauth2/oauth2-authorization-server/src/main/java/org/springframework/security/oauth2/server/authorization/authentication/OAuth2TokenExchangeActor.java +++ b/oauth2/oauth2-authorization-server/src/main/java/org/springframework/security/oauth2/server/authorization/authentication/OAuth2TokenExchangeActor.java @@ -16,6 +16,8 @@ package org.springframework.security.oauth2.server.authorization.authentication; +import java.io.Serial; +import java.io.Serializable; import java.util.Collections; import java.util.Map; import java.util.Objects; @@ -33,7 +35,10 @@ import org.springframework.util.Assert; * @since 7.0 * @see OAuth2TokenExchangeCompositeAuthenticationToken */ -public final class OAuth2TokenExchangeActor implements ClaimAccessor { +public final class OAuth2TokenExchangeActor implements ClaimAccessor, Serializable { + + @Serial + private static final long serialVersionUID = -3966261411784615574L; private final Map claims; diff --git a/oauth2/oauth2-authorization-server/src/main/java/org/springframework/security/oauth2/server/authorization/authentication/OAuth2TokenExchangeAuthenticationToken.java b/oauth2/oauth2-authorization-server/src/main/java/org/springframework/security/oauth2/server/authorization/authentication/OAuth2TokenExchangeAuthenticationToken.java index 0c320c56a2..dfd809b3f0 100644 --- a/oauth2/oauth2-authorization-server/src/main/java/org/springframework/security/oauth2/server/authorization/authentication/OAuth2TokenExchangeAuthenticationToken.java +++ b/oauth2/oauth2-authorization-server/src/main/java/org/springframework/security/oauth2/server/authorization/authentication/OAuth2TokenExchangeAuthenticationToken.java @@ -16,6 +16,7 @@ package org.springframework.security.oauth2.server.authorization.authentication; +import java.io.Serial; import java.util.Collections; import java.util.HashSet; import java.util.LinkedHashSet; @@ -37,6 +38,9 @@ import org.springframework.util.Assert; */ public class OAuth2TokenExchangeAuthenticationToken extends OAuth2AuthorizationGrantAuthenticationToken { + @Serial + private static final long serialVersionUID = 2484741634669297785L; + private final String requestedTokenType; private final String subjectToken; diff --git a/oauth2/oauth2-authorization-server/src/main/java/org/springframework/security/oauth2/server/authorization/authentication/OAuth2TokenExchangeCompositeAuthenticationToken.java b/oauth2/oauth2-authorization-server/src/main/java/org/springframework/security/oauth2/server/authorization/authentication/OAuth2TokenExchangeCompositeAuthenticationToken.java index 35ebf79a41..d77629d689 100644 --- a/oauth2/oauth2-authorization-server/src/main/java/org/springframework/security/oauth2/server/authorization/authentication/OAuth2TokenExchangeCompositeAuthenticationToken.java +++ b/oauth2/oauth2-authorization-server/src/main/java/org/springframework/security/oauth2/server/authorization/authentication/OAuth2TokenExchangeCompositeAuthenticationToken.java @@ -16,6 +16,7 @@ package org.springframework.security.oauth2.server.authorization.authentication; +import java.io.Serial; import java.util.ArrayList; import java.util.Collections; import java.util.List; @@ -35,6 +36,9 @@ import org.springframework.util.Assert; */ public class OAuth2TokenExchangeCompositeAuthenticationToken extends AbstractAuthenticationToken { + @Serial + private static final long serialVersionUID = 1912280308201180854L; + private final Authentication subject; private final List actors; diff --git a/oauth2/oauth2-authorization-server/src/main/java/org/springframework/security/oauth2/server/authorization/token/OAuth2AccessTokenGenerator.java b/oauth2/oauth2-authorization-server/src/main/java/org/springframework/security/oauth2/server/authorization/token/OAuth2AccessTokenGenerator.java index 669247019f..bca0110561 100644 --- a/oauth2/oauth2-authorization-server/src/main/java/org/springframework/security/oauth2/server/authorization/token/OAuth2AccessTokenGenerator.java +++ b/oauth2/oauth2-authorization-server/src/main/java/org/springframework/security/oauth2/server/authorization/token/OAuth2AccessTokenGenerator.java @@ -154,6 +154,7 @@ public final class OAuth2AccessTokenGenerator implements OAuth2TokenGenerator claims; diff --git a/oauth2/oauth2-core/src/test/java/org/springframework/security/oauth2/core/endpoint/TestOidcAuthorizationRequest.java b/oauth2/oauth2-core/src/test/java/org/springframework/security/oauth2/core/endpoint/TestOidcAuthorizationRequest.java index 54b14a2231..37aa3e557f 100644 --- a/oauth2/oauth2-core/src/test/java/org/springframework/security/oauth2/core/endpoint/TestOidcAuthorizationRequest.java +++ b/oauth2/oauth2-core/src/test/java/org/springframework/security/oauth2/core/endpoint/TestOidcAuthorizationRequest.java @@ -23,6 +23,7 @@ import org.springframework.security.oauth2.core.oidc.endpoint.OidcParameterNames /** * @author Joe Grandja */ +@SuppressWarnings("serial") public class TestOidcAuthorizationRequest extends OAuth2AuthorizationRequest { private final String nonce; diff --git a/web/src/test/java/org/springframework/security/web/authentication/DefaultEqualsGrantedAuthority.java b/web/src/test/java/org/springframework/security/web/authentication/DefaultEqualsGrantedAuthority.java index 1970ea2691..0220e66767 100644 --- a/web/src/test/java/org/springframework/security/web/authentication/DefaultEqualsGrantedAuthority.java +++ b/web/src/test/java/org/springframework/security/web/authentication/DefaultEqualsGrantedAuthority.java @@ -25,6 +25,7 @@ import org.springframework.security.core.GrantedAuthority; * @author Rob Winch * @since 7.0 */ +@SuppressWarnings("serial") public class DefaultEqualsGrantedAuthority implements GrantedAuthority { public static final String AUTHORITY = "CUSTOM_AUTHORITY";