From 8c37f0eb08c95b36fef10053222d42e08c36b20a Mon Sep 17 00:00:00 2001 From: Tran Ngoc Nhan Date: Sun, 15 Dec 2024 02:35:26 +0700 Subject: [PATCH 1/4] Implement Serializable for PublicKeyCredentialUserEntity --- .../SpringSecurityCoreVersionSerializableTests.java | 4 ++++ .../springframework/security/web/webauthn/api/Bytes.java | 6 +++++- .../web/webauthn/api/PublicKeyCredentialUserEntity.java | 4 +++- 3 files changed, 12 insertions(+), 2 deletions(-) diff --git a/config/src/test/java/org/springframework/security/SpringSecurityCoreVersionSerializableTests.java b/config/src/test/java/org/springframework/security/SpringSecurityCoreVersionSerializableTests.java index cff442fffe8..d9c58440dbc 100644 --- a/config/src/test/java/org/springframework/security/SpringSecurityCoreVersionSerializableTests.java +++ b/config/src/test/java/org/springframework/security/SpringSecurityCoreVersionSerializableTests.java @@ -125,6 +125,8 @@ import org.springframework.security.saml2.provider.service.authentication.TestSaml2RedirectAuthenticationRequests; import org.springframework.security.web.authentication.WebAuthenticationDetails; import org.springframework.security.web.authentication.preauth.PreAuthenticatedAuthenticationToken; +import org.springframework.security.web.webauthn.api.PublicKeyCredentialUserEntity; +import org.springframework.security.web.webauthn.api.TestPublicKeyCredentialUserEntity; import static org.assertj.core.api.Assertions.assertThat; import static org.assertj.core.api.Assertions.fail; @@ -321,6 +323,8 @@ class SpringSecurityCoreVersionSerializableTests { token.setDetails(details); return token; }); + generatorByClassName.put(PublicKeyCredentialUserEntity.class, + (r) -> TestPublicKeyCredentialUserEntity.userEntity().build()); } @ParameterizedTest diff --git a/web/src/main/java/org/springframework/security/web/webauthn/api/Bytes.java b/web/src/main/java/org/springframework/security/web/webauthn/api/Bytes.java index 6fbcc3596c6..9c5f6334c72 100644 --- a/web/src/main/java/org/springframework/security/web/webauthn/api/Bytes.java +++ b/web/src/main/java/org/springframework/security/web/webauthn/api/Bytes.java @@ -16,10 +16,12 @@ package org.springframework.security.web.webauthn.api; +import java.io.Serializable; import java.security.SecureRandom; import java.util.Arrays; import java.util.Base64; +import org.springframework.security.core.SpringSecurityCoreVersion; import org.springframework.util.Assert; /** @@ -28,7 +30,9 @@ * @author Rob Winch * @since 6.4 */ -public final class Bytes { +public final class Bytes implements Serializable { + + private static final long serialVersionUID = SpringSecurityCoreVersion.SERIAL_VERSION_UID; private static final SecureRandom RANDOM = new SecureRandom(); diff --git a/web/src/main/java/org/springframework/security/web/webauthn/api/PublicKeyCredentialUserEntity.java b/web/src/main/java/org/springframework/security/web/webauthn/api/PublicKeyCredentialUserEntity.java index fd95a24c715..b40e366c405 100644 --- a/web/src/main/java/org/springframework/security/web/webauthn/api/PublicKeyCredentialUserEntity.java +++ b/web/src/main/java/org/springframework/security/web/webauthn/api/PublicKeyCredentialUserEntity.java @@ -16,6 +16,8 @@ package org.springframework.security.web.webauthn.api; +import java.io.Serializable; + /** * PublicKeyCredentialUserEntity @@ -27,7 +29,7 @@ * @since 6.4 * @see org.springframework.security.web.webauthn.management.WebAuthnRelyingPartyOperations#authenticate(org.springframework.security.web.webauthn.management.RelyingPartyAuthenticationRequest) */ -public interface PublicKeyCredentialUserEntity { +public interface PublicKeyCredentialUserEntity extends Serializable { /** * The Date: Sun, 15 Dec 2024 02:57:52 +0700 Subject: [PATCH 2/4] Change test Serializable for Bytes --- .../SpringSecurityCoreVersionSerializableTests.java | 6 ++---- 1 file changed, 2 insertions(+), 4 deletions(-) diff --git a/config/src/test/java/org/springframework/security/SpringSecurityCoreVersionSerializableTests.java b/config/src/test/java/org/springframework/security/SpringSecurityCoreVersionSerializableTests.java index d9c58440dbc..61e8c763c7b 100644 --- a/config/src/test/java/org/springframework/security/SpringSecurityCoreVersionSerializableTests.java +++ b/config/src/test/java/org/springframework/security/SpringSecurityCoreVersionSerializableTests.java @@ -125,8 +125,7 @@ import org.springframework.security.saml2.provider.service.authentication.TestSaml2RedirectAuthenticationRequests; import org.springframework.security.web.authentication.WebAuthenticationDetails; import org.springframework.security.web.authentication.preauth.PreAuthenticatedAuthenticationToken; -import org.springframework.security.web.webauthn.api.PublicKeyCredentialUserEntity; -import org.springframework.security.web.webauthn.api.TestPublicKeyCredentialUserEntity; +import org.springframework.security.web.webauthn.api.Bytes; import static org.assertj.core.api.Assertions.assertThat; import static org.assertj.core.api.Assertions.fail; @@ -323,8 +322,7 @@ class SpringSecurityCoreVersionSerializableTests { token.setDetails(details); return token; }); - generatorByClassName.put(PublicKeyCredentialUserEntity.class, - (r) -> TestPublicKeyCredentialUserEntity.userEntity().build()); + generatorByClassName.put(Bytes.class, (r) -> Bytes.random()); } @ParameterizedTest From 3ba5031543392e9618549c68ad4361d1cddc720b Mon Sep 17 00:00:00 2001 From: Tran Ngoc Nhan Date: Tue, 17 Dec 2024 19:45:08 +0700 Subject: [PATCH 3/4] Add Serializable for ImmutablePublicKeyCredentialUserEntity --- .../SpringSecurityCoreVersionSerializableTests.java | 6 ++++-- .../api/ImmutablePublicKeyCredentialUserEntity.java | 4 ++++ 2 files changed, 8 insertions(+), 2 deletions(-) diff --git a/config/src/test/java/org/springframework/security/SpringSecurityCoreVersionSerializableTests.java b/config/src/test/java/org/springframework/security/SpringSecurityCoreVersionSerializableTests.java index 61e8c763c7b..d9c58440dbc 100644 --- a/config/src/test/java/org/springframework/security/SpringSecurityCoreVersionSerializableTests.java +++ b/config/src/test/java/org/springframework/security/SpringSecurityCoreVersionSerializableTests.java @@ -125,7 +125,8 @@ import org.springframework.security.saml2.provider.service.authentication.TestSaml2RedirectAuthenticationRequests; import org.springframework.security.web.authentication.WebAuthenticationDetails; import org.springframework.security.web.authentication.preauth.PreAuthenticatedAuthenticationToken; -import org.springframework.security.web.webauthn.api.Bytes; +import org.springframework.security.web.webauthn.api.PublicKeyCredentialUserEntity; +import org.springframework.security.web.webauthn.api.TestPublicKeyCredentialUserEntity; import static org.assertj.core.api.Assertions.assertThat; import static org.assertj.core.api.Assertions.fail; @@ -322,7 +323,8 @@ class SpringSecurityCoreVersionSerializableTests { token.setDetails(details); return token; }); - generatorByClassName.put(Bytes.class, (r) -> Bytes.random()); + generatorByClassName.put(PublicKeyCredentialUserEntity.class, + (r) -> TestPublicKeyCredentialUserEntity.userEntity().build()); } @ParameterizedTest diff --git a/web/src/main/java/org/springframework/security/web/webauthn/api/ImmutablePublicKeyCredentialUserEntity.java b/web/src/main/java/org/springframework/security/web/webauthn/api/ImmutablePublicKeyCredentialUserEntity.java index 3b2fe5adfa0..d6d5d0bb687 100644 --- a/web/src/main/java/org/springframework/security/web/webauthn/api/ImmutablePublicKeyCredentialUserEntity.java +++ b/web/src/main/java/org/springframework/security/web/webauthn/api/ImmutablePublicKeyCredentialUserEntity.java @@ -16,6 +16,8 @@ package org.springframework.security.web.webauthn.api; +import org.springframework.security.core.SpringSecurityCoreVersion; + /** * PublicKeyCredentialUserEntity @@ -28,6 +30,8 @@ */ public final class ImmutablePublicKeyCredentialUserEntity implements PublicKeyCredentialUserEntity { + private static final long serialVersionUID = SpringSecurityCoreVersion.SERIAL_VERSION_UID; + /** * When inherited by PublicKeyCredentialUserEntity, it is a human-palatable identifier * for a user account. It is intended only for display, i.e., aiding the user in From e9388ae1ff3287a1525447c56c8ade435ca9640c Mon Sep 17 00:00:00 2001 From: Tran Ngoc Nhan Date: Wed, 18 Dec 2024 19:44:58 +0700 Subject: [PATCH 4/4] Add file serialized --- ...ork.security.web.webauthn.api.Bytes.serialized | Bin 0 -> 111 bytes ...utablePublicKeyCredentialUserEntity.serialized | Bin 0 -> 339 bytes 2 files changed, 0 insertions(+), 0 deletions(-) create mode 100644 config/src/test/resources/serialized/6.5.x/org.springframework.security.web.webauthn.api.Bytes.serialized create mode 100644 config/src/test/resources/serialized/6.5.x/org.springframework.security.web.webauthn.api.ImmutablePublicKeyCredentialUserEntity.serialized diff --git a/config/src/test/resources/serialized/6.5.x/org.springframework.security.web.webauthn.api.Bytes.serialized b/config/src/test/resources/serialized/6.5.x/org.springframework.security.web.webauthn.api.Bytes.serialized new file mode 100644 index 0000000000000000000000000000000000000000..94822a8870132fde5def96be0e3cfede33062240 GIT binary patch literal 111 zcmZ4UmVvdnh`~6&C|$3(peQphJ*_A)H?=&!C|j>MHMz7Xv!qh5JT(b~6H7}n^7Il5 zGWDD)OHzv&ziGiV_0H~HZ!a@}Q DXaOSB literal 0 HcmV?d00001 diff --git a/config/src/test/resources/serialized/6.5.x/org.springframework.security.web.webauthn.api.ImmutablePublicKeyCredentialUserEntity.serialized b/config/src/test/resources/serialized/6.5.x/org.springframework.security.web.webauthn.api.ImmutablePublicKeyCredentialUserEntity.serialized new file mode 100644 index 0000000000000000000000000000000000000000..27b62e6517b64db79cd6693a5ad22f54b5a2c845 GIT binary patch literal 339 zcmb7aA0zesrRdo3(qPUao>u80kiqSt8(*p~5P9(=-7^ zspV}bwOUPOymGRV29?l-mu{RUjL;R)1o|8fE9I>gahBW>j`*{96HE(JvpdXhFF6oZ zAzbi;!gf&DFA7T-Sse;XC~Oo_`gFW!lJP6NL$9?6{aI0@Sm*zX)p`9<_m(gyvpoV? kj#?XB?%S`E@8QAxg8;NPEe|KhXY%wOVV^H1)9Z)v5B#ohmH+?% literal 0 HcmV?d00001