8 mesiacov pred · e50415de85
--- a/config/src/test/java/org/springframework/security/SpringSecurityCoreVersionSerializableTests.java
+++ b/config/src/test/java/org/springframework/security/SpringSecurityCoreVersionSerializableTests.java
@@ -173,6 +173,8 @@ import org.springframework.security.oauth2.server.resource.introspection.OAuth2I
 
				 import org.springframework.security.oauth2.server.resource.introspection.OAuth2IntrospectionException;
			
 
				 import org.springframework.security.saml2.Saml2Exception;
			
 
				 import org.springframework.security.saml2.core.Saml2Error;
			
 
				+import org.springframework.security.saml2.core.Saml2X509Credential;
			
 
				+import org.springframework.security.saml2.credentials.TestSaml2X509Credentials;
			
 
				 import org.springframework.security.saml2.provider.service.authentication.DefaultSaml2AuthenticatedPrincipal;
			
 
				 import org.springframework.security.saml2.provider.service.authentication.Saml2Authentication;
			
 
				 import org.springframework.security.saml2.provider.service.authentication.Saml2AuthenticationException;
			
@@ -181,6 +183,9 @@ import org.springframework.security.saml2.provider.service.authentication.Saml2R
 
				 import org.springframework.security.saml2.provider.service.authentication.TestSaml2Authentications;
			
 
				 import org.springframework.security.saml2.provider.service.authentication.TestSaml2PostAuthenticationRequests;
			
 
				 import org.springframework.security.saml2.provider.service.authentication.TestSaml2RedirectAuthenticationRequests;
			
 
				+import org.springframework.security.saml2.provider.service.registration.RelyingPartyRegistration;
			
 
				+import org.springframework.security.saml2.provider.service.registration.RelyingPartyRegistration.AssertingPartyDetails;
			
 
				+import org.springframework.security.saml2.provider.service.registration.TestRelyingPartyRegistrations;
			
 
				 import org.springframework.security.web.PortResolverImpl;
			
 
				 import org.springframework.security.web.authentication.WebAuthenticationDetails;
			
 
				 import org.springframework.security.web.authentication.preauth.PreAuthenticatedAuthenticationToken;
			
@@ -490,6 +495,11 @@ class SpringSecurityCoreVersionSerializableTests {
 
				 				(r) -> TestSaml2PostAuthenticationRequests.create());
			
 
				 		generatorByClassName.put(Saml2RedirectAuthenticationRequest.class,
			
 
				 				(r) -> TestSaml2RedirectAuthenticationRequests.create());
			
 
				+		generatorByClassName.put(Saml2X509Credential.class,
			
 
				+				(r) -> TestSaml2X509Credentials.relyingPartyVerifyingCredential());
			
 
				+		generatorByClassName.put(AssertingPartyDetails.class,
			
 
				+				(r) -> TestRelyingPartyRegistrations.full().build().getAssertingPartyMetadata());
			
 
				+		generatorByClassName.put(RelyingPartyRegistration.class, (r) -> TestRelyingPartyRegistrations.full().build());
			
 
				 
			
 
				 		// web
			
 
				 		generatorByClassName.put(AnonymousAuthenticationToken.class, (r) -> {
			
--- a/config/src/test/resources/serialized/6.4.x/org.springframework.security.saml2.core.Saml2X509Credential.serialized
+++ b/config/src/test/resources/serialized/6.4.x/org.springframework.security.saml2.core.Saml2X509Credential.serialized
--- a/config/src/test/resources/serialized/6.4.x/org.springframework.security.saml2.provider.service.registration.RelyingPartyRegistration$AssertingPartyDetails.serialized
+++ b/config/src/test/resources/serialized/6.4.x/org.springframework.security.saml2.provider.service.registration.RelyingPartyRegistration$AssertingPartyDetails.serialized
--- a/config/src/test/resources/serialized/6.4.x/org.springframework.security.saml2.provider.service.registration.RelyingPartyRegistration.serialized
+++ b/config/src/test/resources/serialized/6.4.x/org.springframework.security.saml2.provider.service.registration.RelyingPartyRegistration.serialized
--- a/saml2/saml2-service-provider/src/main/java/org/springframework/security/saml2/core/Saml2X509Credential.java
+++ b/saml2/saml2-service-provider/src/main/java/org/springframework/security/saml2/core/Saml2X509Credential.java
@@ -1,5 +1,5 @@
 
				 /*
			
 
				- * Copyright 2002-2020 the original author or authors.
			
 
				+ * Copyright 2002-2024 the original author or authors.
			
 
				  *
			
 
				  * Licensed under the Apache License, Version 2.0 (the "License");
			
 
				  * you may not use this file except in compliance with the License.
			
@@ -16,6 +16,7 @@
 
				 
			
 
				 package org.springframework.security.saml2.core;
			
 
				 
			
 
				+import java.io.Serializable;
			
 
				 import java.security.PrivateKey;
			
 
				 import java.security.cert.X509Certificate;
			
 
				 import java.util.Arrays;
			
@@ -35,7 +36,9 @@ import org.springframework.util.Assert;
 
				  * @author Josh Cummings
			
 
				  * @since 5.4
			
 
				  */
			
 
				-public final class Saml2X509Credential {
			
 
				+public final class Saml2X509Credential implements Serializable {
			
 
				+
			
 
				+	private static final long serialVersionUID = -1015853414272603517L;
			
 
				 
			
 
				 	private final PrivateKey privateKey;
			
 
				 
			
--- a/saml2/saml2-service-provider/src/main/java/org/springframework/security/saml2/provider/service/registration/AssertingPartyMetadata.java
+++ b/saml2/saml2-service-provider/src/main/java/org/springframework/security/saml2/provider/service/registration/AssertingPartyMetadata.java
@@ -16,6 +16,7 @@
 
				 
			
 
				 package org.springframework.security.saml2.provider.service.registration;
			
 
				 
			
 
				+import java.io.Serializable;
			
 
				 import java.util.Collection;
			
 
				 import java.util.List;
			
 
				 import java.util.function.Consumer;
			
@@ -28,7 +29,7 @@ import org.springframework.security.saml2.core.Saml2X509Credential;
 
				  * @author Josh Cummings
			
 
				  * @since 6.4
			
 
				  */
			
 
				-public interface AssertingPartyMetadata {
			
 
				+public interface AssertingPartyMetadata extends Serializable {
			
 
				 
			
 
				 	/**
			
 
				 	 * Get the asserting party's <a href=
			
--- a/saml2/saml2-service-provider/src/main/java/org/springframework/security/saml2/provider/service/registration/RelyingPartyRegistration.java
+++ b/saml2/saml2-service-provider/src/main/java/org/springframework/security/saml2/provider/service/registration/RelyingPartyRegistration.java
@@ -1,5 +1,5 @@
 
				 /*
			
 
				- * Copyright 2002-2023 the original author or authors.
			
 
				+ * Copyright 2002-2024 the original author or authors.
			
 
				  *
			
 
				  * Licensed under the Apache License, Version 2.0 (the "License");
			
 
				  * you may not use this file except in compliance with the License.
			
@@ -16,6 +16,7 @@
 
				 
			
 
				 package org.springframework.security.saml2.provider.service.registration;
			
 
				 
			
 
				+import java.io.Serializable;
			
 
				 import java.util.ArrayList;
			
 
				 import java.util.Collection;
			
 
				 import java.util.Collections;
			
@@ -66,7 +67,9 @@ import org.springframework.util.CollectionUtils;
 
				  * @author Josh Cummings
			
 
				  * @since 5.2
			
 
				  */
			
 
				-public class RelyingPartyRegistration {
			
 
				+public class RelyingPartyRegistration implements Serializable {
			
 
				+
			
 
				+	private static final long serialVersionUID = -2718908121120942813L;
			
 
				 
			
 
				 	private final String registrationId;
			
 
				 
			
@@ -456,6 +459,8 @@ public class RelyingPartyRegistration {
 
				 	 */
			
 
				 	public static class AssertingPartyDetails implements AssertingPartyMetadata {
			
 
				 
			
 
				+		private static final long serialVersionUID = 8728930758311995475L;
			
 
				+
			
 
				 		private final String entityId;
			
 
				 
			
 
				 		private final boolean wantAuthnRequestsSigned;