From 39fdceab594e14897cef58dbf3feb790f1f56636 Mon Sep 17 00:00:00 2001
From: Josh Cummings <3627351+jzheaux@users.noreply.github.com>
Date: Mon, 5 May 2025 13:36:21 -0600
Subject: [PATCH] Add Missing Serializable Samples

Issue gh-17038
---
 ...gSecurityCoreVersionSerializableTests.java |  80 ++++++++++++------
 ...s.CycleInRoleHierarchyException.serialized | Bin 0 -> 10740 bytes
 ...zation.event.AuthorizationEvent.serialized | Bin 0 -> 1603 bytes
 ...event.AuthorizationGrantedEvent.serialized | Bin 0 -> 1692 bytes
 ...nnotation.AlreadyBuiltException.serialized | Bin 0 -> 10715 bytes
 ...ssion.HttpSessionIdChangedEvent.serialized | Bin 0 -> 421 bytes
 ...ropertiesOutput$ExtensionOutput.serialized | Bin 0 -> 115 bytes
 7 files changed, 55 insertions(+), 25 deletions(-)
 create mode 100644 config/src/test/resources/serialized/6.4.x/org.springframework.security.access.hierarchicalroles.CycleInRoleHierarchyException.serialized
 create mode 100644 config/src/test/resources/serialized/6.4.x/org.springframework.security.authorization.event.AuthorizationEvent.serialized
 create mode 100644 config/src/test/resources/serialized/6.4.x/org.springframework.security.authorization.event.AuthorizationGrantedEvent.serialized
 create mode 100644 config/src/test/resources/serialized/6.4.x/org.springframework.security.config.annotation.AlreadyBuiltException.serialized
 create mode 100644 config/src/test/resources/serialized/6.4.x/org.springframework.security.web.session.HttpSessionIdChangedEvent.serialized
 create mode 100644 config/src/test/resources/serialized/6.4.x/org.springframework.security.web.webauthn.api.CredentialPropertiesOutput$ExtensionOutput.serialized

diff --git a/config/src/test/java/org/springframework/security/SpringSecurityCoreVersionSerializableTests.java b/config/src/test/java/org/springframework/security/SpringSecurityCoreVersionSerializableTests.java
index e053a6f730..c9843c7ed6 100644
--- a/config/src/test/java/org/springframework/security/SpringSecurityCoreVersionSerializableTests.java
+++ b/config/src/test/java/org/springframework/security/SpringSecurityCoreVersionSerializableTests.java
@@ -16,8 +16,6 @@
 
 package org.springframework.security;
 
-import java.io.ByteArrayInputStream;
-import java.io.ByteArrayOutputStream;
 import java.io.File;
 import java.io.FileInputStream;
 import java.io.FileOutputStream;
@@ -38,7 +36,6 @@ import java.util.Arrays;
 import java.util.Collection;
 import java.util.Date;
 import java.util.HashMap;
-import java.util.HashSet;
 import java.util.List;
 import java.util.Locale;
 import java.util.Map;
@@ -48,7 +45,6 @@ import java.util.function.Supplier;
 import java.util.stream.Stream;
 
 import jakarta.servlet.http.Cookie;
-import org.apache.commons.lang3.ObjectUtils;
 import org.apereo.cas.client.validation.AssertionImpl;
 import org.instancio.Instancio;
 import org.instancio.InstancioApi;
@@ -139,14 +135,11 @@ import org.springframework.security.oauth2.client.authentication.OAuth2Authoriza
 import org.springframework.security.oauth2.client.authentication.OAuth2LoginAuthenticationToken;
 import org.springframework.security.oauth2.client.authentication.TestOAuth2AuthenticationTokens;
 import org.springframework.security.oauth2.client.authentication.TestOAuth2AuthorizationCodeAuthenticationTokens;
-import org.springframework.security.oauth2.client.event.OAuth2AuthorizedClientRefreshedEvent;
-import org.springframework.security.oauth2.client.oidc.authentication.event.OidcUserRefreshedEvent;
 import org.springframework.security.oauth2.client.oidc.authentication.logout.OidcLogoutToken;
 import org.springframework.security.oauth2.client.oidc.authentication.logout.TestOidcLogoutTokens;
 import org.springframework.security.oauth2.client.oidc.session.OidcSessionInformation;
 import org.springframework.security.oauth2.client.oidc.session.TestOidcSessionInformations;
 import org.springframework.security.oauth2.client.registration.ClientRegistration;
-import org.springframework.security.oauth2.client.registration.ClientRegistration.ClientSettings;
 import org.springframework.security.oauth2.client.registration.TestClientRegistrations;
 import org.springframework.security.oauth2.core.DefaultOAuth2AuthenticatedPrincipal;
 import org.springframework.security.oauth2.core.OAuth2AccessToken;
@@ -162,7 +155,6 @@ import org.springframework.security.oauth2.core.TestOAuth2AuthenticatedPrincipal
 import org.springframework.security.oauth2.core.endpoint.OAuth2AuthorizationExchange;
 import org.springframework.security.oauth2.core.endpoint.OAuth2AuthorizationRequest;
 import org.springframework.security.oauth2.core.endpoint.OAuth2AuthorizationResponse;
-import org.springframework.security.oauth2.core.endpoint.TestOAuth2AccessTokenResponses;
 import org.springframework.security.oauth2.core.endpoint.TestOAuth2AuthorizationExchanges;
 import org.springframework.security.oauth2.core.endpoint.TestOAuth2AuthorizationRequests;
 import org.springframework.security.oauth2.core.endpoint.TestOAuth2AuthorizationResponses;
@@ -187,7 +179,6 @@ import org.springframework.security.oauth2.server.resource.BearerTokenErrors;
 import org.springframework.security.oauth2.server.resource.InvalidBearerTokenException;
 import org.springframework.security.oauth2.server.resource.authentication.BearerTokenAuthentication;
 import org.springframework.security.oauth2.server.resource.authentication.BearerTokenAuthenticationToken;
-import org.springframework.security.oauth2.server.resource.authentication.DPoPAuthenticationToken;
 import org.springframework.security.oauth2.server.resource.authentication.JwtAuthenticationToken;
 import org.springframework.security.oauth2.server.resource.introspection.BadOpaqueTokenException;
 import org.springframework.security.oauth2.server.resource.introspection.OAuth2IntrospectionAuthenticatedPrincipal;
@@ -253,9 +244,7 @@ import org.springframework.security.web.webauthn.api.TestAuthenticationAssertion
 import org.springframework.security.web.webauthn.api.TestBytes;
 import org.springframework.security.web.webauthn.api.TestPublicKeyCredential;
 import org.springframework.security.web.webauthn.api.TestPublicKeyCredentialRequestOptions;
-import org.springframework.security.web.webauthn.api.TestPublicKeyCredentialUserEntities;
 import org.springframework.security.web.webauthn.api.TestPublicKeyCredentialUserEntity;
-import org.springframework.security.web.webauthn.api.TestPublicKeyCredentials;
 import org.springframework.security.web.webauthn.api.UserVerificationRequirement;
 import org.springframework.security.web.webauthn.authentication.WebAuthnAuthentication;
 import org.springframework.security.web.webauthn.authentication.WebAuthnAuthenticationRequestToken;
@@ -417,6 +406,9 @@ class SpringSecurityCoreVersionSerializableTests {
 		generatorByClassName.put(OAuth2IntrospectionException.class,
 				(r) -> new OAuth2IntrospectionException("message", new RuntimeException()));
 
+		// config
+		generatorByClassName.put(AlreadyBuiltException.class, (r) -> new AlreadyBuiltException("message"));
+
 		// core
 		generatorByClassName.put(RunAsUserToken.class, (r) -> {
 			RunAsUserToken token = new RunAsUserToken("key", user, "creds", user.getAuthorities(),
@@ -508,6 +500,20 @@ class SpringSecurityCoreVersionSerializableTests {
 		generatorByClassName.put(AuthorizationDecision.class, (r) -> new AuthorizationDecision(true));
 		generatorByClassName.put(AuthorityAuthorizationDecision.class,
 				(r) -> new AuthorityAuthorizationDecision(true, AuthorityUtils.createAuthorityList("ROLE_USER")));
+		generatorByClassName.put(CycleInRoleHierarchyException.class, (r) -> new CycleInRoleHierarchyException());
+		generatorByClassName.put(AuthorizationEvent.class,
+				(r) -> new AuthorizationEvent(new SerializableSupplier<>(authentication), "source",
+						new AuthorizationDecision(true)));
+		generatorByClassName.put(AuthorizationGrantedEvent.class,
+				(r) -> new AuthorizationGrantedEvent<>(new SerializableSupplier<>(authentication), "source",
+						new AuthorizationDecision(true)));
+		instancioByClassName.put(AuthorizationGrantedEvent.class, () -> {
+			InstancioOfClassApi<?> instancio = Instancio.of(AuthorizationGrantedEvent.class);
+			instancio.withTypeParameters(String.class);
+			instancio.supply(Select.all(AuthorizationGrantedEvent.class),
+					generatorByClassName.get(AuthorizationGrantedEvent.class));
+			return instancio;
+		});
 
 		// cas
 		generatorByClassName.put(CasServiceTicketAuthenticationToken.class, (r) -> {
@@ -561,6 +567,7 @@ class SpringSecurityCoreVersionSerializableTests {
 			token.setDetails(details);
 			return token;
 		});
+		generatorByClassName.put(Saml2LogoutRequest.class, (r) -> TestSaml2LogoutRequests.create());
 
 		// web
 		generatorByClassName.put(AnonymousAuthenticationToken.class, (r) -> {
@@ -616,20 +623,8 @@ class SpringSecurityCoreVersionSerializableTests {
 			request.addPreferredLocale(Locale.ENGLISH);
 			return new SimpleSavedRequest(new DefaultSavedRequest(request, new PortResolverImpl(), "continue"));
 		});
-
-		// webauthn
-		generatorByClassName.put(Bytes.class, (r) -> TestBytes.get());
-		generatorByClassName.put(ImmutablePublicKeyCredentialUserEntity.class,
-				(r) -> TestPublicKeyCredentialUserEntity.userEntity().id(TestBytes.get()).build());
-		generatorByClassName.put(WebAuthnAuthentication.class, (r) -> {
-			PublicKeyCredentialUserEntity userEntity = TestPublicKeyCredentialUserEntity.userEntity()
-				.id(TestBytes.get())
-				.build();
-			List<GrantedAuthority> authorities = AuthorityUtils.createAuthorityList("ROLE_USER");
-			WebAuthnAuthentication webAuthnAuthentication = new WebAuthnAuthentication(userEntity, authorities);
-			webAuthnAuthentication.setDetails(details);
-			return webAuthnAuthentication;
-		});
+		generatorByClassName.put(HttpSessionIdChangedEvent.class,
+				(r) -> new HttpSessionIdChangedEvent(new MockHttpSession(), "1"));
 
 		// webauthn
 		CredProtectAuthenticationExtensionsClientInput.CredProtect credProtect = new CredProtectAuthenticationExtensionsClientInput.CredProtect(
@@ -686,6 +681,25 @@ class SpringSecurityCoreVersionSerializableTests {
 		generatorByClassName.put(WebAuthnAuthenticationRequestToken.class, (r) -> requestToken);
 		generatorByClassName.put(AuthenticatorAttachment.class, (r) -> AuthenticatorAttachment.PLATFORM);
 		// @formatter:on
+		generatorByClassName.put(ImmutablePublicKeyCredentialUserEntity.class,
+				(r) -> TestPublicKeyCredentialUserEntity.userEntity().id(TestBytes.get()).build());
+		generatorByClassName.put(WebAuthnAuthentication.class, (r) -> {
+			PublicKeyCredentialUserEntity userEntity = TestPublicKeyCredentialUserEntity.userEntity()
+				.id(TestBytes.get())
+				.build();
+			List<GrantedAuthority> authorities = AuthorityUtils.createAuthorityList("ROLE_USER");
+			WebAuthnAuthentication webAuthnAuthentication = new WebAuthnAuthentication(userEntity, authorities);
+			webAuthnAuthentication.setDetails(details);
+			return webAuthnAuthentication;
+		});
+		// @formatter:on
+		generatorByClassName.put(CredentialPropertiesOutput.ExtensionOutput.class,
+				(r) -> new CredentialPropertiesOutput(true).getOutput());
+
+		// One-Time Token
+		DefaultOneTimeToken oneTimeToken = new DefaultOneTimeToken(UUID.randomUUID().toString(), "user",
+				Instant.now().plusSeconds(300));
+		generatorByClassName.put(DefaultOneTimeToken.class, (t) -> oneTimeToken);
 	}
 
 	@ParameterizedTest
@@ -862,4 +876,20 @@ class SpringSecurityCoreVersionSerializableTests {
 		return String.join(".", parts);
 	}
 
+	@SuppressWarnings("serial")
+	private static final class SerializableSupplier<T> implements Supplier<T>, Serializable {
+
+		private final T value;
+
+		SerializableSupplier(T value) {
+			this.value = value;
+		}
+
+		@Override
+		public T get() {
+			return this.value;
+		}
+
+	}
+
 }
diff --git a/config/src/test/resources/serialized/6.4.x/org.springframework.security.access.hierarchicalroles.CycleInRoleHierarchyException.serialized b/config/src/test/resources/serialized/6.4.x/org.springframework.security.access.hierarchicalroles.CycleInRoleHierarchyException.serialized
new file mode 100644
index 0000000000000000000000000000000000000000..43d7d327459fd83c9d89098ee53f0a9643b66db0
GIT binary patch
literal 10740
zcmeHNU2Gjk6`t!Pj$`sqQs=jE(oIr`x^dz(KXux~wVlMN;{;zPkhT=9_l~dE-n+Zm
zo$L6979`q&Kva|>`cR>YAE62f1gM1u^_5geeSwEQ@Bl)ns1g#qAn||{!Z|auv$H?<
z`kIC(;)n6<%$ak}eCN!WIWzaie<LfRkd*zfYDPimc-869s?qCyIA=!Gu7?h5n3iqR
zC^Bap8d{+}<JguP`Yw&kp@!|!QEvi1&dJWk$bwA+=J?(_D-Qqt18e_t9fT}|WZSGY
zZ<(&;Rn3XI$DA5fgs*?D^KAE#=l>!IKb{aOir?Pe_1Lz79ly>|OwNS<b!*C{@4x%-
z{u9@4zPF4lA0sPls~%BCHjg2%gDCW%q8u0_Ybumkj(Y(nWmSQ0qefR|2*SWqq&s4k
zJvSLzHc;IEREi|-7;$NhdJI@@it0fS0z+C+T1Skm7sKkzaSx6;5gS+tu8}X0E=EQa
zSuev$c)e4UtKI8Q_gcL+BHQbD&`Em{?A{ptMsI~qJD!6O@2-cjY69A_(m7VG<IE>d
zp1i&11VR@OLVf_&-kw058(^)v_1eCpe|WKjbUjWwr~R;Iu~E|PIvyRb*QRJVM%LM`
z6-8sdRiWWHI1A2b#TZ#zq0oWo4Pn1*?V5I6s!?^<D4X#ssTRLdPtmNY@s=wzj9`+S
z(Lzunr1VclmRUi-$k~?uTIP;imhL;`hg7mE)6lV8=LUMrB#jtY=wSQACc*|bb*<V|
z#WKJ@m}48qj|Kss>}t@E96@c@GIAUhbUdK(Y{!QhqoHTHW|exdh?pOmH7Byov+?IJ
zwSC^sNKd{|O74=QsV?!nl=xT^i8Gd0aREv5azw*2c&Y2qiV|@t^l@$bAtMj8CXhO8
zgaxBUPtd6DGF_XaQk#?il{V*uu8iz1)J1knO;&*>c?F)A3hZm5fYSYpWrG7VvMJNT
zxg(RU`n;axY_ZsdMK2>8s={`3+^^6pmRr}Y((y8<XQY`Lqp@p@cvV<hphl)ePI65w
zB`blvrZh6JwwICBc1SHoFHX%;J7tuc8B+XwP@mmwhJcYRg4cxaGr@0EdayohkPidT
zX@d1g82X{I=?48%PVYY3_bNP;S?(DK$rn9NqzmEUWi3jI=ea(sn@)a9>U4h-odyGE
zv=+F4maHjzAJW;pr4Z@I+7U)Ng;b5G<2^;R4r}XSpMW*SBMcp?haqeYGVt(-NTYZ#
zxdVR?#vYoj%q6iQq|+`~E)EK`a)F1+LB9L?;b9oi>3H-0obogX>f``4A1dTCOkG-q
z80A&djKutRx9V1)3^1~a?-o-Q?x>xIj+uRCzle7rz2i7Y-;!)6@f3tWMm{Dg2|L8;
z6c(pd%<Q<sVT4eOCY!Cp)@BB-#c=O2ZNFCYy~xBJ)SM6i!Jcp#J|TE-%CtzYS}jl#
zvSZ9KI-iu1`V&dB^}vDHY*M}sO}YTP25zmU7(EJj+km0(!EqwnB*m=^Fo@EME-4N}
z6KzOJWbj3X$0t7=nz0<ufK~5QxCs*?Ms_71*%1oqCv<JT)5g3R^>DW}C*f%3*V)K|
zY=C)Zo8-J#@m&qo)n$E)%fjLk7N3F*P0`_=i+gY0GSB2jZBLDwq_AiqxaCJy`A9~d
zYzt{HH9wwu)e&xK)CSR<qoENy(>%0DI<SM~La^AQT3|KhMoK(3%Y%VGeZ_a=;x+no
zY(6V>J^fL2MLt&<Stlhrd<JP*BBnEOv=^(YsjoNpCqqq~RuU={KaNGp%TCMLJ=)gn
z;&r72NS`m}{SfDkg~bUNS!?488T7bXNl3(HzBfaRp98ubo>m0Bb~Q(EWif)^a{@;A
zIj0ca3XSa0!KG}X+Y86V+OX<iWM{K3=~7!$22O~L<N9<)r80vF@G5}HxQ6Ko9P&~*
zoT+l6A>YNF2Ty@L`9`VBN)a2?=7UJTuW*{dnggd};fsl?x}smpkmIMP6AUj#5J$3s
zB~BF&X{ghr70tofP5+eB+b*G&vz)-}A#&!a+b~imd;vD<>0(jK&EXX_2ZpseBQ02`
z?D$nak`ZltYRir|8`!7upPWpm75a5AwIhiWDN1NVtrNOY7M<}oax>nTM^Wck$qc~H
zlpj362^jgz63twObQBzzT9x=d0xv7j@FHmYA*6uw4yN>G+q5yJQGKfBr1rWGrJ7fk
zsHX0I#xR|>Ad4Dqcvj7^bzPBrJ%`QjxKJ#(zvKyC;slKFjIf>96mPC5TaQk=_==G`
zZ@QCXl2eT@27XrmI`+MkB+JqtjQ-dS@aXzB93Btw!y`Z5MGOpAGtc<ph-J@Q3?f5S
zjf>N;JHv*jTB6u0csUhtm)6gf$o>|v-<M+#d?=jEZF<QGC|+wA{l+0i?#s2SDe@Cd
zmie1)GCyn_LMUFvqL9%oek1hl)<kb}qHiJ*4=?{?PIpaQ=T(5|!NdlGVQ4k*BFs>=
zGF(W&X$$W}U{hDk(!A>-3qWs}pf%X-;qZkJWNgv#FA%an5hDF4XHerD#08EsBP%7}
z0(PZMZJPGjT`_H2_HT!1*`LxdXuw7SZmk9OK<!H`CdA_VMS$D}#=CR)4o(5kmd)aI
z1c^enNgA=s_JanT^ZX*_|KP6uQ|$T~Eb!~06~LixsQC!;DyXwJr%n<XlCXhHUxE8w
zIuG|VkUf;?wK^o_kf9f7LVl82WWOvT`fEzvu9$NHX~!h!xhJP*&Mk2$4-Y>qU;@sF
zt#2rzqLmM;4Ew)}#rLpiVnyr{Kx6IaSY(z`Nw)^}zga*82Ef)|V8NqNAy7+36WRT$
zKpfzRt?yv*(Qtwt0hufkYwsG-J+qK|?n@STUreO3CnxmN)QR{2wrEGI9D&G;uvwh%
zu{Ix{wot^P$M|gGf*cw;2a%s(^XIX67K`U}f|s#{E1Br<MV(+#9kQteGW?Rxp=Ig-
zr@j>*Lev#+i2P8g4iw0V2gh8PMQ}c$G=C9mUxsu_B(j69tBdC`HZ#NjPm~d+KQ9eb
zr2gO@n)!@Pq`L@@@II`4MF;8xw!pI@fA`E>k+-_xX_f`U%~P{3mG-2<&rzws$PzQ%
zoD})owY|8bSophAxOUm5?nPXy?%6YNfe-Je)D*92BG-q@?2GVg1;}Y-a?#tOw^;Cx
zxL_>qKv5!COTi*8bXyQSf_*$*2oCv-ICViRQul-(<fYdgHlyxHX{F4QWc8ASu}e5d
zG6-uaE#oWlz5?T=@soEEV-i$&Vac=<<8(QmWoZ@EO5HgP4swFxo2{${@uO9uL{IWm
z6*uPf03gV-5c{v;B&(qXkKU#gILY%GgR8&DWZ(~wMv8YP<wfT&!>iLJ`RIf<9sI#g
zJ&qglf)q9b)k&lHN{JC;k?~wx$dC9#Q52=w#OoX<VB-O`v>uBMjC6}1-WYv-%1Myu
z8JH#i!OmTtrIflnVt$}2bqeJ1JN?DwmFtkpD~J?+jO=LA6Wg)W6HDxXr_q0d#NxNn
zad-@ym#;wa!>D-A+}W&4g1=Ji=Y8mjnXHFg;IQvN0Cr;kKoQXaBqEPu@mMn=cn`&{
z$FUeHBtiokFg^a*DFJojUx!qjD6p74qrG$v%O<#)hs+Ug=^?JgjdE&T@wga66tacS
z33rx~fyG|Eb2n&kOj{^<4Tj*wlP-vLAb#o-3x)T`=AFu(DREDOxbc?az*QC+v4p{j
z6~L8{5r4yaP2Qf=?+LaRjfv$a?>+Hb`$l{thXuIMIBXhx=uwVP53IAKOa7Dx0sIXp
zeL_>ZMKHmi%fS|ej{j+1HTvNyBl(neS{Bw-Tt*2mWUR0h324&8u&(6ADqNXdfD1DC
zS(_*BzwrlFy2Yz}vJdlNP$U}!Dsrk-CqD7>t7Pe|fFb`mpz;|xd-!3XTQLW@gQ^`^
zz`@A2!ggh?6f8GD;1e3~tp%1F5u>$1{9TiHsOO<uxNIza|Kdc_M9bm1KpprInsXc)
zT=gYf^`%oWsJQcvAd+w_dqhIehSF#G&LkA$79*RpO))AZby<$G&U0C)0!Ek85F^X+
oN)*%y$*$y<N$yk-BqC#^7BGI>dgEr#TPNRm{g03zEd&ey0VmWb^8f$<

literal 0
HcmV?d00001

diff --git a/config/src/test/resources/serialized/6.4.x/org.springframework.security.authorization.event.AuthorizationEvent.serialized b/config/src/test/resources/serialized/6.4.x/org.springframework.security.authorization.event.AuthorizationEvent.serialized
new file mode 100644
index 0000000000000000000000000000000000000000..568c4a3ac20bce16fcb82e8b004f27231125c6e3
GIT binary patch
literal 1603
zcmb7EJ7^S96urCIWV3{PHKIbS60wjOv@}gVu8T4xA+syGis9|-%leY}<;|O95=o3A
z_yHp*iXs+TiP~yuYatez+9I{4v9VF`zS&)7Him>uG4L+;bM86ky?2|?>~R=%ct!DC
z&g{xGCl+0B_^jel!{<yaD#RC89nO}BV2-WOd1?z~I3CN&(9Mf~Tdv>xIG2Q^1|6~n
zgUkqv1oUY$WS*$LV5U0l+lFkV>b~omjPgMZS~&H5QwSK+5R1A6i(1E`HegX3P)vp$
z1_KVqw_C?>Y(WD=E@xI@g}6(%eoWoTec4Dt;v8fIv#2MC<zky&30aYll`wO>G(!!c
z-Or32w3c5d0Rk5w@#N*N%q!&Z@^(Y(xD`DlSFcfueADxkdq{##IU^>LTQX@LM|=J8
zNS&el(%}zp*V->2NDZ3jiRn`TJylLkVpr5Ew!y$fB;z|GX;eljc$C{H`2_Jil)Wq|
zjfBfPv($$0OPZmwZ3d@hnLtc$4ptzoK}POoFqfEN0GZ3}1;KF16Py@go5|~Mj;+|a
zaz_%HiqIZIPRkm!$us&=Fr*C*#0)m-m?kQP?4q;MWhw}(feqXQ5_B{YHcIvS3%2Ey
z*))?<Xv`CTItNa?|GCx`lAba#BA_caM&^We+r3>h=FkYNe!lYiNZ2%CNXFVi)%HbQ
zhB+sTvU_mjTi>%!<V6!C&O*v#OH^785(_E$$4y3dB-%im)o(A}W1U&9NpqawMF@44
z<Sj<(qP0@oF}FBN7xGy^X9>tmj%(Sef}WiWB<>zpy6xod5PbAlO@+{J(a3ZWx`|;p
zzAeTaI~%wR-BpCHD5g2atPJ(Wd>2nmQ(NlwpC3A7Lg`eX5nA1v#U=Lrc$ToF^}{nd
z13%nnAkraHt<fCVZ?*5?*9Xs63-T3^^_^JR9aZKzrI_{o>BOVQo3}4D$+rSC&g`A5
zet9iIp++6cC7cL{NBm*isuv`N-atUdHQRCA<@%}uQgTZiJ+$NK+EuDO@wJiF(`jlj
X`B1H&+OS&5T|na&Azi7u2wD3Fm7qFw

literal 0
HcmV?d00001

diff --git a/config/src/test/resources/serialized/6.4.x/org.springframework.security.authorization.event.AuthorizationGrantedEvent.serialized b/config/src/test/resources/serialized/6.4.x/org.springframework.security.authorization.event.AuthorizationGrantedEvent.serialized
new file mode 100644
index 0000000000000000000000000000000000000000..6d3ca9608f9cacaa523776a846715debb31b4d0c
GIT binary patch
literal 1692
zcmbtVO-vI}5T2GIG{~Q%L{0Dn#)H{LkCGUEtc_#?gtkV}Kwh^Ge6ZbJ-oAx`0nwPC
zCSsz|Xp9GMMvXT;di7vDC}&JKD;F<bG;wCzx-Ak2aSu)2?7W$8zVGYo>rJS2B@Ebd
zQga<CtjP(<@_f#g)0)c-PYN}!F;88wrC4A}*p|j;xuvw;%2-k|OYvNS-mK)pUt_1o
z*24e=3H|?9*splw;_rRe?!2D~Ls*9<0)uUY;iFN|p--_{7Wb4e;}f1`5XN}Qa~xA}
z*{#Dq$z9J>3VL+J65ldpygX#QYRGuicq4v=ZXD<McH<Z}4qre@sAmzDk2`zw+xV^I
zr;RX#1|X_Lp1X?W9V`<g$QnV`{LG>36gQN9H#&GQzxaZfa{xk*p8trxL2)i`*R+gV
zOZlp$N?IY`{5+Q~l91w3FcVeFnmmoI-OkELnW6N;;difA8!sS89cpKp>2U=IikzCv
znv55*br&2&GPEO-YGt&H%cX^08fLDGe##N0fpBSinp@yMVbfQ(!H_&h3Cwh7U<vAV
zh|+9^aG2=_kh$bu5cFnUC7GeN>Ad#x*pijZHHD#O6dEg#^PCP1bVkD~fwVz;g~9r5
z(?q3^U36Amjw>cgU<*zN2|5}G8>G6O87pt+#DpLzbm6LB&0QzneqU|zNspKqQP5J+
zhH`wn?OrZubEprNKaTx8;uj4W#MpjcwYH#2uas<_su!+*>3H&iJ*$DxIf%Gofs^GR
zG#8;?oTP6@q7AfJc`e|ANQt~-^3oO{wu!v?KwY#}MB3&SXQdSF8+4X}=*W<s7|)~<
zBL%|U=8)S??he62kCjyL{T8&W8--S87`A7rLEB0c9D(i{g_a<u+r~77VimrtOs(S<
z>Gh8vnk$4#afL>xcS;r~>@hqOEV90TMrYuI^K=C|1gce=1M4k!-2Z&<>2ij)0NroF
zo2|jkwB#JK)*lZ)c(}Q8sfKn1W}MwSSDk-_>bLU_lT6t%;1A0dy+9b+3ksU9TDI*h
vmPb_(p((L-&yKB2f2Gp5qtvo^I>QY?i)!uEM!ufi1~l#{)J+z@CCJ(zGiF^1

literal 0
HcmV?d00001

diff --git a/config/src/test/resources/serialized/6.4.x/org.springframework.security.config.annotation.AlreadyBuiltException.serialized b/config/src/test/resources/serialized/6.4.x/org.springframework.security.config.annotation.AlreadyBuiltException.serialized
new file mode 100644
index 0000000000000000000000000000000000000000..d3344aeda54a287d2730736f895487bb3cf89a2f
GIT binary patch
literal 10715
zcmeGiTWlRib?hXL6Po6M)1-0QH0dUxL|r>^p0%6A^&@d{;>g!dp)XkP9bd1#cXzWp
z*Rdm>N<nH7q6HDu2vvLp5aRLEpadku52=v)10Vh11H=z0LgJ_VA%$?x%<Sy!<6d8r
z@I`+1?#`S!=gc{0&TH;Z|3OwoAsO_;iWvo=<5i|Zt4c5W;hY&!yB0cZ(X@SU+Nqe9
z=lRTHj_;ZMZb+^2;&U~}WkU-#4RG}5$3L>Kb&R~;O2|S;cFbDymg!nv#T;>6TCv;`
zET#(j_6w7@uMU57T0n10pvP+-bE*m8JD+Vkwf5lUzY4&QCx8mo@9*q5zO8rrZ*ve6
zGogRcnsVs}?;YBE?BdP$SCEyXWR-2zBFf0-QN-1SEOsf#-choyOqu1lXJ`~z6@c5M
z!Ic=wsP`qZHe!}NHxXJkKs^3Z3M8Hwa%q)%3{ZANwIB!qAuTJeBStoeWi{rwU87FK
zdKZEV<cnktBde=|dM%8R3sHg$CDj;t>+mQ0`tIyHhMNxvA=f~ior#cg3#>J_uI@Sf
zr?0k>_UB03v>#S2HbU0Ajz`bds#7!^CF^b1ilR~9D%0>RSOfCZHcB2YQ<%X058%8U
zZJ%~rszI%-Qa0n4QzL%4mV#MV<s;{57=hhzL<>O+AuVq+vcd`iMou*}$P%~IlC;kO
zKco^>iH45lI+sxA6EtEV<F4j`O%xkw#kHzaWy=5!GsiX#9tr}!*>%7nIf&e@XXGd{
z=y(9**^UoyjE0`&nicBN&|-dQR-MQ;PsN{u)b{x}BU|!=l5)FTO?8UTONz(qP@J*6
zvI~+lCnFk`z|LHUmKBL}p>KmJ`5_}uHU^M9Yyy*4tH)_nbD7S~VaZM3f5pvd!7C#>
z3we>#l9M&SNuGhrl7T&S7*M<qTQ(RlBORF$jvbL~)A#ivM~jaq@UfGTjTNCgde$$~
z^OjrFwbJ?~hi9Z78zZr440#neTEIqTL~e3jOeIT!TvZ(H#<x9;JY<8{Wpr$6mf9($
z+{}RD=TrLbW-|bcY!$f1eV++@BhrHPW&L~^SWX>T4~3y0DxGfBKjrowf!I-YFgjT7
zFgVpQj|1sMxO-WTl;VAE$nvIx-;z8%UWcdtz!|9qE=WthDSaQ%(Og#&;V1eKBW;4J
z2Gsh#0@{FY8^P1V8RH&?4%EUBoV#>9+#}K`Ufg>3?%jWb8+&@TJeT-}kWRaxIrA*|
zm3exG`^kP=98baXWA&z_I9EH~ygx^~8Ck<!{FH@(tZn}hv)k+uP72}xIm5$9FY??6
z(_#^R9mmIs1aKelxWACcL5eY(fwM2-b7!MzC2(#&8Ir9>f#lXCKE*N-R2cb~c&U#A
zoN()1+y*$|F0_H!n&&Vxa4m+x43d><)%PM3gQ__$Bo5{`37-%RIx-_tt`7+j3EHs|
z(cSk+N<9gs*;?R$vo|R}*d|?oFvOE0v3dkFWb-TuGK}m{ti}MnGA-+rV!t-t1f_%q
zKed>D`QgBf<#-0T5vR=cmH;ubBl*a#P?8?gx%plb`)1U`@NG^&w&vF$50nG2@9dD=
z_Zl81kzJkEw>d3*OyFY@BBX-DAdbO2ubEeKt2$GwCMb9T@Rs?N6~2;@7n_nasG8@u
zUS)`D8o5Df&e70_jcFc6Bpm3$a>4uTQX_DLax0}gHp@)IpFZz9Wx=V@t;^;W$?M5`
z<rVR~!pM3_(cwEt(-J{~ky2B%Vk=ksj4e<N&~jpRNPZk2DJwfEclYc)Q7p#&G{=n(
z9$>~9dDzAi((iG$=JaSTA`g#20vMO|>w0)uVf!4uakZoX&MyV<M-IRUPn?9$%6O78
zjqK3Dqimwt3v<A?K{dh1WA&z_Nj;iUZ~|-`)weSundwgiuN<iKYgn;B)@aT+kk5wp
zjAKJ~tIDJSA8I-qScSuyAC$bT7QQhh=?|2gTzsoSx-D!mVO3}JjSM(`hC0CDQUI|h
z>s{tnG3!H~Cah=<l0p4bZm&~{TJCZj%aI5IySr!{)>#z7Mm~91zL49)x6~dM@NJQi
z2B=ede4VdkL<>(%=@EAWIRyU5&9qseU-MECNu;<)p$WE*Eo;Z$%<XtnUWz)#a%KU3
zrtIKJ4#3E#m#O9w)VE;3(9Jll89FLnIBh?KnsVO3D&K4xHkN5ro2ojgSofi1^ZYW|
z)XmQrq|+9ZWrK^JRdsBgSH!-Ulg%GEQG9%(7=RB$KE+GSW_(i|T#>f!op$gOBO`Bm
zlFKB=T2-;et?jL(`j+-!^u%U>iR}$Y9{2I&k*9YN1I1O%VLu$Q?3uA3GSsUvHVx4k
z0-hR)Vy#$^at90vXL3_=3()V$p$9w^Qhl4Aa{`Ke5~Ii1&&VUWaka(o79oGPN#qBN
z{kWW$e}#x{aX0dIW1t%x=sO5>1t0%oO!tjk+h;&bpGb7jABNT<_QnkLR)P)(WLwx|
zfuOF2rFu6&6@b<-POA{@A^F1HXB6G~FCelvAtLQ4r%>ZG_ysO!=*UUD1?XBjnpEwP
z`=Z*W^xq87ioc}Apb0h-;?_nW25Mj8Frh4dSR{};fOuz4zWq}mXv=2tIf6nVJ0z9Z
zZu`L^B$9p+@_%yEeix^%!vVh-S^*?=1NB#sE5Od~96O0;NZbY@y#g&?Iu8vWs2)o6
zLJg{XDESLGAwSC;vR@Se{XNBQdyKgNv~>db+?C@qXO_5>yN4eaAOT~<(Vr-wqLUA&
z4Ck-m;|KVtqeYw&g2uOB;3IRCT6AsT{EY%2Pymkp5+B?f6$)zE(nNH>E+7YT#L?g2
z<KE;15do1b;cM?3&;zxQ2j)wbHec*aWiuzV(^N*h4@Y=S`zF4<l>-o!5e|#|9^Wp-
z*%p#mcHx2;zMx|e^$8At2_Ij^$5(U!&KhSj;o-6lup|%JQUXbQO~=r%bbzFC)ra79
z#kC?&Dpf*(n7DJyxmgs>Q#j2z=bL;3$|+IE_Pef5{`(3p+2Q}Elu;13mnT$&{@Vj-
z=1V$J?xJ{v_2JvsbwM4&5h&^SMQWx+-l)S<uL_3FQ@trw_N3fTd{H>G%t|*$Mc$uv
z7Ecrte^2gSYqqJrh-=k6dj=Z#a3M=gaXlw$eQ0KnL8l99T3K8?(O|ZiFn1N`6<Su{
zV<qyD5{qc)HUM}AmuMLB6>+LTEK2tTAJnB69X6viVN1M7R##K#yM%Ehi;!fB%eY0}
zU7)<Q{A4d;R0<VtSTZBUa+*}TT!(Btoa3O20~B|*vK+)WRS6SYlKZK6FwX}Ff_xr)
z{{`G+CA8oc-LwKHxvyi;`io2k_5fw1xMxyU^!y~;I-Qf3PT1+-H-PH4-H;7Z2nK4B
zMsZ7t5o3w<oLi`m_(f3^rP0La95-NNg4)u7kIjs%#ok5~8QtB=ND$~%*d_1k-{)OQ
zsw*Sr2Rc(HfFAGZFHNshgIZpRNXd_p?R92iJ+^el6vbsL+KagH#J6YhkttPD*P=LI
zbU#V<@r-`}=LhQn!6hb64ddffArMO404eYrN+|^={*Or6i2{q+Gurj!pd5mBI+T0Z
zS_fwo4@zTbkJrT;M<QFf{taNFWj8+d=#x8vgCm-C=Q$YgfvE*yyy6c(F;TcQtUsxg
zkRtaokUQIu9O!ppF{aR8wgTwm81Xk8vgE=@{j1>7qBSx7<dTNKjr(1ozX@-%;nXZF
z9xx5Q^e~rDCmfDsO8%h-1^7EybWCHqfd{~U#X;OaYkh&g8a>c|NIs>WR)jTA*TQQV
zEi8uusuYN9m)%h4bDV*$7W_TU6HROUo0U$h!Z(Ytx1|RjiC4$1o@g|Q_wu~|E3Fk|
zh^{2@hI03C6Xcf7er}*DYzlEOvaN7jX-mZz<mM6({FEm6#so`?5u;VOa&zG#3J(YO
zx58v&>U)<4k}6sWmsu)HM`liQ(V)X<If0Lpu~0Ew4xuC=mwHBupb4f=@o*v-;~FEI
zvqP~|S`O;8#J|0e1$03zgN&@iJ|=*~f2rg}iVQCxhsYSJ28_2zFWua7z3)fw{F(n1
GaN$2FnHRbM

literal 0
HcmV?d00001

diff --git a/config/src/test/resources/serialized/6.4.x/org.springframework.security.web.session.HttpSessionIdChangedEvent.serialized b/config/src/test/resources/serialized/6.4.x/org.springframework.security.web.session.HttpSessionIdChangedEvent.serialized
new file mode 100644
index 0000000000000000000000000000000000000000..01791e9a4b5944ec1aa4436ef1d18589002f4700
GIT binary patch
literal 421
zcmZ4UmVvdnh`}kpC|$3(peQphJ*_A)H?=&!C|j>MHMz7Xv!qh5JT(c(DK5^;&(rfL
zDJcksusu_pGZORCQ&U{aQu9hSbjc=d7P@N9#K7dkz>}9+4p&veAmo#kSeB@t15~Xa
zTmrJi8mJ~eCk3vikfDx&v7(5<9<M`^^NUj9E`jSsc16Y~rn*I)K986f7=WhP5pSAf
zQgKO9VsZ)8RIry8bozcjVqL%qF-!-WVafS<C8-r9dX5DJIho0cCBPs8YfWl-9pB-8
z_8}7kqZb2bNoH<paY<rs0nkmNprFtzEy>K$1FQ5;%1TWx@#*FClgO=I0kW!qfq`+_
O!cQC@N*EXoK^Oq<r<?o$

literal 0
HcmV?d00001

diff --git a/config/src/test/resources/serialized/6.4.x/org.springframework.security.web.webauthn.api.CredentialPropertiesOutput$ExtensionOutput.serialized b/config/src/test/resources/serialized/6.4.x/org.springframework.security.web.webauthn.api.CredentialPropertiesOutput$ExtensionOutput.serialized
new file mode 100644
index 0000000000000000000000000000000000000000..2ff01fc9d19abc205bb2927323a61a932205a7f8
GIT binary patch
literal 115
zcmZ4UmVvdnh#?}sC|$3(peQphJ*_A)H?=&!C|j>MHMz7Xv!qh5JT(b~6H7}n^7Il5
zGWDE`Qd3g%N-`630*dkrQj1D5Q;YpeOA1O$R9q`cQuB&4^Yb8ldwY#P-vrHsnHU(O
L7?_H(D+(9^Dt9X>

literal 0
HcmV?d00001