GitHub-Spring
/
spring-security
mirror of https://github.com/spring-projects/spring-security.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity
Browse Source

Support Serialization for Authorization Components 

Closes gh-16544
pull/16546/head
Josh Cummings 11 months ago
parent
876f67715f
commit
b4c7795699
No known key found for this signature in database
GPG Key ID: 869B37A20E876129
9 changed files with 23 additions and 1 deletions
Whitespace
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Split View
Diff Options
Show Stats Download Patch File Download Diff File
  1. 8
      config/src/test/java/org/springframework/security/SpringSecurityCoreVersionSerializableTests.java
  2. BIN
      config/src/test/resources/serialized/6.4.x/org.springframework.security.authorization.AuthorityAuthorizationDecision.serialized
  3. BIN
      config/src/test/resources/serialized/6.4.x/org.springframework.security.authorization.AuthorizationDecision.serialized
  4. 0
      config/src/test/resources/serialized/6.4.x/org.springframework.security.authorization.AuthorizationDeniedException.serialized
  5. 4
      core/src/main/java/org/springframework/security/authorization/AuthorityAuthorizationDecision.java
  6. 5
      core/src/main/java/org/springframework/security/authorization/AuthorizationDecision.java
  7. 2
      core/src/main/java/org/springframework/security/authorization/AuthorizationManagers.java
  8. 4
      core/src/main/java/org/springframework/security/authorization/AuthorizationResult.java
  9. 1
      core/src/main/java/org/springframework/security/authorization/ExpressionAuthorizationDecision.java

8
config/src/test/java/org/springframework/security/SpringSecurityCoreVersionSerializableTests.java
Unescape View File

@ -95,6 +95,9 @@ import org.springframework.security.authentication.jaas.event.JaasAuthentication @@ -95,6 +95,9 @@ import org.springframework.security.authentication.jaas.event.JaasAuthentication
import org.springframework.security.authentication.ott.InvalidOneTimeTokenException;
import org.springframework.security.authentication.ott.OneTimeTokenAuthenticationToken;
import org.springframework.security.authentication.password.CompromisedPasswordException;
import org.springframework.security.authorization.AuthorityAuthorizationDecision;
import org.springframework.security.authorization.AuthorizationDecision;
import org.springframework.security.authorization.AuthorizationDeniedException;
import org.springframework.security.cas.authentication.CasAssertionAuthenticationToken;
import org.springframework.security.cas.authentication.CasAuthenticationToken;
import org.springframework.security.cas.authentication.CasServiceTicketAuthenticationToken;
@ -454,6 +457,11 @@ class SpringSecurityCoreVersionSerializableTests { @@ -454,6 +457,11 @@ class SpringSecurityCoreVersionSerializableTests {
generatorByClassName.put(AbstractSessionEvent.class, (r) -> new AbstractSessionEvent(securityContext));
generatorByClassName.put(SecurityConfig.class, (r) -> new SecurityConfig("value"));
generatorByClassName.put(TransientSecurityContext.class, (r) -> new TransientSecurityContext(authentication));
generatorByClassName.put(AuthorizationDeniedException.class,
(r) -> new AuthorizationDeniedException("message", new AuthorizationDecision(false)));
generatorByClassName.put(AuthorizationDecision.class, (r) -> new AuthorizationDecision(true));
generatorByClassName.put(AuthorityAuthorizationDecision.class,
(r) -> new AuthorityAuthorizationDecision(true, AuthorityUtils.createAuthorityList("ROLE_USER")));
// cas
generatorByClassName.put(CasServiceTicketAuthenticationToken.class, (r) -> {

BIN
config/src/test/resources/serialized/6.4.x/org.springframework.security.authorization.AuthorityAuthorizationDecision.serialized
View File

Binary file not shown.

BIN
config/src/test/resources/serialized/6.4.x/org.springframework.security.authorization.AuthorizationDecision.serialized
View File

Binary file not shown.

0
config/src/test/resources/serialized/6.4.x/org.springframework.security.authorization.AuthorizationDeniedException.serialized
Unescape View File

4
core/src/main/java/org/springframework/security/authorization/AuthorityAuthorizationDecision.java
Unescape View File

@ -16,6 +16,7 @@ @@ -16,6 +16,7 @@
package org.springframework.security.authorization;
import java.io.Serial;
import java.util.Collection;
import org.springframework.security.core.GrantedAuthority;
@ -28,6 +29,9 @@ import org.springframework.security.core.GrantedAuthority; @@ -28,6 +29,9 @@ import org.springframework.security.core.GrantedAuthority;
*/
public class AuthorityAuthorizationDecision extends AuthorizationDecision {
@Serial
private static final long serialVersionUID = -8338309042331376592L;
private final Collection<GrantedAuthority> authorities;
public AuthorityAuthorizationDecision(boolean granted, Collection<GrantedAuthority> authorities) {

5
core/src/main/java/org/springframework/security/authorization/AuthorizationDecision.java
Unescape View File

@ -16,12 +16,17 @@ @@ -16,12 +16,17 @@
package org.springframework.security.authorization;
import java.io.Serial;
/**
* @author Rob Winch
* @since 5.0
*/
public class AuthorizationDecision implements AuthorizationResult {
@Serial
private static final long serialVersionUID = -3226018324649244416L;
private final boolean granted;
public AuthorizationDecision(boolean granted) {

2
core/src/main/java/org/springframework/security/authorization/AuthorizationManagers.java
Unescape View File

@ -145,6 +145,7 @@ public final class AuthorizationManagers { @@ -145,6 +145,7 @@ public final class AuthorizationManagers {
private AuthorizationManagers() {
}
@SuppressWarnings("serial")
private static final class CompositeAuthorizationDecision extends AuthorizationDecision {
private final List<AuthorizationResult> results;
@ -161,6 +162,7 @@ public final class AuthorizationManagers { @@ -161,6 +162,7 @@ public final class AuthorizationManagers {
}
@SuppressWarnings("serial")
private static final class NotAuthorizationDecision extends AuthorizationDecision {
private final AuthorizationResult result;

4
core/src/main/java/org/springframework/security/authorization/AuthorizationResult.java
Unescape View File

@ -16,13 +16,15 @@ @@ -16,13 +16,15 @@
package org.springframework.security.authorization;
import java.io.Serializable;
/**
* Represents an authorization result
*
* @author Marcus da Coregio
* @since 6.3
*/
public interface AuthorizationResult {
public interface AuthorizationResult extends Serializable {
/**
* @return whether the access has been granted

1
core/src/main/java/org/springframework/security/authorization/ExpressionAuthorizationDecision.java
Unescape View File

@ -24,6 +24,7 @@ import org.springframework.expression.Expression; @@ -24,6 +24,7 @@ import org.springframework.expression.Expression;
* @author Marcus Da Coregio
* @since 5.8
*/
@SuppressWarnings("serial")
public class ExpressionAuthorizationDecision extends AuthorizationDecision {
private final Expression expression;

Write Preview
Loading…
Cancel
Save