Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Make Saml2AuthenticationToken Serializable #16287

Open
wants to merge 1 commit into
base: main
Choose a base branch
from
Open

Make Saml2AuthenticationToken Serializable #16287

wants to merge 1 commit into from

Conversation

ngocnhan-tran1996
Copy link
Contributor

Closes gh-16286

@spring-projects-issues spring-projects-issues added the status: waiting-for-triage An issue we've not yet triaged label Dec 15, 2024
jzheaux
jzheaux requested changes Dec 16, 2024
View reviewed changes
Copy link
Contributor

@jzheaux jzheaux left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thanks, @ngocnhan-tran1996, for the PR!

In addition to my inline feedback, will you please add Closes gh-16286 to the end of your commit message?

...org/springframework/security/saml2/provider/service/registration/AssertingPartyMetadata.java Show resolved Hide resolved
...g/src/test/java/org/springframework/security/SpringSecurityCoreVersionSerializableTests.java
@@ -309,6 +311,7 @@ class SpringSecurityCoreVersionSerializableTests {
(r) -> TestSaml2PostAuthenticationRequests.create());
generatorByClassName.put(Saml2RedirectAuthenticationRequest.class,
(r) -> TestSaml2RedirectAuthenticationRequests.create());
generatorByClassName.put(RelyingPartyRegistration.class, (r) -> TestRelyingPartyRegistrations.full().build());
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Please run the serializeCurrentVersionClasses test so that the appropriate .serialized file gets created. You can see #16276 for more details.

@jzheaux jzheaux added type: bug A general bug in: saml2 An issue in SAML2 modules and removed status: waiting-for-triage An issue we've not yet triaged labels Dec 16, 2024
@jzheaux jzheaux added this to the 6.4.3 milestone Dec 16, 2024
@jzheaux jzheaux self-assigned this Dec 17, 2024
@ngocnhan-tran1996
Copy link
Contributor Author

ngocnhan-tran1996 commented Dec 17, 2024
edited
Loading

@jzheaux

Thanks for your review.

I will rebase commit into below message if my PR does not have any changes.

Add Serializable for RelyingPartyRegistration

Closes gh-16286

@ngocnhan-tran1996
Copy link
Contributor Author

@jzheaux

Please review and tell me if I missunderstood

jzheaux
jzheaux requested changes Dec 19, 2024
View reviewed changes
Copy link
Contributor

@jzheaux jzheaux left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thanks for the updates, @ngocnhan-tran1996. This is close. I've left feedback inline.

...vice-provider/src/main/java/org/springframework/security/saml2/core/Saml2X509Credential.java Outdated
public final class Saml2X509Credential {
public final class Saml2X509Credential implements Serializable {

private static final long serialVersionUID = SpringSecurityCoreVersion.SERIAL_VERSION_UID;
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Since this didn't have a serial version UID declared before 6.3 (when Spring Security started ensuring backward compatibility with Java serialization), it needs to be the JVM-calculated value.

Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This is the same for the other classes as well

@ngocnhan-tran1996 ngocnhan-tran1996 force-pushed the gh-16286 branch 2 times, most recently from 230f662 to ee25efa Compare December 21, 2024 10:38
@ngocnhan-tran1996
Add Serializable for RelyingPartyRegistration
bbc8e69 
Closes spring-projectsgh-16286

Generate file serialized

Generate file serialized
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@jzheaux jzheaux jzheaux requested changes

Assignees

@jzheaux jzheaux

Labels
in: saml2 An issue in SAML2 modules type: bug A general bug
Projects
Spring Security Team
Status: No status
Milestone
6.4.3
Development

Successfully merging this pull request may close these issues.

Make Saml2AuthenticationToken Serializable
3 participants
@ngocnhan-tran1996 @jzheaux @spring-projects-issues