diff --git a/config/src/test/java/org/springframework/security/SpringSecurityCoreVersionSerializableTests.java b/config/src/test/java/org/springframework/security/SpringSecurityCoreVersionSerializableTests.java index 90140fcc2d..407a055d42 100644 --- a/config/src/test/java/org/springframework/security/SpringSecurityCoreVersionSerializableTests.java +++ b/config/src/test/java/org/springframework/security/SpringSecurityCoreVersionSerializableTests.java @@ -54,15 +54,29 @@ import org.junit.jupiter.params.provider.MethodSource; import org.springframework.beans.factory.config.BeanDefinition; import org.springframework.context.annotation.ClassPathScanningCandidateComponentProvider; import org.springframework.core.type.filter.AssignableTypeFilter; +import org.springframework.security.access.AccessDeniedException; +import org.springframework.security.access.AuthorizationServiceException; import org.springframework.security.access.intercept.RunAsUserToken; import org.springframework.security.authentication.AbstractAuthenticationToken; +import org.springframework.security.authentication.AccountExpiredException; import org.springframework.security.authentication.AnonymousAuthenticationToken; +import org.springframework.security.authentication.AuthenticationCredentialsNotFoundException; +import org.springframework.security.authentication.AuthenticationServiceException; +import org.springframework.security.authentication.BadCredentialsException; +import org.springframework.security.authentication.CredentialsExpiredException; +import org.springframework.security.authentication.DisabledException; +import org.springframework.security.authentication.InsufficientAuthenticationException; +import org.springframework.security.authentication.InternalAuthenticationServiceException; +import org.springframework.security.authentication.LockedException; +import org.springframework.security.authentication.ProviderNotFoundException; import org.springframework.security.authentication.RememberMeAuthenticationToken; import org.springframework.security.authentication.TestAuthentication; import org.springframework.security.authentication.TestingAuthenticationToken; import org.springframework.security.authentication.UsernamePasswordAuthenticationToken; import org.springframework.security.authentication.jaas.JaasAuthenticationToken; +import org.springframework.security.authentication.ott.InvalidOneTimeTokenException; import org.springframework.security.authentication.ott.OneTimeTokenAuthenticationToken; +import org.springframework.security.authentication.password.CompromisedPasswordException; import org.springframework.security.cas.authentication.CasAssertionAuthenticationToken; import org.springframework.security.cas.authentication.CasAuthenticationToken; import org.springframework.security.cas.authentication.CasServiceTicketAuthenticationToken; @@ -72,7 +86,12 @@ import org.springframework.security.core.authority.AuthorityUtils; import org.springframework.security.core.session.ReactiveSessionInformation; import org.springframework.security.core.session.SessionInformation; import org.springframework.security.core.userdetails.UserDetails; +import org.springframework.security.core.userdetails.UsernameNotFoundException; +import org.springframework.security.ldap.ppolicy.PasswordPolicyErrorStatus; +import org.springframework.security.ldap.ppolicy.PasswordPolicyException; import org.springframework.security.ldap.userdetails.LdapAuthority; +import org.springframework.security.oauth2.client.ClientAuthorizationException; +import org.springframework.security.oauth2.client.ClientAuthorizationRequiredException; import org.springframework.security.oauth2.client.OAuth2AuthorizedClient; import org.springframework.security.oauth2.client.authentication.OAuth2AuthenticationToken; import org.springframework.security.oauth2.client.authentication.OAuth2AuthorizationCodeAuthenticationToken; @@ -88,7 +107,10 @@ import org.springframework.security.oauth2.client.registration.TestClientRegistr import org.springframework.security.oauth2.core.DefaultOAuth2AuthenticatedPrincipal; import org.springframework.security.oauth2.core.OAuth2AccessToken; import org.springframework.security.oauth2.core.OAuth2AuthenticatedPrincipal; +import org.springframework.security.oauth2.core.OAuth2AuthenticationException; +import org.springframework.security.oauth2.core.OAuth2AuthorizationException; import org.springframework.security.oauth2.core.OAuth2DeviceCode; +import org.springframework.security.oauth2.core.OAuth2Error; import org.springframework.security.oauth2.core.OAuth2RefreshToken; import org.springframework.security.oauth2.core.OAuth2UserCode; import org.springframework.security.oauth2.core.TestOAuth2AccessTokens; @@ -108,14 +130,22 @@ import org.springframework.security.oauth2.core.oidc.user.TestOidcUsers; import org.springframework.security.oauth2.core.user.DefaultOAuth2User; import org.springframework.security.oauth2.core.user.OAuth2UserAuthority; import org.springframework.security.oauth2.core.user.TestOAuth2Users; +import org.springframework.security.oauth2.jwt.BadJwtException; import org.springframework.security.oauth2.jwt.Jwt; +import org.springframework.security.oauth2.jwt.JwtDecoderInitializationException; +import org.springframework.security.oauth2.jwt.JwtEncodingException; +import org.springframework.security.oauth2.jwt.JwtException; +import org.springframework.security.oauth2.jwt.JwtValidationException; import org.springframework.security.oauth2.jwt.TestJwts; import org.springframework.security.oauth2.server.resource.BearerTokenError; import org.springframework.security.oauth2.server.resource.BearerTokenErrors; +import org.springframework.security.oauth2.server.resource.InvalidBearerTokenException; import org.springframework.security.oauth2.server.resource.authentication.BearerTokenAuthentication; import org.springframework.security.oauth2.server.resource.authentication.BearerTokenAuthenticationToken; import org.springframework.security.oauth2.server.resource.authentication.JwtAuthenticationToken; +import org.springframework.security.oauth2.server.resource.introspection.BadOpaqueTokenException; import org.springframework.security.oauth2.server.resource.introspection.OAuth2IntrospectionAuthenticatedPrincipal; +import org.springframework.security.oauth2.server.resource.introspection.OAuth2IntrospectionException; import org.springframework.security.saml2.Saml2Exception; import org.springframework.security.saml2.core.Saml2Error; import org.springframework.security.saml2.provider.service.authentication.DefaultSaml2AuthenticatedPrincipal; @@ -138,6 +168,8 @@ import org.springframework.security.web.csrf.CsrfException; import org.springframework.security.web.csrf.DefaultCsrfToken; import org.springframework.security.web.csrf.InvalidCsrfTokenException; import org.springframework.security.web.csrf.MissingCsrfTokenException; +import org.springframework.security.web.firewall.RequestRejectedException; +import org.springframework.security.web.server.firewall.ServerExchangeRejectedException; import static org.assertj.core.api.Assertions.assertThat; import static org.assertj.core.api.Assertions.fail; @@ -193,6 +225,12 @@ class SpringSecurityCoreVersionSerializableTests { generatorByClassName.put(OidcUserAuthority.class, (r) -> new OidcUserAuthority(TestOidcIdTokens.idToken().build(), new OidcUserInfo(Map.of("claim", "value")), "claim")); + generatorByClassName.put(OAuth2AuthenticationException.class, + (r) -> new OAuth2AuthenticationException(new OAuth2Error("error", "description", "uri"), "message", + new RuntimeException())); + generatorByClassName.put(OAuth2AuthorizationException.class, + (r) -> new OAuth2AuthorizationException(new OAuth2Error("error", "description", "uri"), "message", + new RuntimeException())); // oauth2-client ClientRegistration.Builder clientRegistrationBuilder = TestClientRegistrations.clientRegistration(); @@ -231,6 +269,21 @@ class SpringSecurityCoreVersionSerializableTests { return new DefaultOAuth2AuthenticatedPrincipal(principal.getName(), principal.getAttributes(), (Collection) principal.getAuthorities()); }); + generatorByClassName.put(ClientAuthorizationException.class, + (r) -> new ClientAuthorizationException(new OAuth2Error("error", "description", "uri"), "id", "message", + new RuntimeException())); + generatorByClassName.put(ClientAuthorizationRequiredException.class, + (r) -> new ClientAuthorizationRequiredException("id")); + + // oauth2-jose + generatorByClassName.put(BadJwtException.class, (r) -> new BadJwtException("token", new RuntimeException())); + generatorByClassName.put(JwtDecoderInitializationException.class, + (r) -> new JwtDecoderInitializationException("message", new RuntimeException())); + generatorByClassName.put(JwtEncodingException.class, + (r) -> new JwtEncodingException("message", new RuntimeException())); + generatorByClassName.put(JwtException.class, (r) -> new JwtException("message", new RuntimeException())); + generatorByClassName.put(JwtValidationException.class, + (r) -> new JwtValidationException("message", List.of(new OAuth2Error("error", "description", "uri")))); // oauth2-jwt generatorByClassName.put(Jwt.class, (r) -> TestJwts.user()); @@ -262,6 +315,12 @@ class SpringSecurityCoreVersionSerializableTests { generatorByClassName.put(BearerTokenError.class, (r) -> BearerTokenErrors.invalidToken("invalid token")); generatorByClassName.put(OAuth2IntrospectionAuthenticatedPrincipal.class, (r) -> TestOAuth2AuthenticatedPrincipals.active()); + generatorByClassName.put(InvalidBearerTokenException.class, + (r) -> new InvalidBearerTokenException("description", new RuntimeException())); + generatorByClassName.put(BadOpaqueTokenException.class, + (r) -> new BadOpaqueTokenException("message", new RuntimeException())); + generatorByClassName.put(OAuth2IntrospectionException.class, + (r) -> new OAuth2IntrospectionException("message", new RuntimeException())); // core generatorByClassName.put(RunAsUserToken.class, (r) -> { @@ -287,7 +346,33 @@ class SpringSecurityCoreVersionSerializableTests { }); generatorByClassName.put(OneTimeTokenAuthenticationToken.class, (r) -> applyDetails(new OneTimeTokenAuthenticationToken("username", "token"))); - + generatorByClassName.put(AccessDeniedException.class, + (r) -> new AccessDeniedException("access denied", new RuntimeException())); + generatorByClassName.put(AuthorizationServiceException.class, + (r) -> new AuthorizationServiceException("access denied", new RuntimeException())); + generatorByClassName.put(AccountExpiredException.class, + (r) -> new AccountExpiredException("error", new RuntimeException())); + generatorByClassName.put(AuthenticationCredentialsNotFoundException.class, + (r) -> new AuthenticationCredentialsNotFoundException("error", new RuntimeException())); + generatorByClassName.put(AuthenticationServiceException.class, + (r) -> new AuthenticationServiceException("error", new RuntimeException())); + generatorByClassName.put(BadCredentialsException.class, + (r) -> new BadCredentialsException("error", new RuntimeException())); + generatorByClassName.put(CredentialsExpiredException.class, + (r) -> new CredentialsExpiredException("error", new RuntimeException())); + generatorByClassName.put(DisabledException.class, + (r) -> new DisabledException("error", new RuntimeException())); + generatorByClassName.put(InsufficientAuthenticationException.class, + (r) -> new InsufficientAuthenticationException("error", new RuntimeException())); + generatorByClassName.put(InternalAuthenticationServiceException.class, + (r) -> new InternalAuthenticationServiceException("error", new RuntimeException())); + generatorByClassName.put(LockedException.class, (r) -> new LockedException("error", new RuntimeException())); + generatorByClassName.put(ProviderNotFoundException.class, (r) -> new ProviderNotFoundException("error")); + generatorByClassName.put(InvalidOneTimeTokenException.class, (r) -> new InvalidOneTimeTokenException("error")); + generatorByClassName.put(CompromisedPasswordException.class, + (r) -> new CompromisedPasswordException("error", new RuntimeException())); + generatorByClassName.put(UsernameNotFoundException.class, + (r) -> new UsernameNotFoundException("error", new RuntimeException())); generatorByClassName.put(TestingAuthenticationToken.class, (r) -> applyDetails(new TestingAuthenticationToken("username", "password"))); @@ -312,6 +397,8 @@ class SpringSecurityCoreVersionSerializableTests { // ldap generatorByClassName.put(LdapAuthority.class, (r) -> new LdapAuthority("USER", "username", Map.of("attribute", List.of("value1", "value2")))); + generatorByClassName.put(PasswordPolicyException.class, + (r) -> new PasswordPolicyException(PasswordPolicyErrorStatus.INSUFFICIENT_PASSWORD_QUALITY)); // saml2-service-provider generatorByClassName.put(Saml2AuthenticationException.class, @@ -358,7 +445,9 @@ class SpringSecurityCoreVersionSerializableTests { generatorByClassName.put(org.springframework.security.web.server.csrf.DefaultCsrfToken.class, (r) -> new org.springframework.security.web.server.csrf.DefaultCsrfToken("header", "parameter", "token")); - + generatorByClassName.put(RequestRejectedException.class, (r) -> new RequestRejectedException("message")); + generatorByClassName.put(ServerExchangeRejectedException.class, + (r) -> new ServerExchangeRejectedException("message")); } @ParameterizedTest diff --git a/config/src/test/resources/serialized/6.4.x/org.springframework.security.access.AccessDeniedException.serialized b/config/src/test/resources/serialized/6.4.x/org.springframework.security.access.AccessDeniedException.serialized new file mode 100644 index 0000000000..61dae86206 Binary files /dev/null and b/config/src/test/resources/serialized/6.4.x/org.springframework.security.access.AccessDeniedException.serialized differ diff --git a/config/src/test/resources/serialized/6.4.x/org.springframework.security.access.AuthorizationServiceException.serialized b/config/src/test/resources/serialized/6.4.x/org.springframework.security.access.AuthorizationServiceException.serialized new file mode 100644 index 0000000000..222e625eb6 Binary files /dev/null and b/config/src/test/resources/serialized/6.4.x/org.springframework.security.access.AuthorizationServiceException.serialized differ diff --git a/config/src/test/resources/serialized/6.4.x/org.springframework.security.authentication.AccountExpiredException.serialized b/config/src/test/resources/serialized/6.4.x/org.springframework.security.authentication.AccountExpiredException.serialized new file mode 100644 index 0000000000..004b8f22ea Binary files /dev/null and b/config/src/test/resources/serialized/6.4.x/org.springframework.security.authentication.AccountExpiredException.serialized differ diff --git a/config/src/test/resources/serialized/6.4.x/org.springframework.security.authentication.AuthenticationCredentialsNotFoundException.serialized b/config/src/test/resources/serialized/6.4.x/org.springframework.security.authentication.AuthenticationCredentialsNotFoundException.serialized new file mode 100644 index 0000000000..4e99aa0365 Binary files /dev/null and b/config/src/test/resources/serialized/6.4.x/org.springframework.security.authentication.AuthenticationCredentialsNotFoundException.serialized differ diff --git a/config/src/test/resources/serialized/6.4.x/org.springframework.security.authentication.AuthenticationServiceException.serialized b/config/src/test/resources/serialized/6.4.x/org.springframework.security.authentication.AuthenticationServiceException.serialized new file mode 100644 index 0000000000..c12cd3a7c5 Binary files /dev/null and b/config/src/test/resources/serialized/6.4.x/org.springframework.security.authentication.AuthenticationServiceException.serialized differ diff --git a/config/src/test/resources/serialized/6.4.x/org.springframework.security.authentication.BadCredentialsException.serialized b/config/src/test/resources/serialized/6.4.x/org.springframework.security.authentication.BadCredentialsException.serialized new file mode 100644 index 0000000000..36c9802e72 Binary files /dev/null and b/config/src/test/resources/serialized/6.4.x/org.springframework.security.authentication.BadCredentialsException.serialized differ diff --git a/config/src/test/resources/serialized/6.4.x/org.springframework.security.authentication.CredentialsExpiredException.serialized b/config/src/test/resources/serialized/6.4.x/org.springframework.security.authentication.CredentialsExpiredException.serialized new file mode 100644 index 0000000000..0ec7355f62 Binary files /dev/null and b/config/src/test/resources/serialized/6.4.x/org.springframework.security.authentication.CredentialsExpiredException.serialized differ diff --git a/config/src/test/resources/serialized/6.4.x/org.springframework.security.authentication.DisabledException.serialized b/config/src/test/resources/serialized/6.4.x/org.springframework.security.authentication.DisabledException.serialized new file mode 100644 index 0000000000..71d58fa87c Binary files /dev/null and b/config/src/test/resources/serialized/6.4.x/org.springframework.security.authentication.DisabledException.serialized differ diff --git a/config/src/test/resources/serialized/6.4.x/org.springframework.security.authentication.InsufficientAuthenticationException.serialized b/config/src/test/resources/serialized/6.4.x/org.springframework.security.authentication.InsufficientAuthenticationException.serialized new file mode 100644 index 0000000000..24e5a933fa Binary files /dev/null and b/config/src/test/resources/serialized/6.4.x/org.springframework.security.authentication.InsufficientAuthenticationException.serialized differ diff --git a/config/src/test/resources/serialized/6.4.x/org.springframework.security.authentication.InternalAuthenticationServiceException.serialized b/config/src/test/resources/serialized/6.4.x/org.springframework.security.authentication.InternalAuthenticationServiceException.serialized new file mode 100644 index 0000000000..3ce3a576f5 Binary files /dev/null and b/config/src/test/resources/serialized/6.4.x/org.springframework.security.authentication.InternalAuthenticationServiceException.serialized differ diff --git a/config/src/test/resources/serialized/6.4.x/org.springframework.security.authentication.LockedException.serialized b/config/src/test/resources/serialized/6.4.x/org.springframework.security.authentication.LockedException.serialized new file mode 100644 index 0000000000..30e52eafc8 Binary files /dev/null and b/config/src/test/resources/serialized/6.4.x/org.springframework.security.authentication.LockedException.serialized differ diff --git a/config/src/test/resources/serialized/6.4.x/org.springframework.security.authentication.ProviderNotFoundException.serialized b/config/src/test/resources/serialized/6.4.x/org.springframework.security.authentication.ProviderNotFoundException.serialized new file mode 100644 index 0000000000..1a7ade4e8d Binary files /dev/null and b/config/src/test/resources/serialized/6.4.x/org.springframework.security.authentication.ProviderNotFoundException.serialized differ diff --git a/config/src/test/resources/serialized/6.4.x/org.springframework.security.authentication.ott.InvalidOneTimeTokenException.serialized b/config/src/test/resources/serialized/6.4.x/org.springframework.security.authentication.ott.InvalidOneTimeTokenException.serialized new file mode 100644 index 0000000000..72c4958525 Binary files /dev/null and b/config/src/test/resources/serialized/6.4.x/org.springframework.security.authentication.ott.InvalidOneTimeTokenException.serialized differ diff --git a/config/src/test/resources/serialized/6.4.x/org.springframework.security.authentication.password.CompromisedPasswordException.serialized b/config/src/test/resources/serialized/6.4.x/org.springframework.security.authentication.password.CompromisedPasswordException.serialized new file mode 100644 index 0000000000..112bcf688c Binary files /dev/null and b/config/src/test/resources/serialized/6.4.x/org.springframework.security.authentication.password.CompromisedPasswordException.serialized differ diff --git a/config/src/test/resources/serialized/6.4.x/org.springframework.security.core.userdetails.UsernameNotFoundException.serialized b/config/src/test/resources/serialized/6.4.x/org.springframework.security.core.userdetails.UsernameNotFoundException.serialized new file mode 100644 index 0000000000..0272398b25 Binary files /dev/null and b/config/src/test/resources/serialized/6.4.x/org.springframework.security.core.userdetails.UsernameNotFoundException.serialized differ diff --git a/config/src/test/resources/serialized/6.4.x/org.springframework.security.ldap.ppolicy.PasswordPolicyException.serialized b/config/src/test/resources/serialized/6.4.x/org.springframework.security.ldap.ppolicy.PasswordPolicyException.serialized new file mode 100644 index 0000000000..148433692c Binary files /dev/null and b/config/src/test/resources/serialized/6.4.x/org.springframework.security.ldap.ppolicy.PasswordPolicyException.serialized differ diff --git a/config/src/test/resources/serialized/6.4.x/org.springframework.security.oauth2.client.ClientAuthorizationException.serialized b/config/src/test/resources/serialized/6.4.x/org.springframework.security.oauth2.client.ClientAuthorizationException.serialized new file mode 100644 index 0000000000..7566a0979b Binary files /dev/null and b/config/src/test/resources/serialized/6.4.x/org.springframework.security.oauth2.client.ClientAuthorizationException.serialized differ diff --git a/config/src/test/resources/serialized/6.4.x/org.springframework.security.oauth2.client.ClientAuthorizationRequiredException.serialized b/config/src/test/resources/serialized/6.4.x/org.springframework.security.oauth2.client.ClientAuthorizationRequiredException.serialized new file mode 100644 index 0000000000..836566955a Binary files /dev/null and b/config/src/test/resources/serialized/6.4.x/org.springframework.security.oauth2.client.ClientAuthorizationRequiredException.serialized differ diff --git a/config/src/test/resources/serialized/6.4.x/org.springframework.security.oauth2.core.OAuth2AuthenticationException.serialized b/config/src/test/resources/serialized/6.4.x/org.springframework.security.oauth2.core.OAuth2AuthenticationException.serialized new file mode 100644 index 0000000000..de67c73ec2 Binary files /dev/null and b/config/src/test/resources/serialized/6.4.x/org.springframework.security.oauth2.core.OAuth2AuthenticationException.serialized differ diff --git a/config/src/test/resources/serialized/6.4.x/org.springframework.security.oauth2.core.OAuth2AuthorizationException.serialized b/config/src/test/resources/serialized/6.4.x/org.springframework.security.oauth2.core.OAuth2AuthorizationException.serialized new file mode 100644 index 0000000000..b082c12d28 Binary files /dev/null and b/config/src/test/resources/serialized/6.4.x/org.springframework.security.oauth2.core.OAuth2AuthorizationException.serialized differ diff --git a/config/src/test/resources/serialized/6.4.x/org.springframework.security.oauth2.jwt.BadJwtException.serialized b/config/src/test/resources/serialized/6.4.x/org.springframework.security.oauth2.jwt.BadJwtException.serialized new file mode 100644 index 0000000000..275216a9f2 Binary files /dev/null and b/config/src/test/resources/serialized/6.4.x/org.springframework.security.oauth2.jwt.BadJwtException.serialized differ diff --git a/config/src/test/resources/serialized/6.4.x/org.springframework.security.oauth2.jwt.JwtDecoderInitializationException.serialized b/config/src/test/resources/serialized/6.4.x/org.springframework.security.oauth2.jwt.JwtDecoderInitializationException.serialized new file mode 100644 index 0000000000..39a7ada3a1 Binary files /dev/null and b/config/src/test/resources/serialized/6.4.x/org.springframework.security.oauth2.jwt.JwtDecoderInitializationException.serialized differ diff --git a/config/src/test/resources/serialized/6.4.x/org.springframework.security.oauth2.jwt.JwtEncodingException.serialized b/config/src/test/resources/serialized/6.4.x/org.springframework.security.oauth2.jwt.JwtEncodingException.serialized new file mode 100644 index 0000000000..e0026470c3 Binary files /dev/null and b/config/src/test/resources/serialized/6.4.x/org.springframework.security.oauth2.jwt.JwtEncodingException.serialized differ diff --git a/config/src/test/resources/serialized/6.4.x/org.springframework.security.oauth2.jwt.JwtException.serialized b/config/src/test/resources/serialized/6.4.x/org.springframework.security.oauth2.jwt.JwtException.serialized new file mode 100644 index 0000000000..ac27bf9f67 Binary files /dev/null and b/config/src/test/resources/serialized/6.4.x/org.springframework.security.oauth2.jwt.JwtException.serialized differ diff --git a/config/src/test/resources/serialized/6.4.x/org.springframework.security.oauth2.jwt.JwtValidationException.serialized b/config/src/test/resources/serialized/6.4.x/org.springframework.security.oauth2.jwt.JwtValidationException.serialized new file mode 100644 index 0000000000..539b3ea50e Binary files /dev/null and b/config/src/test/resources/serialized/6.4.x/org.springframework.security.oauth2.jwt.JwtValidationException.serialized differ diff --git a/config/src/test/resources/serialized/6.4.x/org.springframework.security.oauth2.server.resource.InvalidBearerTokenException.serialized b/config/src/test/resources/serialized/6.4.x/org.springframework.security.oauth2.server.resource.InvalidBearerTokenException.serialized new file mode 100644 index 0000000000..e2cd7fbb99 Binary files /dev/null and b/config/src/test/resources/serialized/6.4.x/org.springframework.security.oauth2.server.resource.InvalidBearerTokenException.serialized differ diff --git a/config/src/test/resources/serialized/6.4.x/org.springframework.security.oauth2.server.resource.introspection.BadOpaqueTokenException.serialized b/config/src/test/resources/serialized/6.4.x/org.springframework.security.oauth2.server.resource.introspection.BadOpaqueTokenException.serialized new file mode 100644 index 0000000000..098c85e9bd Binary files /dev/null and b/config/src/test/resources/serialized/6.4.x/org.springframework.security.oauth2.server.resource.introspection.BadOpaqueTokenException.serialized differ diff --git a/config/src/test/resources/serialized/6.4.x/org.springframework.security.oauth2.server.resource.introspection.OAuth2IntrospectionException.serialized b/config/src/test/resources/serialized/6.4.x/org.springframework.security.oauth2.server.resource.introspection.OAuth2IntrospectionException.serialized new file mode 100644 index 0000000000..4c8b96b31e Binary files /dev/null and b/config/src/test/resources/serialized/6.4.x/org.springframework.security.oauth2.server.resource.introspection.OAuth2IntrospectionException.serialized differ diff --git a/config/src/test/resources/serialized/6.4.x/org.springframework.security.web.firewall.RequestRejectedException.serialized b/config/src/test/resources/serialized/6.4.x/org.springframework.security.web.firewall.RequestRejectedException.serialized new file mode 100644 index 0000000000..52e1faf545 Binary files /dev/null and b/config/src/test/resources/serialized/6.4.x/org.springframework.security.web.firewall.RequestRejectedException.serialized differ diff --git a/config/src/test/resources/serialized/6.4.x/org.springframework.security.web.server.firewall.ServerExchangeRejectedException.serialized b/config/src/test/resources/serialized/6.4.x/org.springframework.security.web.server.firewall.ServerExchangeRejectedException.serialized new file mode 100644 index 0000000000..33fb178f62 Binary files /dev/null and b/config/src/test/resources/serialized/6.4.x/org.springframework.security.web.server.firewall.ServerExchangeRejectedException.serialized differ diff --git a/core/src/main/java/org/springframework/security/access/AccessDeniedException.java b/core/src/main/java/org/springframework/security/access/AccessDeniedException.java index 3bf6ceac5a..49efd9f689 100644 --- a/core/src/main/java/org/springframework/security/access/AccessDeniedException.java +++ b/core/src/main/java/org/springframework/security/access/AccessDeniedException.java @@ -16,6 +16,8 @@ package org.springframework.security.access; +import java.io.Serial; + /** * Thrown if an {@link org.springframework.security.core.Authentication Authentication} * object does not hold a required authority. @@ -24,6 +26,9 @@ package org.springframework.security.access; */ public class AccessDeniedException extends RuntimeException { + @Serial + private static final long serialVersionUID = 6395817500121599533L; + /** * Constructs an AccessDeniedException with the specified message. * @param msg the detail message diff --git a/core/src/main/java/org/springframework/security/access/AuthorizationServiceException.java b/core/src/main/java/org/springframework/security/access/AuthorizationServiceException.java index 6952be563a..4320b0075f 100644 --- a/core/src/main/java/org/springframework/security/access/AuthorizationServiceException.java +++ b/core/src/main/java/org/springframework/security/access/AuthorizationServiceException.java @@ -16,6 +16,8 @@ package org.springframework.security.access; +import java.io.Serial; + /** * Thrown if an authorization request could not be processed due to a system problem. *

@@ -26,6 +28,9 @@ package org.springframework.security.access; */ public class AuthorizationServiceException extends AccessDeniedException { + @Serial + private static final long serialVersionUID = 4817857292041606900L; + /** * Constructs an AuthorizationServiceException with the specified * message. diff --git a/core/src/main/java/org/springframework/security/authentication/AccountExpiredException.java b/core/src/main/java/org/springframework/security/authentication/AccountExpiredException.java index e8ef659882..1193bf5236 100644 --- a/core/src/main/java/org/springframework/security/authentication/AccountExpiredException.java +++ b/core/src/main/java/org/springframework/security/authentication/AccountExpiredException.java @@ -16,6 +16,8 @@ package org.springframework.security.authentication; +import java.io.Serial; + /** * Thrown if an authentication request is rejected because the account has expired. Makes * no assertion as to whether or not the credentials were valid. @@ -24,6 +26,9 @@ package org.springframework.security.authentication; */ public class AccountExpiredException extends AccountStatusException { + @Serial + private static final long serialVersionUID = 3732869526329993353L; + /** * Constructs a AccountExpiredException with the specified message. * @param msg the detail message diff --git a/core/src/main/java/org/springframework/security/authentication/AuthenticationCredentialsNotFoundException.java b/core/src/main/java/org/springframework/security/authentication/AuthenticationCredentialsNotFoundException.java index 91b5d616d8..0ed92018e6 100644 --- a/core/src/main/java/org/springframework/security/authentication/AuthenticationCredentialsNotFoundException.java +++ b/core/src/main/java/org/springframework/security/authentication/AuthenticationCredentialsNotFoundException.java @@ -16,6 +16,8 @@ package org.springframework.security.authentication; +import java.io.Serial; + import org.springframework.security.core.Authentication; import org.springframework.security.core.AuthenticationException; @@ -28,6 +30,9 @@ import org.springframework.security.core.AuthenticationException; */ public class AuthenticationCredentialsNotFoundException extends AuthenticationException { + @Serial + private static final long serialVersionUID = 4153580041526791384L; + /** * Constructs an AuthenticationCredentialsNotFoundException with the * specified message. diff --git a/core/src/main/java/org/springframework/security/authentication/AuthenticationServiceException.java b/core/src/main/java/org/springframework/security/authentication/AuthenticationServiceException.java index 69d7233bdf..3bd076dfd8 100644 --- a/core/src/main/java/org/springframework/security/authentication/AuthenticationServiceException.java +++ b/core/src/main/java/org/springframework/security/authentication/AuthenticationServiceException.java @@ -16,6 +16,8 @@ package org.springframework.security.authentication; +import java.io.Serial; + import org.springframework.security.core.AuthenticationException; /** @@ -29,6 +31,9 @@ import org.springframework.security.core.AuthenticationException; */ public class AuthenticationServiceException extends AuthenticationException { + @Serial + private static final long serialVersionUID = -1591626195291329340L; + /** * Constructs an AuthenticationServiceException with the specified * message. diff --git a/core/src/main/java/org/springframework/security/authentication/BadCredentialsException.java b/core/src/main/java/org/springframework/security/authentication/BadCredentialsException.java index e202ef7b5a..bc759f5f7a 100644 --- a/core/src/main/java/org/springframework/security/authentication/BadCredentialsException.java +++ b/core/src/main/java/org/springframework/security/authentication/BadCredentialsException.java @@ -16,6 +16,8 @@ package org.springframework.security.authentication; +import java.io.Serial; + import org.springframework.security.core.AuthenticationException; /** @@ -26,6 +28,9 @@ import org.springframework.security.core.AuthenticationException; */ public class BadCredentialsException extends AuthenticationException { + @Serial + private static final long serialVersionUID = 2742216069043066973L; + /** * Constructs a BadCredentialsException with the specified message. * @param msg the detail message diff --git a/core/src/main/java/org/springframework/security/authentication/CredentialsExpiredException.java b/core/src/main/java/org/springframework/security/authentication/CredentialsExpiredException.java index 8e532169ae..0419417763 100644 --- a/core/src/main/java/org/springframework/security/authentication/CredentialsExpiredException.java +++ b/core/src/main/java/org/springframework/security/authentication/CredentialsExpiredException.java @@ -16,6 +16,8 @@ package org.springframework.security.authentication; +import java.io.Serial; + /** * Thrown if an authentication request is rejected because the account's credentials have * expired. Makes no assertion as to whether or not the credentials were valid. @@ -24,6 +26,9 @@ package org.springframework.security.authentication; */ public class CredentialsExpiredException extends AccountStatusException { + @Serial + private static final long serialVersionUID = -3306615738048904753L; + /** * Constructs a CredentialsExpiredException with the specified message. * @param msg the detail message diff --git a/core/src/main/java/org/springframework/security/authentication/DisabledException.java b/core/src/main/java/org/springframework/security/authentication/DisabledException.java index 31a75ce0cc..fba1718590 100644 --- a/core/src/main/java/org/springframework/security/authentication/DisabledException.java +++ b/core/src/main/java/org/springframework/security/authentication/DisabledException.java @@ -16,6 +16,8 @@ package org.springframework.security.authentication; +import java.io.Serial; + /** * Thrown if an authentication request is rejected because the account is disabled. Makes * no assertion as to whether or not the credentials were valid. @@ -24,6 +26,9 @@ package org.springframework.security.authentication; */ public class DisabledException extends AccountStatusException { + @Serial + private static final long serialVersionUID = 2295984593872502361L; + /** * Constructs a DisabledException with the specified message. * @param msg the detail message diff --git a/core/src/main/java/org/springframework/security/authentication/InsufficientAuthenticationException.java b/core/src/main/java/org/springframework/security/authentication/InsufficientAuthenticationException.java index 0e072b527a..f475934927 100644 --- a/core/src/main/java/org/springframework/security/authentication/InsufficientAuthenticationException.java +++ b/core/src/main/java/org/springframework/security/authentication/InsufficientAuthenticationException.java @@ -16,6 +16,8 @@ package org.springframework.security.authentication; +import java.io.Serial; + import org.springframework.security.core.AuthenticationException; /** @@ -33,6 +35,9 @@ import org.springframework.security.core.AuthenticationException; */ public class InsufficientAuthenticationException extends AuthenticationException { + @Serial + private static final long serialVersionUID = -5514084346181236128L; + /** * Constructs an InsufficientAuthenticationException with the specified * message. diff --git a/core/src/main/java/org/springframework/security/authentication/InternalAuthenticationServiceException.java b/core/src/main/java/org/springframework/security/authentication/InternalAuthenticationServiceException.java index 3037ebaaf0..de59b2d5ef 100644 --- a/core/src/main/java/org/springframework/security/authentication/InternalAuthenticationServiceException.java +++ b/core/src/main/java/org/springframework/security/authentication/InternalAuthenticationServiceException.java @@ -16,6 +16,8 @@ package org.springframework.security.authentication; +import java.io.Serial; + /** *

* Thrown if an authentication request could not be processed due to a system problem that @@ -37,6 +39,9 @@ package org.springframework.security.authentication; */ public class InternalAuthenticationServiceException extends AuthenticationServiceException { + @Serial + private static final long serialVersionUID = -6029644854192497840L; + public InternalAuthenticationServiceException(String message, Throwable cause) { super(message, cause); } diff --git a/core/src/main/java/org/springframework/security/authentication/LockedException.java b/core/src/main/java/org/springframework/security/authentication/LockedException.java index 9b2272b08f..5262fdb52e 100644 --- a/core/src/main/java/org/springframework/security/authentication/LockedException.java +++ b/core/src/main/java/org/springframework/security/authentication/LockedException.java @@ -16,6 +16,8 @@ package org.springframework.security.authentication; +import java.io.Serial; + /** * Thrown if an authentication request is rejected because the account is locked. Makes no * assertion as to whether or not the credentials were valid. @@ -24,6 +26,9 @@ package org.springframework.security.authentication; */ public class LockedException extends AccountStatusException { + @Serial + private static final long serialVersionUID = 548864198455046567L; + /** * Constructs a LockedException with the specified message. * @param msg the detail message. diff --git a/core/src/main/java/org/springframework/security/authentication/ProviderNotFoundException.java b/core/src/main/java/org/springframework/security/authentication/ProviderNotFoundException.java index 629a28e8c8..870a6ea1f8 100644 --- a/core/src/main/java/org/springframework/security/authentication/ProviderNotFoundException.java +++ b/core/src/main/java/org/springframework/security/authentication/ProviderNotFoundException.java @@ -16,6 +16,8 @@ package org.springframework.security.authentication; +import java.io.Serial; + import org.springframework.security.core.AuthenticationException; /** @@ -27,6 +29,9 @@ import org.springframework.security.core.AuthenticationException; */ public class ProviderNotFoundException extends AuthenticationException { + @Serial + private static final long serialVersionUID = 8107665253214447614L; + /** * Constructs a ProviderNotFoundException with the specified message. * @param msg the detail message diff --git a/core/src/main/java/org/springframework/security/authentication/ott/InvalidOneTimeTokenException.java b/core/src/main/java/org/springframework/security/authentication/ott/InvalidOneTimeTokenException.java index 03289f12b7..8ee8199cd0 100644 --- a/core/src/main/java/org/springframework/security/authentication/ott/InvalidOneTimeTokenException.java +++ b/core/src/main/java/org/springframework/security/authentication/ott/InvalidOneTimeTokenException.java @@ -16,6 +16,8 @@ package org.springframework.security.authentication.ott; +import java.io.Serial; + import org.springframework.security.core.AuthenticationException; /** @@ -26,6 +28,9 @@ import org.springframework.security.core.AuthenticationException; */ public class InvalidOneTimeTokenException extends AuthenticationException { + @Serial + private static final long serialVersionUID = -3651018515682919943L; + public InvalidOneTimeTokenException(String msg) { super(msg); } diff --git a/core/src/main/java/org/springframework/security/authentication/password/CompromisedPasswordException.java b/core/src/main/java/org/springframework/security/authentication/password/CompromisedPasswordException.java index 672876164f..04d042b96a 100644 --- a/core/src/main/java/org/springframework/security/authentication/password/CompromisedPasswordException.java +++ b/core/src/main/java/org/springframework/security/authentication/password/CompromisedPasswordException.java @@ -16,6 +16,8 @@ package org.springframework.security.authentication.password; +import java.io.Serial; + import org.springframework.security.core.AuthenticationException; /** @@ -26,6 +28,9 @@ import org.springframework.security.core.AuthenticationException; */ public class CompromisedPasswordException extends AuthenticationException { + @Serial + private static final long serialVersionUID = -885858958297842864L; + public CompromisedPasswordException(String message) { super(message); } diff --git a/core/src/main/java/org/springframework/security/authorization/AuthorizationDeniedException.java b/core/src/main/java/org/springframework/security/authorization/AuthorizationDeniedException.java index fdcb1e70aa..63385e1cbd 100644 --- a/core/src/main/java/org/springframework/security/authorization/AuthorizationDeniedException.java +++ b/core/src/main/java/org/springframework/security/authorization/AuthorizationDeniedException.java @@ -16,6 +16,8 @@ package org.springframework.security.authorization; +import java.io.Serial; + import org.springframework.security.access.AccessDeniedException; import org.springframework.util.Assert; @@ -27,6 +29,9 @@ import org.springframework.util.Assert; */ public class AuthorizationDeniedException extends AccessDeniedException implements AuthorizationResult { + @Serial + private static final long serialVersionUID = 3227305845919610459L; + private final AuthorizationResult result; public AuthorizationDeniedException(String msg, AuthorizationResult authorizationResult) { diff --git a/core/src/main/java/org/springframework/security/core/userdetails/UsernameNotFoundException.java b/core/src/main/java/org/springframework/security/core/userdetails/UsernameNotFoundException.java index 22c3c1d8e5..d1d969dc26 100644 --- a/core/src/main/java/org/springframework/security/core/userdetails/UsernameNotFoundException.java +++ b/core/src/main/java/org/springframework/security/core/userdetails/UsernameNotFoundException.java @@ -16,6 +16,8 @@ package org.springframework.security.core.userdetails; +import java.io.Serial; + import org.springframework.security.core.AuthenticationException; /** @@ -26,6 +28,9 @@ import org.springframework.security.core.AuthenticationException; */ public class UsernameNotFoundException extends AuthenticationException { + @Serial + private static final long serialVersionUID = 1410688585992297006L; + /** * Constructs a UsernameNotFoundException with the specified message. * @param msg the detail message. diff --git a/crypto/src/main/java/org/springframework/security/crypto/codec/Base64.java b/crypto/src/main/java/org/springframework/security/crypto/codec/Base64.java index d4afce73c1..b696c0c4bf 100644 --- a/crypto/src/main/java/org/springframework/security/crypto/codec/Base64.java +++ b/crypto/src/main/java/org/springframework/security/crypto/codec/Base64.java @@ -617,6 +617,7 @@ public final class Base64 { return out; } + @SuppressWarnings("serial") static class InvalidBase64CharacterException extends IllegalArgumentException { InvalidBase64CharacterException(String message) { diff --git a/ldap/src/main/java/org/springframework/security/ldap/authentication/ad/ActiveDirectoryAuthenticationException.java b/ldap/src/main/java/org/springframework/security/ldap/authentication/ad/ActiveDirectoryAuthenticationException.java index 42b0403740..124fce51bb 100644 --- a/ldap/src/main/java/org/springframework/security/ldap/authentication/ad/ActiveDirectoryAuthenticationException.java +++ b/ldap/src/main/java/org/springframework/security/ldap/authentication/ad/ActiveDirectoryAuthenticationException.java @@ -40,6 +40,7 @@ import org.springframework.security.core.AuthenticationException; * * @author Rob Winch */ +@SuppressWarnings("serial") public final class ActiveDirectoryAuthenticationException extends AuthenticationException { private final String dataCode; diff --git a/ldap/src/main/java/org/springframework/security/ldap/ppolicy/PasswordPolicyException.java b/ldap/src/main/java/org/springframework/security/ldap/ppolicy/PasswordPolicyException.java index 73ab142052..f01222d4a2 100644 --- a/ldap/src/main/java/org/springframework/security/ldap/ppolicy/PasswordPolicyException.java +++ b/ldap/src/main/java/org/springframework/security/ldap/ppolicy/PasswordPolicyException.java @@ -16,6 +16,8 @@ package org.springframework.security.ldap.ppolicy; +import java.io.Serial; + /** * Generic exception raised by the ppolicy package. *

@@ -27,6 +29,9 @@ package org.springframework.security.ldap.ppolicy; */ public class PasswordPolicyException extends RuntimeException { + @Serial + private static final long serialVersionUID = 2586535034047453106L; + private final PasswordPolicyErrorStatus status; public PasswordPolicyException(PasswordPolicyErrorStatus status) { diff --git a/oauth2/oauth2-client/src/main/java/org/springframework/security/oauth2/client/ClientAuthorizationException.java b/oauth2/oauth2-client/src/main/java/org/springframework/security/oauth2/client/ClientAuthorizationException.java index 8050b74a03..257f26f4f5 100644 --- a/oauth2/oauth2-client/src/main/java/org/springframework/security/oauth2/client/ClientAuthorizationException.java +++ b/oauth2/oauth2-client/src/main/java/org/springframework/security/oauth2/client/ClientAuthorizationException.java @@ -16,6 +16,8 @@ package org.springframework.security.oauth2.client; +import java.io.Serial; + import org.springframework.security.oauth2.core.OAuth2AuthorizationException; import org.springframework.security.oauth2.core.OAuth2Error; import org.springframework.util.Assert; @@ -30,6 +32,9 @@ import org.springframework.util.Assert; */ public class ClientAuthorizationException extends OAuth2AuthorizationException { + @Serial + private static final long serialVersionUID = 4710713969265443271L; + private final String clientRegistrationId; /** diff --git a/oauth2/oauth2-client/src/main/java/org/springframework/security/oauth2/client/ClientAuthorizationRequiredException.java b/oauth2/oauth2-client/src/main/java/org/springframework/security/oauth2/client/ClientAuthorizationRequiredException.java index ee4c0e4784..0bb5649ece 100644 --- a/oauth2/oauth2-client/src/main/java/org/springframework/security/oauth2/client/ClientAuthorizationRequiredException.java +++ b/oauth2/oauth2-client/src/main/java/org/springframework/security/oauth2/client/ClientAuthorizationRequiredException.java @@ -16,6 +16,8 @@ package org.springframework.security.oauth2.client; +import java.io.Serial; + import org.springframework.security.oauth2.core.OAuth2Error; /** @@ -28,6 +30,9 @@ import org.springframework.security.oauth2.core.OAuth2Error; */ public class ClientAuthorizationRequiredException extends ClientAuthorizationException { + @Serial + private static final long serialVersionUID = -5738646355203953667L; + private static final String CLIENT_AUTHORIZATION_REQUIRED_ERROR_CODE = "client_authorization_required"; /** diff --git a/oauth2/oauth2-client/src/main/java/org/springframework/security/oauth2/client/web/InvalidClientRegistrationIdException.java b/oauth2/oauth2-client/src/main/java/org/springframework/security/oauth2/client/web/InvalidClientRegistrationIdException.java index f42249284f..e7e718949c 100644 --- a/oauth2/oauth2-client/src/main/java/org/springframework/security/oauth2/client/web/InvalidClientRegistrationIdException.java +++ b/oauth2/oauth2-client/src/main/java/org/springframework/security/oauth2/client/web/InvalidClientRegistrationIdException.java @@ -20,6 +20,7 @@ package org.springframework.security.oauth2.client.web; * @author Steve Riesenberg * @since 5.8 */ +@SuppressWarnings("serial") class InvalidClientRegistrationIdException extends IllegalArgumentException { /** diff --git a/oauth2/oauth2-core/src/main/java/org/springframework/security/oauth2/core/OAuth2AuthenticationException.java b/oauth2/oauth2-core/src/main/java/org/springframework/security/oauth2/core/OAuth2AuthenticationException.java index a868f3180d..ac760c5dc4 100644 --- a/oauth2/oauth2-core/src/main/java/org/springframework/security/oauth2/core/OAuth2AuthenticationException.java +++ b/oauth2/oauth2-core/src/main/java/org/springframework/security/oauth2/core/OAuth2AuthenticationException.java @@ -16,6 +16,8 @@ package org.springframework.security.oauth2.core; +import java.io.Serial; + import org.springframework.security.core.Authentication; import org.springframework.security.core.AuthenticationException; import org.springframework.util.Assert; @@ -41,6 +43,9 @@ import org.springframework.util.Assert; */ public class OAuth2AuthenticationException extends AuthenticationException { + @Serial + private static final long serialVersionUID = -7832130893085581438L; + private final OAuth2Error error; /** diff --git a/oauth2/oauth2-core/src/main/java/org/springframework/security/oauth2/core/OAuth2AuthorizationException.java b/oauth2/oauth2-core/src/main/java/org/springframework/security/oauth2/core/OAuth2AuthorizationException.java index dbfdf98e5f..af833d1dae 100644 --- a/oauth2/oauth2-core/src/main/java/org/springframework/security/oauth2/core/OAuth2AuthorizationException.java +++ b/oauth2/oauth2-core/src/main/java/org/springframework/security/oauth2/core/OAuth2AuthorizationException.java @@ -16,6 +16,8 @@ package org.springframework.security.oauth2.core; +import java.io.Serial; + import org.springframework.util.Assert; /** @@ -26,6 +28,9 @@ import org.springframework.util.Assert; */ public class OAuth2AuthorizationException extends RuntimeException { + @Serial + private static final long serialVersionUID = -5470222190376181102L; + private final OAuth2Error error; /** diff --git a/oauth2/oauth2-jose/src/main/java/org/springframework/security/oauth2/jwt/BadJwtException.java b/oauth2/oauth2-jose/src/main/java/org/springframework/security/oauth2/jwt/BadJwtException.java index 3a30545179..2742d0c51e 100644 --- a/oauth2/oauth2-jose/src/main/java/org/springframework/security/oauth2/jwt/BadJwtException.java +++ b/oauth2/oauth2-jose/src/main/java/org/springframework/security/oauth2/jwt/BadJwtException.java @@ -16,6 +16,8 @@ package org.springframework.security.oauth2.jwt; +import java.io.Serial; + /** * An exception similar to * {@link org.springframework.security.authentication.BadCredentialsException} that @@ -26,6 +28,9 @@ package org.springframework.security.oauth2.jwt; */ public class BadJwtException extends JwtException { + @Serial + private static final long serialVersionUID = 7748429527132280501L; + public BadJwtException(String message) { super(message); } diff --git a/oauth2/oauth2-jose/src/main/java/org/springframework/security/oauth2/jwt/JwtDecoderInitializationException.java b/oauth2/oauth2-jose/src/main/java/org/springframework/security/oauth2/jwt/JwtDecoderInitializationException.java index 775da4c9a9..cd1b90a14c 100644 --- a/oauth2/oauth2-jose/src/main/java/org/springframework/security/oauth2/jwt/JwtDecoderInitializationException.java +++ b/oauth2/oauth2-jose/src/main/java/org/springframework/security/oauth2/jwt/JwtDecoderInitializationException.java @@ -16,6 +16,8 @@ package org.springframework.security.oauth2.jwt; +import java.io.Serial; + /** * An exception thrown when a {@link JwtDecoder} or {@link ReactiveJwtDecoder}'s lazy * initialization fails. @@ -25,6 +27,9 @@ package org.springframework.security.oauth2.jwt; */ public class JwtDecoderInitializationException extends RuntimeException { + @Serial + private static final long serialVersionUID = 2786360018315628982L; + public JwtDecoderInitializationException(String message, Throwable cause) { super(message, cause); } diff --git a/oauth2/oauth2-jose/src/main/java/org/springframework/security/oauth2/jwt/JwtEncodingException.java b/oauth2/oauth2-jose/src/main/java/org/springframework/security/oauth2/jwt/JwtEncodingException.java index 9b48f5c4a2..365993c5ed 100644 --- a/oauth2/oauth2-jose/src/main/java/org/springframework/security/oauth2/jwt/JwtEncodingException.java +++ b/oauth2/oauth2-jose/src/main/java/org/springframework/security/oauth2/jwt/JwtEncodingException.java @@ -16,6 +16,8 @@ package org.springframework.security.oauth2.jwt; +import java.io.Serial; + /** * This exception is thrown when an error occurs while attempting to encode a JSON Web * Token (JWT). @@ -25,6 +27,9 @@ package org.springframework.security.oauth2.jwt; */ public class JwtEncodingException extends JwtException { + @Serial + private static final long serialVersionUID = 6581840872589902213L; + /** * Constructs a {@code JwtEncodingException} using the provided parameters. * @param message the detail message diff --git a/oauth2/oauth2-jose/src/main/java/org/springframework/security/oauth2/jwt/JwtException.java b/oauth2/oauth2-jose/src/main/java/org/springframework/security/oauth2/jwt/JwtException.java index b13f0dff26..2004727ffb 100644 --- a/oauth2/oauth2-jose/src/main/java/org/springframework/security/oauth2/jwt/JwtException.java +++ b/oauth2/oauth2-jose/src/main/java/org/springframework/security/oauth2/jwt/JwtException.java @@ -16,6 +16,8 @@ package org.springframework.security.oauth2.jwt; +import java.io.Serial; + /** * Base exception for all JSON Web Token (JWT) related errors. * @@ -24,6 +26,9 @@ package org.springframework.security.oauth2.jwt; */ public class JwtException extends RuntimeException { + @Serial + private static final long serialVersionUID = -3070197880233583797L; + /** * Constructs a {@code JwtException} using the provided parameters. * @param message the detail message diff --git a/oauth2/oauth2-jose/src/main/java/org/springframework/security/oauth2/jwt/JwtValidationException.java b/oauth2/oauth2-jose/src/main/java/org/springframework/security/oauth2/jwt/JwtValidationException.java index 94568d2dc6..ab3722e5fd 100644 --- a/oauth2/oauth2-jose/src/main/java/org/springframework/security/oauth2/jwt/JwtValidationException.java +++ b/oauth2/oauth2-jose/src/main/java/org/springframework/security/oauth2/jwt/JwtValidationException.java @@ -16,6 +16,7 @@ package org.springframework.security.oauth2.jwt; +import java.io.Serial; import java.util.ArrayList; import java.util.Collection; @@ -31,6 +32,9 @@ import org.springframework.util.Assert; */ public class JwtValidationException extends BadJwtException { + @Serial + private static final long serialVersionUID = 134652048447295615L; + private final Collection errors; /** diff --git a/oauth2/oauth2-resource-server/src/main/java/org/springframework/security/oauth2/server/resource/InvalidBearerTokenException.java b/oauth2/oauth2-resource-server/src/main/java/org/springframework/security/oauth2/server/resource/InvalidBearerTokenException.java index 0ba62813da..c82b3bd5e4 100644 --- a/oauth2/oauth2-resource-server/src/main/java/org/springframework/security/oauth2/server/resource/InvalidBearerTokenException.java +++ b/oauth2/oauth2-resource-server/src/main/java/org/springframework/security/oauth2/server/resource/InvalidBearerTokenException.java @@ -16,6 +16,8 @@ package org.springframework.security.oauth2.server.resource; +import java.io.Serial; + import org.springframework.security.oauth2.core.OAuth2AuthenticationException; /** @@ -26,6 +28,9 @@ import org.springframework.security.oauth2.core.OAuth2AuthenticationException; */ public class InvalidBearerTokenException extends OAuth2AuthenticationException { + @Serial + private static final long serialVersionUID = 6904689954809100280L; + /** * Construct an instance of {@link InvalidBearerTokenException} given the provided * description. diff --git a/oauth2/oauth2-resource-server/src/main/java/org/springframework/security/oauth2/server/resource/introspection/BadOpaqueTokenException.java b/oauth2/oauth2-resource-server/src/main/java/org/springframework/security/oauth2/server/resource/introspection/BadOpaqueTokenException.java index 5e155c8bce..cddd32c3b0 100644 --- a/oauth2/oauth2-resource-server/src/main/java/org/springframework/security/oauth2/server/resource/introspection/BadOpaqueTokenException.java +++ b/oauth2/oauth2-resource-server/src/main/java/org/springframework/security/oauth2/server/resource/introspection/BadOpaqueTokenException.java @@ -16,6 +16,8 @@ package org.springframework.security.oauth2.server.resource.introspection; +import java.io.Serial; + /** * An exception similar to * {@link org.springframework.security.authentication.BadCredentialsException} that @@ -26,6 +28,9 @@ package org.springframework.security.oauth2.server.resource.introspection; */ public class BadOpaqueTokenException extends OAuth2IntrospectionException { + @Serial + private static final long serialVersionUID = -6937847463454551076L; + public BadOpaqueTokenException(String message) { super(message); } diff --git a/oauth2/oauth2-resource-server/src/main/java/org/springframework/security/oauth2/server/resource/introspection/OAuth2IntrospectionException.java b/oauth2/oauth2-resource-server/src/main/java/org/springframework/security/oauth2/server/resource/introspection/OAuth2IntrospectionException.java index e2649ba975..6650d96e57 100644 --- a/oauth2/oauth2-resource-server/src/main/java/org/springframework/security/oauth2/server/resource/introspection/OAuth2IntrospectionException.java +++ b/oauth2/oauth2-resource-server/src/main/java/org/springframework/security/oauth2/server/resource/introspection/OAuth2IntrospectionException.java @@ -16,6 +16,8 @@ package org.springframework.security.oauth2.server.resource.introspection; +import java.io.Serial; + /** * Base exception for all OAuth 2.0 Introspection related errors * @@ -24,6 +26,9 @@ package org.springframework.security.oauth2.server.resource.introspection; */ public class OAuth2IntrospectionException extends RuntimeException { + @Serial + private static final long serialVersionUID = -7327790383594166793L; + public OAuth2IntrospectionException(String message) { super(message); } diff --git a/web/src/main/java/org/springframework/security/web/firewall/RequestRejectedException.java b/web/src/main/java/org/springframework/security/web/firewall/RequestRejectedException.java index b997031a47..ea91775b62 100644 --- a/web/src/main/java/org/springframework/security/web/firewall/RequestRejectedException.java +++ b/web/src/main/java/org/springframework/security/web/firewall/RequestRejectedException.java @@ -16,11 +16,16 @@ package org.springframework.security.web.firewall; +import java.io.Serial; + /** * @author Luke Taylor */ public class RequestRejectedException extends RuntimeException { + @Serial + private static final long serialVersionUID = 7226768874760909859L; + public RequestRejectedException(String message) { super(message); } diff --git a/web/src/main/java/org/springframework/security/web/server/authentication/SwitchUserWebFilter.java b/web/src/main/java/org/springframework/security/web/server/authentication/SwitchUserWebFilter.java index 8eab25cf1f..85686f5815 100644 --- a/web/src/main/java/org/springframework/security/web/server/authentication/SwitchUserWebFilter.java +++ b/web/src/main/java/org/springframework/security/web/server/authentication/SwitchUserWebFilter.java @@ -353,6 +353,7 @@ public class SwitchUserWebFilter implements WebFilter { this.switchUserMatcher = switchUserMatcher; } + @SuppressWarnings("serial") private static class SwitchUserAuthenticationException extends RuntimeException { SwitchUserAuthenticationException(AuthenticationException exception) { diff --git a/web/src/main/java/org/springframework/security/web/server/firewall/ServerExchangeRejectedException.java b/web/src/main/java/org/springframework/security/web/server/firewall/ServerExchangeRejectedException.java index 5246838dcf..f46140d351 100644 --- a/web/src/main/java/org/springframework/security/web/server/firewall/ServerExchangeRejectedException.java +++ b/web/src/main/java/org/springframework/security/web/server/firewall/ServerExchangeRejectedException.java @@ -16,6 +16,8 @@ package org.springframework.security.web.server.firewall; +import java.io.Serial; + /** * Thrown when a {@link org.springframework.web.server.ServerWebExchange} is rejected. * @@ -24,6 +26,9 @@ package org.springframework.security.web.server.firewall; */ public class ServerExchangeRejectedException extends RuntimeException { + @Serial + private static final long serialVersionUID = 904984955691607748L; + public ServerExchangeRejectedException(String message) { super(message); }