Cwikius-Spring/spring-security
1
0
Fork 0
mirror of https://github.com/spring-projects/spring-security.git synced 2025-06-23 20:42:14 +00:00
Code Issues Packages Projects Releases Wiki Activity

Merge branch '6.4.x'

Browse Source
This commit is contained in:
Josh Cummings 2025-02-05 13:59:12 -07:00
commit 981e3fd779
No known key found for this signature in database
GPG Key ID: 869B37A20E876129
9 changed files with 23 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
config/src/test/java/org/springframework/security/SpringSecurityCoreVersionSerializableTests.java
View File

@ -99,6 +99,9 @@ import org.springframework.security.authentication.jaas.event.JaasAuthentication
import org.springframework.security.authentication.ott.InvalidOneTimeTokenException;
import org.springframework.security.authentication.ott.OneTimeTokenAuthenticationToken;
import org.springframework.security.authentication.password.CompromisedPasswordException;
import org.springframework.security.authorization.AuthorityAuthorizationDecision;
import org.springframework.security.authorization.AuthorizationDecision;
import org.springframework.security.authorization.AuthorizationDeniedException;
import org.springframework.security.cas.authentication.CasAssertionAuthenticationToken;
import org.springframework.security.cas.authentication.CasAuthenticationToken;
import org.springframework.security.cas.authentication.CasServiceTicketAuthenticationToken;
@ -471,6 +474,11 @@ class SpringSecurityCoreVersionSerializableTests {
generatorByClassName.put(AbstractSessionEvent.class, (r) -> new AbstractSessionEvent(securityContext));
generatorByClassName.put(SecurityConfig.class, (r) -> new SecurityConfig("value"));
generatorByClassName.put(TransientSecurityContext.class, (r) -> new TransientSecurityContext(authentication));
generatorByClassName.put(AuthorizationDeniedException.class,
(r) -> new AuthorizationDeniedException("message", new AuthorizationDecision(false)));
generatorByClassName.put(AuthorizationDecision.class, (r) -> new AuthorizationDecision(true));
generatorByClassName.put(AuthorityAuthorizationDecision.class,
(r) -> new AuthorityAuthorizationDecision(true, AuthorityUtils.createAuthorityList("ROLE_USER")));
// cas
generatorByClassName.put(CasServiceTicketAuthenticationToken.class, (r) -> {

BIN
config/src/test/resources/serialized/6.4.x/org.springframework.security.authorization.AuthorityAuthorizationDecision.serialized Normal file
View File

Binary file not shown.

BIN
config/src/test/resources/serialized/6.4.x/org.springframework.security.authorization.AuthorizationDecision.serialized Normal file
View File

Binary file not shown.

0
config/src/test/resources/serialized/6.4.x/org.springframework.security.authorization.AuthorizationDeniedException.serialized Normal file
View File

4
core/src/main/java/org/springframework/security/authorization/AuthorityAuthorizationDecision.java
View File

@ -16,6 +16,7 @@
package org.springframework.security.authorization;
import java.io.Serial;
import java.util.Collection;
import org.springframework.security.core.GrantedAuthority;
@ -28,6 +29,9 @@ import org.springframework.security.core.GrantedAuthority;
*/
public class AuthorityAuthorizationDecision extends AuthorizationDecision {
@Serial
private static final long serialVersionUID = -8338309042331376592L;
private final Collection<GrantedAuthority> authorities;
public AuthorityAuthorizationDecision(boolean granted, Collection<GrantedAuthority> authorities) {

5
core/src/main/java/org/springframework/security/authorization/AuthorizationDecision.java
View File

@ -16,12 +16,17 @@
package org.springframework.security.authorization;
import java.io.Serial;
/**
* @author Rob Winch
* @since 5.0
*/
public class AuthorizationDecision implements AuthorizationResult {
@Serial
private static final long serialVersionUID = -3226018324649244416L;
private final boolean granted;
public AuthorizationDecision(boolean granted) {

2
core/src/main/java/org/springframework/security/authorization/AuthorizationManagers.java
View File

@ -145,6 +145,7 @@ public final class AuthorizationManagers {
private AuthorizationManagers() {
}
@SuppressWarnings("serial")
private static final class CompositeAuthorizationDecision extends AuthorizationDecision {
private final List<AuthorizationResult> results;
@ -161,6 +162,7 @@ public final class AuthorizationManagers {
}
@SuppressWarnings("serial")
private static final class NotAuthorizationDecision extends AuthorizationDecision {
private final AuthorizationResult result;

4
core/src/main/java/org/springframework/security/authorization/AuthorizationResult.java
View File

@ -16,13 +16,15 @@
package org.springframework.security.authorization;
import java.io.Serializable;
/**
* Represents an authorization result
*
* @author Marcus da Coregio
* @since 6.3
*/
public interface AuthorizationResult {
public interface AuthorizationResult extends Serializable {
/**
* @return whether the access has been granted

1
core/src/main/java/org/springframework/security/authorization/ExpressionAuthorizationDecision.java
View File

@ -24,6 +24,7 @@ import org.springframework.expression.Expression;
* @author Marcus Da Coregio
* @since 5.8
*/
@SuppressWarnings("serial")
public class ExpressionAuthorizationDecision extends AuthorizationDecision {
private final Expression expression;