From d043884e3209a91c7ea6910df5170a1471fae615 Mon Sep 17 00:00:00 2001
From: Josh Cummings <3627351+jzheaux@users.noreply.github.com>
Date: Thu, 23 Jan 2025 16:41:24 -0700
Subject: [PATCH] Support Serialization

Issue gh-16276
---
 ...gSecurityCoreVersionSerializableTests.java |  21 ++++++++++++++++++
 ...savedrequest.SimpleSavedRequest.serialized | Bin 0 -> 1022 bytes
 .../web/savedrequest/SimpleSavedRequest.java  |   4 ++++
 3 files changed, 25 insertions(+)
 create mode 100644 config/src/test/resources/serialized/6.4.x/org.springframework.security.web.savedrequest.SimpleSavedRequest.serialized

diff --git a/config/src/test/java/org/springframework/security/SpringSecurityCoreVersionSerializableTests.java b/config/src/test/java/org/springframework/security/SpringSecurityCoreVersionSerializableTests.java
index 443c6749c4..ecac0f4da5 100644
--- a/config/src/test/java/org/springframework/security/SpringSecurityCoreVersionSerializableTests.java
+++ b/config/src/test/java/org/springframework/security/SpringSecurityCoreVersionSerializableTests.java
@@ -36,11 +36,13 @@ import java.util.Collection;
 import java.util.Date;
 import java.util.HashMap;
 import java.util.List;
+import java.util.Locale;
 import java.util.Map;
 import java.util.Set;
 import java.util.stream.Collectors;
 import java.util.stream.Stream;
 
+import jakarta.servlet.http.Cookie;
 import org.apereo.cas.client.validation.AssertionImpl;
 import org.instancio.Instancio;
 import org.instancio.InstancioApi;
@@ -54,6 +56,7 @@ import org.junit.jupiter.params.provider.MethodSource;
 import org.springframework.beans.factory.config.BeanDefinition;
 import org.springframework.context.annotation.ClassPathScanningCandidateComponentProvider;
 import org.springframework.core.type.filter.AssignableTypeFilter;
+import org.springframework.mock.web.MockHttpServletRequest;
 import org.springframework.mock.web.MockHttpSession;
 import org.springframework.security.access.AccessDeniedException;
 import org.springframework.security.access.AuthorizationServiceException;
@@ -174,6 +177,7 @@ import org.springframework.security.saml2.provider.service.authentication.Saml2R
 import org.springframework.security.saml2.provider.service.authentication.TestSaml2Authentications;
 import org.springframework.security.saml2.provider.service.authentication.TestSaml2PostAuthenticationRequests;
 import org.springframework.security.saml2.provider.service.authentication.TestSaml2RedirectAuthenticationRequests;
+import org.springframework.security.web.PortResolverImpl;
 import org.springframework.security.web.authentication.WebAuthenticationDetails;
 import org.springframework.security.web.authentication.preauth.PreAuthenticatedAuthenticationToken;
 import org.springframework.security.web.authentication.preauth.PreAuthenticatedCredentialsNotFoundException;
@@ -189,8 +193,11 @@ import org.springframework.security.web.csrf.DefaultCsrfToken;
 import org.springframework.security.web.csrf.InvalidCsrfTokenException;
 import org.springframework.security.web.csrf.MissingCsrfTokenException;
 import org.springframework.security.web.firewall.RequestRejectedException;
+import org.springframework.security.web.savedrequest.DefaultSavedRequest;
+import org.springframework.security.web.savedrequest.SimpleSavedRequest;
 import org.springframework.security.web.server.firewall.ServerExchangeRejectedException;
 import org.springframework.security.web.session.HttpSessionCreatedEvent;
+import org.springframework.security.web.util.UrlUtils;
 import org.springframework.security.web.webauthn.api.Bytes;
 import org.springframework.security.web.webauthn.api.ImmutablePublicKeyCredentialUserEntity;
 import org.springframework.security.web.webauthn.api.PublicKeyCredentialUserEntity;
@@ -514,6 +521,20 @@ class SpringSecurityCoreVersionSerializableTests {
 				(r) -> new AuthenticationSwitchUserEvent(authentication, user));
 		generatorByClassName.put(HttpSessionCreatedEvent.class,
 				(r) -> new HttpSessionCreatedEvent(new MockHttpSession()));
+		generatorByClassName.put(SimpleSavedRequest.class, (r) -> {
+			MockHttpServletRequest request = new MockHttpServletRequest("GET", "/uri");
+			request.setQueryString("query=string");
+			request.setScheme("https");
+			request.setServerName("localhost");
+			request.setServerPort(80);
+			request.setRequestURI("/uri");
+			request.setCookies(new Cookie("name", "value"));
+			request.addHeader("header", "value");
+			request.addParameter("parameter", "value");
+			request.setPathInfo("/path");
+			request.addPreferredLocale(Locale.ENGLISH);
+			return new SimpleSavedRequest(new DefaultSavedRequest(request, new PortResolverImpl(), "continue"));
+		});
 
 		// webauthn
 		generatorByClassName.put(Bytes.class, (r) -> TestBytes.get());
diff --git a/config/src/test/resources/serialized/6.4.x/org.springframework.security.web.savedrequest.SimpleSavedRequest.serialized b/config/src/test/resources/serialized/6.4.x/org.springframework.security.web.savedrequest.SimpleSavedRequest.serialized
new file mode 100644
index 0000000000000000000000000000000000000000..58449b0e225938c89ba127cfa45d72b240900838
GIT binary patch
literal 1022
zcmYk5K~L0B5XXm>U0@-B)r5;dJ*Wqjt``qV5C{R>q$b8i6C(#6-C<kkw&lHPx2uuF
zkAcy<2R-Q*ARfG#$dRLo8WX*EFnZE?ubX9?^rbUzI`23CnfLl9l$3<UShgIM$RKKM
zOVP$oEO#A+UMd6XIvw0{l*q6taW6$hP9tb1AvUz@Uf~+Q{_t02<<$)f$}Ws}al9LF
zAWXSCA``Wgg0SWWispFJN6|#do09{ZcSNH1!q^ibsy*0;As5PRBtLEvoGKzi5w&U!
z(v%!rNrXlv&ZXlm7se$v1Bo8pm!WpqdBU}w)(DP9aF(PLUCog{JDNH8AYR%qREJ>|
zJjOf$fT7N?UiqgpJ7QNz5-ftuLL|p0N}Od=*Smw`x7p_N&lcEBA&7ytQYxsKVmM+d
zbG!?sOoVA+7?$b@%eqA5swWPA-<rL+^OZ?BnHRTpRTN8t=>d6``~EqT=d#J8^>7M3
zE-VX$^+;i)0tzxb`JrQPJl(ka<)a0VCq;b(<%aGp5|p+@s4%C3nr#D|vjPLCw}tW<
zwKQ^k_<nlxlMU7?RKi#^SB1x@br>UGqVnUgnI{X2EFr)|XO!0|er-Ok5YF_e#IBys
z1Qo5-d~qg+^+rRBHxQ=HDkDxVc^)P->vGwtXcdAF#Bl<QuAavz&-*7?recfhnL3f)
zHB+|#r@Hy#+TR~Gl<P3+bB$iyL^Hi<M6%m!VTIMvs>YE?$}Jz&x@&-5L|J(<NT_Fx
zWI_faD$G3j#}5JM&2t16M&`>bxn9q5VfNa}x=B9PZ_rqOxKp0sM`je9fqu`uIePHz
u`^=Ly(^f61PNr45q9;||tkuk2@?%9czQqfCab<U2nagv@iz5o66#oNNI6*J~

literal 0
HcmV?d00001

diff --git a/web/src/main/java/org/springframework/security/web/savedrequest/SimpleSavedRequest.java b/web/src/main/java/org/springframework/security/web/savedrequest/SimpleSavedRequest.java
index 08165eb0cd..e74e7fcb11 100644
--- a/web/src/main/java/org/springframework/security/web/savedrequest/SimpleSavedRequest.java
+++ b/web/src/main/java/org/springframework/security/web/savedrequest/SimpleSavedRequest.java
@@ -16,6 +16,7 @@
 
 package org.springframework.security.web.savedrequest;
 
+import java.io.Serial;
 import java.util.ArrayList;
 import java.util.Collection;
 import java.util.HashMap;
@@ -35,6 +36,9 @@ import org.springframework.util.Assert;
  */
 public class SimpleSavedRequest implements SavedRequest {
 
+	@Serial
+	private static final long serialVersionUID = 807650604272166969L;
+
 	private String redirectUrl;
 
 	private List<Cookie> cookies = new ArrayList<>();