Cwikius-Spring/spring-security
1
0
Fork 0
mirror of https://github.com/spring-projects/spring-security.git synced 2025-07-08 11:32:47 +00:00
Code Issues Packages Projects Releases Wiki Activity

Make DefaultOneTimeToken Serializable

Browse Source 
Closes gh-16617

Signed-off-by: Max Batischev <mblancer@mail.ru>
This commit is contained in:
Max Batischev 2025-02-20 15:17:13 +03:00 committed by Josh Cummings
parent 7df85a2ed9
commit fa35c5b4d8
4 changed files with 15 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
config/src/test/java/org/springframework/security/SpringSecurityCoreVersionSerializableTests.java
View File

@ -43,6 +43,7 @@ import java.util.List;
import java.util.Locale;
import java.util.Map;
import java.util.Set;
import java.util.UUID;
import java.util.stream.Stream;
import jakarta.servlet.http.Cookie;
@ -98,6 +99,7 @@ import org.springframework.security.authentication.event.LogoutSuccessEvent;
import org.springframework.security.authentication.jaas.JaasAuthenticationToken;
import org.springframework.security.authentication.jaas.event.JaasAuthenticationFailedEvent;
import org.springframework.security.authentication.jaas.event.JaasAuthenticationSuccessEvent;
import org.springframework.security.authentication.ott.DefaultOneTimeToken;
import org.springframework.security.authentication.ott.InvalidOneTimeTokenException;
import org.springframework.security.authentication.ott.OneTimeTokenAuthenticationToken;
import org.springframework.security.authentication.password.CompromisedPasswordException;
@ -667,6 +669,11 @@ class SpringSecurityCoreVersionSerializableTests {
return webAuthnAuthentication;
});
// @formatter:on
// One-Time Token
DefaultOneTimeToken oneTimeToken = new DefaultOneTimeToken(UUID.randomUUID().toString(), "user",
Instant.now().plusSeconds(300));
generatorByClassName.put(DefaultOneTimeToken.class, (t) -> oneTimeToken);
}
@ParameterizedTest

BIN
config/src/test/resources/serialized/6.5.x/org.springframework.security.authentication.ott.DefaultOneTimeToken.serialized Normal file
View File

Binary file not shown.

6
core/src/main/java/org/springframework/security/authentication/ott/DefaultOneTimeToken.java
View File

@ -1,5 +1,5 @@
/*
* Copyright 2002-2024 the original author or authors.
* Copyright 2002-2025 the original author or authors.
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
@ -16,6 +16,7 @@
package org.springframework.security.authentication.ott;
import java.io.Serial;
import java.time.Instant;
import org.springframework.util.Assert;
@ -28,6 +29,9 @@ import org.springframework.util.Assert;
*/
public class DefaultOneTimeToken implements OneTimeToken {
@Serial
private static final long serialVersionUID = -1545822943352278549L;
private final String token;
private final String username;

5
core/src/main/java/org/springframework/security/authentication/ott/OneTimeToken.java
View File

@ -1,5 +1,5 @@
/*
* Copyright 2002-2024 the original author or authors.
* Copyright 2002-2025 the original author or authors.
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
@ -16,6 +16,7 @@
package org.springframework.security.authentication.ott;
import java.io.Serializable;
import java.time.Instant;
/**
@ -24,7 +25,7 @@ import java.time.Instant;
* @author Marcus da Coregio
* @since 6.4
*/
public interface OneTimeToken {
public interface OneTimeToken extends Serializable {
/**
* @return the one-time token value, never {@code null}