Skip to content

Implement Serializable for WebAuthnAuthentication#16285

Closed
ngocnhan-tran1996 wants to merge 4 commits intospring-projects:6.4.xfrom
ngocnhan-tran1996:gh-16273
Closed

Implement Serializable for WebAuthnAuthentication#16285
ngocnhan-tran1996 wants to merge 4 commits intospring-projects:6.4.xfrom
ngocnhan-tran1996:gh-16273

Conversation

@ngocnhan-tran1996
Copy link
Contributor

@ngocnhan-tran1996 ngocnhan-tran1996 commented Dec 13, 2024

Closes gh-16273

@spring-projects-issues spring-projects-issues added the status: waiting-for-triage An issue we've not yet triaged label Dec 13, 2024
@ngocnhan-tran1996 ngocnhan-tran1996 force-pushed the gh-16273 branch 3 times, most recently from b1b63b8 to 125e369 Compare December 14, 2024 19:57
@rwinch rwinch closed this Jan 18, 2025
@rwinch rwinch reopened this Jan 18, 2025
@rwinch
Copy link
Member

rwinch commented Jan 18, 2025

Thanks for the Pull Request. Historically the serialVersionUID no longer used for new classes implementing Serializable. Going forward we should generate a serialVersionUID.

Please take a look at 6f379aa which was progress towards #16276 for an example for how to implement it. It uses generated serialVersionUID and adds tests. The ticket #16276 also has instructions on how to address it.

NOTE: This PR has some overlap with gh-16438

@rwinch rwinch mentioned this pull request Jan 18, 2025
Closed
@ngocnhan-tran1996 ngocnhan-tran1996 mentioned this pull request Jan 20, 2025
Closed
@rwinch rwinch self-assigned this Jan 21, 2025
rwinch
rwinch requested changes Jan 21, 2025
View reviewed changes
Copy link
Member

@rwinch rwinch left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thanks for the updates.

This PR says it closes gh-16273 but it doesn't add a test for serialization / deserialization of WebAuthnAuthentication. Can you please add it?

Since the ticket is targeting 6.4.x this PR should be pointed at the 6.4.x branch. We will then forward merge it.

I've also provided feedback inline.

...g/src/test/java/org/springframework/security/SpringSecurityCoreVersionSerializableTests.java Outdated
(r) -> new HttpSessionCreatedEvent(new MockHttpSession()));

// webauthn
generatorByClassName.put(Bytes.class, (r) -> Bytes.random());
Copy link
Member

@rwinch rwinch Jan 21, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Please create a TestBytes which returns a constant Bytes so that this does not change for each run.

...g/src/test/java/org/springframework/security/SpringSecurityCoreVersionSerializableTests.java Outdated
// webauthn
generatorByClassName.put(Bytes.class, (r) -> Bytes.random());
generatorByClassName.put(ImmutablePublicKeyCredentialUserEntity.class,
(r) -> TestPublicKeyCredentialUserEntity.userEntity().build());
Copy link
Member

@rwinch rwinch Jan 21, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Please ensure that TestPublicKeyCredentialUserEntity uses a constant value for the Bytes (get it from TestBytes).

@ngocnhan-tran1996
Implement Serializable for PublicKeyCredentialUserEntity
7fd6ff0 
Closes spring-projectsgh-16273

Signed-off-by: Tran Ngoc Nhan <ngocnhan.tran1996@gmail.com>
@ngocnhan-tran1996
Update Serial
539f2c5 
Signed-off-by: Tran Ngoc Nhan <ngocnhan.tran1996@gmail.com>
@ngocnhan-tran1996
Implement Serial for WebAuthnAuthentication
7905906 
Signed-off-by: Tran Ngoc Nhan <ngocnhan.tran1996@gmail.com>
@ngocnhan-tran1996 ngocnhan-tran1996 changed the base branch from main to 6.4.x January 21, 2025 20:28
@ngocnhan-tran1996
Remove unused import
c37163f 
Signed-off-by: Tran Ngoc Nhan <ngocnhan.tran1996@gmail.com>
@rwinch rwinch changed the title Implement Serializable for PublicKeyCredentialUserEntity Implement Serializable for WebAuthnAuthentication Jan 23, 2025
@rwinch rwinch mentioned this pull request Jan 23, 2025
Closed
@rwinch rwinch closed this in e557c72 Jan 23, 2025
@rwinch rwinch added in: web An issue in web modules (web, webmvc) type: bug A general bug and removed status: waiting-for-triage An issue we've not yet triaged labels Jan 23, 2025
@rwinch rwinch added this to the 6.4.3 milestone Jan 23, 2025
@ngocnhan-tran1996 ngocnhan-tran1996 deleted the gh-16273 branch January 24, 2025 16:56
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@rwinch rwinch rwinch requested changes

Assignees

@rwinch rwinch

Labels

in: web An issue in web modules (web, webmvc) type: bug A general bug

Projects

None yet

Milestone

6.4.3

Development

Successfully merging this pull request may close these issues.

Make WebAuthnAuthentication Serializable

3 participants

@ngocnhan-tran1996 @rwinch @spring-projects-issues