spring-projects
diff --git a/‎config/src/test/java/org/springframework/security/SpringSecurityCoreVersionSerializableTests.java
Lines changed: 11 additions & 0 deletions b/‎config/src/test/java/org/springframework/security/SpringSecurityCoreVersionSerializableTests.java
Lines changed: 11 additions & 0 deletions
diff --git a/‎config/src/test/resources/serialized/6.4.x/org.springframework.security.web.csrf.CsrfException.serialized
10.5 KB b/‎config/src/test/resources/serialized/6.4.x/org.springframework.security.web.csrf.CsrfException.serialized
10.5 KB
diff --git a/‎config/src/test/resources/serialized/6.4.x/org.springframework.security.web.csrf.DefaultCsrfToken.serialized
172 Bytes b/‎config/src/test/resources/serialized/6.4.x/org.springframework.security.web.csrf.DefaultCsrfToken.serialized
172 Bytes
diff --git a/‎config/src/test/resources/serialized/6.4.x/org.springframework.security.web.csrf.InvalidCsrfTokenException.serialized
10.6 KB b/‎config/src/test/resources/serialized/6.4.x/org.springframework.security.web.csrf.InvalidCsrfTokenException.serialized
10.6 KB
diff --git a/‎config/src/test/resources/serialized/6.4.x/org.springframework.security.web.csrf.MissingCsrfTokenException.serialized
10.6 KB b/‎config/src/test/resources/serialized/6.4.x/org.springframework.security.web.csrf.MissingCsrfTokenException.serialized
10.6 KB
diff --git a/‎config/src/test/resources/serialized/6.4.x/org.springframework.security.web.server.csrf.CsrfException.serialized
10.5 KB b/‎config/src/test/resources/serialized/6.4.x/org.springframework.security.web.server.csrf.CsrfException.serialized
10.5 KB
diff --git a/‎config/src/test/resources/serialized/6.4.x/org.springframework.security.web.server.csrf.DefaultCsrfToken.serialized
179 Bytes b/‎config/src/test/resources/serialized/6.4.x/org.springframework.security.web.server.csrf.DefaultCsrfToken.serialized
179 Bytes
diff --git a/‎web/src/main/java/org/springframework/security/web/csrf/CsrfException.java
Lines changed: 5 additions & 1 deletion b/‎web/src/main/java/org/springframework/security/web/csrf/CsrfException.java
Lines changed: 5 additions & 1 deletion
diff --git a/‎web/src/main/java/org/springframework/security/web/csrf/CsrfTokenRequestAttributeHandler.java
Lines changed: 1 addition & 0 deletions b/‎web/src/main/java/org/springframework/security/web/csrf/CsrfTokenRequestAttributeHandler.java
Lines changed: 1 addition & 0 deletions
diff --git a/‎web/src/main/java/org/springframework/security/web/csrf/DefaultCsrfToken.java
Lines changed: 5 additions & 1 deletion b/‎web/src/main/java/org/springframework/security/web/csrf/DefaultCsrfToken.java
Lines changed: 5 additions & 1 deletion
diff --git a/‎web/src/main/java/org/springframework/security/web/csrf/InvalidCsrfTokenException.java
Lines changed: 5 additions & 1 deletion b/‎web/src/main/java/org/springframework/security/web/csrf/InvalidCsrfTokenException.java
Lines changed: 5 additions & 1 deletion
diff --git a/‎web/src/main/java/org/springframework/security/web/csrf/LazyCsrfTokenRepository.java
Lines changed: 1 addition & 0 deletions b/‎web/src/main/java/org/springframework/security/web/csrf/LazyCsrfTokenRepository.java
Lines changed: 1 addition & 0 deletions
diff --git a/‎web/src/main/java/org/springframework/security/web/server/csrf/CsrfException.java
Lines changed: 5 additions & 1 deletion b/‎web/src/main/java/org/springframework/security/web/server/csrf/CsrfException.java
Lines changed: 5 additions & 1 deletion
diff --git a/‎web/src/main/java/org/springframework/security/web/server/csrf/DefaultCsrfToken.java
Lines changed: 5 additions & 1 deletion b/‎web/src/main/java/org/springframework/security/web/server/csrf/DefaultCsrfToken.java
Lines changed: 5 additions & 1 deletion
@@ -134,6 +134,10 @@
 import org.springframework.security.web.authentication.rememberme.RememberMeAuthenticationException;
 import org.springframework.security.web.authentication.session.SessionAuthenticationException;
 import org.springframework.security.web.authentication.www.NonceExpiredException;
+import org.springframework.security.web.csrf.CsrfException;
+import org.springframework.security.web.csrf.DefaultCsrfToken;
+import org.springframework.security.web.csrf.InvalidCsrfTokenException;
+import org.springframework.security.web.csrf.MissingCsrfTokenException;
 
 import static org.assertj.core.api.Assertions.assertThat;
 import static org.assertj.core.api.Assertions.fail;
@@ -344,6 +348,13 @@ class SpringSecurityCoreVersionSerializableTests {
 				(r) -> new SessionAuthenticationException("message"));
 		generatorByClassName.put(NonceExpiredException.class,
 				(r) -> new NonceExpiredException("message", new IOException("fail")));
+		generatorByClassName.put(CsrfException.class, (r) -> new CsrfException("message"));
+		generatorByClassName.put(org.springframework.security.web.server.csrf.CsrfException.class, (r) -> new org.springframework.security.web.server.csrf.CsrfException("message"));
+		generatorByClassName.put(InvalidCsrfTokenException.class, (r) -> new InvalidCsrfTokenException(new DefaultCsrfToken("header", "parameter", "token"), "token"));
+		generatorByClassName.put(MissingCsrfTokenException.class, (r) -> new MissingCsrfTokenException("token"));
+		generatorByClassName.put(DefaultCsrfToken.class, (r) -> new DefaultCsrfToken("header", "parameter", "token"));
+		generatorByClassName.put(org.springframework.security.web.server.csrf.DefaultCsrfToken.class, (r) -> new org.springframework.security.web.server.csrf.DefaultCsrfToken("header", "parameter", "token"));
+
 	}
 
 	@ParameterizedTest
 
@@ -16,6 +16,8 @@
 
 package org.springframework.security.web.csrf;
 
+import java.io.Serial;
+
 import org.springframework.security.access.AccessDeniedException;
 
 /**
@@ -24,9 +26,11 @@
  * @author Rob Winch
  * @since 3.2
  */
-@SuppressWarnings("serial")
 public class CsrfException extends AccessDeniedException {
 
+	@Serial
+	private static final long serialVersionUID = 7802567627837252670L;
+
 	public CsrfException(String message) {
 		super(message);
 	}
 
@@ -62,6 +62,7 @@ public void handle(HttpServletRequest request, HttpServletResponse response,
 		request.setAttribute(csrfAttrName, csrfToken);
 	}
 
+	@SuppressWarnings("serial")
 	private static final class SupplierCsrfToken implements CsrfToken {
 
 		private final Supplier<CsrfToken> csrfTokenSupplier;
 
@@ -16,6 +16,8 @@
 
 package org.springframework.security.web.csrf;
 
+import java.io.Serial;
+
 import org.springframework.util.Assert;
 
 /**
@@ -24,9 +26,11 @@
  * @author Rob Winch
  * @since 3.2
  */
-@SuppressWarnings("serial")
 public final class DefaultCsrfToken implements CsrfToken {
 
+	@Serial
+	private static final long serialVersionUID = 6552658053267913685L;
+
 	private final String token;
 
 	private final String parameterName;
 
@@ -16,6 +16,8 @@
 
 package org.springframework.security.web.csrf;
 
+import java.io.Serial;
+
 import jakarta.servlet.http.HttpServletRequest;
 
 /**
@@ -25,9 +27,11 @@
  * @author Rob Winch
  * @since 3.2
  */
-@SuppressWarnings("serial")
 public class InvalidCsrfTokenException extends CsrfException {
 
+	@Serial
+	private static final long serialVersionUID = -7745955098435417418L;
+
 	/**
 	 * @param expectedAccessToken
 	 * @param actualAccessToken
 
@@ -159,6 +159,7 @@ public String toString() {
 
 	}
 
+	@SuppressWarnings("serial")
 	private static final class SaveOnAccessCsrfToken implements CsrfToken {
 
 		private transient CsrfTokenRepository tokenRepository;
 
@@ -16,6 +16,8 @@
 
 package org.springframework.security.web.server.csrf;
 
+import java.io.Serial;
+
 import org.springframework.security.access.AccessDeniedException;
 import org.springframework.security.web.csrf.CsrfToken;
 
@@ -25,9 +27,11 @@
  * @author Rob Winch
  * @since 3.2
  */
-@SuppressWarnings("serial")
 public class CsrfException extends AccessDeniedException {
 
+	@Serial
+	private static final long serialVersionUID = -8209680716517631141L;
+
 	public CsrfException(String message) {
 		super(message);
 	}
 
@@ -16,6 +16,8 @@
 
 package org.springframework.security.web.server.csrf;
 
+import java.io.Serial;
+
 import org.springframework.util.Assert;
 
 /**
@@ -24,9 +26,11 @@
  * @author Rob Winch
  * @since 5.0
  */
-@SuppressWarnings("serial")
 public final class DefaultCsrfToken implements CsrfToken {
 
+	@Serial
+	private static final long serialVersionUID = 308340117851874929L;
+
 	private final String token;
 
 	private final String parameterName;
Original file line number	Diff line number	Diff line change
`@@ -62,6 +62,7 @@ public void handle(HttpServletRequest request, HttpServletResponse response,`
`62`	`62`	`request.setAttribute(csrfAttrName, csrfToken);`
`63`	`63`	`}`
`64`	`64`
	`65`	`+ @SuppressWarnings("serial")`
`65`	`66`	`private static final class SupplierCsrfToken implements CsrfToken {`
`66`	`67`
`67`	`68`	`private final Supplier<CsrfToken> csrfTokenSupplier;`
Original file line number	Diff line number	Diff line change
`@@ -159,6 +159,7 @@ public String toString() {`
`159`	`159`
`160`	`160`	`}`
`161`	`161`
	`162`	`+ @SuppressWarnings("serial")`
`162`	`163`	`private static final class SaveOnAccessCsrfToken implements CsrfToken {`
`163`	`164`
`164`	`165`	`private transient CsrfTokenRepository tokenRepository;`