Implement Serial for WebAuthnAuthentication

Signed-off-by: Tran Ngoc Nhan <[email protected]>

Author: ngocnhan-tran1996

config/src/test/java/org/springframework/security/SpringSecurityCoreVersionSerializableTests.java

@@ -193,7 +193,10 @@
 import org.springframework.security.web.session.HttpSessionCreatedEvent;
 import org.springframework.security.web.webauthn.api.Bytes;
 import org.springframework.security.web.webauthn.api.ImmutablePublicKeyCredentialUserEntity;
+import org.springframework.security.web.webauthn.api.PublicKeyCredentialUserEntity;
+import org.springframework.security.web.webauthn.api.TestBytes;
 import org.springframework.security.web.webauthn.api.TestPublicKeyCredentialUserEntity;
+import org.springframework.security.web.webauthn.authentication.WebAuthnAuthentication;
 
 import static org.assertj.core.api.Assertions.assertThat;
 import static org.assertj.core.api.Assertions.fail;
@@ -513,9 +516,18 @@ class SpringSecurityCoreVersionSerializableTests {
 				(r) -> new HttpSessionCreatedEvent(new MockHttpSession()));
 
 		// webauthn
-		generatorByClassName.put(Bytes.class, (r) -> Bytes.random());
+		generatorByClassName.put(Bytes.class, (r) -> TestBytes.getInstance());
 		generatorByClassName.put(ImmutablePublicKeyCredentialUserEntity.class,
-				(r) -> TestPublicKeyCredentialUserEntity.userEntity().build());
+				(r) -> TestPublicKeyCredentialUserEntity.userEntity().id(TestBytes.getInstance()).build());
+		generatorByClassName.put(WebAuthnAuthentication.class, (r) -> {
+			PublicKeyCredentialUserEntity userEntity = TestPublicKeyCredentialUserEntity.userEntity()
+				.id(TestBytes.getInstance())
+				.build();
+			List<GrantedAuthority> authorities = AuthorityUtils.createAuthorityList("ROLE_USER");
+			WebAuthnAuthentication webAuthnAuthentication = new WebAuthnAuthentication(userEntity, authorities);
+			webAuthnAuthentication.setDetails(details);
+			return webAuthnAuthentication;
+		});
 	}
 
 	@ParameterizedTest

config/src/test/resources/serialized/6.4.x/org.springframework.security.web.webauthn.api.Bytes.serialized

@@ -1,5 +1,5 @@
 /*
- * Copyright 2002-2024 the original author or authors.
+ * Copyright 2002-2025 the original author or authors.
  *
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
@@ -16,6 +16,8 @@
 
 package org.springframework.security.web.webauthn.authentication;
 
+import java.beans.Transient;
+import java.io.Serial;
 import java.util.Collection;
 
 import org.springframework.security.authentication.AbstractAuthenticationToken;
@@ -33,6 +35,9 @@
  */
 public class WebAuthnAuthentication extends AbstractAuthenticationToken {
 
+	@Serial
+	private static final long serialVersionUID = -4879907158750659197L;
+
 	private final PublicKeyCredentialUserEntity principal;
 
 	public WebAuthnAuthentication(PublicKeyCredentialUserEntity principal,

config/src/test/resources/serialized/6.5.x/org.springframework.security.web.webauthn.api.ImmutablePublicKeyCredentialUserEntity.serialized renamed to config/src/test/resources/serialized/6.4.x/org.springframework.security.web.webauthn.api.ImmutablePublicKeyCredentialUserEntity.serialized

@@ -0,0 +1,31 @@
+/*
+ * Copyright 2002-2025 the original author or authors.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *      https://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package org.springframework.security.web.webauthn.api;
+
+public final class TestBytes {
+
+	private static final Bytes INSTANCE = Bytes.random();
+
+	public static Bytes getInstance() {
+
+		return INSTANCE;
+	}
+
+	private TestBytes() {
+	}
+
+}