Skip to content

Commit 244fd2e

Browse files
jzheauxjzheaux
committed
Support Serialization in Exceptions
Issue gh-16276
1 parent 8e59fa1 commit 244fd2e

File tree

66 files changed

+249
-2
lines changed

Some content is hidden

Large Commits have some content hidden by default. Use the searchbox below for content that may be hidden.

66 files changed

+249
-2
lines changed

config/src/test/java/org/springframework/security/SpringSecurityCoreVersionSerializableTests.java

Lines changed: 91 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -54,15 +54,29 @@
5454
import org.springframework.beans.factory.config.BeanDefinition;
5555
import org.springframework.context.annotation.ClassPathScanningCandidateComponentProvider;
5656
import org.springframework.core.type.filter.AssignableTypeFilter;
57+
import org.springframework.security.access.AccessDeniedException;
58+
import org.springframework.security.access.AuthorizationServiceException;
5759
import org.springframework.security.access.intercept.RunAsUserToken;
5860
import org.springframework.security.authentication.AbstractAuthenticationToken;
61+
import org.springframework.security.authentication.AccountExpiredException;
5962
import org.springframework.security.authentication.AnonymousAuthenticationToken;
63+
import org.springframework.security.authentication.AuthenticationCredentialsNotFoundException;
64+
import org.springframework.security.authentication.AuthenticationServiceException;
65+
import org.springframework.security.authentication.BadCredentialsException;
66+
import org.springframework.security.authentication.CredentialsExpiredException;
67+
import org.springframework.security.authentication.DisabledException;
68+
import org.springframework.security.authentication.InsufficientAuthenticationException;
69+
import org.springframework.security.authentication.InternalAuthenticationServiceException;
70+
import org.springframework.security.authentication.LockedException;
71+
import org.springframework.security.authentication.ProviderNotFoundException;
6072
import org.springframework.security.authentication.RememberMeAuthenticationToken;
6173
import org.springframework.security.authentication.TestAuthentication;
6274
import org.springframework.security.authentication.TestingAuthenticationToken;
6375
import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
6476
import org.springframework.security.authentication.jaas.JaasAuthenticationToken;
77+
import org.springframework.security.authentication.ott.InvalidOneTimeTokenException;
6578
import org.springframework.security.authentication.ott.OneTimeTokenAuthenticationToken;
79+
import org.springframework.security.authentication.password.CompromisedPasswordException;
6680
import org.springframework.security.cas.authentication.CasAssertionAuthenticationToken;
6781
import org.springframework.security.cas.authentication.CasAuthenticationToken;
6882
import org.springframework.security.cas.authentication.CasServiceTicketAuthenticationToken;
@@ -72,7 +86,12 @@
7286
import org.springframework.security.core.session.ReactiveSessionInformation;
7387
import org.springframework.security.core.session.SessionInformation;
7488
import org.springframework.security.core.userdetails.UserDetails;
89+
import org.springframework.security.core.userdetails.UsernameNotFoundException;
90+
import org.springframework.security.ldap.ppolicy.PasswordPolicyErrorStatus;
91+
import org.springframework.security.ldap.ppolicy.PasswordPolicyException;
7592
import org.springframework.security.ldap.userdetails.LdapAuthority;
93+
import org.springframework.security.oauth2.client.ClientAuthorizationException;
94+
import org.springframework.security.oauth2.client.ClientAuthorizationRequiredException;
7695
import org.springframework.security.oauth2.client.OAuth2AuthorizedClient;
7796
import org.springframework.security.oauth2.client.authentication.OAuth2AuthenticationToken;
7897
import org.springframework.security.oauth2.client.authentication.OAuth2AuthorizationCodeAuthenticationToken;
@@ -88,7 +107,10 @@
88107
import org.springframework.security.oauth2.core.DefaultOAuth2AuthenticatedPrincipal;
89108
import org.springframework.security.oauth2.core.OAuth2AccessToken;
90109
import org.springframework.security.oauth2.core.OAuth2AuthenticatedPrincipal;
110+
import org.springframework.security.oauth2.core.OAuth2AuthenticationException;
111+
import org.springframework.security.oauth2.core.OAuth2AuthorizationException;
91112
import org.springframework.security.oauth2.core.OAuth2DeviceCode;
113+
import org.springframework.security.oauth2.core.OAuth2Error;
92114
import org.springframework.security.oauth2.core.OAuth2RefreshToken;
93115
import org.springframework.security.oauth2.core.OAuth2UserCode;
94116
import org.springframework.security.oauth2.core.TestOAuth2AccessTokens;
@@ -108,14 +130,22 @@
108130
import org.springframework.security.oauth2.core.user.DefaultOAuth2User;
109131
import org.springframework.security.oauth2.core.user.OAuth2UserAuthority;
110132
import org.springframework.security.oauth2.core.user.TestOAuth2Users;
133+
import org.springframework.security.oauth2.jwt.BadJwtException;
111134
import org.springframework.security.oauth2.jwt.Jwt;
135+
import org.springframework.security.oauth2.jwt.JwtDecoderInitializationException;
136+
import org.springframework.security.oauth2.jwt.JwtEncodingException;
137+
import org.springframework.security.oauth2.jwt.JwtException;
138+
import org.springframework.security.oauth2.jwt.JwtValidationException;
112139
import org.springframework.security.oauth2.jwt.TestJwts;
113140
import org.springframework.security.oauth2.server.resource.BearerTokenError;
114141
import org.springframework.security.oauth2.server.resource.BearerTokenErrors;
142+
import org.springframework.security.oauth2.server.resource.InvalidBearerTokenException;
115143
import org.springframework.security.oauth2.server.resource.authentication.BearerTokenAuthentication;
116144
import org.springframework.security.oauth2.server.resource.authentication.BearerTokenAuthenticationToken;
117145
import org.springframework.security.oauth2.server.resource.authentication.JwtAuthenticationToken;
146+
import org.springframework.security.oauth2.server.resource.introspection.BadOpaqueTokenException;
118147
import org.springframework.security.oauth2.server.resource.introspection.OAuth2IntrospectionAuthenticatedPrincipal;
148+
import org.springframework.security.oauth2.server.resource.introspection.OAuth2IntrospectionException;
119149
import org.springframework.security.saml2.Saml2Exception;
120150
import org.springframework.security.saml2.core.Saml2Error;
121151
import org.springframework.security.saml2.provider.service.authentication.DefaultSaml2AuthenticatedPrincipal;
@@ -138,6 +168,8 @@
138168
import org.springframework.security.web.csrf.DefaultCsrfToken;
139169
import org.springframework.security.web.csrf.InvalidCsrfTokenException;
140170
import org.springframework.security.web.csrf.MissingCsrfTokenException;
171+
import org.springframework.security.web.firewall.RequestRejectedException;
172+
import org.springframework.security.web.server.firewall.ServerExchangeRejectedException;
141173

142174
import static org.assertj.core.api.Assertions.assertThat;
143175
import static org.assertj.core.api.Assertions.fail;
@@ -193,6 +225,12 @@ class SpringSecurityCoreVersionSerializableTests {
193225
generatorByClassName.put(OidcUserAuthority.class,
194226
(r) -> new OidcUserAuthority(TestOidcIdTokens.idToken().build(),
195227
new OidcUserInfo(Map.of("claim", "value")), "claim"));
228+
generatorByClassName.put(OAuth2AuthenticationException.class,
229+
(r) -> new OAuth2AuthenticationException(new OAuth2Error("error", "description", "uri"), "message",
230+
new RuntimeException()));
231+
generatorByClassName.put(OAuth2AuthorizationException.class,
232+
(r) -> new OAuth2AuthorizationException(new OAuth2Error("error", "description", "uri"), "message",
233+
new RuntimeException()));
196234

197235
// oauth2-client
198236
ClientRegistration.Builder clientRegistrationBuilder = TestClientRegistrations.clientRegistration();
@@ -231,6 +269,21 @@ class SpringSecurityCoreVersionSerializableTests {
231269
return new DefaultOAuth2AuthenticatedPrincipal(principal.getName(), principal.getAttributes(),
232270
(Collection<GrantedAuthority>) principal.getAuthorities());
233271
});
272+
generatorByClassName.put(ClientAuthorizationException.class,
273+
(r) -> new ClientAuthorizationException(new OAuth2Error("error", "description", "uri"), "id", "message",
274+
new RuntimeException()));
275+
generatorByClassName.put(ClientAuthorizationRequiredException.class,
276+
(r) -> new ClientAuthorizationRequiredException("id"));
277+
278+
// oauth2-jose
279+
generatorByClassName.put(BadJwtException.class, (r) -> new BadJwtException("token", new RuntimeException()));
280+
generatorByClassName.put(JwtDecoderInitializationException.class,
281+
(r) -> new JwtDecoderInitializationException("message", new RuntimeException()));
282+
generatorByClassName.put(JwtEncodingException.class,
283+
(r) -> new JwtEncodingException("message", new RuntimeException()));
284+
generatorByClassName.put(JwtException.class, (r) -> new JwtException("message", new RuntimeException()));
285+
generatorByClassName.put(JwtValidationException.class,
286+
(r) -> new JwtValidationException("message", List.of(new OAuth2Error("error", "description", "uri"))));
234287

235288
// oauth2-jwt
236289
generatorByClassName.put(Jwt.class, (r) -> TestJwts.user());
@@ -262,6 +315,12 @@ class SpringSecurityCoreVersionSerializableTests {
262315
generatorByClassName.put(BearerTokenError.class, (r) -> BearerTokenErrors.invalidToken("invalid token"));
263316
generatorByClassName.put(OAuth2IntrospectionAuthenticatedPrincipal.class,
264317
(r) -> TestOAuth2AuthenticatedPrincipals.active());
318+
generatorByClassName.put(InvalidBearerTokenException.class,
319+
(r) -> new InvalidBearerTokenException("description", new RuntimeException()));
320+
generatorByClassName.put(BadOpaqueTokenException.class,
321+
(r) -> new BadOpaqueTokenException("message", new RuntimeException()));
322+
generatorByClassName.put(OAuth2IntrospectionException.class,
323+
(r) -> new OAuth2IntrospectionException("message", new RuntimeException()));
265324

266325
// core
267326
generatorByClassName.put(RunAsUserToken.class, (r) -> {
@@ -287,7 +346,33 @@ class SpringSecurityCoreVersionSerializableTests {
287346
});
288347
generatorByClassName.put(OneTimeTokenAuthenticationToken.class,
289348
(r) -> applyDetails(new OneTimeTokenAuthenticationToken("username", "token")));
290-
349+
generatorByClassName.put(AccessDeniedException.class,
350+
(r) -> new AccessDeniedException("access denied", new RuntimeException()));
351+
generatorByClassName.put(AuthorizationServiceException.class,
352+
(r) -> new AuthorizationServiceException("access denied", new RuntimeException()));
353+
generatorByClassName.put(AccountExpiredException.class,
354+
(r) -> new AccountExpiredException("error", new RuntimeException()));
355+
generatorByClassName.put(AuthenticationCredentialsNotFoundException.class,
356+
(r) -> new AuthenticationCredentialsNotFoundException("error", new RuntimeException()));
357+
generatorByClassName.put(AuthenticationServiceException.class,
358+
(r) -> new AuthenticationServiceException("error", new RuntimeException()));
359+
generatorByClassName.put(BadCredentialsException.class,
360+
(r) -> new BadCredentialsException("error", new RuntimeException()));
361+
generatorByClassName.put(CredentialsExpiredException.class,
362+
(r) -> new CredentialsExpiredException("error", new RuntimeException()));
363+
generatorByClassName.put(DisabledException.class,
364+
(r) -> new DisabledException("error", new RuntimeException()));
365+
generatorByClassName.put(InsufficientAuthenticationException.class,
366+
(r) -> new InsufficientAuthenticationException("error", new RuntimeException()));
367+
generatorByClassName.put(InternalAuthenticationServiceException.class,
368+
(r) -> new InternalAuthenticationServiceException("error", new RuntimeException()));
369+
generatorByClassName.put(LockedException.class, (r) -> new LockedException("error", new RuntimeException()));
370+
generatorByClassName.put(ProviderNotFoundException.class, (r) -> new ProviderNotFoundException("error"));
371+
generatorByClassName.put(InvalidOneTimeTokenException.class, (r) -> new InvalidOneTimeTokenException("error"));
372+
generatorByClassName.put(CompromisedPasswordException.class,
373+
(r) -> new CompromisedPasswordException("error", new RuntimeException()));
374+
generatorByClassName.put(UsernameNotFoundException.class,
375+
(r) -> new UsernameNotFoundException("error", new RuntimeException()));
291376
generatorByClassName.put(TestingAuthenticationToken.class,
292377
(r) -> applyDetails(new TestingAuthenticationToken("username", "password")));
293378

@@ -312,6 +397,8 @@ class SpringSecurityCoreVersionSerializableTests {
312397
// ldap
313398
generatorByClassName.put(LdapAuthority.class,
314399
(r) -> new LdapAuthority("USER", "username", Map.of("attribute", List.of("value1", "value2"))));
400+
generatorByClassName.put(PasswordPolicyException.class,
401+
(r) -> new PasswordPolicyException(PasswordPolicyErrorStatus.INSUFFICIENT_PASSWORD_QUALITY));
315402

316403
// saml2-service-provider
317404
generatorByClassName.put(Saml2AuthenticationException.class,
@@ -358,7 +445,9 @@ class SpringSecurityCoreVersionSerializableTests {
358445
generatorByClassName.put(org.springframework.security.web.server.csrf.DefaultCsrfToken.class,
359446
(r) -> new org.springframework.security.web.server.csrf.DefaultCsrfToken("header", "parameter",
360447
"token"));
361-
448+
generatorByClassName.put(RequestRejectedException.class, (r) -> new RequestRejectedException("message"));
449+
generatorByClassName.put(ServerExchangeRejectedException.class,
450+
(r) -> new ServerExchangeRejectedException("message"));
362451
}
363452

364453
@ParameterizedTest

config/src/test/resources/serialized/6.4.x/org.springframework.security.access.AccessDeniedException.serialized

15.8 KB
Binary file not shown.

config/src/test/resources/serialized/6.4.x/org.springframework.security.access.AuthorizationServiceException.serialized

15.9 KB
Binary file not shown.

config/src/test/resources/serialized/6.4.x/org.springframework.security.authentication.AccountExpiredException.serialized

16 KB
Binary file not shown.

config/src/test/resources/serialized/6.4.x/org.springframework.security.authentication.AuthenticationCredentialsNotFoundException.serialized

15.9 KB
Binary file not shown.

config/src/test/resources/serialized/6.4.x/org.springframework.security.authentication.AuthenticationServiceException.serialized

15.9 KB
Binary file not shown.

config/src/test/resources/serialized/6.4.x/org.springframework.security.authentication.BadCredentialsException.serialized

15.9 KB
Binary file not shown.

config/src/test/resources/serialized/6.4.x/org.springframework.security.authentication.CredentialsExpiredException.serialized

16 KB
Binary file not shown.

config/src/test/resources/serialized/6.4.x/org.springframework.security.authentication.DisabledException.serialized

16 KB
Binary file not shown.

config/src/test/resources/serialized/6.4.x/org.springframework.security.authentication.InsufficientAuthenticationException.serialized

15.9 KB
Binary file not shown.

0 commit comments

Comments
 (0)