spring-projects
diff --git a/‎config/src/test/java/org/springframework/security/SpringSecurityCoreVersionSerializableTests.java‎
Lines changed: 46 additions & 1 deletion b/‎config/src/test/java/org/springframework/security/SpringSecurityCoreVersionSerializableTests.java‎
Lines changed: 46 additions & 1 deletion
diff --git a/‎config/src/test/resources/serialized/6.5.x/org.springframework.security.web.webauthn.api.AuthenticatorTransport.serialized‎
0 Bytes b/‎config/src/test/resources/serialized/6.5.x/org.springframework.security.web.webauthn.api.AuthenticatorTransport.serialized‎
0 Bytes
diff --git a/‎config/src/test/resources/serialized/6.5.x/org.springframework.security.web.webauthn.api.Bytes.serialized‎
2 Bytes b/‎config/src/test/resources/serialized/6.5.x/org.springframework.security.web.webauthn.api.Bytes.serialized‎
2 Bytes
diff --git a/‎config/src/test/resources/serialized/6.5.x/org.springframework.security.web.webauthn.api.CredProtectAuthenticationExtensionsClientInput$CredProtect.serialized‎
0 Bytes b/‎config/src/test/resources/serialized/6.5.x/org.springframework.security.web.webauthn.api.CredProtectAuthenticationExtensionsClientInput$CredProtect.serialized‎
0 Bytes
diff --git a/‎config/src/test/resources/serialized/6.5.x/org.springframework.security.web.webauthn.api.CredProtectAuthenticationExtensionsClientInput.serialized‎
0 Bytes b/‎config/src/test/resources/serialized/6.5.x/org.springframework.security.web.webauthn.api.CredProtectAuthenticationExtensionsClientInput.serialized‎
0 Bytes
diff --git a/‎config/src/test/resources/serialized/6.5.x/org.springframework.security.web.webauthn.api.ImmutableAuthenticationExtensionsClientInputs.serialized‎
346 Bytes b/‎config/src/test/resources/serialized/6.5.x/org.springframework.security.web.webauthn.api.ImmutableAuthenticationExtensionsClientInputs.serialized‎
346 Bytes
diff --git a/‎config/src/test/resources/serialized/6.5.x/org.springframework.security.web.webauthn.api.PublicKeyCredentialDescriptor.serialized‎
-71 Bytes b/‎config/src/test/resources/serialized/6.5.x/org.springframework.security.web.webauthn.api.PublicKeyCredentialDescriptor.serialized‎
-71 Bytes
diff --git a/‎config/src/test/resources/serialized/6.5.x/org.springframework.security.web.webauthn.api.PublicKeyCredentialRequestOptions.serialized‎
89 Bytes b/‎config/src/test/resources/serialized/6.5.x/org.springframework.security.web.webauthn.api.PublicKeyCredentialRequestOptions.serialized‎
89 Bytes
diff --git a/‎config/src/test/resources/serialized/6.5.x/org.springframework.security.web.webauthn.api.PublicKeyCredentialType.serialized‎
2 Bytes b/‎config/src/test/resources/serialized/6.5.x/org.springframework.security.web.webauthn.api.PublicKeyCredentialType.serialized‎
2 Bytes
diff --git a/‎config/src/test/resources/serialized/6.5.x/org.springframework.security.web.webauthn.api.UserVerificationRequirement.serialized‎
-2 Bytes b/‎config/src/test/resources/serialized/6.5.x/org.springframework.security.web.webauthn.api.UserVerificationRequirement.serialized‎
-2 Bytes
@@ -1,5 +1,5 @@
 /*
- * Copyright 2002-2024 the original author or authors.
+ * Copyright 2002-2025 the original author or authors.
  *
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
@@ -30,6 +30,7 @@
 import java.nio.file.Files;
 import java.nio.file.Path;
 import java.nio.file.Paths;
+import java.time.Duration;
 import java.time.Instant;
 import java.util.ArrayList;
 import java.util.Collection;
@@ -170,9 +171,21 @@
 import org.springframework.security.web.csrf.MissingCsrfTokenException;
 import org.springframework.security.web.firewall.RequestRejectedException;
 import org.springframework.security.web.server.firewall.ServerExchangeRejectedException;
+import org.springframework.security.web.webauthn.api.AuthenticationExtensionsClientInputs;
+import org.springframework.security.web.webauthn.api.AuthenticatorTransport;
+import org.springframework.security.web.webauthn.api.Bytes;
+import org.springframework.security.web.webauthn.api.CredProtectAuthenticationExtensionsClientInput;
+import org.springframework.security.web.webauthn.api.ImmutableAuthenticationExtensionsClientInput;
+import org.springframework.security.web.webauthn.api.ImmutableAuthenticationExtensionsClientInputs;
+import org.springframework.security.web.webauthn.api.PublicKeyCredentialDescriptor;
+import org.springframework.security.web.webauthn.api.PublicKeyCredentialRequestOptions;
+import org.springframework.security.web.webauthn.api.PublicKeyCredentialType;
+import org.springframework.security.web.webauthn.api.UserVerificationRequirement;
 
 import static org.assertj.core.api.Assertions.assertThat;
 import static org.assertj.core.api.Assertions.fail;
+import static org.springframework.security.web.webauthn.api.CredProtectAuthenticationExtensionsClientInput.*;
+import static org.springframework.security.web.webauthn.api.CredProtectAuthenticationExtensionsClientInput.CredProtect.ProtectionPolicy.*;
 
 /**
  * Tests that Spring Security classes that implements {@link Serializable} and have the
@@ -322,6 +335,38 @@ class SpringSecurityCoreVersionSerializableTests {
 		generatorByClassName.put(OAuth2IntrospectionException.class,
 				(r) -> new OAuth2IntrospectionException("message", new RuntimeException()));
 
+		//webauthn
+		CredProtect credProtect = new CredProtect(USER_VERIFICATION_OPTIONAL, true);
+		Bytes id = new Bytes(("test").getBytes());
+		AuthenticationExtensionsClientInputs inputs = new ImmutableAuthenticationExtensionsClientInputs(ImmutableAuthenticationExtensionsClientInput.credProps);
+		// @formatter:off
+		PublicKeyCredentialDescriptor descriptor = PublicKeyCredentialDescriptor.builder()
+				.id(id)
+				.type(PublicKeyCredentialType.PUBLIC_KEY)
+				.transports(Set.of(AuthenticatorTransport.USB))
+				.build();
+		// @formatter:on
+		generatorByClassName.put(AuthenticatorTransport.class, (a) -> AuthenticatorTransport.USB);
+		generatorByClassName.put(PublicKeyCredentialType.class, (k) -> PublicKeyCredentialType.PUBLIC_KEY);
+		generatorByClassName.put(UserVerificationRequirement.class, (r) -> UserVerificationRequirement.REQUIRED);
+		generatorByClassName.put(CredProtect.class,  (c) -> credProtect);
+		generatorByClassName.put(CredProtectAuthenticationExtensionsClientInput.class, (c) -> new CredProtectAuthenticationExtensionsClientInput(credProtect));
+		generatorByClassName.put(ImmutableAuthenticationExtensionsClientInputs.class, (i) -> inputs);
+		generatorByClassName.put(ImmutableAuthenticationExtensionsClientInput.class, (i) -> ImmutableAuthenticationExtensionsClientInput.credProps);
+		generatorByClassName.put(Bytes.class,  (b) -> id);
+		generatorByClassName.put(PublicKeyCredentialDescriptor.class, (d) -> descriptor);
+		// @formatter:off
+		generatorByClassName.put(PublicKeyCredentialRequestOptions.class, (o) -> PublicKeyCredentialRequestOptions.builder()
+				.allowCredentials(List.of(descriptor))
+				.rpId("example.localhost")
+				.challenge(Bytes.fromBase64("I69THX904Q8ONhCgUgOu2PCQCcEjTDiNmokdbgsAsYU"))
+				.userVerification(UserVerificationRequirement.REQUIRED)
+				.extensions(inputs)
+				.timeout(Duration.ofMinutes(5))
+				.build()
+		);
+		// @formatter:on
+
 		// core
 		generatorByClassName.put(RunAsUserToken.class, (r) -> {
 			RunAsUserToken token = new RunAsUserToken("key", user, "creds", user.getAuthorities(),