From d1173720840cd92c9abab65c8fe8295ef0f025a1 Mon Sep 17 00:00:00 2001
From: Tran Ngoc Nhan <ngocnhan.tran1996@gmail.com>
Date: Tue, 21 Jan 2025 00:50:18 +0700
Subject: [PATCH 1/3] Implement Serial for PublicKeyCredentialCreationOptions

Signed-off-by: Tran Ngoc Nhan <ngocnhan.tran1996@gmail.com>
---
 ...gSecurityCoreVersionSerializableTests.java |  21 ++++++++++++++++++
 ...AttestationConveyancePreference.serialized | Bin 0 -> 134 bytes
 ...thn.api.AuthenticatorAttachment.serialized | Bin 0 -> 136 bytes
 ....AuthenticatorSelectionCriteria.serialized | Bin 0 -> 727 bytes
 ...security.web.webauthn.api.Bytes.serialized | Bin 0 -> 140 bytes
 ...licKeyCredentialCreationOptions.serialized | Bin 0 -> 1930 bytes
 ...api.PublicKeyCredentialRpEntity.serialized | Bin 0 -> 155 bytes
 ...uthn.api.ResidentKeyRequirement.serialized | Bin 0 -> 129 bytes
 ...api.UserVerificationRequirement.serialized | Bin 0 -> 134 bytes
 .../api/AttestationConveyancePreference.java  |  10 +++++++--
 .../webauthn/api/AuthenticatorAttachment.java |  10 +++++++--
 .../api/AuthenticatorSelectionCriteria.java   |  10 +++++++--
 .../security/web/webauthn/api/Bytes.java      |   7 +++++-
 ...mmutablePublicKeyCredentialUserEntity.java |   7 +++++-
 .../PublicKeyCredentialCreationOptions.java   |   9 ++++++--
 .../api/PublicKeyCredentialRpEntity.java      |  10 +++++++--
 .../api/PublicKeyCredentialUserEntity.java    |   4 +++-
 .../webauthn/api/ResidentKeyRequirement.java  |  10 +++++++--
 .../api/UserVerificationRequirement.java      |  10 +++++++--
 19 files changed, 91 insertions(+), 17 deletions(-)
 create mode 100644 config/src/test/resources/serialized/6.5.x/org.springframework.security.web.webauthn.api.AttestationConveyancePreference.serialized
 create mode 100644 config/src/test/resources/serialized/6.5.x/org.springframework.security.web.webauthn.api.AuthenticatorAttachment.serialized
 create mode 100644 config/src/test/resources/serialized/6.5.x/org.springframework.security.web.webauthn.api.AuthenticatorSelectionCriteria.serialized
 create mode 100644 config/src/test/resources/serialized/6.5.x/org.springframework.security.web.webauthn.api.Bytes.serialized
 create mode 100644 config/src/test/resources/serialized/6.5.x/org.springframework.security.web.webauthn.api.PublicKeyCredentialCreationOptions.serialized
 create mode 100644 config/src/test/resources/serialized/6.5.x/org.springframework.security.web.webauthn.api.PublicKeyCredentialRpEntity.serialized
 create mode 100644 config/src/test/resources/serialized/6.5.x/org.springframework.security.web.webauthn.api.ResidentKeyRequirement.serialized
 create mode 100644 config/src/test/resources/serialized/6.5.x/org.springframework.security.web.webauthn.api.UserVerificationRequirement.serialized

diff --git a/config/src/test/java/org/springframework/security/SpringSecurityCoreVersionSerializableTests.java b/config/src/test/java/org/springframework/security/SpringSecurityCoreVersionSerializableTests.java
index 359a7d48809..040886159b1 100644
--- a/config/src/test/java/org/springframework/security/SpringSecurityCoreVersionSerializableTests.java
+++ b/config/src/test/java/org/springframework/security/SpringSecurityCoreVersionSerializableTests.java
@@ -191,6 +191,14 @@
 import org.springframework.security.web.firewall.RequestRejectedException;
 import org.springframework.security.web.server.firewall.ServerExchangeRejectedException;
 import org.springframework.security.web.session.HttpSessionCreatedEvent;
+import org.springframework.security.web.webauthn.api.AttestationConveyancePreference;
+import org.springframework.security.web.webauthn.api.AuthenticatorAttachment;
+import org.springframework.security.web.webauthn.api.AuthenticatorSelectionCriteria;
+import org.springframework.security.web.webauthn.api.Bytes;
+import org.springframework.security.web.webauthn.api.PublicKeyCredentialCreationOptions;
+import org.springframework.security.web.webauthn.api.PublicKeyCredentialRpEntity;
+import org.springframework.security.web.webauthn.api.ResidentKeyRequirement;
+import org.springframework.security.web.webauthn.api.UserVerificationRequirement;
 
 import static org.assertj.core.api.Assertions.assertThat;
 import static org.assertj.core.api.Assertions.fail;
@@ -508,6 +516,19 @@ class SpringSecurityCoreVersionSerializableTests {
 				(r) -> new AuthenticationSwitchUserEvent(authentication, user));
 		generatorByClassName.put(HttpSessionCreatedEvent.class,
 				(r) -> new HttpSessionCreatedEvent(new MockHttpSession()));
+
+		// webauthn
+		generatorByClassName.put(PublicKeyCredentialCreationOptions.class,
+				(r) -> PublicKeyCredentialCreationOptions.builder().build());
+		generatorByClassName.put(PublicKeyCredentialRpEntity.class,
+				(r) -> PublicKeyCredentialRpEntity.builder().build());
+		generatorByClassName.put(Bytes.class, (r) -> Bytes.random());
+		generatorByClassName.put(AuthenticatorSelectionCriteria.class,
+				(r) -> AuthenticatorSelectionCriteria.builder().build());
+		generatorByClassName.put(AuthenticatorAttachment.class, (r) -> AuthenticatorAttachment.CROSS_PLATFORM);
+		generatorByClassName.put(ResidentKeyRequirement.class, (r) -> ResidentKeyRequirement.REQUIRED);
+		generatorByClassName.put(UserVerificationRequirement.class, (r) -> UserVerificationRequirement.REQUIRED);
+		generatorByClassName.put(AttestationConveyancePreference.class, (r) -> AttestationConveyancePreference.NONE);
 	}
 
 	@ParameterizedTest
diff --git a/config/src/test/resources/serialized/6.5.x/org.springframework.security.web.webauthn.api.AttestationConveyancePreference.serialized b/config/src/test/resources/serialized/6.5.x/org.springframework.security.web.webauthn.api.AttestationConveyancePreference.serialized
new file mode 100644
index 0000000000000000000000000000000000000000..171d6163776e71e276cb2db85ea2247b62c68d22
GIT binary patch
literal 134
zcmWm7u?@m75J1rbkp(Ci!=a}FB&r}GF~JdCj3Jz@^VuOCExWKnvJpE#iZ8wHf4)#e
zfuk2|Vi3o+5qwbR<!&O?Nu2hkqstT~y|TgJ%vP16qB_re&zXAUnodFu3H>#!UWfI#
fd(UB3L6Nadq_C`Rn6Ye;ZF$z|w0Q=F1$(9+emgO5

literal 0
HcmV?d00001

diff --git a/config/src/test/resources/serialized/6.5.x/org.springframework.security.web.webauthn.api.AuthenticatorAttachment.serialized b/config/src/test/resources/serialized/6.5.x/org.springframework.security.web.webauthn.api.AuthenticatorAttachment.serialized
new file mode 100644
index 0000000000000000000000000000000000000000..b6c21572abe64e380c154852d2284f791868ecd3
GIT binary patch
literal 136
zcmZ4UmVvdnh`}|#C|$3(peQphJ*_A)H?=&!C|j>MHMz7Xv!qh5JT(b~6H7}n^7Il5
zGW8sRtkk@c%;dz9{36GalEmbUTp+(Ldx>Yr@~)pu42(VutYwKgrKu$hLOxlEWr_MZ
giFxVz!6hIYtSbsi82FNl@{5ag3vv=m((;RP0rlTANdN!<

literal 0
HcmV?d00001

diff --git a/config/src/test/resources/serialized/6.5.x/org.springframework.security.web.webauthn.api.AuthenticatorSelectionCriteria.serialized b/config/src/test/resources/serialized/6.5.x/org.springframework.security.web.webauthn.api.AuthenticatorSelectionCriteria.serialized
new file mode 100644
index 0000000000000000000000000000000000000000..a92b866b63c9788ce7389f4f6dedd571496794c6
GIT binary patch
literal 727
zcmZ4UmVvdnh`}enC|$3(peQphJ*_A)H?=&!C|j>MHMz7Xv!qh5JT(b~6H7}n^7Il5
zGW8sRtkk@c%;dz9{G#C0oYdr!%=|oOpyJe`%)}!b>k7R8sI6jRVD@1U2kC;Vbu1}K
zOwPy!@=F-pL6+*HS*j1SR3B&|2!k!v2U@C+VkyEPYaa&gqSWHd6riErsg)%RZX}u;
zgwPz6T3DJ{lnQbm&{%=e;?$xrppVi(9tC=^gu$CcvqRBLK(?Tw02uJD6a+jX4C=C%
zc!n(R`pLw==)=HTmY7qTTEZaYla*MOsGpOVm#!aN0*YGeih>dbPDhVOCvVSicXy!m
zE~HtHJ*a-)@|wTe{JAcY?S%|=3~XTAd_BSgor9b_B7wGfl4cv8z`OM0o1D;j2P14&
JGJ6EL001$w61M;V

literal 0
HcmV?d00001

diff --git a/config/src/test/resources/serialized/6.5.x/org.springframework.security.web.webauthn.api.Bytes.serialized b/config/src/test/resources/serialized/6.5.x/org.springframework.security.web.webauthn.api.Bytes.serialized
new file mode 100644
index 0000000000000000000000000000000000000000..c14302d1dcd6b49b17d58fd8c8dac090dbe56fbc
GIT binary patch
literal 140
zcmZ4UmVvdnh`~6&C|$3(peQphJ*_A)H?=&!C|j>MHMz7Xv!qh5JT(b~6H7}n^7Il5
zGWDD)OHzxq_xWE|NjROw#K0KMz?uXSDq&!XcB&{SEdtSNK8ycg;|O`c#K2Hdz`($u
mkd&QOI*IS!=I2q%@>DJs-q}#i{jVmFWm@8tzP3sIds+ZmFg7ay

literal 0
HcmV?d00001

diff --git a/config/src/test/resources/serialized/6.5.x/org.springframework.security.web.webauthn.api.PublicKeyCredentialCreationOptions.serialized b/config/src/test/resources/serialized/6.5.x/org.springframework.security.web.webauthn.api.PublicKeyCredentialCreationOptions.serialized
new file mode 100644
index 0000000000000000000000000000000000000000..19981244caf1ea7a856d7717fd741b1f85689507
GIT binary patch
literal 1930
zcmbtVO=uHA6n@<#wY3&X)fN;5MS2l;MG+6Zm`&3fvrS?WORxw|w$pUl?PfbW+a!WT
zp%=Z23W^s|&|dT?*pnbAqE@_k5-*-S30l#EZ?->4B~+FkHkl;z-uK@3eeY%A8$?_V
znKCb_uEUvK8s}u1R?2)zb*brbCTePh7Ue@cF=4C3VQR)JTFgw+T8z^%Y70gzJQ2al
zcG{7z?z_HM`j_|f4-{xOpo0iOUE%*OAZ;L+_79l02Bsm9e0(qs!L(>SI99f2X^q$>
z&2TzSImJ`I0X_1vEW;$C%yZPDrYu50DkxObJTWAJaz+rT-JBqnMePz5a3WxGy@n)U
zj&52tEpLq0xpM_{8Ixp|Xr5q}W-wRaz3sFrsO?HN1>^&QMeChlg7|u-n8lE&gzb1j
z*3#v8#Z?(I1ci5JU=G3tDBKZ{42app6<H^avWOZ&Z4+#omOUY0*GjMQvo_#y-xhcw
z?75T+7~VSSIZU*QTXoRg!@=DBAHzNGxiWZkQNN}@ivf{YVtHtW?v<V_Vwbd>kaN^u
zMGD)~dLfm|r;{lxLpBy*$QmSUF!h=lUp$#}l7IRhDG)NCcf$Z+{luJ@Mx6x=1!Qvr
zXgv|i)4{3B<glY(1Plhuo2>_D>5RuXmGwynO4UbjyvF79`coU!cT(=g42=N3{_!mk
zU*}+M>V6{s@cOR?-Q~1&NS(ulOio9M2ZA9rXXW>&Gxr{!{CcDrP+K%V5;vlWG=e39
zfo($5((;e}-EU7FYlhgGEkt!ai+IO_;raXS@M8MIp^L94G4m)yigE=CP)7Bt<8k@E
z@V$4rwJrZy0jN3v5E6SNk2~cyROL2QqnwkPT#41IOZ#rWBzHs5l7O(wE>S-MDq)Pn
zXn%JdkmuEJf>X4~2D>@b6Z+VB>y82nu17ZJOOH#-#(&Fo8$_}r$>BWOAyqhk7U4Vn
kHsqpHbCln>F#l}t!P8H7$Z9K{Ewa?`Wl!w>$=+0*zn_T31poj5

literal 0
HcmV?d00001

diff --git a/config/src/test/resources/serialized/6.5.x/org.springframework.security.web.webauthn.api.PublicKeyCredentialRpEntity.serialized b/config/src/test/resources/serialized/6.5.x/org.springframework.security.web.webauthn.api.PublicKeyCredentialRpEntity.serialized
new file mode 100644
index 0000000000000000000000000000000000000000..35c229661605912b6af4b4c061f5ec1b4001e83b
GIT binary patch
literal 155
zcmZ4UmVvdnh`}?zC|$3(peQphJ*_A)H?=&!C|j>MHMz7Xv!qh5JT(b~6H7}n^7Il5
zGW7yVlX5bXy;Ccli&9fk^GY%kbAk$7fpkgbbayf4tGqMjFflOsFfe7NlrRYSWF?j*
z>gOcprRxWmfUL0gVPMGv+EU0+$G})oP{P0w;qD(15E<!M!ocYf5a<=@7vvNI08)H3
A`2YX_

literal 0
HcmV?d00001

diff --git a/config/src/test/resources/serialized/6.5.x/org.springframework.security.web.webauthn.api.ResidentKeyRequirement.serialized b/config/src/test/resources/serialized/6.5.x/org.springframework.security.web.webauthn.api.ResidentKeyRequirement.serialized
new file mode 100644
index 0000000000000000000000000000000000000000..1d8035da8c5e9ee67f3a10fd613e43e548dce701
GIT binary patch
literal 129
zcmZ4UmVvdnh`}YlC|$3(peQphJ*_A)H?=&!C|j>MHMz7Xv!qh5JT(b~6H7}n^7Il5
zGWCK|i!)PF^Gdu^D}z!COEZg7bAi0yx4h=BHh-?m#K7poz*?4=Q<_@BAmo#kSeB@t
XlbDyTA6x>mz`CNKgn^?7qAvvis&X*f

literal 0
HcmV?d00001

diff --git a/config/src/test/resources/serialized/6.5.x/org.springframework.security.web.webauthn.api.UserVerificationRequirement.serialized b/config/src/test/resources/serialized/6.5.x/org.springframework.security.web.webauthn.api.UserVerificationRequirement.serialized
new file mode 100644
index 0000000000000000000000000000000000000000..486eab9b33cdb28c9a448c6a88f200d2b9e292ef
GIT binary patch
literal 134
zcmZ4UmVvdnh`}?zC|$3(peQphJ*_A)H?=&!C|j>MHMz7Xv!qh5JT(b~6H7}n^7Il5
zGW9}>Q;Wh<i!#$PlM_oa^YemI3rjPLQgc)DN-q8QCMR^>!H9{0(T9PxEHS4vwS+;)
dCo8cmQ9ma!FI_*l1Z0bKML`JzM-fC{3IL#cGI#(0

literal 0
HcmV?d00001

diff --git a/web/src/main/java/org/springframework/security/web/webauthn/api/AttestationConveyancePreference.java b/web/src/main/java/org/springframework/security/web/webauthn/api/AttestationConveyancePreference.java
index 41164faf491..23739e75247 100644
--- a/web/src/main/java/org/springframework/security/web/webauthn/api/AttestationConveyancePreference.java
+++ b/web/src/main/java/org/springframework/security/web/webauthn/api/AttestationConveyancePreference.java
@@ -1,5 +1,5 @@
 /*
- * Copyright 2002-2024 the original author or authors.
+ * Copyright 2002-2025 the original author or authors.
  *
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
@@ -16,6 +16,9 @@
 
 package org.springframework.security.web.webauthn.api;
 
+import java.io.Serial;
+import java.io.Serializable;
+
 /**
  * <a href="https://www.w3.org/TR/webauthn-3/#webauthn-relying-party">WebAuthn Relying
  * Parties</a> may use <a href=
@@ -26,7 +29,10 @@
  * @author Rob Winch
  * @since 6.4
  */
-public final class AttestationConveyancePreference {
+public final class AttestationConveyancePreference implements Serializable {
+
+	@Serial
+	private static final long serialVersionUID = -4821525312099695991L;
 
 	/**
 	 * The <a href=
diff --git a/web/src/main/java/org/springframework/security/web/webauthn/api/AuthenticatorAttachment.java b/web/src/main/java/org/springframework/security/web/webauthn/api/AuthenticatorAttachment.java
index b56371936de..1d30043e805 100644
--- a/web/src/main/java/org/springframework/security/web/webauthn/api/AuthenticatorAttachment.java
+++ b/web/src/main/java/org/springframework/security/web/webauthn/api/AuthenticatorAttachment.java
@@ -1,5 +1,5 @@
 /*
- * Copyright 2002-2024 the original author or authors.
+ * Copyright 2002-2025 the original author or authors.
  *
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
@@ -16,6 +16,9 @@
 
 package org.springframework.security.web.webauthn.api;
 
+import java.io.Serial;
+import java.io.Serializable;
+
 /**
  * The <a href=
  * "https://www.w3.org/TR/webauthn-3/#enumdef-authenticatorattachment">AuthenticatorAttachment</a>.
@@ -23,7 +26,10 @@
  * @author Rob Winch
  * @since 6.4
  */
-public final class AuthenticatorAttachment {
+public final class AuthenticatorAttachment implements Serializable {
+
+	@Serial
+	private static final long serialVersionUID = 9109555306146794233L;
 
 	/**
 	 * Indicates <a href=
diff --git a/web/src/main/java/org/springframework/security/web/webauthn/api/AuthenticatorSelectionCriteria.java b/web/src/main/java/org/springframework/security/web/webauthn/api/AuthenticatorSelectionCriteria.java
index 011e539d826..08151799525 100644
--- a/web/src/main/java/org/springframework/security/web/webauthn/api/AuthenticatorSelectionCriteria.java
+++ b/web/src/main/java/org/springframework/security/web/webauthn/api/AuthenticatorSelectionCriteria.java
@@ -1,5 +1,5 @@
 /*
- * Copyright 2002-2024 the original author or authors.
+ * Copyright 2002-2025 the original author or authors.
  *
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
@@ -16,6 +16,9 @@
 
 package org.springframework.security.web.webauthn.api;
 
+import java.io.Serial;
+import java.io.Serializable;
+
 /**
  * <a href=
  * "https://www.w3.org/TR/webauthn-3/#dictdef-authenticatorselectioncriteria">AuthenticatorAttachment</a>
@@ -31,7 +34,10 @@
  * @since 6.4
  * @see PublicKeyCredentialCreationOptions#getAuthenticatorSelection()
  */
-public final class AuthenticatorSelectionCriteria {
+public final class AuthenticatorSelectionCriteria implements Serializable {
+
+	@Serial
+	private static final long serialVersionUID = -4273495550621636950L;
 
 	private final AuthenticatorAttachment authenticatorAttachment;
 
diff --git a/web/src/main/java/org/springframework/security/web/webauthn/api/Bytes.java b/web/src/main/java/org/springframework/security/web/webauthn/api/Bytes.java
index 6fbcc3596c6..0fc43b14a40 100644
--- a/web/src/main/java/org/springframework/security/web/webauthn/api/Bytes.java
+++ b/web/src/main/java/org/springframework/security/web/webauthn/api/Bytes.java
@@ -16,6 +16,8 @@
 
 package org.springframework.security.web.webauthn.api;
 
+import java.io.Serial;
+import java.io.Serializable;
 import java.security.SecureRandom;
 import java.util.Arrays;
 import java.util.Base64;
@@ -28,7 +30,10 @@
  * @author Rob Winch
  * @since 6.4
  */
-public final class Bytes {
+public final class Bytes implements Serializable {
+
+	@Serial
+	private static final long serialVersionUID = 3152044557472942954L;
 
 	private static final SecureRandom RANDOM = new SecureRandom();
 
diff --git a/web/src/main/java/org/springframework/security/web/webauthn/api/ImmutablePublicKeyCredentialUserEntity.java b/web/src/main/java/org/springframework/security/web/webauthn/api/ImmutablePublicKeyCredentialUserEntity.java
index 3b2fe5adfa0..6f2d2da1077 100644
--- a/web/src/main/java/org/springframework/security/web/webauthn/api/ImmutablePublicKeyCredentialUserEntity.java
+++ b/web/src/main/java/org/springframework/security/web/webauthn/api/ImmutablePublicKeyCredentialUserEntity.java
@@ -1,5 +1,5 @@
 /*
- * Copyright 2002-2024 the original author or authors.
+ * Copyright 2002-2025 the original author or authors.
  *
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
@@ -16,6 +16,8 @@
 
 package org.springframework.security.web.webauthn.api;
 
+import java.io.Serial;
+
 /**
  * <a href=
  * "https://www.w3.org/TR/webauthn-3/#dictdef-publickeycredentialuserentity">PublicKeyCredentialUserEntity</a>
@@ -28,6 +30,9 @@
  */
 public final class ImmutablePublicKeyCredentialUserEntity implements PublicKeyCredentialUserEntity {
 
+	@Serial
+	private static final long serialVersionUID = -6887789205332948120L;
+
 	/**
 	 * When inherited by PublicKeyCredentialUserEntity, it is a human-palatable identifier
 	 * for a user account. It is intended only for display, i.e., aiding the user in
diff --git a/web/src/main/java/org/springframework/security/web/webauthn/api/PublicKeyCredentialCreationOptions.java b/web/src/main/java/org/springframework/security/web/webauthn/api/PublicKeyCredentialCreationOptions.java
index 2bbdcb9b2b0..2dabd440784 100644
--- a/web/src/main/java/org/springframework/security/web/webauthn/api/PublicKeyCredentialCreationOptions.java
+++ b/web/src/main/java/org/springframework/security/web/webauthn/api/PublicKeyCredentialCreationOptions.java
@@ -1,5 +1,5 @@
 /*
- * Copyright 2002-2024 the original author or authors.
+ * Copyright 2002-2025 the original author or authors.
  *
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
@@ -16,6 +16,8 @@
 
 package org.springframework.security.web.webauthn.api;
 
+import java.io.Serial;
+import java.io.Serializable;
 import java.time.Duration;
 import java.util.ArrayList;
 import java.util.Arrays;
@@ -32,7 +34,10 @@
  * @author Rob Winch
  * @since 6.4
  */
-public final class PublicKeyCredentialCreationOptions {
+public final class PublicKeyCredentialCreationOptions implements Serializable {
+
+	@Serial
+	private static final long serialVersionUID = -3447846076083501914L;
 
 	private final PublicKeyCredentialRpEntity rp;
 
diff --git a/web/src/main/java/org/springframework/security/web/webauthn/api/PublicKeyCredentialRpEntity.java b/web/src/main/java/org/springframework/security/web/webauthn/api/PublicKeyCredentialRpEntity.java
index d8e7de80141..a34ce5819b9 100644
--- a/web/src/main/java/org/springframework/security/web/webauthn/api/PublicKeyCredentialRpEntity.java
+++ b/web/src/main/java/org/springframework/security/web/webauthn/api/PublicKeyCredentialRpEntity.java
@@ -1,5 +1,5 @@
 /*
- * Copyright 2002-2024 the original author or authors.
+ * Copyright 2002-2025 the original author or authors.
  *
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
@@ -16,6 +16,9 @@
 
 package org.springframework.security.web.webauthn.api;
 
+import java.io.Serial;
+import java.io.Serializable;
+
 /**
  * The <a href=
  * "https://www.w3.org/TR/webauthn-3/#dictdef-publickeycredentialrpentity">PublicKeyCredentialRpEntity</a>
@@ -25,7 +28,10 @@
  * @author Rob Winch
  * @since 6.4
  */
-public final class PublicKeyCredentialRpEntity {
+public final class PublicKeyCredentialRpEntity implements Serializable {
+
+	@Serial
+	private static final long serialVersionUID = -7546038444920825700L;
 
 	private final String name;
 
diff --git a/web/src/main/java/org/springframework/security/web/webauthn/api/PublicKeyCredentialUserEntity.java b/web/src/main/java/org/springframework/security/web/webauthn/api/PublicKeyCredentialUserEntity.java
index fd95a24c715..b40e366c405 100644
--- a/web/src/main/java/org/springframework/security/web/webauthn/api/PublicKeyCredentialUserEntity.java
+++ b/web/src/main/java/org/springframework/security/web/webauthn/api/PublicKeyCredentialUserEntity.java
@@ -16,6 +16,8 @@
 
 package org.springframework.security.web.webauthn.api;
 
+import java.io.Serializable;
+
 /**
  * <a href=
  * "https://www.w3.org/TR/webauthn-3/#dictdef-publickeycredentialuserentity">PublicKeyCredentialUserEntity</a>
@@ -27,7 +29,7 @@
  * @since 6.4
  * @see org.springframework.security.web.webauthn.management.WebAuthnRelyingPartyOperations#authenticate(org.springframework.security.web.webauthn.management.RelyingPartyAuthenticationRequest)
  */
-public interface PublicKeyCredentialUserEntity {
+public interface PublicKeyCredentialUserEntity extends Serializable {
 
 	/**
 	 * The <a href=
diff --git a/web/src/main/java/org/springframework/security/web/webauthn/api/ResidentKeyRequirement.java b/web/src/main/java/org/springframework/security/web/webauthn/api/ResidentKeyRequirement.java
index 082df8c675e..3e5a49f5a04 100644
--- a/web/src/main/java/org/springframework/security/web/webauthn/api/ResidentKeyRequirement.java
+++ b/web/src/main/java/org/springframework/security/web/webauthn/api/ResidentKeyRequirement.java
@@ -1,5 +1,5 @@
 /*
- * Copyright 2002-2024 the original author or authors.
+ * Copyright 2002-2025 the original author or authors.
  *
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
@@ -16,6 +16,9 @@
 
 package org.springframework.security.web.webauthn.api;
 
+import java.io.Serial;
+import java.io.Serializable;
+
 /**
  * The <a href=
  * "https://www.w3.org/TR/webauthn-3/#enumdef-residentkeyrequirement">ResidentKeyRequirement</a>
@@ -24,7 +27,10 @@
  * @author Rob Winch
  * @since 6.4
  */
-public final class ResidentKeyRequirement {
+public final class ResidentKeyRequirement implements Serializable {
+
+	@Serial
+	private static final long serialVersionUID = -298844375633893587L;
 
 	/**
 	 * The <a href=
diff --git a/web/src/main/java/org/springframework/security/web/webauthn/api/UserVerificationRequirement.java b/web/src/main/java/org/springframework/security/web/webauthn/api/UserVerificationRequirement.java
index adc915015b5..dc9a870ecc8 100644
--- a/web/src/main/java/org/springframework/security/web/webauthn/api/UserVerificationRequirement.java
+++ b/web/src/main/java/org/springframework/security/web/webauthn/api/UserVerificationRequirement.java
@@ -1,5 +1,5 @@
 /*
- * Copyright 2002-2024 the original author or authors.
+ * Copyright 2002-2025 the original author or authors.
  *
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
@@ -16,6 +16,9 @@
 
 package org.springframework.security.web.webauthn.api;
 
+import java.io.Serial;
+import java.io.Serializable;
+
 /**
  * <a href=
  * "https://www.w3.org/TR/webauthn-3/#enumdef-userverificationrequirement">UserVerificationRequirement</a>
@@ -24,7 +27,10 @@
  * @author Rob Winch
  * @since 6.4
  */
-public final class UserVerificationRequirement {
+public final class UserVerificationRequirement implements Serializable {
+
+	@Serial
+	private static final long serialVersionUID = -3244572922495418318L;
 
 	/**
 	 * The <a href=

From 9c2c462bd6c5cbfbfe3ca3968b7ef5d78866c2f7 Mon Sep 17 00:00:00 2001
From: Tran Ngoc Nhan <ngocnhan.tran1996@gmail.com>
Date: Tue, 21 Jan 2025 01:53:39 +0700
Subject: [PATCH 2/3] Implement Serial for PublicKeyCredentialCreationOptions

Signed-off-by: Tran Ngoc Nhan <ngocnhan.tran1996@gmail.com>
---
 ...gSecurityCoreVersionSerializableTests.java |  40 ++++++++++++++++--
 ....AuthenticatorSelectionCriteria.serialized | Bin 727 -> 726 bytes
 ...uthn.api.AuthenticatorTransport.serialized | Bin 0 -> 127 bytes
 ...security.web.webauthn.api.Bytes.serialized | Bin 140 -> 140 bytes
 ...thn.api.COSEAlgorithmIdentifier.serialized | Bin 0 -> 106 bytes
 ...nticationExtensionsClientInputs.serialized | Bin 0 -> 540 bytes
 ...licKeyCredentialCreationOptions.serialized | Bin 1930 -> 3380 bytes
 ...i.PublicKeyCredentialDescriptor.serialized | Bin 0 -> 675 bytes
 ...i.PublicKeyCredentialParameters.serialized | Bin 0 -> 487 bytes
 ...api.PublicKeyCredentialRpEntity.serialized | Bin 155 -> 184 bytes
 ...thn.api.PublicKeyCredentialType.serialized | Bin 0 -> 132 bytes
 .../AuthenticationExtensionsClientInput.java  |   6 ++-
 .../AuthenticationExtensionsClientInputs.java |   5 ++-
 .../webauthn/api/AuthenticatorTransport.java  |  10 ++++-
 .../webauthn/api/COSEAlgorithmIdentifier.java |  10 ++++-
 ...leAuthenticationExtensionsClientInput.java |   7 ++-
 ...eAuthenticationExtensionsClientInputs.java |   6 ++-
 .../api/PublicKeyCredentialDescriptor.java    |   9 +++-
 .../api/PublicKeyCredentialParameters.java    |  10 ++++-
 .../webauthn/api/PublicKeyCredentialType.java |  10 ++++-
 20 files changed, 94 insertions(+), 19 deletions(-)
 create mode 100644 config/src/test/resources/serialized/6.5.x/org.springframework.security.web.webauthn.api.AuthenticatorTransport.serialized
 create mode 100644 config/src/test/resources/serialized/6.5.x/org.springframework.security.web.webauthn.api.COSEAlgorithmIdentifier.serialized
 create mode 100644 config/src/test/resources/serialized/6.5.x/org.springframework.security.web.webauthn.api.ImmutableAuthenticationExtensionsClientInputs.serialized
 create mode 100644 config/src/test/resources/serialized/6.5.x/org.springframework.security.web.webauthn.api.PublicKeyCredentialDescriptor.serialized
 create mode 100644 config/src/test/resources/serialized/6.5.x/org.springframework.security.web.webauthn.api.PublicKeyCredentialParameters.serialized
 create mode 100644 config/src/test/resources/serialized/6.5.x/org.springframework.security.web.webauthn.api.PublicKeyCredentialType.serialized

diff --git a/config/src/test/java/org/springframework/security/SpringSecurityCoreVersionSerializableTests.java b/config/src/test/java/org/springframework/security/SpringSecurityCoreVersionSerializableTests.java
index 040886159b1..d9ae0edd3bb 100644
--- a/config/src/test/java/org/springframework/security/SpringSecurityCoreVersionSerializableTests.java
+++ b/config/src/test/java/org/springframework/security/SpringSecurityCoreVersionSerializableTests.java
@@ -194,11 +194,23 @@
 import org.springframework.security.web.webauthn.api.AttestationConveyancePreference;
 import org.springframework.security.web.webauthn.api.AuthenticatorAttachment;
 import org.springframework.security.web.webauthn.api.AuthenticatorSelectionCriteria;
+import org.springframework.security.web.webauthn.api.AuthenticatorTransport;
 import org.springframework.security.web.webauthn.api.Bytes;
+import org.springframework.security.web.webauthn.api.COSEAlgorithmIdentifier;
+import org.springframework.security.web.webauthn.api.CredentialRecord;
+import org.springframework.security.web.webauthn.api.ImmutableAuthenticationExtensionsClientInput;
+import org.springframework.security.web.webauthn.api.ImmutableAuthenticationExtensionsClientInputs;
 import org.springframework.security.web.webauthn.api.PublicKeyCredentialCreationOptions;
+import org.springframework.security.web.webauthn.api.PublicKeyCredentialDescriptor;
+import org.springframework.security.web.webauthn.api.PublicKeyCredentialParameters;
 import org.springframework.security.web.webauthn.api.PublicKeyCredentialRpEntity;
+import org.springframework.security.web.webauthn.api.PublicKeyCredentialType;
 import org.springframework.security.web.webauthn.api.ResidentKeyRequirement;
+import org.springframework.security.web.webauthn.api.TestCredentialRecord;
+import org.springframework.security.web.webauthn.api.TestPublicKeyCredentialCreationOptions;
+import org.springframework.security.web.webauthn.api.TestPublicKeyCredentialUserEntity;
 import org.springframework.security.web.webauthn.api.UserVerificationRequirement;
+import org.springframework.security.web.webauthn.management.TestPublicKeyCredentialRpEntity;
 
 import static org.assertj.core.api.Assertions.assertThat;
 import static org.assertj.core.api.Assertions.fail;
@@ -518,10 +530,20 @@ class SpringSecurityCoreVersionSerializableTests {
 				(r) -> new HttpSessionCreatedEvent(new MockHttpSession()));
 
 		// webauthn
-		generatorByClassName.put(PublicKeyCredentialCreationOptions.class,
-				(r) -> PublicKeyCredentialCreationOptions.builder().build());
+		generatorByClassName.put(PublicKeyCredentialCreationOptions.class, (r) -> {
+			CredentialRecord credentialRecord = TestCredentialRecord.userCredential().build();
+			PublicKeyCredentialDescriptor descriptor = PublicKeyCredentialDescriptor.builder()
+				.id(credentialRecord.getCredentialId())
+				.transports(credentialRecord.getTransports())
+				.build();
+			return TestPublicKeyCredentialCreationOptions.createPublicKeyCredentialCreationOptions()
+				.rp(TestPublicKeyCredentialRpEntity.createRpEntity().build())
+				.user(TestPublicKeyCredentialUserEntity.userEntity().build())
+				.excludeCredentials(List.of(descriptor))
+				.build();
+		});
 		generatorByClassName.put(PublicKeyCredentialRpEntity.class,
-				(r) -> PublicKeyCredentialRpEntity.builder().build());
+				(r) -> TestPublicKeyCredentialRpEntity.createRpEntity().build());
 		generatorByClassName.put(Bytes.class, (r) -> Bytes.random());
 		generatorByClassName.put(AuthenticatorSelectionCriteria.class,
 				(r) -> AuthenticatorSelectionCriteria.builder().build());
@@ -529,6 +551,18 @@ class SpringSecurityCoreVersionSerializableTests {
 		generatorByClassName.put(ResidentKeyRequirement.class, (r) -> ResidentKeyRequirement.REQUIRED);
 		generatorByClassName.put(UserVerificationRequirement.class, (r) -> UserVerificationRequirement.REQUIRED);
 		generatorByClassName.put(AttestationConveyancePreference.class, (r) -> AttestationConveyancePreference.NONE);
+		generatorByClassName.put(PublicKeyCredentialParameters.class, (r) -> PublicKeyCredentialParameters.EdDSA);
+		generatorByClassName.put(COSEAlgorithmIdentifier.class, (r) -> COSEAlgorithmIdentifier.EdDSA);
+		generatorByClassName.put(ImmutableAuthenticationExtensionsClientInputs.class,
+				(r) -> new ImmutableAuthenticationExtensionsClientInputs(
+						ImmutableAuthenticationExtensionsClientInput.credProps));
+		generatorByClassName.put(PublicKeyCredentialDescriptor.class,
+				(r) -> PublicKeyCredentialDescriptor.builder()
+					.transports(AuthenticatorTransport.HYBRID)
+					.id(Bytes.fromBase64("ChfoCM8CJA_wwUGDdzdtuw"))
+					.build());
+		generatorByClassName.put(PublicKeyCredentialType.class, (r) -> PublicKeyCredentialType.PUBLIC_KEY);
+		generatorByClassName.put(AuthenticatorTransport.class, (r) -> AuthenticatorTransport.HYBRID);
 	}
 
 	@ParameterizedTest
diff --git a/config/src/test/resources/serialized/6.5.x/org.springframework.security.web.webauthn.api.AuthenticatorSelectionCriteria.serialized b/config/src/test/resources/serialized/6.5.x/org.springframework.security.web.webauthn.api.AuthenticatorSelectionCriteria.serialized
index a92b866b63c9788ce7389f4f6dedd571496794c6..b8c594143d11e8b3491026bbfd3a648d3afa1136 100644
GIT binary patch
delta 57
zcmcc4dX06%Cq`~IcV|Z@@37(`2A9c=jCzyxn2fmDoIRZULxX{0o?x*#Oy-;%!Oouk
If#JT60RE>Co&W#<

delta 58
zcmcb{dYyH{Cq_O_M~_G+Z_jXd_u?W3m&uKcdXu%8jQBWxJ;DQ>gPc4ffx@0(;b~0f
JEX*DOE&vy|5bpp0

diff --git a/config/src/test/resources/serialized/6.5.x/org.springframework.security.web.webauthn.api.AuthenticatorTransport.serialized b/config/src/test/resources/serialized/6.5.x/org.springframework.security.web.webauthn.api.AuthenticatorTransport.serialized
new file mode 100644
index 0000000000000000000000000000000000000000..b8a19bd7c26c3f9b264c2aec1f0dc07b3fceb952
GIT binary patch
literal 127
zcmZ4UmVvdnh`}YlC|$3(peQphJ*_A)H?=&!C|j>MHMz7Xv!qh5JT(b~6H7}n^7Il5
zGW8sRtkk@c%;dz9{GyPe#Ju8y{Gt-A>NTNK8QVWHF);ctu$Cp}l%|$22>E0smL=-v
ZB<7{-2bX{>u&yX5VPMOsOe)Gu0RSX~FGc_W

literal 0
HcmV?d00001

diff --git a/config/src/test/resources/serialized/6.5.x/org.springframework.security.web.webauthn.api.Bytes.serialized b/config/src/test/resources/serialized/6.5.x/org.springframework.security.web.webauthn.api.Bytes.serialized
index c14302d1dcd6b49b17d58fd8c8dac090dbe56fbc..151e45835c9624b1619d12066b27e444831d0520 100644
GIT binary patch
delta 39
xcmV+?0NDSG0gM5VY#;&>fT4wDrIVq|pXwh2Ngc8Tlsqz&JM5~<msxpaZAvy(5O@Fp

delta 39
vcmeBS>|vacqmY!HRXU09-{$90%koq%7T(!V&Hb+?kY!rpl)kn}{d-yfUm+6E

diff --git a/config/src/test/resources/serialized/6.5.x/org.springframework.security.web.webauthn.api.COSEAlgorithmIdentifier.serialized b/config/src/test/resources/serialized/6.5.x/org.springframework.security.web.webauthn.api.COSEAlgorithmIdentifier.serialized
new file mode 100644
index 0000000000000000000000000000000000000000..d2a0186495f35231b23a7841c105d765cdfd7e1c
GIT binary patch
literal 106
zcmZ4UmVvdnh`}|#C|$3(peQphJ*_A)H?=&!C|j>MHMz7Xv!qh5JT(b~6H7}n^7Il5
zGWDGOgIyhS(({3`8M&S*sd*)tX_=`-8WpWZ>o;C3XJTOVVqh&x%qdN+DEJQnKLC<*
BEbjmS

literal 0
HcmV?d00001

diff --git a/config/src/test/resources/serialized/6.5.x/org.springframework.security.web.webauthn.api.ImmutableAuthenticationExtensionsClientInputs.serialized b/config/src/test/resources/serialized/6.5.x/org.springframework.security.web.webauthn.api.ImmutableAuthenticationExtensionsClientInputs.serialized
new file mode 100644
index 0000000000000000000000000000000000000000..1b4fb7d76b21fb680f78abb4250be8e222faee48
GIT binary patch
literal 540
zcmb7>KT88K7{=c_XhAyo4-`bu!8!K<>QY6paG;>m9S-R=JyWl_ki2QHo1^#{9332-
z9i3I^A~^UV>>#=*h{=hfn;k;JlkmLH^ULKERJ4LPS1Hj_aglZu?Xf|wj)-Q7Q5=V4
zz*=rmgNK4p$w{-<Ge}z*Ygma1<OxNdi>(5g(DtA=Gj8RkkOuYbM{V)_^lrrmFN7*D
zHH4Y4OZzl1$g?2i8ta9$IhLGAoJbl<(V<=|H}~N2eEoWKQoXk}F?bYVKK`=Es7QmI
zR+lBt#3<O0!^!IWqeXpuGku_<<qIF6kO1J>w9#Z^CZX1Oe!Y?}3)?>UA=KD6*k&7H
z?pN(SbYE5vp;B`Fd-=lzVJcCqy{mGmZS2_+vcpC;@;qZyj8@h0!`a)|vW=k9r<q}e
G^gaOs%gSQ_

literal 0
HcmV?d00001

diff --git a/config/src/test/resources/serialized/6.5.x/org.springframework.security.web.webauthn.api.PublicKeyCredentialCreationOptions.serialized b/config/src/test/resources/serialized/6.5.x/org.springframework.security.web.webauthn.api.PublicKeyCredentialCreationOptions.serialized
index 19981244caf1ea7a856d7717fd741b1f85689507..fcefb1abe296d8f792caf76fc3c2d8c499e99cd1 100644
GIT binary patch
delta 1120
zcmZ`&TSyd97(TNz?z*jJCYYC^rHmqL6;q;=$Xm5G=++v7o5gYW>^eF-GoCr4I}sT~
zAwoSgFF^$b6-x#dg<=mu(L)wJRHQ`|M$kh-SQK5U&YAV{P|d@cne*Si@BhDlAnQiK
z)&0C%P*er!7>HIN&3FAYzn$YWOH4x<7<C&GMiFZBGn+M)wsE0b!zhYy>Ux8H9dcH*
zcn3#ojF*r1WVCsveqJJ5^ZcJ(;VmP>b?)$Vy8C?V7n&ry6ZSx#K_uB%tIBc^;g%DF
z!<!3}**xI<fG04P&;S5jufR?kvD2D#R@c`dJ&YxdsCaLAJla)y`GW)SB5+8NZg7Zw
zEg%>wx~5{H6ObjcG9|1`Nf41r5eUT8koAf$vqVSE>Sp>=nb33=n{TjlDXq4sV(?h{
zs~53TcU{8k?upTH>$R}KTIk9tW&V>Vw-sESKD^5TI1!}vK-oYn(38*zSfCm0vJ_t5
zh0Fwn9AYhT`{Qwgz;+o~&$y!K*e}nL9|QN7+u=@0(F|gj7bpx23g+8VjWIO!BKsvu
zI(dGf>ej=4=VKZe0vseDCzN6*LnT(y)ZU50gmN)3Xb#!qvrh9K>kXHeTlxN8RvT_z
znsfk=YAUVN`WLp9ebJAfhqX_+I~>3v0uM?Mr09~W`0d_$C|esY0gL}tm;iT}Dj|SX
zO{e)&17_HKHL5Bjs66!I!%xqAe@_Xt&NMEeaW?s4in=kxiEPB)0K_nk2*P^h$dk3D
z$zY2z3!JBkZ5<TOJH30<d1dVEor5-L9?CH`-J;s2V12b5Q?W!k;{FIyh!m9&o>c&w
z*a~Y>DDV4^<C?_LvY~5_dMVh3Ik3M|&sP?`+6KPKKC5O7-~MCx^*d#tyQAWmPuH-d
z#G;I4uQl!5SC)+uFs{kSC#zv7cc?lcU|G=i@&-}Zpd?K1ZX}yDjJ1cDR>-v~lkUYj
zDp$ay*38D)Hz&1#t;3zjtfeDi<e|JrN4TDT5%ZjstoXXu(_wFpCnD*Z49!N0hM}Zm
zo?j+GnZ0G|77UugCOp3@-Xq?r{+hSP*9EMq;{2hBo4X!lS_O4O7Y~Hij0?G4W4Bq-
FhCjwCiva)t

delta 220
zcmdlY)y2Odo|%u+-zmZ`IK<!EuegZ8XR<%5-sWk{?u?W3*^T5KOG`3R^GY(46HD@o
z97{?PlQVLG{JQKVo*~P-eokJ%D#FSV5fJP&`5sFuhhs>XtB<3n|7360Om?=Q2uCNU
zpvn7K(|wprq?~|;3uh&kCF+%yWaj8O78NB{`eYWDR5V_aoq0TQE;9q8Cj(1yW>soM
z0Rs?}vw+Bog5pAkItE1~5uo8llTUFw@UjMldHaTxFtGSVL<LT^;ZfycsVyxL{hoQY
Gq5uHco<uGH

diff --git a/config/src/test/resources/serialized/6.5.x/org.springframework.security.web.webauthn.api.PublicKeyCredentialDescriptor.serialized b/config/src/test/resources/serialized/6.5.x/org.springframework.security.web.webauthn.api.PublicKeyCredentialDescriptor.serialized
new file mode 100644
index 0000000000000000000000000000000000000000..46dbca4ffac64a9ec0f3c52d439fefa701087cb4
GIT binary patch
literal 675
zcmb7?KT88a5XC2#L_$EKHi6itQoIvX1XJaYisV2g5sO&3N!DbO%iX#+m*fycu($A2
zh^Da8LJ+JiEc^l~ZG?!8rMnS9M2i%|7R&tJ%zM*&g|I6i?}(c2a>4A{fgml~aYR#h
zX~h!^eZ51=s)&bmTPK|9TVB~>l|1#cf>x=Gj95A9Rs`edh`q(uL394{O@p8b8ml5K
znG$dO!W-XsL!wm;@rJ}386T;eG9ikB*e-Vjx(G3|LE6OdkXc57qWlh_&nd$Ci1a^(
zFG^6V%cT(uqZu)rboPGpIl2GX&>&EPa9ItHpp`OR?g{nw-s2x*kz!v1=yCv<h{j(c
zPg*iIcu1dimRomHcTz2<tL5~pV_5|%cF(SER;Di|gAmw&Ad=d!SL=i%As{<)qfMHY
z;i;r5L`GEn_I2i{x09&f%B%t=gxkdOq@hz^PFuvT83j}~A-zEutNUfas$HqQI-2%B
cj`z>k64!&1?H}TYa17&0EXs!`HrJ&7C$C%d3;+NC

literal 0
HcmV?d00001

diff --git a/config/src/test/resources/serialized/6.5.x/org.springframework.security.web.webauthn.api.PublicKeyCredentialParameters.serialized b/config/src/test/resources/serialized/6.5.x/org.springframework.security.web.webauthn.api.PublicKeyCredentialParameters.serialized
new file mode 100644
index 0000000000000000000000000000000000000000..d92bdbafb7a3674168a42552cb5d567156ecab99
GIT binary patch
literal 487
zcmZ4UmVvdnh`~F*C|$3(peQphJ*_A)H?=&!C|j>MHMz7Xv!qh5JT(b~6H7}n^7Il5
zGW7yVlX5bXy;Ccli&9fk^GY%ka{>}U`btuZieFvKT61#lp&BLzCLado#GLdJ26rEz
z`TA()>%+{~2bvASVDt5X=IcBA2fI4vq~`-|&&c%z+mM!-T4e3Rz*16KkV?9NSR5Pz
zG|0N50O)yF(mapDaT*n^M(a0TEN5b1^kQHwOUx-vttj{p0Y6B$1&50tOmdUj@S!0P
oXp0ZjmJ$XbpRB~PME#t^ymbBG5>O-pJyycNRRE4A-R#s#00G0j<p2Nx

literal 0
HcmV?d00001

diff --git a/config/src/test/resources/serialized/6.5.x/org.springframework.security.web.webauthn.api.PublicKeyCredentialRpEntity.serialized b/config/src/test/resources/serialized/6.5.x/org.springframework.security.web.webauthn.api.PublicKeyCredentialRpEntity.serialized
index 35c229661605912b6af4b4c061f5ec1b4001e83b..918ec8599877eac8cff60bc382d182b0655e74bf 100644
GIT binary patch
delta 57
zcmbQuxPx&*n~`8@MPhD2PO4r`esW??Mt*Tg34?5KK~ZL2x<YVja%oX!Nu@$iYEC6c
KARw`*q!IvP4HY;5

delta 28
jcmdnNIGb@on<z(wyMIJLWTayW1E)topjV_{kW&Z%eWM6b

diff --git a/config/src/test/resources/serialized/6.5.x/org.springframework.security.web.webauthn.api.PublicKeyCredentialType.serialized b/config/src/test/resources/serialized/6.5.x/org.springframework.security.web.webauthn.api.PublicKeyCredentialType.serialized
new file mode 100644
index 0000000000000000000000000000000000000000..5a89cd67e951613e50260c348eb580e4df951d51
GIT binary patch
literal 132
zcmZ4UmVvdnh`}|#C|$3(peQphJ*_A)H?=&!C|j>MHMz7Xv!qh5JT(b~6H7}n^7Il5
zGW7yVlX5bXy;Ccli&9fk^GY%kb3!T$QXfomliKj1A&`lI(T9PxEHS4vwS+;)Co8cm
cQ9ma!FI_*l1Z0DCML`JzR{_`z-R#s#02x~`E&u=k

literal 0
HcmV?d00001

diff --git a/web/src/main/java/org/springframework/security/web/webauthn/api/AuthenticationExtensionsClientInput.java b/web/src/main/java/org/springframework/security/web/webauthn/api/AuthenticationExtensionsClientInput.java
index f3fb229af1b..736a3b29609 100644
--- a/web/src/main/java/org/springframework/security/web/webauthn/api/AuthenticationExtensionsClientInput.java
+++ b/web/src/main/java/org/springframework/security/web/webauthn/api/AuthenticationExtensionsClientInput.java
@@ -1,5 +1,5 @@
 /*
- * Copyright 2002-2024 the original author or authors.
+ * Copyright 2002-2025 the original author or authors.
  *
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
@@ -16,6 +16,8 @@
 
 package org.springframework.security.web.webauthn.api;
 
+import java.io.Serializable;
+
 /**
  * A <a href="https://www.w3.org/TR/webauthn-3/#client-extension-input">client extension
  * input</a> entry in the {@link AuthenticationExtensionsClientInputs}.
@@ -25,7 +27,7 @@
  * @since 6.4
  * @see ImmutableAuthenticationExtensionsClientInput
  */
-public interface AuthenticationExtensionsClientInput<T> {
+public interface AuthenticationExtensionsClientInput<T> extends Serializable {
 
 	/**
 	 * Gets the <a href="https://www.w3.org/TR/webauthn-3/#extension-identifier">extension
diff --git a/web/src/main/java/org/springframework/security/web/webauthn/api/AuthenticationExtensionsClientInputs.java b/web/src/main/java/org/springframework/security/web/webauthn/api/AuthenticationExtensionsClientInputs.java
index 44a26a41c12..3befaa601fc 100644
--- a/web/src/main/java/org/springframework/security/web/webauthn/api/AuthenticationExtensionsClientInputs.java
+++ b/web/src/main/java/org/springframework/security/web/webauthn/api/AuthenticationExtensionsClientInputs.java
@@ -1,5 +1,5 @@
 /*
- * Copyright 2002-2024 the original author or authors.
+ * Copyright 2002-2025 the original author or authors.
  *
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
@@ -16,6 +16,7 @@
 
 package org.springframework.security.web.webauthn.api;
 
+import java.io.Serializable;
 import java.util.List;
 
 /**
@@ -31,7 +32,7 @@
  * @since 6.4
  * @see PublicKeyCredentialCreationOptions#getExtensions()
  */
-public interface AuthenticationExtensionsClientInputs {
+public interface AuthenticationExtensionsClientInputs extends Serializable {
 
 	/**
 	 * Gets all of the {@link AuthenticationExtensionsClientInput}.
diff --git a/web/src/main/java/org/springframework/security/web/webauthn/api/AuthenticatorTransport.java b/web/src/main/java/org/springframework/security/web/webauthn/api/AuthenticatorTransport.java
index 33e9d2123cb..31516a49bd6 100644
--- a/web/src/main/java/org/springframework/security/web/webauthn/api/AuthenticatorTransport.java
+++ b/web/src/main/java/org/springframework/security/web/webauthn/api/AuthenticatorTransport.java
@@ -1,5 +1,5 @@
 /*
- * Copyright 2002-2024 the original author or authors.
+ * Copyright 2002-2025 the original author or authors.
  *
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
@@ -16,6 +16,9 @@
 
 package org.springframework.security.web.webauthn.api;
 
+import java.io.Serial;
+import java.io.Serializable;
+
 /**
  * <a href=
  * "https://www.w3.org/TR/webauthn-3/#enumdef-authenticatortransport">AuthenticatorTransport</a>
@@ -25,7 +28,10 @@
  * @author Rob Winch
  * @since 6.4
  */
-public final class AuthenticatorTransport {
+public final class AuthenticatorTransport implements Serializable {
+
+	@Serial
+	private static final long serialVersionUID = 3061229853243652081L;
 
 	/**
 	 * <a href="https://www.w3.org/TR/webauthn-3/#dom-authenticatortransport-usb">usbc</a>
diff --git a/web/src/main/java/org/springframework/security/web/webauthn/api/COSEAlgorithmIdentifier.java b/web/src/main/java/org/springframework/security/web/webauthn/api/COSEAlgorithmIdentifier.java
index 0cafd9309bd..7acae91188e 100644
--- a/web/src/main/java/org/springframework/security/web/webauthn/api/COSEAlgorithmIdentifier.java
+++ b/web/src/main/java/org/springframework/security/web/webauthn/api/COSEAlgorithmIdentifier.java
@@ -1,5 +1,5 @@
 /*
- * Copyright 2002-2024 the original author or authors.
+ * Copyright 2002-2025 the original author or authors.
  *
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
@@ -16,6 +16,9 @@
 
 package org.springframework.security.web.webauthn.api;
 
+import java.io.Serial;
+import java.io.Serializable;
+
 /**
  * <a href=
  * "https://www.w3.org/TR/webauthn-3/#sctn-alg-identifier">COSEAlgorithmIdentifier</a> is
@@ -25,7 +28,10 @@
  * @since 6.4
  * @see PublicKeyCredentialParameters#getAlg()
  */
-public final class COSEAlgorithmIdentifier {
+public final class COSEAlgorithmIdentifier implements Serializable {
+
+	@Serial
+	private static final long serialVersionUID = 2916227211464921463L;
 
 	public static final COSEAlgorithmIdentifier EdDSA = new COSEAlgorithmIdentifier(-8);
 
diff --git a/web/src/main/java/org/springframework/security/web/webauthn/api/ImmutableAuthenticationExtensionsClientInput.java b/web/src/main/java/org/springframework/security/web/webauthn/api/ImmutableAuthenticationExtensionsClientInput.java
index eb656c3cdfb..f022ceb33aa 100644
--- a/web/src/main/java/org/springframework/security/web/webauthn/api/ImmutableAuthenticationExtensionsClientInput.java
+++ b/web/src/main/java/org/springframework/security/web/webauthn/api/ImmutableAuthenticationExtensionsClientInput.java
@@ -1,5 +1,5 @@
 /*
- * Copyright 2002-2024 the original author or authors.
+ * Copyright 2002-2025 the original author or authors.
  *
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
@@ -16,6 +16,8 @@
 
 package org.springframework.security.web.webauthn.api;
 
+import java.io.Serial;
+
 /**
  * An immutable {@link AuthenticationExtensionsClientInput}.
  *
@@ -26,6 +28,9 @@
  */
 public class ImmutableAuthenticationExtensionsClientInput<T> implements AuthenticationExtensionsClientInput<T> {
 
+	@Serial
+	private static final long serialVersionUID = 7418261700160525896L;
+
 	/**
 	 * https://www.w3.org/TR/webauthn-3/#sctn-authenticator-credential-properties-extension
 	 */
diff --git a/web/src/main/java/org/springframework/security/web/webauthn/api/ImmutableAuthenticationExtensionsClientInputs.java b/web/src/main/java/org/springframework/security/web/webauthn/api/ImmutableAuthenticationExtensionsClientInputs.java
index cef29f378a5..d3faffb2be5 100644
--- a/web/src/main/java/org/springframework/security/web/webauthn/api/ImmutableAuthenticationExtensionsClientInputs.java
+++ b/web/src/main/java/org/springframework/security/web/webauthn/api/ImmutableAuthenticationExtensionsClientInputs.java
@@ -1,5 +1,5 @@
 /*
- * Copyright 2002-2024 the original author or authors.
+ * Copyright 2002-2025 the original author or authors.
  *
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
@@ -16,6 +16,7 @@
 
 package org.springframework.security.web.webauthn.api;
 
+import java.io.Serial;
 import java.util.Arrays;
 import java.util.List;
 
@@ -27,6 +28,9 @@
  */
 public class ImmutableAuthenticationExtensionsClientInputs implements AuthenticationExtensionsClientInputs {
 
+	@Serial
+	private static final long serialVersionUID = -3891660830369199585L;
+
 	private final List<AuthenticationExtensionsClientInput> inputs;
 
 	public ImmutableAuthenticationExtensionsClientInputs(List<AuthenticationExtensionsClientInput> inputs) {
diff --git a/web/src/main/java/org/springframework/security/web/webauthn/api/PublicKeyCredentialDescriptor.java b/web/src/main/java/org/springframework/security/web/webauthn/api/PublicKeyCredentialDescriptor.java
index ad454814b0f..d411818e4aa 100644
--- a/web/src/main/java/org/springframework/security/web/webauthn/api/PublicKeyCredentialDescriptor.java
+++ b/web/src/main/java/org/springframework/security/web/webauthn/api/PublicKeyCredentialDescriptor.java
@@ -1,5 +1,5 @@
 /*
- * Copyright 2002-2024 the original author or authors.
+ * Copyright 2002-2025 the original author or authors.
  *
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
@@ -16,6 +16,8 @@
 
 package org.springframework.security.web.webauthn.api;
 
+import java.io.Serial;
+import java.io.Serializable;
 import java.util.Set;
 
 /**
@@ -29,7 +31,10 @@
  * @author Rob Winch
  * @since 6.4
  */
-public final class PublicKeyCredentialDescriptor {
+public final class PublicKeyCredentialDescriptor implements Serializable {
+
+	@Serial
+	private static final long serialVersionUID = 6644055636930767601L;
 
 	private final PublicKeyCredentialType type;
 
diff --git a/web/src/main/java/org/springframework/security/web/webauthn/api/PublicKeyCredentialParameters.java b/web/src/main/java/org/springframework/security/web/webauthn/api/PublicKeyCredentialParameters.java
index abb8c028330..6185b4e9983 100644
--- a/web/src/main/java/org/springframework/security/web/webauthn/api/PublicKeyCredentialParameters.java
+++ b/web/src/main/java/org/springframework/security/web/webauthn/api/PublicKeyCredentialParameters.java
@@ -1,5 +1,5 @@
 /*
- * Copyright 2002-2024 the original author or authors.
+ * Copyright 2002-2025 the original author or authors.
  *
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
@@ -16,6 +16,9 @@
 
 package org.springframework.security.web.webauthn.api;
 
+import java.io.Serial;
+import java.io.Serializable;
+
 /**
  * The <a href=
  * "https://www.w3.org/TR/webauthn-3/#dictdef-publickeycredentialparameters">PublicKeyCredentialParameters</a>
@@ -25,7 +28,10 @@
  * @since 6.4
  * @see PublicKeyCredentialCreationOptions#getPubKeyCredParams()
  */
-public final class PublicKeyCredentialParameters {
+public final class PublicKeyCredentialParameters implements Serializable {
+
+	@Serial
+	private static final long serialVersionUID = -1526321508352408964L;
 
 	public static final PublicKeyCredentialParameters EdDSA = new PublicKeyCredentialParameters(
 			COSEAlgorithmIdentifier.EdDSA);
diff --git a/web/src/main/java/org/springframework/security/web/webauthn/api/PublicKeyCredentialType.java b/web/src/main/java/org/springframework/security/web/webauthn/api/PublicKeyCredentialType.java
index 57f1c6ec463..ea946599701 100644
--- a/web/src/main/java/org/springframework/security/web/webauthn/api/PublicKeyCredentialType.java
+++ b/web/src/main/java/org/springframework/security/web/webauthn/api/PublicKeyCredentialType.java
@@ -1,5 +1,5 @@
 /*
- * Copyright 2002-2024 the original author or authors.
+ * Copyright 2002-2025 the original author or authors.
  *
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
@@ -16,6 +16,9 @@
 
 package org.springframework.security.web.webauthn.api;
 
+import java.io.Serial;
+import java.io.Serializable;
+
 /**
  * The <a href=
  * "https://www.w3.org/TR/webauthn-3/#enum-credentialType">PublicKeyCredentialType</a>
@@ -24,7 +27,10 @@
  * @author Rob Winch
  * @since 6.4
  */
-public final class PublicKeyCredentialType {
+public final class PublicKeyCredentialType implements Serializable {
+
+	@Serial
+	private static final long serialVersionUID = -2264670582162292655L;
 
 	/**
 	 * The only credential type that currently exists.

From 8fa2cc76be53846f5b265144ab4c611fc2e1f1a4 Mon Sep 17 00:00:00 2001
From: Tran Ngoc Nhan <ngocnhan.tran1996@gmail.com>
Date: Sat, 25 Jan 2025 01:08:12 +0700
Subject: [PATCH 3/3] Implement Serial for PublicKeyCredentialCreationOptions

Signed-off-by: Tran Ngoc Nhan <ngocnhan.tran1996@gmail.com>
---
 ...gSecurityCoreVersionSerializableTests.java |  28 ++++++++++++++++++
 ...AttestationConveyancePreference.serialized | Bin 0 -> 138 bytes
 ...thn.api.AuthenticatorAttachment.serialized | Bin 0 -> 136 bytes
 ....AuthenticatorSelectionCriteria.serialized | Bin 0 -> 726 bytes
 ...thn.api.COSEAlgorithmIdentifier.serialized | Bin 0 -> 106 bytes
 ...licKeyCredentialCreationOptions.serialized | Bin 0 -> 3516 bytes
 ...i.PublicKeyCredentialParameters.serialized | Bin 0 -> 487 bytes
 ...api.PublicKeyCredentialRpEntity.serialized | Bin 0 -> 184 bytes
 ...uthn.api.ResidentKeyRequirement.serialized | Bin 0 -> 129 bytes
 .../api/AttestationConveyancePreference.java  |  10 +++++--
 .../webauthn/api/AuthenticatorAttachment.java |  10 +++++--
 .../api/AuthenticatorSelectionCriteria.java   |  10 +++++--
 .../webauthn/api/COSEAlgorithmIdentifier.java |  10 +++++--
 .../PublicKeyCredentialCreationOptions.java   |   9 ++++--
 .../api/PublicKeyCredentialParameters.java    |  10 +++++--
 .../api/PublicKeyCredentialRpEntity.java      |  10 +++++--
 .../webauthn/api/ResidentKeyRequirement.java  |  10 +++++--
 17 files changed, 91 insertions(+), 16 deletions(-)
 create mode 100644 config/src/test/resources/serialized/6.5.x/org.springframework.security.web.webauthn.api.AttestationConveyancePreference.serialized
 create mode 100644 config/src/test/resources/serialized/6.5.x/org.springframework.security.web.webauthn.api.AuthenticatorAttachment.serialized
 create mode 100644 config/src/test/resources/serialized/6.5.x/org.springframework.security.web.webauthn.api.AuthenticatorSelectionCriteria.serialized
 create mode 100644 config/src/test/resources/serialized/6.5.x/org.springframework.security.web.webauthn.api.COSEAlgorithmIdentifier.serialized
 create mode 100644 config/src/test/resources/serialized/6.5.x/org.springframework.security.web.webauthn.api.PublicKeyCredentialCreationOptions.serialized
 create mode 100644 config/src/test/resources/serialized/6.5.x/org.springframework.security.web.webauthn.api.PublicKeyCredentialParameters.serialized
 create mode 100644 config/src/test/resources/serialized/6.5.x/org.springframework.security.web.webauthn.api.PublicKeyCredentialRpEntity.serialized
 create mode 100644 config/src/test/resources/serialized/6.5.x/org.springframework.security.web.webauthn.api.ResidentKeyRequirement.serialized

diff --git a/config/src/test/java/org/springframework/security/SpringSecurityCoreVersionSerializableTests.java b/config/src/test/java/org/springframework/security/SpringSecurityCoreVersionSerializableTests.java
index 7daa7967f06..ef6f4424639 100644
--- a/config/src/test/java/org/springframework/security/SpringSecurityCoreVersionSerializableTests.java
+++ b/config/src/test/java/org/springframework/security/SpringSecurityCoreVersionSerializableTests.java
@@ -206,22 +206,32 @@
 import org.springframework.security.web.savedrequest.SimpleSavedRequest;
 import org.springframework.security.web.server.firewall.ServerExchangeRejectedException;
 import org.springframework.security.web.session.HttpSessionCreatedEvent;
+import org.springframework.security.web.webauthn.api.AttestationConveyancePreference;
 import org.springframework.security.web.webauthn.api.AuthenticationExtensionsClientInputs;
+import org.springframework.security.web.webauthn.api.AuthenticatorAttachment;
+import org.springframework.security.web.webauthn.api.AuthenticatorSelectionCriteria;
 import org.springframework.security.web.webauthn.api.AuthenticatorTransport;
 import org.springframework.security.web.webauthn.api.Bytes;
+import org.springframework.security.web.webauthn.api.COSEAlgorithmIdentifier;
 import org.springframework.security.web.webauthn.api.CredProtectAuthenticationExtensionsClientInput;
 import org.springframework.security.web.webauthn.api.ImmutableAuthenticationExtensionsClientInput;
 import org.springframework.security.web.webauthn.api.ImmutableAuthenticationExtensionsClientInputs;
 import org.springframework.security.web.webauthn.api.ImmutablePublicKeyCredentialUserEntity;
+import org.springframework.security.web.webauthn.api.PublicKeyCredentialCreationOptions;
 import org.springframework.security.web.webauthn.api.PublicKeyCredentialDescriptor;
+import org.springframework.security.web.webauthn.api.PublicKeyCredentialParameters;
 import org.springframework.security.web.webauthn.api.PublicKeyCredentialRequestOptions;
+import org.springframework.security.web.webauthn.api.PublicKeyCredentialRpEntity;
 import org.springframework.security.web.webauthn.api.PublicKeyCredentialType;
 import org.springframework.security.web.webauthn.api.PublicKeyCredentialUserEntity;
+import org.springframework.security.web.webauthn.api.ResidentKeyRequirement;
 import org.springframework.security.web.webauthn.api.TestBytes;
+import org.springframework.security.web.webauthn.api.TestPublicKeyCredentialCreationOptions;
 import org.springframework.security.web.webauthn.api.TestPublicKeyCredentialRequestOptions;
 import org.springframework.security.web.webauthn.api.TestPublicKeyCredentialUserEntity;
 import org.springframework.security.web.webauthn.api.UserVerificationRequirement;
 import org.springframework.security.web.webauthn.authentication.WebAuthnAuthentication;
+import org.springframework.security.web.webauthn.management.TestPublicKeyCredentialRpEntity;
 import org.springframework.util.ReflectionUtils;
 
 import static org.assertj.core.api.Assertions.assertThat;
@@ -608,6 +618,24 @@ class SpringSecurityCoreVersionSerializableTests {
 			webAuthnAuthentication.setDetails(details);
 			return webAuthnAuthentication;
 		});
+		generatorByClassName.put(AttestationConveyancePreference.class,
+				(r) -> AttestationConveyancePreference.INDIRECT);
+		generatorByClassName.put(AuthenticatorAttachment.class, (r) -> AuthenticatorAttachment.CROSS_PLATFORM);
+		generatorByClassName.put(AuthenticatorSelectionCriteria.class,
+				(r) -> AuthenticatorSelectionCriteria.builder()
+					.userVerification(UserVerificationRequirement.REQUIRED)
+					.build());
+		generatorByClassName.put(COSEAlgorithmIdentifier.class, (r) -> COSEAlgorithmIdentifier.ES256);
+		generatorByClassName.put(PublicKeyCredentialParameters.class, (r) -> PublicKeyCredentialParameters.ES256);
+		generatorByClassName.put(PublicKeyCredentialRpEntity.class,
+				(r) -> TestPublicKeyCredentialRpEntity.createRpEntity().build());
+		generatorByClassName.put(ResidentKeyRequirement.class, (r) -> ResidentKeyRequirement.REQUIRED);
+		generatorByClassName.put(PublicKeyCredentialCreationOptions.class,
+				(r) -> TestPublicKeyCredentialCreationOptions.createPublicKeyCredentialCreationOptions()
+					.rp(TestPublicKeyCredentialRpEntity.createRpEntity().build())
+					.user(TestPublicKeyCredentialUserEntity.userEntity().build())
+					.excludeCredentials(List.of(descriptor))
+					.build());
 	}
 
 	@ParameterizedTest
diff --git a/config/src/test/resources/serialized/6.5.x/org.springframework.security.web.webauthn.api.AttestationConveyancePreference.serialized b/config/src/test/resources/serialized/6.5.x/org.springframework.security.web.webauthn.api.AttestationConveyancePreference.serialized
new file mode 100644
index 0000000000000000000000000000000000000000..f024863b39523ffec55a1a48327a893d2dd523f6
GIT binary patch
literal 138
zcmWm7u?@m75I|9b6p5OGF&ug-K%xo~5)&Ne5)P8Hbv`?!qh%LXfQ{GzQhe!k|MfLR
z6tnlz*cgPksRcUhz1(a>mxOe%J)XuO>4hx>vTIe03QC^0o-+=>4iADg3jXz8Ja)^^
i<~cQ!$`l#eglgv16*819a8n+2Jgx3Q&5Za=f=+)(1Tz%?

literal 0
HcmV?d00001

diff --git a/config/src/test/resources/serialized/6.5.x/org.springframework.security.web.webauthn.api.AuthenticatorAttachment.serialized b/config/src/test/resources/serialized/6.5.x/org.springframework.security.web.webauthn.api.AuthenticatorAttachment.serialized
new file mode 100644
index 0000000000000000000000000000000000000000..b6c21572abe64e380c154852d2284f791868ecd3
GIT binary patch
literal 136
zcmZ4UmVvdnh`}|#C|$3(peQphJ*_A)H?=&!C|j>MHMz7Xv!qh5JT(b~6H7}n^7Il5
zGW8sRtkk@c%;dz9{36GalEmbUTp+(Ldx>Yr@~)pu42(VutYwKgrKu$hLOxlEWr_MZ
giFxVz!6hIYtSbsi82FNl@{5ag3vv=m((;RP0rlTANdN!<

literal 0
HcmV?d00001

diff --git a/config/src/test/resources/serialized/6.5.x/org.springframework.security.web.webauthn.api.AuthenticatorSelectionCriteria.serialized b/config/src/test/resources/serialized/6.5.x/org.springframework.security.web.webauthn.api.AuthenticatorSelectionCriteria.serialized
new file mode 100644
index 0000000000000000000000000000000000000000..e748100588a282b2b7ac8e343190e586068e2ccb
GIT binary patch
literal 726
zcmZ4UmVvdnh`}enC|$3(peQphJ*_A)H?=&!C|j>MHMz7Xv!qh5JT(b~6H7}n^7Il5
zGW8sRtkk@c%;dz9{G#C0oYdr!%=|oOpyJe`%)}!b>k7R8sI6jRVD@1U2kC;Vbu1}K
zOwPy!@=F-pL6+*HS*j1SR3B&|2!k!v2U@C+VkyEPYaa&gqSWHd6riErsg)%RZX}u;
zgwPz6T3DJ{lnQbm&{%=e;?$xrppVi(9tC=^gu$CcvqRBLK(?Tw02uJD6a+jX4C=C%
zc!n(R`pLw==)=HTmY7qTTEZaYla*MOsGpOVm#!aN0*YGeih>db=0IP6pv5kvS&Ti9
zZgyss%bj*yf@E(YLmdMf$R18#M^|rOKW`^DplzO{*@h?BZYtcc$TMGJfz3*eB1rtD
F000FS5*Ppg

literal 0
HcmV?d00001

diff --git a/config/src/test/resources/serialized/6.5.x/org.springframework.security.web.webauthn.api.COSEAlgorithmIdentifier.serialized b/config/src/test/resources/serialized/6.5.x/org.springframework.security.web.webauthn.api.COSEAlgorithmIdentifier.serialized
new file mode 100644
index 0000000000000000000000000000000000000000..cb13b5404fbf3f410c636f59cb17f4f3b136d6f5
GIT binary patch
literal 106
zcmZ4UmVvdnh`}|#C|$3(peQphJ*_A)H?=&!C|j>MHMz7Xv!qh5JT(b~6H7}n^7Il5
zGWDGOgIyhS(({3`8M&S*sd*)tX_=`-8WpWZ>o;C3XJTOVVqh&x%qdN+DEJQnKLL_-
BEbssT

literal 0
HcmV?d00001

diff --git a/config/src/test/resources/serialized/6.5.x/org.springframework.security.web.webauthn.api.PublicKeyCredentialCreationOptions.serialized b/config/src/test/resources/serialized/6.5.x/org.springframework.security.web.webauthn.api.PublicKeyCredentialCreationOptions.serialized
new file mode 100644
index 0000000000000000000000000000000000000000..cd59c53d779f25d2fbaf51b1382ef9b73cc4a59f
GIT binary patch
literal 3516
zcmcInYiJx*6u$dNn$0Gpsgl+{;*v@!K6Z<x8jX)+H)&k6O+t2SOG1RZlbg+?von)B
zcd|Pop+XAQAL<XK{)kW^)L>Jj1yfouKct8c0!^gYfW^>17R4Zl7~9f#?%ii(qfCPf
zJG0BoobR0PobQ}7)4!rJgQ9MYCj5p@Wi>HKagwAoddzPS$)qx~{3#OWUu?1=)sJ=A
z-)+VfS?VBGh>`)KG8rrI3o}_$yL5guuI~9JcyoUIj1zex$cq^x1{2pA>WTnZ;2&Ut
z99RH=_*Z}h04&f_csQh~qr}3hM7k*%B$U9frU<IzH*+^6%rqJ$3X!-I40YOtDrqMK
zBoHcNK=MdKSW$?YAPgO_X*_5F31DLjNlS`3KnmO$3~i1K<53(inXCjNvccfKN|I(o
zH8`6L#cYDL6e0lwZFx%}MFyh6s%|pw%Vyn-XVch?A@Rlt8bj^~a#Ee44x5-Is-j14
zgS0RUpf)i%Ni>r&^k61d{y)%aQc)IggWEI+W$4hxQ4fQmEN)td>ON$zy8ol#KCe4|
zaNlh3q!T$JsB9D~CKSV#OiT(^6M-n>I%-M-g>F?-33$L`vZ1e{>=o5>t`4u9AJaST
z?)k)tToJT&P3?p0SQ<(~iWzFRN#q*Pf+5I^ml8wfI)_qW=%7uzJ%xvR$cQOZ!u{jL
z#}obvC~J@lR|wW_$?;4VTPOxd>pb_Z_Lwj2?BdDcRQ<OtlSL`#Lh<qxSI|sQ0{|Ab
z2lg-CFZ!-Gs!vZgmO}LCqWMAV1<3vOAVm{ecw^?py<eUVfbl+57UzA5A!lDOt(%me
zr+?qNQeF{Taw3%05kkJRmxAVvg~L_--e2yXVa?mZe{7OoxH!}5k$$W2eAN3V_)*LI
zm!J19e@Ii5D4|E*K0EX5j;UG~a)gnK;e@c|NV&nH1D@!x=Xr_l(n<`8$~yG?*DCPC
zM-Pm@D<t8R2Y7Zs9F>e>)zCG{Ai$cU78@nJ0Nu>eLA!Q^Qo@rM7y`kI_W6*>(RXs*
zp7EV~>Q?RTv2E>d?SGH;t~8vQdq=yoyYe%~#O$q0SAG=t*TbF8JS#Tqb&Y6axo9tV
zs^ZJj?b}OLkIOXTX`sJt!}Rl@@z`qf<y|+lQb?6BTwqOj;ux_wV4pp}a58B!99KwD
zi0hBC{vTewbNb`!!i{oSj5jgLME~DjsLd8iv1L3WPJGTTPChp~_h$Kmkb(m<^gv%x
zC+~_6!zuxZ1zp7Y?!Sqz=XcZcS2g{#cjr`2X<Qe*{~u33Eq#CDo_p!26FH%)=l6@S
z(2EzQnP6`1G|O|qVEcid(@izq05>y&=L63l)HH=)b<RhRUz@nS3|#hR2V+`yh#C(7
zft_{<ETJ>8q!8G~jHZj<J-TlydPL1p=K`NL-ckwxKhF<OfBoSXuM4hRSV`D#6rrwY
zTZ@v=V1FD+hQ*>hC=;6NJiI^~M1k7W;yQNsrcXTi>G}B-@c(k2|JBTAg@ZjNa`C)4
zHfJyVwa$fmtC<V7hgylO<+i|6?RBne)gMd<O0!)Ws?M##8wW=d^R$+vaZ*=^U(qD2
z3~2_eGP|PU)x;OgzLEHPh+@Hx<%4uF3ld)~6wWtFKTMwY`^PWuXn5&D6`x<JY6mn}
z_&6TtN8X8I_o=WFp%qrmtL>dNHyi6m#0c^Z$cC<9t1}lFtkn6bv^HL`_KK9)7#y6f
G&c6X*BOP1-

literal 0
HcmV?d00001

diff --git a/config/src/test/resources/serialized/6.5.x/org.springframework.security.web.webauthn.api.PublicKeyCredentialParameters.serialized b/config/src/test/resources/serialized/6.5.x/org.springframework.security.web.webauthn.api.PublicKeyCredentialParameters.serialized
new file mode 100644
index 0000000000000000000000000000000000000000..7b5272e3f27447789f5a8a0212603aac324d2853
GIT binary patch
literal 487
zcmZ4UmVvdnh`~F*C|$3(peQphJ*_A)H?=&!C|j>MHMz7Xv!qh5JT(b~6H7}n^7Il5
zGW7yVlX5bXy;Ccli&9fk^GY%ka{>}U`btuZieFvKT61#lp&BLzCLado#GLdJ26rEz
z`TA()>%+{~2bvASVDt5X=IcBA2fI4vq~`-|&&c%z+mM!-T4e3Rz*16KkV?9NSR5Pz
zG|0N50O)yF(mapDaT*n^M(a0TEN5b1^kQHwOUx-vttj{p0Y6E%1&50h>;60JlD(S`
ow8aN%O9_LJPgY`CqJB<dUb=p82`CbQ9xGwsDgZ~5Zgy%V008~H<NyEw

literal 0
HcmV?d00001

diff --git a/config/src/test/resources/serialized/6.5.x/org.springframework.security.web.webauthn.api.PublicKeyCredentialRpEntity.serialized b/config/src/test/resources/serialized/6.5.x/org.springframework.security.web.webauthn.api.PublicKeyCredentialRpEntity.serialized
new file mode 100644
index 0000000000000000000000000000000000000000..918ec8599877eac8cff60bc382d182b0655e74bf
GIT binary patch
literal 184
zcmXYrK@!105Jg+Cv|wSUDkm5RuvAJZS)`H^v}nmNnT$>cvvCa;j^H|u;SNGs{CcZj
z?>*npuNhVq=c;zBZN6hH>0I$a)s!`?#j7)IzQaZetI%l`Hyfj~HTgNymaJ$riCeT3
ze_M{bufhEhKoCKow*sSRk0+cOwD~lZuVNNK&$gB$T%mJu0z<lB=?p1TWoU}37J*6n
S%L&teMVOHB?KzB*#eV=mtU<#7

literal 0
HcmV?d00001

diff --git a/config/src/test/resources/serialized/6.5.x/org.springframework.security.web.webauthn.api.ResidentKeyRequirement.serialized b/config/src/test/resources/serialized/6.5.x/org.springframework.security.web.webauthn.api.ResidentKeyRequirement.serialized
new file mode 100644
index 0000000000000000000000000000000000000000..a03eb3ed6c9f6dabcce3a610eb52a1e586a48899
GIT binary patch
literal 129
zcmZ4UmVvdnh`}YlC|$3(peQphJ*_A)H?=&!C|j>MHMz7Xv!qh5JT(b~6H7}n^7Il5
zGWCK|i!)PF^Gdu^D}z!COEZg7bAh~@omu5_ryZ9tF);ctu$Cp}l%|$22>E0smL=-v
XB<7{-2bX{>u&yX5Vc;l&=t}_ri7zlX

literal 0
HcmV?d00001

diff --git a/web/src/main/java/org/springframework/security/web/webauthn/api/AttestationConveyancePreference.java b/web/src/main/java/org/springframework/security/web/webauthn/api/AttestationConveyancePreference.java
index 41164faf491..23739e75247 100644
--- a/web/src/main/java/org/springframework/security/web/webauthn/api/AttestationConveyancePreference.java
+++ b/web/src/main/java/org/springframework/security/web/webauthn/api/AttestationConveyancePreference.java
@@ -1,5 +1,5 @@
 /*
- * Copyright 2002-2024 the original author or authors.
+ * Copyright 2002-2025 the original author or authors.
  *
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
@@ -16,6 +16,9 @@
 
 package org.springframework.security.web.webauthn.api;
 
+import java.io.Serial;
+import java.io.Serializable;
+
 /**
  * <a href="https://www.w3.org/TR/webauthn-3/#webauthn-relying-party">WebAuthn Relying
  * Parties</a> may use <a href=
@@ -26,7 +29,10 @@
  * @author Rob Winch
  * @since 6.4
  */
-public final class AttestationConveyancePreference {
+public final class AttestationConveyancePreference implements Serializable {
+
+	@Serial
+	private static final long serialVersionUID = -4821525312099695991L;
 
 	/**
 	 * The <a href=
diff --git a/web/src/main/java/org/springframework/security/web/webauthn/api/AuthenticatorAttachment.java b/web/src/main/java/org/springframework/security/web/webauthn/api/AuthenticatorAttachment.java
index b56371936de..1d30043e805 100644
--- a/web/src/main/java/org/springframework/security/web/webauthn/api/AuthenticatorAttachment.java
+++ b/web/src/main/java/org/springframework/security/web/webauthn/api/AuthenticatorAttachment.java
@@ -1,5 +1,5 @@
 /*
- * Copyright 2002-2024 the original author or authors.
+ * Copyright 2002-2025 the original author or authors.
  *
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
@@ -16,6 +16,9 @@
 
 package org.springframework.security.web.webauthn.api;
 
+import java.io.Serial;
+import java.io.Serializable;
+
 /**
  * The <a href=
  * "https://www.w3.org/TR/webauthn-3/#enumdef-authenticatorattachment">AuthenticatorAttachment</a>.
@@ -23,7 +26,10 @@
  * @author Rob Winch
  * @since 6.4
  */
-public final class AuthenticatorAttachment {
+public final class AuthenticatorAttachment implements Serializable {
+
+	@Serial
+	private static final long serialVersionUID = 9109555306146794233L;
 
 	/**
 	 * Indicates <a href=
diff --git a/web/src/main/java/org/springframework/security/web/webauthn/api/AuthenticatorSelectionCriteria.java b/web/src/main/java/org/springframework/security/web/webauthn/api/AuthenticatorSelectionCriteria.java
index 011e539d826..08151799525 100644
--- a/web/src/main/java/org/springframework/security/web/webauthn/api/AuthenticatorSelectionCriteria.java
+++ b/web/src/main/java/org/springframework/security/web/webauthn/api/AuthenticatorSelectionCriteria.java
@@ -1,5 +1,5 @@
 /*
- * Copyright 2002-2024 the original author or authors.
+ * Copyright 2002-2025 the original author or authors.
  *
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
@@ -16,6 +16,9 @@
 
 package org.springframework.security.web.webauthn.api;
 
+import java.io.Serial;
+import java.io.Serializable;
+
 /**
  * <a href=
  * "https://www.w3.org/TR/webauthn-3/#dictdef-authenticatorselectioncriteria">AuthenticatorAttachment</a>
@@ -31,7 +34,10 @@
  * @since 6.4
  * @see PublicKeyCredentialCreationOptions#getAuthenticatorSelection()
  */
-public final class AuthenticatorSelectionCriteria {
+public final class AuthenticatorSelectionCriteria implements Serializable {
+
+	@Serial
+	private static final long serialVersionUID = -4273495550621636950L;
 
 	private final AuthenticatorAttachment authenticatorAttachment;
 
diff --git a/web/src/main/java/org/springframework/security/web/webauthn/api/COSEAlgorithmIdentifier.java b/web/src/main/java/org/springframework/security/web/webauthn/api/COSEAlgorithmIdentifier.java
index 0cafd9309bd..7acae91188e 100644
--- a/web/src/main/java/org/springframework/security/web/webauthn/api/COSEAlgorithmIdentifier.java
+++ b/web/src/main/java/org/springframework/security/web/webauthn/api/COSEAlgorithmIdentifier.java
@@ -1,5 +1,5 @@
 /*
- * Copyright 2002-2024 the original author or authors.
+ * Copyright 2002-2025 the original author or authors.
  *
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
@@ -16,6 +16,9 @@
 
 package org.springframework.security.web.webauthn.api;
 
+import java.io.Serial;
+import java.io.Serializable;
+
 /**
  * <a href=
  * "https://www.w3.org/TR/webauthn-3/#sctn-alg-identifier">COSEAlgorithmIdentifier</a> is
@@ -25,7 +28,10 @@
  * @since 6.4
  * @see PublicKeyCredentialParameters#getAlg()
  */
-public final class COSEAlgorithmIdentifier {
+public final class COSEAlgorithmIdentifier implements Serializable {
+
+	@Serial
+	private static final long serialVersionUID = 2916227211464921463L;
 
 	public static final COSEAlgorithmIdentifier EdDSA = new COSEAlgorithmIdentifier(-8);
 
diff --git a/web/src/main/java/org/springframework/security/web/webauthn/api/PublicKeyCredentialCreationOptions.java b/web/src/main/java/org/springframework/security/web/webauthn/api/PublicKeyCredentialCreationOptions.java
index 2bbdcb9b2b0..2dabd440784 100644
--- a/web/src/main/java/org/springframework/security/web/webauthn/api/PublicKeyCredentialCreationOptions.java
+++ b/web/src/main/java/org/springframework/security/web/webauthn/api/PublicKeyCredentialCreationOptions.java
@@ -1,5 +1,5 @@
 /*
- * Copyright 2002-2024 the original author or authors.
+ * Copyright 2002-2025 the original author or authors.
  *
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
@@ -16,6 +16,8 @@
 
 package org.springframework.security.web.webauthn.api;
 
+import java.io.Serial;
+import java.io.Serializable;
 import java.time.Duration;
 import java.util.ArrayList;
 import java.util.Arrays;
@@ -32,7 +34,10 @@
  * @author Rob Winch
  * @since 6.4
  */
-public final class PublicKeyCredentialCreationOptions {
+public final class PublicKeyCredentialCreationOptions implements Serializable {
+
+	@Serial
+	private static final long serialVersionUID = -3447846076083501914L;
 
 	private final PublicKeyCredentialRpEntity rp;
 
diff --git a/web/src/main/java/org/springframework/security/web/webauthn/api/PublicKeyCredentialParameters.java b/web/src/main/java/org/springframework/security/web/webauthn/api/PublicKeyCredentialParameters.java
index abb8c028330..6185b4e9983 100644
--- a/web/src/main/java/org/springframework/security/web/webauthn/api/PublicKeyCredentialParameters.java
+++ b/web/src/main/java/org/springframework/security/web/webauthn/api/PublicKeyCredentialParameters.java
@@ -1,5 +1,5 @@
 /*
- * Copyright 2002-2024 the original author or authors.
+ * Copyright 2002-2025 the original author or authors.
  *
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
@@ -16,6 +16,9 @@
 
 package org.springframework.security.web.webauthn.api;
 
+import java.io.Serial;
+import java.io.Serializable;
+
 /**
  * The <a href=
  * "https://www.w3.org/TR/webauthn-3/#dictdef-publickeycredentialparameters">PublicKeyCredentialParameters</a>
@@ -25,7 +28,10 @@
  * @since 6.4
  * @see PublicKeyCredentialCreationOptions#getPubKeyCredParams()
  */
-public final class PublicKeyCredentialParameters {
+public final class PublicKeyCredentialParameters implements Serializable {
+
+	@Serial
+	private static final long serialVersionUID = -1526321508352408964L;
 
 	public static final PublicKeyCredentialParameters EdDSA = new PublicKeyCredentialParameters(
 			COSEAlgorithmIdentifier.EdDSA);
diff --git a/web/src/main/java/org/springframework/security/web/webauthn/api/PublicKeyCredentialRpEntity.java b/web/src/main/java/org/springframework/security/web/webauthn/api/PublicKeyCredentialRpEntity.java
index d8e7de80141..a34ce5819b9 100644
--- a/web/src/main/java/org/springframework/security/web/webauthn/api/PublicKeyCredentialRpEntity.java
+++ b/web/src/main/java/org/springframework/security/web/webauthn/api/PublicKeyCredentialRpEntity.java
@@ -1,5 +1,5 @@
 /*
- * Copyright 2002-2024 the original author or authors.
+ * Copyright 2002-2025 the original author or authors.
  *
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
@@ -16,6 +16,9 @@
 
 package org.springframework.security.web.webauthn.api;
 
+import java.io.Serial;
+import java.io.Serializable;
+
 /**
  * The <a href=
  * "https://www.w3.org/TR/webauthn-3/#dictdef-publickeycredentialrpentity">PublicKeyCredentialRpEntity</a>
@@ -25,7 +28,10 @@
  * @author Rob Winch
  * @since 6.4
  */
-public final class PublicKeyCredentialRpEntity {
+public final class PublicKeyCredentialRpEntity implements Serializable {
+
+	@Serial
+	private static final long serialVersionUID = -7546038444920825700L;
 
 	private final String name;
 
diff --git a/web/src/main/java/org/springframework/security/web/webauthn/api/ResidentKeyRequirement.java b/web/src/main/java/org/springframework/security/web/webauthn/api/ResidentKeyRequirement.java
index 082df8c675e..f308dc605b9 100644
--- a/web/src/main/java/org/springframework/security/web/webauthn/api/ResidentKeyRequirement.java
+++ b/web/src/main/java/org/springframework/security/web/webauthn/api/ResidentKeyRequirement.java
@@ -1,5 +1,5 @@
 /*
- * Copyright 2002-2024 the original author or authors.
+ * Copyright 2002-2025 the original author or authors.
  *
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
@@ -16,6 +16,9 @@
 
 package org.springframework.security.web.webauthn.api;
 
+import java.io.Serial;
+import java.io.Serializable;
+
 /**
  * The <a href=
  * "https://www.w3.org/TR/webauthn-3/#enumdef-residentkeyrequirement">ResidentKeyRequirement</a>
@@ -24,7 +27,10 @@
  * @author Rob Winch
  * @since 6.4
  */
-public final class ResidentKeyRequirement {
+public final class ResidentKeyRequirement implements Serializable {
+
+	@Serial
+	private static final long serialVersionUID = -2771567035819540060L;
 
 	/**
 	 * The <a href=