Skip to content

Navigation Menu

Sign in
Appearance settings

Search code, repositories, users, issues, pull requests...

Provide feedback

We read every piece of feedback, and take your input very seriously.

Saved searches

Use saved searches to filter your results more quickly
Sign up
Appearance settings

Add TimestampedGrantedAuthority for time-based authorization #17867

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Open
yybmion wants to merge 1 commit into spring-projects:main
base: main
Choose a base branch
Loading
from yybmion:gh-17864

Conversation

Copy link
Contributor

@yybmion yybmion commented Sep 10, 2025
edited
Loading

Adds TimestampedGrantedAuthority to support time-based authorization rules as described in #17864 .

Changes

  • New TimestampedGrantedAuthority class implementing GrantedAuthority
  • Builder pattern with temporal fields: issuedAt, notBefore, expiresAt
  • Add serialization sample and generated .serialized file
  • Comprehensive test coverage

Usage

// Authority that expires after 5 minutes
GrantedAuthority authority = TimestampedGrantedAuthority
 .withAuthority("profile:read")
 .expiresAt(Instant.now().plusSeconds(300))
 .build();

Fixes #17864

Copy link
Contributor Author

yybmion commented Sep 10, 2025
edited
Loading

I think the build failure appears to be related to serialization tests(SpringSecurityCoreVersionSerializableTests) - TimestampedGrantedAuthority is a new class without existing serialized files from previous versions. How should this be handled?

Copy link
Contributor

jzheaux commented Sep 11, 2025

@yybmion thanks for the PR and for double-checking regarding serialization. Can you please add the following to the PR:

  1. Favor a random value for the serialization id
  2. Add a sample construction to SerializationSamples
  3. Enable the test SpringSecurityCoreVersionSerializableTests#serializeCurrentVersionClasses and run it. This will generate the needed file.
  4. Re-disable the test

In the end, there should be three file changes in your PR: The new authority implementation, a .serialized file, and SerializationSamples.
yybmion reacted with heart emoji

@jzheaux jzheaux self-assigned this Sep 11, 2025
@jzheaux jzheaux added in: core An issue in spring-security-core type: enhancement A general enhancement and removed status: waiting-for-triage An issue we've not yet triaged labels Sep 11, 2025
@jzheaux jzheaux added this to the 7.0.0-M3 milestone Sep 11, 2025 
- Implement GrantedAuthority with temporal constraints (issuedAt, notBefore, expiresAt)
- Use Builder pattern for flexible construction
- Default issuedAt to Instant.now() when not specified
- Add serialization sample and generated .serialized file
- Add comprehensive tests
Closes spring-projectsgh-17864
Signed-off-by: yybmion <yunyubin54@gmail.com>
Copy link
Contributor Author

yybmion commented Sep 11, 2025

Thanks for the guidance @jzheaux. I’ve added the .serialized file and pushed the changes.

@jzheaux jzheaux modified the milestones: 7.0.0-M3, 7.0.0-RC1 Sep 15, 2025
@rwinch rwinch assigned rwinch and unassigned jzheaux Sep 30, 2025
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Labels
in: core An issue in spring-security-core type: enhancement A general enhancement
Projects
None yet
Milestone
7.0.0-RC1
Development

Successfully merging this pull request may close these issues.

Add Timestamped GrantedAuthority

AltStyle によって変換されたページ (->オリジナル) /