Skip to content

Navigation Menu

Sign in
Appearance settings

Search code, repositories, users, issues, pull requests...

Provide feedback

We read every piece of feedback, and take your input very seriously.

Saved searches

Use saved searches to filter your results more quickly
Sign up
Appearance settings

Add TimestampedGrantedAuthority for time-based authorization #17867

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Open
yybmion wants to merge 1 commit into spring-projects:main
base: main
Choose a base branch
Loading
from yybmion:gh-17864

Conversation

@yybmion
Copy link
Contributor

@yybmion yybmion commented Sep 10, 2025
edited
Loading

Adds TimestampedGrantedAuthority to support time-based authorization rules as described in #17864 .

Changes

  • New TimestampedGrantedAuthority class implementing GrantedAuthority
  • Builder pattern with temporal fields: issuedAt, notBefore, expiresAt
  • Add serialization sample and generated .serialized file
  • Comprehensive test coverage

Usage

// Authority that expires after 5 minutes
GrantedAuthority authority = TimestampedGrantedAuthority
 .withAuthority("profile:read")
 .expiresAt(Instant.now().plusSeconds(300))
 .build();

Fixes #17864

Copy link
Contributor Author

yybmion commented Sep 10, 2025
edited
Loading

I think the build failure appears to be related to serialization tests(SpringSecurityCoreVersionSerializableTests) - TimestampedGrantedAuthority is a new class without existing serialized files from previous versions. How should this be handled?

Copy link
Contributor

jzheaux commented Sep 11, 2025

@yybmion thanks for the PR and for double-checking regarding serialization. Can you please add the following to the PR:

  1. Favor a random value for the serialization id
  2. Add a sample construction to SerializationSamples
  3. Enable the test SpringSecurityCoreVersionSerializableTests#serializeCurrentVersionClasses and run it. This will generate the needed file.
  4. Re-disable the test

In the end, there should be three file changes in your PR: The new authority implementation, a .serialized file, and SerializationSamples.
yybmion reacted with heart emoji

@jzheaux jzheaux self-assigned this Sep 11, 2025
@jzheaux jzheaux added in: core An issue in spring-security-core type: enhancement A general enhancement and removed status: waiting-for-triage An issue we've not yet triaged labels Sep 11, 2025
@jzheaux jzheaux added this to the 7.0.0-M3 milestone Sep 11, 2025
Copy link
Contributor Author

yybmion commented Sep 11, 2025

Thanks for the guidance @jzheaux. I’ve added the .serialized file and pushed the changes.

@jzheaux jzheaux modified the milestones: 7.0.0-M3, 7.0.0-RC1 Sep 15, 2025
@rwinch rwinch assigned rwinch and jzheaux and unassigned jzheaux and rwinch Sep 30, 2025 
- Implement GrantedAuthority with temporal constraints (issuedAt, notBefore, expiresAt)
- Use Builder pattern for flexible construction
- Default issuedAt to Instant.now() when not specified
- Add serialization sample and generated .serialized file
- Add comprehensive tests
Closes spring-projectsgh-17864
Signed-off-by: yybmion <yunyubin54@gmail.com>
Copy link
Contributor Author

yybmion commented Oct 9, 2025

Resolved conflicts with ce36fc1

@jzheaux jzheaux modified the milestones: 7.0.0-RC1, 7.0.x Oct 17, 2025
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Labels

in: core An issue in spring-security-core type: enhancement A general enhancement

Projects

None yet

Milestone

7.0.x

Development

Successfully merging this pull request may close these issues.

Add Timestamped GrantedAuthority

AltStyle によって変換されたページ (->オリジナル) /