SEC-1481: Updated constructors of Authentication types to use a generic wildcard for authorities collection.

cas/src/main/java/org/springframework/security/cas/authentication/CasAuthenticationToken.java

@@ -59,7 +59,7 @@ public class CasAuthenticationToken extends AbstractAuthenticationToken implemen
      * @throws IllegalArgumentException if a <code>null</code> was passed
      */
     public CasAuthenticationToken(final String key, final Object principal, final Object credentials,
-        final Collection<GrantedAuthority> authorities, final UserDetails userDetails, final Assertion assertion) {
+        final Collection<? extends GrantedAuthority> authorities, final UserDetails userDetails, final Assertion assertion) {
         super(authorities);
 
         if ((key == null) || ("".equals(key)) || (principal == null) || "".equals(principal) || (credentials == null)

core/src/main/java/org/springframework/security/authentication/AbstractAuthenticationToken.java

@@ -49,7 +49,7 @@ public abstract class AbstractAuthenticationToken implements Authentication {
      * @param authorities the collection of <tt>GrantedAuthority</tt>s for the
      *                    principal represented by this authentication object.
      */
-    public AbstractAuthenticationToken(Collection<GrantedAuthority> authorities) {
+    public AbstractAuthenticationToken(Collection<? extends GrantedAuthority> authorities) {
         if (authorities == null) {
             this.authorities = AuthorityUtils.NO_AUTHORITIES;
             return;
@@ -67,6 +67,39 @@ public abstract class AbstractAuthenticationToken implements Authentication {
 
     //~ Methods ========================================================================================================
 
+    public Collection<GrantedAuthority> getAuthorities() {
+        return authorities;
+    }
+
+    public String getName() {
+        if (this.getPrincipal() instanceof UserDetails) {
+            return ((UserDetails) this.getPrincipal()).getUsername();
+        }
+
+        if (getPrincipal() instanceof Principal) {
+            return ((Principal)getPrincipal()).getName();
+        }
+
+        return (this.getPrincipal() == null) ? "" : this.getPrincipal().toString();
+    }
+
+    public boolean isAuthenticated() {
+        return authenticated;
+    }
+
+    public void setAuthenticated(boolean authenticated) {
+        this.authenticated = authenticated;
+    }
+
+    public Object getDetails() {
+        return details;
+    }
+
+    public void setDetails(Object details) {
+        this.details = details;
+    }
+
+    @Override
     public boolean equals(Object obj) {
         if (!(obj instanceof AbstractAuthenticationToken)) {
             return false;
@@ -109,26 +142,7 @@ public abstract class AbstractAuthenticationToken implements Authentication {
         return this.isAuthenticated() == test.isAuthenticated();
     }
 
-    public Collection<GrantedAuthority> getAuthorities() {
+    @Override
-        return authorities;
-    }
-
-    public Object getDetails() {
-        return details;
-    }
-
-    public String getName() {
-        if (this.getPrincipal() instanceof UserDetails) {
-            return ((UserDetails) this.getPrincipal()).getUsername();
-        }
-
-        if (getPrincipal() instanceof Principal) {
-            return ((Principal)getPrincipal()).getName();
-        }
-
-        return (this.getPrincipal() == null) ? "" : this.getPrincipal().toString();
-    }
-
     public int hashCode() {
         int code = 31;
 
@@ -155,18 +169,7 @@ public abstract class AbstractAuthenticationToken implements Authentication {
         return code;
     }
 
-    public boolean isAuthenticated() {
+    @Override
-        return authenticated;
-    }
-
-    public void setAuthenticated(boolean authenticated) {
-        this.authenticated = authenticated;
-    }
-
-    public void setDetails(Object details) {
-        this.details = details;
-    }
-
     public String toString() {
         StringBuilder sb = new StringBuilder();
         sb.append(super.toString()).append(": ");

core/src/main/java/org/springframework/security/authentication/RememberMeAuthenticationToken.java

@@ -46,7 +46,7 @@ public class RememberMeAuthenticationToken extends AbstractAuthenticationToken i
      *
      * @throws IllegalArgumentException if a <code>null</code> was passed
      */
-    public RememberMeAuthenticationToken(String key, Object principal, Collection<GrantedAuthority> authorities) {
+    public RememberMeAuthenticationToken(String key, Object principal, Collection<? extends GrantedAuthority> authorities) {
         super(authorities);
 
         if ((key == null) || ("".equals(key)) || (principal == null) || "".equals(principal)) {
@@ -60,6 +60,23 @@ public class RememberMeAuthenticationToken extends AbstractAuthenticationToken i
 
     //~ Methods ========================================================================================================
 
+    /**
+     * Always returns an empty <code>String</code>
+     *
+     * @return an empty String
+     */
+    public Object getCredentials() {
+        return "";
+    }
+
+    public int getKeyHash() {
+        return this.keyHash;
+    }
+
+    public Object getPrincipal() {
+        return this.principal;
+    }
+
     public boolean equals(Object obj) {
         if (!super.equals(obj)) {
             return false;
@@ -78,20 +95,4 @@ public class RememberMeAuthenticationToken extends AbstractAuthenticationToken i
         return false;
     }
 
-    /**
-     * Always returns an empty <code>String</code>
-     *
-     * @return an empty String
-     */
-    public Object getCredentials() {
-        return "";
-    }
-
-    public int getKeyHash() {
-        return this.keyHash;
-    }
-
-    public Object getPrincipal() {
-        return this.principal;
-    }
 }

core/src/main/java/org/springframework/security/authentication/UsernamePasswordAuthenticationToken.java

@@ -68,7 +68,7 @@ public class UsernamePasswordAuthenticationToken extends AbstractAuthenticationT
      * @param credentials
      * @param authorities
      */
-    public UsernamePasswordAuthenticationToken(Object principal, Object credentials, Collection<GrantedAuthority> authorities) {
+    public UsernamePasswordAuthenticationToken(Object principal, Object credentials, Collection<? extends GrantedAuthority> authorities) {
         super(authorities);
         this.principal = principal;
         this.credentials = credentials;

openid/src/main/java/org/springframework/security/openid/OpenIDAuthenticationToken.java

@@ -55,7 +55,7 @@ public class OpenIDAuthenticationToken extends AbstractAuthenticationToken {
      * used by the <tt>OpenIDAuthenticationProvider</tt>.
      *
      */
-    public OpenIDAuthenticationToken(Object principal, Collection<GrantedAuthority> authorities,
+    public OpenIDAuthenticationToken(Object principal, Collection<? extends GrantedAuthority> authorities,
             String identityUrl, List<OpenIDAttribute> attributes) {
         super(authorities);
         this.principal = principal;

web/src/main/java/org/springframework/security/web/authentication/preauth/PreAuthenticatedAuthenticationToken.java

@@ -44,7 +44,7 @@ public class PreAuthenticatedAuthenticationToken extends AbstractAuthenticationT
      * @param anAuthorities
      *            The granted authorities
      */
-    public PreAuthenticatedAuthenticationToken(Object aPrincipal, Object aCredentials, Collection<GrantedAuthority> anAuthorities) {
+    public PreAuthenticatedAuthenticationToken(Object aPrincipal, Object aCredentials, Collection<? extends GrantedAuthority> anAuthorities) {
         super(anAuthorities);
         this.principal = aPrincipal;
         this.credentials = aCredentials;