SEC-1418: Deprecate GrantedAuthorityImpl in favour of final SimpleGrantedAuthority.

It should be noted that equality checks or lookups with Strings or other authority types will now fail where they would have succeeded before.

cas/src/main/java/org/springframework/security/cas/userdetails/GrantedAuthorityFromAssertionAttributesUserDetailsService.java

@@ -17,7 +17,7 @@ package org.springframework.security.cas.userdetails;
 import org.springframework.security.core.userdetails.UserDetails;
 import org.springframework.security.core.userdetails.User;
 import org.springframework.security.core.GrantedAuthority;
-import org.springframework.security.core.authority.GrantedAuthorityImpl;
+import org.springframework.security.core.authority.SimpleGrantedAuthority;
 import org.springframework.util.Assert;
 import org.jasig.cas.client.validation.Assertion;
 
@@ -62,11 +62,11 @@ public final class GrantedAuthorityFromAssertionAttributesUserDetailsService ext
                 final List list = (List) value;
 
                 for (final Object o : list) {
-                    grantedAuthorities.add(new GrantedAuthorityImpl(this.convertToUpperCase ? o.toString().toUpperCase() : o.toString()));
+                    grantedAuthorities.add(new SimpleGrantedAuthority(this.convertToUpperCase ? o.toString().toUpperCase() : o.toString()));
                 }
 
             } else {
-                grantedAuthorities.add(new GrantedAuthorityImpl(this.convertToUpperCase ? value.toString().toUpperCase() : value.toString()));
+                grantedAuthorities.add(new SimpleGrantedAuthority(this.convertToUpperCase ? value.toString().toUpperCase() : value.toString()));
             }
 
         }

cas/src/test/java/org/springframework/security/cas/authentication/CasAuthenticationProviderTests.java

@@ -18,28 +18,26 @@ package org.springframework.security.cas.authentication;
 
 import static org.junit.Assert.*;
 
-import java.util.HashMap;
-import java.util.Map;
-
 import org.jasig.cas.client.validation.Assertion;
 import org.jasig.cas.client.validation.AssertionImpl;
 import org.jasig.cas.client.validation.TicketValidationException;
 import org.jasig.cas.client.validation.TicketValidator;
-import org.junit.Test;
+import org.junit.*;
 import org.springframework.security.authentication.BadCredentialsException;
 import org.springframework.security.authentication.TestingAuthenticationToken;
 import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
 import org.springframework.security.cas.ServiceProperties;
 import org.springframework.security.cas.web.CasAuthenticationFilter;
 import org.springframework.security.core.Authentication;
-import org.springframework.security.core.GrantedAuthority;
 import org.springframework.security.core.authority.AuthorityUtils;
-import org.springframework.security.core.authority.GrantedAuthorityImpl;
+import org.springframework.security.core.authority.SimpleGrantedAuthority;
 import org.springframework.security.core.userdetails.AuthenticationUserDetailsService;
 import org.springframework.security.core.userdetails.User;
 import org.springframework.security.core.userdetails.UserDetails;
 import org.springframework.security.core.userdetails.UsernameNotFoundException;
 
+import java.util.*;
+
 
 /**
  * Tests {@link CasAuthenticationProvider}.
@@ -98,8 +96,8 @@ public class CasAuthenticationProviderTests {
         CasAuthenticationToken casResult = (CasAuthenticationToken) result;
         assertEquals(makeUserDetailsFromAuthoritiesPopulator(), casResult.getPrincipal());
         assertEquals("ST-123", casResult.getCredentials());
-        assertTrue(casResult.getAuthorities().contains(new GrantedAuthorityImpl("ROLE_A")));
-        assertTrue(casResult.getAuthorities().contains(new GrantedAuthorityImpl("ROLE_B")));
+        assertTrue(casResult.getAuthorities().contains(new SimpleGrantedAuthority("ROLE_A")));
+        assertTrue(casResult.getAuthorities().contains(new SimpleGrantedAuthority("ROLE_B")));
         assertEquals(cap.getKey().hashCode(), casResult.getKeyHash());
         assertEquals("details", casResult.getDetails());
 

cas/src/test/java/org/springframework/security/cas/authentication/CasAuthenticationTokenTests.java

@@ -15,19 +15,18 @@
 
 package org.springframework.security.cas.authentication;
 
-import java.util.List;
-
 import junit.framework.TestCase;
-
 import org.jasig.cas.client.validation.Assertion;
 import org.jasig.cas.client.validation.AssertionImpl;
 import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
 import org.springframework.security.core.GrantedAuthority;
 import org.springframework.security.core.authority.AuthorityUtils;
-import org.springframework.security.core.authority.GrantedAuthorityImpl;
+import org.springframework.security.core.authority.SimpleGrantedAuthority;
 import org.springframework.security.core.userdetails.User;
 import org.springframework.security.core.userdetails.UserDetails;
 
+import java.util.*;
+
 /**
  * Tests {@link CasAuthenticationToken}.
  *
@@ -108,8 +107,8 @@ public class CasAuthenticationTokenTests extends TestCase {
         assertEquals("key".hashCode(), token.getKeyHash());
         assertEquals(makeUserDetails(), token.getPrincipal());
         assertEquals("Password", token.getCredentials());
-        assertTrue(token.getAuthorities().contains(new GrantedAuthorityImpl("ROLE_ONE")));
-        assertTrue(token.getAuthorities().contains(new GrantedAuthorityImpl("ROLE_TWO")));
+        assertTrue(token.getAuthorities().contains(new SimpleGrantedAuthority("ROLE_ONE")));
+        assertTrue(token.getAuthorities().contains(new SimpleGrantedAuthority("ROLE_TWO")));
         assertEquals(assertion, token.getAssertion());
         assertEquals(makeUserDetails().getUsername(), token.getUserDetails().getUsername());
     }