Add AuthorityUtils Methods

This commit adds a couple of utility methods for working with authorities
by type. Now that there are infrastructural authorities that Spring Secuirty
works with directly, it's helpful to be able to filter them out of the
authority list.

core/src/main/java/org/springframework/security/core/authority/AuthorityUtils.java

@@ -22,6 +22,7 @@ import java.util.Collections;
 import java.util.HashSet;
 import java.util.List;
 import java.util.Set;
+import java.util.stream.Stream;
 
 import org.springframework.security.core.GrantedAuthority;
 import org.springframework.util.Assert;
@@ -39,6 +40,8 @@ public final class AuthorityUtils {
 
 	public static final List<GrantedAuthority> NO_AUTHORITIES = Collections.emptyList();
 
+	private static String[] KNOWN_PREFIXES = { "ROLE_", "SCOPE_", "FACTOR_" };
+
 	private AuthorityUtils() {
 	}
 
@@ -93,4 +96,38 @@ public final class AuthorityUtils {
 		return grantedAuthorities;
 	}
 
+	/**
+	 * Return a {@link Stream} containing only the authorities of the given type;
+	 * {@code "ROLE"}, {@code "SCOPE"}, or {@code "FACTOR"}.
+	 * @param type the authority type; {@code "ROLE"}, {@code "SCOPE"}, or
+	 * {@code "FACTOR"}
+	 * @param authorities the list of authorities
+	 * @return a {@link Stream} containing the authorities of the given type
+	 */
+	public static Stream<GrantedAuthority> authoritiesOfType(String type, Collection<GrantedAuthority> authorities) {
+		return authorities.stream().filter((a) -> a.getAuthority().startsWith(type + "_"));
+	}
+
+	/**
+	 * Return the simple name of a {@link GrantedAuthority}, which is its name, less any
+	 * common prefix; that is, {@code ROLE_}, {@code SCOPE_}, or {@code FACTOR_}.
+	 * <p>
+	 * For example, if the authority is {@code ROLE_USER}, then the simple name is
+	 * {@code user}.
+	 * <p>
+	 * If the authority is {@code FACTOR_PASSWORD}, then the simple name is
+	 * {@code password}.
+	 * @param authority the granted authority
+	 * @return the simple name of the authority
+	 */
+	public static String getSimpleName(GrantedAuthority authority) {
+		String name = authority.getAuthority();
+		for (String prefix : KNOWN_PREFIXES) {
+			if (name.startsWith(prefix)) {
+				return name.substring(prefix.length());
+			}
+		}
+		return name;
+	}
+
 }

core/src/test/java/org/springframework/security/core/authority/AuthorityUtilsTests.java

@@ -54,4 +54,38 @@ public class AuthorityUtilsTests {
 		assertThat(authorities).element(2).extracting(GrantedAuthority::getAuthority).isEqualTo("ROLE_C");
 	}
 
+	@Test
+	public void getSimpleNameWhenRoleThenRemovesPrefix() {
+		GrantedAuthority role = new SimpleGrantedAuthority("ROLE_ADMIN");
+		assertThat(AuthorityUtils.getSimpleName(role)).isEqualTo("ADMIN");
+	}
+
+	@Test
+	public void getSimpleNameWhenScopeThenRemovesPrefix() {
+		GrantedAuthority role = new SimpleGrantedAuthority("SCOPE_message:read");
+		assertThat(AuthorityUtils.getSimpleName(role)).isEqualTo("message:read");
+	}
+
+	@Test
+	public void getSimpleNameWhenFactorThenRemovesPrefix() {
+		GrantedAuthority role = new SimpleGrantedAuthority("FACTOR_PASSWORD");
+		assertThat(AuthorityUtils.getSimpleName(role)).isEqualTo("PASSWORD");
+	}
+
+	@Test
+	public void authoritiesOfTypeWhenEmptyThenReturnsEmptyStream() {
+		List<GrantedAuthority> authorities = AuthorityUtils.createAuthorityList("ROLE_USER");
+		List<GrantedAuthority> factors = AuthorityUtils.authoritiesOfType("FACTOR", authorities).toList();
+		assertThat(factors).isEmpty();
+	}
+
+	@Test
+	public void authoritiesOfTypeWhenFactorsThenReturnsOnlyFactors() {
+		List<GrantedAuthority> authorities = AuthorityUtils.createAuthorityList("ROLE_USER", "FACTOR_PASSWORD",
+				"FACTOR_OTT");
+		List<GrantedAuthority> factors = AuthorityUtils.authoritiesOfType("FACTOR", authorities).toList();
+		assertThat(factors).extracting(GrantedAuthority::getAuthority)
+			.containsExactlyInAnyOrder("FACTOR_PASSWORD", "FACTOR_OTT");
+	}
+
 }