Open
Description
Expected Behavior
It should be possible to access the principal in a type-safe way via:
MyUserDetails user = authentication.getPrincipal(MyUserDetails.class);Current Behavior
Currently, Authentication.getPrincipal() only returns an Object.
This requires developers to do explicit and repetitive casting, which can lead to runtime ClassCastException
and makes the code less readable.
Context
This affects developers who work with custom UserDetails or other principal types.
In large codebases, explicit casting can become error-prone and verbose.
Goal:
- Improve developer ergonomics by providing a simple, type-safe default method.
- Make the API more expressive and self-documenting.
Alternatives:
- Keep doing explicit casts everywhere.
- Use utility methods in user code, but this spreads the logic instead of making it available at the source.
Workaround:
Currently, the only option is manual casting or writing your own helper.