This updates `AuthenticatedRequest::getSpinnakerUser` to support more principal types besides `UserDetails` including `AuthenticatedPrincipal` (used by OAuth2 and SAML2 Spring Security libraries) and `Principal` (the generic Java API). Also adds some related utility code for granted authorities.

…ipals

This updates the filter for a few related things:

- Support more types of `Authentication` principals
- Add `AllowedAccountAuthority` for simpler authority representation of allowed accounts
- Use the `SecurityContextRepository` API from Spring Security instead of relying on internal details of its API
- Normalize anonymous users into the userid `anonymous`
- Add allowed account authorities to `User` authorities
- Use the `ROLE_` granted authority prefix for roles as already used in Fiat