Spring security principal 多了一个层级

用户POJO:

public class PhiMember implements UserDetails, CredentialsContainer {

    private static final long serialVersionUID = -814031798199130314L;

    private String username;

    private String password;

    private Collection<? extends GrantedAuthority> authorities;
    /**
     * 头像
     */
    private String avatar;

//    private String authorities;

    public PhiMember(String username, String password, Collection<? extends GrantedAuthority> authorities) {
        setUsername(username);
        setPassword(password);
        setAuthorities(authorities);
    }

自定义userService：

@Service
public class UserService implements UserDetailsService {

   
    @Override
    public UserDetails loadUserByUsername(String userId) {

        Account account = accountConfig.getAccounts().stream().filter(a -> a.getUsername().equals(userId)).findFirst().orElseThrow(() -> new UsernameNotFoundException("用户不存在"));

        List<PhiAuthority> authorities = new ArrayList<>();
        authorities.add(new PhiAuthority("AUTH_001"));

        PhiMember member = new PhiMember(userId, account.getPassword(), authorities);
        member.setAvatar(account.getAvatar());
        return member;
    }
}

在controller里面方法private void test(Principal princial)查看principal 内部多嵌套了一个principal怎么回事？

里面的才是我需要的对象，如何去掉外层principal? 见图：