public Optional<Application> findCallerApplication() { Set<Principal> principals = securityContext.getPrincipalsByType(Principal.class); return principals.stream() .filter(this::isApplicationRestrictionGroup) .map(this::getRestrictedApplicationId) .findAny() .flatMap(applicationQueryService::findActiveApplicationById); }