symfony
diff --git a/‎src/Symfony/Bridge/Monolog/Tests/Processor/SwitchUserTokenProcessorTest.php
Lines changed: 9 additions & 2 deletions b/‎src/Symfony/Bridge/Monolog/Tests/Processor/SwitchUserTokenProcessorTest.php
Lines changed: 9 additions & 2 deletions
diff --git a/‎src/Symfony/Bridge/Monolog/Tests/Processor/TokenProcessorTest.php
Lines changed: 5 additions & 1 deletion b/‎src/Symfony/Bridge/Monolog/Tests/Processor/TokenProcessorTest.php
Lines changed: 5 additions & 1 deletion
diff --git a/‎src/Symfony/Bundle/FrameworkBundle/Tests/Controller/AbstractControllerTest.php
Lines changed: 4 additions & 1 deletion b/‎src/Symfony/Bundle/FrameworkBundle/Tests/Controller/AbstractControllerTest.php
Lines changed: 4 additions & 1 deletion
diff --git a/‎src/Symfony/Bundle/FrameworkBundle/composer.json
Lines changed: 1 addition & 2 deletions b/‎src/Symfony/Bundle/FrameworkBundle/composer.json
Lines changed: 1 addition & 2 deletions
diff --git a/‎src/Symfony/Bundle/SecurityBundle/Tests/DataCollector/SecurityDataCollectorTest.php
Lines changed: 4 additions & 3 deletions b/‎src/Symfony/Bundle/SecurityBundle/Tests/DataCollector/SecurityDataCollectorTest.php
Lines changed: 4 additions & 3 deletions
diff --git a/‎src/Symfony/Bundle/SecurityBundle/Tests/Functional/MissingUserProviderTest.php
Lines changed: 3 additions & 0 deletions b/‎src/Symfony/Bundle/SecurityBundle/Tests/Functional/MissingUserProviderTest.php
Lines changed: 3 additions & 0 deletions
diff --git a/‎src/Symfony/Bundle/SecurityBundle/Tests/Functional/SecurityTest.php
Lines changed: 2 additions & 2 deletions b/‎src/Symfony/Bundle/SecurityBundle/Tests/Functional/SecurityTest.php
Lines changed: 2 additions & 2 deletions
diff --git a/‎src/Symfony/Component/Security/Core/Authentication/Token/AnonymousToken.php
Lines changed: 2 additions & 0 deletions b/‎src/Symfony/Component/Security/Core/Authentication/Token/AnonymousToken.php
Lines changed: 2 additions & 0 deletions
diff --git a/‎src/Symfony/Component/Security/Core/Tests/Authentication/AuthenticationTrustResolverTest.php
Lines changed: 25 additions & 17 deletions b/‎src/Symfony/Component/Security/Core/Tests/Authentication/AuthenticationTrustResolverTest.php
Lines changed: 25 additions & 17 deletions
diff --git a/‎src/Symfony/Component/Security/Core/Tests/Authentication/Token/AbstractTokenTest.php
Lines changed: 30 additions & 18 deletions b/‎src/Symfony/Component/Security/Core/Tests/Authentication/Token/AbstractTokenTest.php
Lines changed: 30 additions & 18 deletions
@@ -16,6 +16,8 @@
 use Symfony\Component\Security\Core\Authentication\Token\Storage\TokenStorageInterface;
 use Symfony\Component\Security\Core\Authentication\Token\SwitchUserToken;
 use Symfony\Component\Security\Core\Authentication\Token\UsernamePasswordToken;
+use Symfony\Component\Security\Core\User\InMemoryUser;
+use Symfony\Component\Security\Core\User\User;
 
 /**
  * Tests the SwitchUserTokenProcessor.
@@ -26,8 +28,13 @@ class SwitchUserTokenProcessorTest extends TestCase
 {
     public function testProcessor()
     {
-        $originalToken = new UsernamePasswordToken('original_user', 'password', 'provider', ['ROLE_SUPER_ADMIN']);
-        $switchUserToken = new SwitchUserToken('user', 'passsword', 'provider', ['ROLE_USER'], $originalToken);
+        if (class_exists(InMemoryUser::class)) {
+            $originalToken = new UsernamePasswordToken(new InMemoryUser('original_user', 'password', ['ROLE_SUPER_ADMIN']), 'provider', ['ROLE_SUPER_ADMIN']);
+            $switchUserToken = new SwitchUserToken(new InMemoryUser('user', 'passsword', ['ROLE_USER']), 'provider', ['ROLE_USER'], $originalToken);
+        } else {
+            $originalToken = new UsernamePasswordToken(new User('original_user', 'password', ['ROLE_SUPER_ADMIN']), null, 'provider', ['ROLE_SUPER_ADMIN']);
+            $switchUserToken = new SwitchUserToken(new InMemoryUser('user', 'passsword', ['ROLE_USER']), null, 'provider', ['ROLE_USER'], $originalToken);
+        }
         $tokenStorage = $this->createMock(TokenStorageInterface::class);
         $tokenStorage->method('getToken')->willReturn($switchUserToken);
 
 
@@ -15,6 +15,7 @@
 use Symfony\Bridge\Monolog\Processor\TokenProcessor;
 use Symfony\Component\Security\Core\Authentication\Token\Storage\TokenStorageInterface;
 use Symfony\Component\Security\Core\Authentication\Token\UsernamePasswordToken;
+use Symfony\Component\Security\Core\User\InMemoryUser;
 
 /**
  * Tests the TokenProcessor.
@@ -23,6 +24,9 @@
  */
 class TokenProcessorTest extends TestCase
 {
+    /**
+     * @group legacy
+     */
     public function testLegacyProcessor()
     {
         if (method_exists(UsernamePasswordToken::class, 'getUserIdentifier')) {
@@ -48,7 +52,7 @@ public function testProcessor()
             $this->markTestSkipped('This test requires symfony/security-core 5.3+');
         }
 
-        $token = new UsernamePasswordToken('user', 'password', 'provider', ['ROLE_USER']);
+        $token = new UsernamePasswordToken(new InMemoryUser('user', 'password', ['ROLE_USER']), 'provider', ['ROLE_USER']);
         $tokenStorage = $this->createMock(TokenStorageInterface::class);
         $tokenStorage->method('getToken')->willReturn($token);
 
 
@@ -138,14 +138,17 @@ public function testForward()
     public function testGetUser()
     {
         $user = new InMemoryUser('user', 'pass');
-        $token = new UsernamePasswordToken($user, 'pass', 'default', ['ROLE_USER']);
+        $token = new UsernamePasswordToken($user, 'default', ['ROLE_USER']);
 
         $controller = $this->createController();
         $controller->setContainer($this->getContainerWithTokenStorage($token));
 
         $this->assertSame($controller->getUser(), $user);
     }
 
+    /**
+     * @group legacy
+     */
     public function testGetUserAnonymousUserConvertedToNull()
     {
         $token = new AnonymousToken('default', 'anon.');
 
@@ -53,7 +53,7 @@
         "symfony/notifier": "^5.3|^6.0",
         "symfony/process": "^4.4|^5.0|^6.0",
         "symfony/rate-limiter": "^5.2|^6.0",
-        "symfony/security-bundle": "^5.3|^6.0",
+        "symfony/security-bundle": "^5.4|^6.0",
         "symfony/serializer": "^5.4|^6.0",
         "symfony/stopwatch": "^4.4|^5.0|^6.0",
         "symfony/string": "^5.0|^6.0",
@@ -89,7 +89,6 @@
         "symfony/property-access": "<5.3",
         "symfony/serializer": "<5.2",
         "symfony/security-csrf": "<5.3",
-        "symfony/security-core": "<5.3",
         "symfony/stopwatch": "<4.4",
         "symfony/translation": "<5.3",
         "symfony/twig-bridge": "<4.4",
 
@@ -29,6 +29,7 @@
 use Symfony\Component\Security\Core\Authorization\Voter\TraceableVoter;
 use Symfony\Component\Security\Core\Authorization\Voter\VoterInterface;
 use Symfony\Component\Security\Core\Role\RoleHierarchy;
+use Symfony\Component\Security\Core\User\InMemoryUser;
 use Symfony\Component\Security\Http\FirewallMapInterface;
 use Symfony\Component\Security\Http\Logout\LogoutUrlGenerator;
 use Symfony\Contracts\EventDispatcher\EventDispatcherInterface;
@@ -78,7 +79,7 @@ public function testCollectWhenAuthenticationTokenIsNull()
     public function testCollectAuthenticationTokenAndRoles(array $roles, array $normalizedRoles, array $inheritedRoles)
     {
         $tokenStorage = new TokenStorage();
-        $tokenStorage->setToken(new UsernamePasswordToken('hhamon', 'P4$$w0rD', 'provider', $roles));
+        $tokenStorage->setToken(new UsernamePasswordToken(new InMemoryUser('hhamon', 'P4$$w0rD', $roles), 'provider', $roles));
 
         $collector = new SecurityDataCollector($tokenStorage, $this->getRoleHierarchy(), null, null, null, null, true);
         $collector->collect(new Request(), new Response());
@@ -99,10 +100,10 @@ public function testCollectAuthenticationTokenAndRoles(array $roles, array $norm
 
     public function testCollectSwitchUserToken()
     {
-        $adminToken = new UsernamePasswordToken('yceruto', 'P4$$w0rD', 'provider', ['ROLE_ADMIN']);
+        $adminToken = new UsernamePasswordToken(new InMemoryUser('yceruto', 'P4$$w0rD', ['ROLE_ADMIN']), 'provider', ['ROLE_ADMIN']);
 
         $tokenStorage = new TokenStorage();
-        $tokenStorage->setToken(new SwitchUserToken('hhamon', 'P4$$w0rD', 'provider', ['ROLE_USER', 'ROLE_PREVIOUS_ADMIN'], $adminToken));
+        $tokenStorage->setToken(new SwitchUserToken(new InMemoryUser('hhamon', 'P4$$w0rD', ['ROLE_USER', 'ROLE_PREVIOUS_ADMIN']), 'provider', ['ROLE_USER', 'ROLE_PREVIOUS_ADMIN'], $adminToken));
 
         $collector = new SecurityDataCollector($tokenStorage, $this->getRoleHierarchy(), null, null, null, null, true);
         $collector->collect(new Request(), new Response());
 
@@ -28,6 +28,9 @@ public function testUserProviderIsNeeded()
         ]);
     }
 
+    /**
+     * @group legacy
+     */
     public function testLegacyUserProviderIsNeeded()
     {
         $client = $this->createClient(['test_case' => 'MissingUserProvider', 'root_config' => 'config.yml', 'debug' => true]);
 
@@ -27,7 +27,7 @@ public function testServiceIsFunctional()
 
         // put a token into the storage so the final calls can function
         $user = new InMemoryUser('foo', 'pass');
-        $token = new UsernamePasswordToken($user, '', 'provider', ['ROLE_USER']);
+        $token = new UsernamePasswordToken($user, 'provider', ['ROLE_USER']);
         $container->get('functional.test.security.token_storage')->setToken($token);
 
         $security = $container->get('functional_test.security.helper');
@@ -105,7 +105,7 @@ public function testLegacyServiceIsFunctional()
 
         // put a token into the storage so the final calls can function
         $user = new InMemoryUser('foo', 'pass');
-        $token = new UsernamePasswordToken($user, '', 'provider', ['ROLE_USER']);
+        $token = new UsernamePasswordToken($user, 'provider', ['ROLE_USER']);
         $container->get('functional.test.security.token_storage')->setToken($token);
 
         $security = $container->get('functional_test.security.helper');
 
@@ -31,6 +31,8 @@ class AnonymousToken extends AbstractToken
      */
     public function __construct(string $secret, $user, array $roles = [])
     {
+        trigger_deprecation('symfony/security-core', '5.4', 'The "%s" class is deprecated.', __CLASS__);
+
         parent::__construct($roles);
 
         $this->secret = $secret;
 
@@ -26,8 +26,6 @@ public function testIsAnonymous()
         $this->assertFalse($resolver->isAnonymous($this->getToken()));
         $this->assertFalse($resolver->isAnonymous($this->getRememberMeToken()));
         $this->assertFalse($resolver->isAnonymous(new FakeCustomToken()));
-        $this->assertTrue($resolver->isAnonymous(new RealCustomAnonymousToken()));
-        $this->assertTrue($resolver->isAnonymous($this->getAnonymousToken()));
     }
 
     public function testIsRememberMe()
@@ -36,7 +34,6 @@ public function testIsRememberMe()
 
         $this->assertFalse($resolver->isRememberMe(null));
         $this->assertFalse($resolver->isRememberMe($this->getToken()));
-        $this->assertFalse($resolver->isRememberMe($this->getAnonymousToken()));
         $this->assertFalse($resolver->isRememberMe(new FakeCustomToken()));
         $this->assertTrue($resolver->isRememberMe(new RealCustomRememberMeToken()));
         $this->assertTrue($resolver->isRememberMe($this->getRememberMeToken()));
@@ -47,9 +44,7 @@ public function testisFullFledged()
         $resolver = new AuthenticationTrustResolver();
 
         $this->assertFalse($resolver->isFullFledged(null));
-        $this->assertFalse($resolver->isFullFledged($this->getAnonymousToken()));
         $this->assertFalse($resolver->isFullFledged($this->getRememberMeToken()));
-        $this->assertFalse($resolver->isFullFledged(new RealCustomAnonymousToken()));
         $this->assertFalse($resolver->isFullFledged(new RealCustomRememberMeToken()));
         $this->assertTrue($resolver->isFullFledged($this->getToken()));
         $this->assertTrue($resolver->isFullFledged(new FakeCustomToken()));
@@ -62,8 +57,6 @@ public function testIsAnonymousWithClassAsConstructorButStillExtending()
         $this->assertFalse($resolver->isAnonymous(null));
         $this->assertFalse($resolver->isAnonymous($this->getToken()));
         $this->assertFalse($resolver->isAnonymous($this->getRememberMeToken()));
-        $this->assertTrue($resolver->isAnonymous($this->getAnonymousToken()));
-        $this->assertTrue($resolver->isAnonymous(new RealCustomAnonymousToken()));
     }
 
     public function testIsRememberMeWithClassAsConstructorButStillExtending()
@@ -72,7 +65,6 @@ public function testIsRememberMeWithClassAsConstructorButStillExtending()
 
         $this->assertFalse($resolver->isRememberMe(null));
         $this->assertFalse($resolver->isRememberMe($this->getToken()));
-        $this->assertFalse($resolver->isRememberMe($this->getAnonymousToken()));
         $this->assertTrue($resolver->isRememberMe($this->getRememberMeToken()));
         $this->assertTrue($resolver->isRememberMe(new RealCustomRememberMeToken()));
     }
@@ -82,13 +74,27 @@ public function testisFullFledgedWithClassAsConstructorButStillExtending()
         $resolver = $this->getResolver();
 
         $this->assertFalse($resolver->isFullFledged(null));
-        $this->assertFalse($resolver->isFullFledged($this->getAnonymousToken()));
         $this->assertFalse($resolver->isFullFledged($this->getRememberMeToken()));
-        $this->assertFalse($resolver->isFullFledged(new RealCustomAnonymousToken()));
         $this->assertFalse($resolver->isFullFledged(new RealCustomRememberMeToken()));
         $this->assertTrue($resolver->isFullFledged($this->getToken()));
     }
 
+    /**
+     * @group legacy
+     */
+    public function testLegacy()
+    {
+        $resolver = $this->getResolver();
+
+        $this->assertTrue($resolver->isAnonymous($this->getAnonymousToken()));
+        $this->assertTrue($resolver->isAnonymous($this->getRealCustomAnonymousToken()));
+
+        $this->assertFalse($resolver->isRememberMe($this->getAnonymousToken()));
+
+        $this->assertFalse($resolver->isFullFledged($this->getAnonymousToken()));
+        $this->assertFalse($resolver->isFullFledged($this->getRealCustomAnonymousToken()));
+    }
+
     protected function getToken()
     {
         return $this->createMock(TokenInterface::class);
@@ -99,6 +105,15 @@ protected function getAnonymousToken()
         return $this->getMockBuilder(AnonymousToken::class)->setConstructorArgs(['', ''])->getMock();
     }
 
+    private function getRealCustomAnonymousToken()
+    {
+        return new class() extends AnonymousToken {
+            public function __construct()
+            {
+            }
+        };
+    }
+
     protected function getRememberMeToken()
     {
         return $this->getMockBuilder(RememberMeToken::class)->setMethods(['setPersistent'])->disableOriginalConstructor()->getMock();
@@ -192,13 +207,6 @@ public function setAttribute(string $name, $value)
     }
 }
 
-class RealCustomAnonymousToken extends AnonymousToken
-{
-    public function __construct()
-    {
-    }
-}
-
 class RealCustomRememberMeToken extends RememberMeToken
 {
     public function __construct()
 
@@ -63,18 +63,38 @@ public function eraseCredentials()
         $this->assertEquals('fabien', $token->getUserIdentifier());
     }
 
-    public function testGetUserIdentifier()
+    /**
+     * @dataProvider provideUsers
+     */
+    public function testGetUserIdentifier($user, string $username)
     {
         $token = new ConcreteToken(['ROLE_FOO']);
-        $token->setUser('fabien');
-        $this->assertEquals('fabien', $token->getUserIdentifier());
+        $token->setUser($user);
+        $this->assertEquals($username, $token->getUserIdentifier());
+    }
 
-        $token->setUser(new TestUser('fabien'));
-        $this->assertEquals('fabien', $token->getUserIdentifier());
+    public function provideUsers()
+    {
+        yield [new InMemoryUser('fabien', null), 'fabien'];
+    }
 
-        $user = new InMemoryUser('fabien', null);
+    /**
+     * @dataProvider provideLegacyUsers
+     * @group legacy
+     */
+    public function testLegacyGetUserIdentifier($user, string $username)
+    {
+        $token = new ConcreteToken(['ROLE_FOO']);
         $token->setUser($user);
-        $this->assertEquals('fabien', $token->getUserIdentifier());
+        $this->assertEquals($username, $token->getUserIdentifier());
+    }
+
+    public function provideLegacyUsers()
+    {
+        return [
+            [new TestUser('fabien'), 'fabien'],
+            ['fabien', 'fabien'],
+        ];
     }
 
     public function testEraseCredentials()
@@ -143,7 +163,7 @@ public function testAttributes()
     }
 
     /**
-     * @dataProvider getUsers
+     * @dataProvider provideUsers
      */
     public function testSetUser($user)
     {
@@ -152,15 +172,6 @@ public function testSetUser($user)
         $this->assertSame($user, $token->getUser());
     }
 
-    public function getUsers()
-    {
-        return [
-            [new InMemoryUser('foo', null)],
-            [new TestUser('foo')],
-            ['foo'],
-        ];
-    }
-
     /**
      * @group legacy
      * @dataProvider getUserChanges
@@ -196,7 +207,8 @@ public function getUserChanges()
 
     /**
      * @group legacy
-     * @dataProvider getUsers
+     * @dataProvider provideUsers
+     * @dataProvider provideLegacyUsers
      */
     public function testSetUserDoesNotSetAuthenticatedToFalseWhenUserDoesNotChange($user)
     {
Original file line number	Diff line number	Diff line change
`@@ -138,14 +138,17 @@ public function testForward()`
`138`	`138`	`public function testGetUser()`
`139`	`139`	`{`
`140`	`140`	`$user = new InMemoryUser('user', 'pass');`
`141`		`- $token = new UsernamePasswordToken($user, 'pass', 'default', ['ROLE_USER']);`
	`141`	`+ $token = new UsernamePasswordToken($user, 'default', ['ROLE_USER']);`
`142`	`142`
`143`	`143`	`$controller = $this->createController();`
`144`	`144`	`$controller->setContainer($this->getContainerWithTokenStorage($token));`
`145`	`145`
`146`	`146`	`$this->assertSame($controller->getUser(), $user);`
`147`	`147`	`}`
`148`	`148`
	`149`	`+ /**`
	`150`	`+ * @group legacy`
	`151`	`+ */`
`149`	`152`	`public function testGetUserAnonymousUserConvertedToNull()`
`150`	`153`	`{`
`151`	`154`	`$token = new AnonymousToken('default', 'anon.');`
Original file line number	Diff line number	Diff line change
`@@ -28,6 +28,9 @@ public function testUserProviderIsNeeded()`
`28`	`28`	`]);`
`29`	`29`	`}`
`30`	`30`
	`31`	`+ /**`
	`32`	`+ * @group legacy`
	`33`	`+ */`
`31`	`34`	`public function testLegacyUserProviderIsNeeded()`
`32`	`35`	`{`
`33`	`36`	`$client = $this->createClient(['test_case' => 'MissingUserProvider', 'root_config' => 'config.yml', 'debug' => true]);`
Original file line number	Diff line number	Diff line change
`@@ -31,6 +31,8 @@ class AnonymousToken extends AbstractToken`
`31`	`31`	`*/`
`32`	`32`	`public function __construct(string $secret, $user, array $roles = [])`
`33`	`33`	`{`
	`34`	`+ trigger_deprecation('symfony/security-core', '5.4', 'The "%s" class is deprecated.', __CLASS__);`
	`35`	`+`
`34`	`36`	`parent::__construct($roles);`
`35`	`37`
`36`	`38`	`$this->secret = $secret;`