From 01bea3c0852aeb3b3ec07caf4dd46e0526a9d08c Mon Sep 17 00:00:00 2001
From: "Alexander M. Turek" <me@derrabus.de>
Date: Fri, 27 Nov 2020 01:11:54 +0100
Subject: [PATCH] Support for SwitchUserToken instances serialized with
 4.4/5.1.

---
 .../Authentication/Token/SwitchUserToken.php     |   7 ++++++-
 .../Token/Fixtures/switch-user-token-4.4.txt     | Bin 0 -> 1917 bytes
 .../Authentication/Token/SwitchUserTokenTest.php |  14 ++++++++++++++
 3 files changed, 20 insertions(+), 1 deletion(-)
 create mode 100644 src/Symfony/Component/Security/Core/Tests/Authentication/Token/Fixtures/switch-user-token-4.4.txt

diff --git a/src/Symfony/Component/Security/Core/Authentication/Token/SwitchUserToken.php b/src/Symfony/Component/Security/Core/Authentication/Token/SwitchUserToken.php
index e575999374..ccccb5b51c 100644
--- a/src/Symfony/Component/Security/Core/Authentication/Token/SwitchUserToken.php
+++ b/src/Symfony/Component/Security/Core/Authentication/Token/SwitchUserToken.php
@@ -59,7 +59,12 @@ class SwitchUserToken extends UsernamePasswordToken
      */
     public function __unserialize(array $data): void
     {
-        [$this->originalToken, $this->originatedFromUri, $parentData] = $data;
+        if (3 > \count($data)) {
+            // Support for tokens serialized with version 5.1 or lower of symfony/security-core.
+            [$this->originalToken, $parentData] = $data;
+        } else {
+            [$this->originalToken, $this->originatedFromUri, $parentData] = $data;
+        }
         $parentData = \is_array($parentData) ? $parentData : unserialize($parentData);
         parent::__unserialize($parentData);
     }
diff --git a/src/Symfony/Component/Security/Core/Tests/Authentication/Token/Fixtures/switch-user-token-4.4.txt b/src/Symfony/Component/Security/Core/Tests/Authentication/Token/Fixtures/switch-user-token-4.4.txt
new file mode 100644
index 0000000000000000000000000000000000000000..7b3f7c40920dbe5d8d51326d95d3bdc721a4b2b6
GIT binary patch
literal 1917
zcmeHI!D_-l6!cs63yj8?zMP8KlV~yZ7AR|6aci<Gn*^1RfA4!q&|;;!y_ABNu)8qx
zW*#$S1fCBpJf>@{j?qY`JFSGuqfo?!kvTmX5j_|A247{&bE#GIrnf>x;a=wPW|0X~
z-x)Z5--VJx4@wE$U<5<=m()b6cq(3bmhH7!wF7+5BmREF&%uE*!y8*`&4T*0<c0;6
z1P8A;JmpfcKteCzFlbOSaGl$#NI*m%20jfLAf|I`OD9mLX!VmSl<~oppra+ru656X
zDS^9I5`^N*M66h_te4^0p?MtZLgiDf#)q9WUwF`t#Uf&aQgC>ZediiHS#g~;O?13H
zOL8&57LtrkM8+@>m>!C01}I}bn~dKV;dqYe!ByLt6o=gK7b%ie&D({tsv}67Z?e~p
zx-WZk6d2J58%5c3hj;ipfjZ=m!gk>b74^|HiId>|V83d_|Hqo?4YvJJvx~|;YIgOX
Lc52L@)vWpivwNcV

literal 0
HcmV?d00001

diff --git a/src/Symfony/Component/Security/Core/Tests/Authentication/Token/SwitchUserTokenTest.php b/src/Symfony/Component/Security/Core/Tests/Authentication/Token/SwitchUserTokenTest.php
index 00f1ac984a..8138f76596 100644
--- a/src/Symfony/Component/Security/Core/Tests/Authentication/Token/SwitchUserTokenTest.php
+++ b/src/Symfony/Component/Security/Core/Tests/Authentication/Token/SwitchUserTokenTest.php
@@ -84,4 +84,18 @@ class SwitchUserTokenTest extends TestCase
 
         $this->assertNull($unserializedToken->getOriginatedFromUri());
     }
+
+    public function testUnserializeOldToken()
+    {
+        /** @var SwitchUserToken $token */
+        $token = unserialize(file_get_contents(__DIR__.'/Fixtures/switch-user-token-4.4.txt'));
+
+        self::assertInstanceOf(SwitchUserToken::class, $token);
+        self::assertInstanceOf(UsernamePasswordToken::class, $token->getOriginalToken());
+        self::assertSame('john', $token->getUsername());
+        self::assertSame(['foo' => 'bar'], $token->getCredentials());
+        self::assertSame('main', $token->getFirewallName());
+        self::assertEquals(['ROLE_USER'], $token->getRoleNames());
+        self::assertNull($token->getOriginatedFromUri());
+    }
 }