From 6585fe45a22e02994077667b1c5588d11a9c9a61 Mon Sep 17 00:00:00 2001
From: Christian Flothmann <christian.flothmann@xabbuh.de>
Date: Tue, 21 Jul 2015 20:37:10 +0200
Subject: [PATCH] [Security] fix check for empty usernames

---
 .../Component/Security/Acl/Domain/UserSecurityIdentity.php      | 2 +-
 .../Core/Authentication/Provider/UserAuthenticationProvider.php | 2 +-
 .../Security/Core/Authentication/RememberMe/PersistentToken.php | 2 +-
 src/Symfony/Component/Security/Core/User/User.php               | 2 +-
 4 files changed, 4 insertions(+), 4 deletions(-)

diff --git a/src/Symfony/Component/Security/Acl/Domain/UserSecurityIdentity.php b/src/Symfony/Component/Security/Acl/Domain/UserSecurityIdentity.php
index 3bf277f364..ea17c635d5 100644
--- a/src/Symfony/Component/Security/Acl/Domain/UserSecurityIdentity.php
+++ b/src/Symfony/Component/Security/Acl/Domain/UserSecurityIdentity.php
@@ -36,7 +36,7 @@ final class UserSecurityIdentity implements SecurityIdentityInterface
      */
     public function __construct($username, $class)
     {
-        if (empty($username)) {
+        if ('' === $username || null === $username) {
             throw new \InvalidArgumentException('$username must not be empty.');
         }
         if (empty($class)) {
diff --git a/src/Symfony/Component/Security/Core/Authentication/Provider/UserAuthenticationProvider.php b/src/Symfony/Component/Security/Core/Authentication/Provider/UserAuthenticationProvider.php
index b65a16bbb2..a624ccfe63 100644
--- a/src/Symfony/Component/Security/Core/Authentication/Provider/UserAuthenticationProvider.php
+++ b/src/Symfony/Component/Security/Core/Authentication/Provider/UserAuthenticationProvider.php
@@ -62,7 +62,7 @@ abstract class UserAuthenticationProvider implements AuthenticationProviderInter
         }
 
         $username = $token->getUsername();
-        if (empty($username)) {
+        if ('' === $username || null === $username) {
             $username = 'NONE_PROVIDED';
         }
 
diff --git a/src/Symfony/Component/Security/Core/Authentication/RememberMe/PersistentToken.php b/src/Symfony/Component/Security/Core/Authentication/RememberMe/PersistentToken.php
index 92fcb4f2f7..d85572d0e0 100644
--- a/src/Symfony/Component/Security/Core/Authentication/RememberMe/PersistentToken.php
+++ b/src/Symfony/Component/Security/Core/Authentication/RememberMe/PersistentToken.php
@@ -40,7 +40,7 @@ final class PersistentToken implements PersistentTokenInterface
         if (empty($class)) {
             throw new \InvalidArgumentException('$class must not be empty.');
         }
-        if (empty($username)) {
+        if ('' === $username || null === $username) {
             throw new \InvalidArgumentException('$username must not be empty.');
         }
         if (empty($series)) {
diff --git a/src/Symfony/Component/Security/Core/User/User.php b/src/Symfony/Component/Security/Core/User/User.php
index ea2c6a4da6..86f1acd775 100644
--- a/src/Symfony/Component/Security/Core/User/User.php
+++ b/src/Symfony/Component/Security/Core/User/User.php
@@ -30,7 +30,7 @@ final class User implements AdvancedUserInterface
 
     public function __construct($username, $password, array $roles = array(), $enabled = true, $userNonExpired = true, $credentialsNonExpired = true, $userNonLocked = true)
     {
-        if (empty($username)) {
+        if ('' === $username || null === $username) {
             throw new \InvalidArgumentException('The username cannot be empty.');
         }