diff --git a/src/Symfony/Component/Security/Guard/GuardAuthenticatorInterface.php b/src/Symfony/Component/Security/Guard/GuardAuthenticatorInterface.php index dba8d09e22..f6405e9f30 100644 --- a/src/Symfony/Component/Security/Guard/GuardAuthenticatorInterface.php +++ b/src/Symfony/Component/Security/Guard/GuardAuthenticatorInterface.php @@ -8,6 +8,7 @@ use Symfony\Component\Security\Core\Authentication\Token\TokenInterface; use Symfony\Component\Security\Core\Exception\AuthenticationException; use Symfony\Component\Security\Core\User\UserInterface; use Symfony\Component\Security\Core\User\UserProviderInterface; +use Symfony\Component\Security\Guard\Token\GuardTokenInterface; use Symfony\Component\Security\Http\EntryPoint\AuthenticationEntryPointInterface; /** @@ -67,7 +68,7 @@ interface GuardAuthenticatorInterface extends AuthenticationEntryPointInterface * @see AbstractGuardAuthenticator * @param UserInterface $user * @param string $providerKey The provider (i.e. firewall) key - * @return TokenInterface + * @return GuardTokenInterface */ public function createAuthenticatedToken(UserInterface $user, $providerKey); diff --git a/src/Symfony/Component/Security/Guard/Provider/GuardAuthenticationProvider.php b/src/Symfony/Component/Security/Guard/Provider/GuardAuthenticationProvider.php index aa9a78dde8..524d7fe021 100644 --- a/src/Symfony/Component/Security/Guard/Provider/GuardAuthenticationProvider.php +++ b/src/Symfony/Component/Security/Guard/Provider/GuardAuthenticationProvider.php @@ -65,6 +65,13 @@ class GuardAuthenticationProvider implements AuthenticationProviderInterface * we will return an AnonymousToken to accomplish that. */ + // this should never happen - but technically, the token is + // authenticated... so it could jsut be returned + if ($token->isAuthenticated()) { + return $token; + } + + // cause the logout - the token is not authenticated return new AnonymousToken($this->providerKey, 'anon.'); }