From 6c180c78daefb713c6acba9bf0a0508696417499 Mon Sep 17 00:00:00 2001
From: Ryan Weaver <ryan@thatsquality.com>
Date: Sun, 17 May 2015 17:35:08 -0400
Subject: [PATCH] Adding an edge case - this should not happen anyways

---
 .../Security/Guard/GuardAuthenticatorInterface.php         | 3 ++-
 .../Guard/Provider/GuardAuthenticationProvider.php         | 7 +++++++
 2 files changed, 9 insertions(+), 1 deletion(-)

diff --git a/src/Symfony/Component/Security/Guard/GuardAuthenticatorInterface.php b/src/Symfony/Component/Security/Guard/GuardAuthenticatorInterface.php
index dba8d09e22..f6405e9f30 100644
--- a/src/Symfony/Component/Security/Guard/GuardAuthenticatorInterface.php
+++ b/src/Symfony/Component/Security/Guard/GuardAuthenticatorInterface.php
@@ -8,6 +8,7 @@ use Symfony\Component\Security\Core\Authentication\Token\TokenInterface;
 use Symfony\Component\Security\Core\Exception\AuthenticationException;
 use Symfony\Component\Security\Core\User\UserInterface;
 use Symfony\Component\Security\Core\User\UserProviderInterface;
+use Symfony\Component\Security\Guard\Token\GuardTokenInterface;
 use Symfony\Component\Security\Http\EntryPoint\AuthenticationEntryPointInterface;
 
 /**
@@ -67,7 +68,7 @@ interface GuardAuthenticatorInterface extends AuthenticationEntryPointInterface
      * @see AbstractGuardAuthenticator
      * @param UserInterface $user
      * @param string $providerKey The provider (i.e. firewall) key
-     * @return TokenInterface
+     * @return GuardTokenInterface
      */
     public function createAuthenticatedToken(UserInterface $user, $providerKey);
 
diff --git a/src/Symfony/Component/Security/Guard/Provider/GuardAuthenticationProvider.php b/src/Symfony/Component/Security/Guard/Provider/GuardAuthenticationProvider.php
index aa9a78dde8..524d7fe021 100644
--- a/src/Symfony/Component/Security/Guard/Provider/GuardAuthenticationProvider.php
+++ b/src/Symfony/Component/Security/Guard/Provider/GuardAuthenticationProvider.php
@@ -65,6 +65,13 @@ class GuardAuthenticationProvider implements AuthenticationProviderInterface
              * we will return an AnonymousToken to accomplish that.
              */
 
+            // this should never happen - but technically, the token is
+            // authenticated... so it could jsut be returned
+            if ($token->isAuthenticated()) {
+                return $token;
+            }
+
+            // cause the logout - the token is not authenticated
             return new AnonymousToken($this->providerKey, 'anon.');
         }