symfony
diff --git a/‎UPGRADE-5.4.md
Copy file name to clipboardExpand all lines: UPGRADE-5.4.md
+2-2Lines changed: 2 additions & 2 deletions b/‎UPGRADE-5.4.md
Copy file name to clipboardExpand all lines: UPGRADE-5.4.md
+2-2Lines changed: 2 additions & 2 deletions
diff --git a/‎UPGRADE-6.0.md
Copy file name to clipboardExpand all lines: UPGRADE-6.0.md
+2-2Lines changed: 2 additions & 2 deletions b/‎UPGRADE-6.0.md
Copy file name to clipboardExpand all lines: UPGRADE-6.0.md
+2-2Lines changed: 2 additions & 2 deletions
diff --git a/‎src/Symfony/Bridge/Monolog/Processor/AbstractTokenProcessor.php
Copy file name to clipboardExpand all lines: src/Symfony/Bridge/Monolog/Processor/AbstractTokenProcessor.php
+1-1Lines changed: 1 addition & 1 deletion b/‎src/Symfony/Bridge/Monolog/Processor/AbstractTokenProcessor.php
Copy file name to clipboardExpand all lines: src/Symfony/Bridge/Monolog/Processor/AbstractTokenProcessor.php
+1-1Lines changed: 1 addition & 1 deletion
diff --git a/‎src/Symfony/Bridge/Twig/AppVariable.php
Copy file name to clipboardExpand all lines: src/Symfony/Bridge/Twig/AppVariable.php
+2-1Lines changed: 2 additions & 1 deletion b/‎src/Symfony/Bridge/Twig/AppVariable.php
Copy file name to clipboardExpand all lines: src/Symfony/Bridge/Twig/AppVariable.php
+2-1Lines changed: 2 additions & 1 deletion
diff --git a/‎src/Symfony/Bundle/SecurityBundle/DataCollector/SecurityDataCollector.php
Copy file name to clipboardExpand all lines: src/Symfony/Bundle/SecurityBundle/DataCollector/SecurityDataCollector.php
+1-1Lines changed: 1 addition & 1 deletion b/‎src/Symfony/Bundle/SecurityBundle/DataCollector/SecurityDataCollector.php
Copy file name to clipboardExpand all lines: src/Symfony/Bundle/SecurityBundle/DataCollector/SecurityDataCollector.php
+1-1Lines changed: 1 addition & 1 deletion
diff --git a/‎src/Symfony/Component/Messenger/Transport/Serialization/Normalizer/FlattenExceptionNormalizer.php
Copy file name to clipboardExpand all lines: src/Symfony/Component/Messenger/Transport/Serialization/Normalizer/FlattenExceptionNormalizer.php
+2-2Lines changed: 2 additions & 2 deletions b/‎src/Symfony/Component/Messenger/Transport/Serialization/Normalizer/FlattenExceptionNormalizer.php
Copy file name to clipboardExpand all lines: src/Symfony/Component/Messenger/Transport/Serialization/Normalizer/FlattenExceptionNormalizer.php
+2-2Lines changed: 2 additions & 2 deletions
diff --git a/‎src/Symfony/Component/Security/Core/Authentication/AuthenticationTrustResolver.php
Copy file name to clipboardExpand all lines: src/Symfony/Component/Security/Core/Authentication/AuthenticationTrustResolver.php
+3-12Lines changed: 3 additions & 12 deletions b/‎src/Symfony/Component/Security/Core/Authentication/AuthenticationTrustResolver.php
Copy file name to clipboardExpand all lines: src/Symfony/Component/Security/Core/Authentication/AuthenticationTrustResolver.php
+3-12Lines changed: 3 additions & 12 deletions
diff --git a/‎src/Symfony/Component/Security/Core/Authentication/Token/NullToken.php
Copy file name to clipboardExpand all lines: src/Symfony/Component/Security/Core/Authentication/Token/NullToken.php
+1-1Lines changed: 1 addition & 1 deletion b/‎src/Symfony/Component/Security/Core/Authentication/Token/NullToken.php
Copy file name to clipboardExpand all lines: src/Symfony/Component/Security/Core/Authentication/Token/NullToken.php
+1-1Lines changed: 1 addition & 1 deletion
diff --git a/‎src/Symfony/Component/Security/Core/Authentication/Token/TokenInterface.php
Copy file name to clipboardExpand all lines: src/Symfony/Component/Security/Core/Authentication/Token/TokenInterface.php
+1-1Lines changed: 1 addition & 1 deletion b/‎src/Symfony/Component/Security/Core/Authentication/Token/TokenInterface.php
Copy file name to clipboardExpand all lines: src/Symfony/Component/Security/Core/Authentication/Token/TokenInterface.php
+1-1Lines changed: 1 addition & 1 deletion
diff --git a/‎src/Symfony/Component/Security/Core/Authorization/AuthorizationChecker.php
Copy file name to clipboardExpand all lines: src/Symfony/Component/Security/Core/Authorization/AuthorizationChecker.php
+6-2Lines changed: 6 additions & 2 deletions b/‎src/Symfony/Component/Security/Core/Authorization/AuthorizationChecker.php
Copy file name to clipboardExpand all lines: src/Symfony/Component/Security/Core/Authorization/AuthorizationChecker.php
+6-2Lines changed: 6 additions & 2 deletions
@@ -112,8 +112,8 @@ Security
    behavior when using `enable_authenticator_manager: true`)
  * Deprecate not setting the `$exceptionOnNoToken` argument of `AccessListener` to `false`
    (this is the default behavior when using `enable_authenticator_manager: true`)
- * Deprecate `TokenInterface:isAuthenticated()` and `setAuthenticated()` methods without replacement.
-   Security tokens won't have an "authenticated" flag anymore, so they will always be considered authenticated
+ * Deprecate `TokenInterface:isAuthenticated()` and `setAuthenticated()` methods,
+   return `null` from `getUser()` instead when a token is not authenticated
  * Deprecate `DeauthenticatedEvent`, use `TokenDeauthenticatedEvent` instead
  * Deprecate `CookieClearingLogoutHandler`, `SessionLogoutHandler` and `CsrfTokenClearingLogoutHandler`.
    Use `CookieClearingLogoutListener`, `SessionLogoutListener` and `CsrfTokenClearingLogoutListener` instead
 
@@ -365,8 +365,8 @@ Security
    `UsernamePasswordFormAuthenticationListener`, `UsernamePasswordJsonAuthenticationListener` and `X509AuthenticationListener`
    from security-http, use the new authenticator system instead
  * Remove the Guard component, use the new authenticator system instead
- * Remove `TokenInterface:isAuthenticated()` and `setAuthenticated()` methods without replacement.
-   Security tokens won't have an "authenticated" flag anymore, so they will always be considered authenticated
+ * Remove `TokenInterface:isAuthenticated()` and `setAuthenticated()`,
+   return `null` from `getUser()` instead when a token is not authenticated
  * Remove `DeauthenticatedEvent`, use `TokenDeauthenticatedEvent` instead
  * Remove `CookieClearingLogoutHandler`, `SessionLogoutHandler` and `CsrfTokenClearingLogoutHandler`.
    Use `CookieClearingLogoutListener`, `SessionLogoutListener` and `CsrfTokenClearingLogoutListener` instead
 
@@ -42,7 +42,7 @@ public function __invoke(array $record): array
 
         if (null !== $token = $this->getToken()) {
             $record['extra'][$this->getKey()] = [
-                'authenticated' => method_exists($token, 'isAuthenticated') ? $token->isAuthenticated(false) : true, // @deprecated since Symfony 5.4, always true in 6.0
+                'authenticated' => method_exists($token, 'isAuthenticated') ? $token->isAuthenticated(false) : (bool) $token->getUser(),
                 'roles' => $token->getRoleNames(),
             ];
 
 
@@ -16,6 +16,7 @@
 use Symfony\Component\HttpFoundation\Session\Session;
 use Symfony\Component\Security\Core\Authentication\Token\Storage\TokenStorageInterface;
 use Symfony\Component\Security\Core\Authentication\Token\TokenInterface;
+use Symfony\Component\Security\Core\User\UserInterface;
 
 /**
  * Exposes some Symfony parameters and services as an "app" global variable.
@@ -68,7 +69,7 @@ public function getToken(): ?TokenInterface
      *
      * @see TokenInterface::getUser()
      */
-    public function getUser(): ?object
+    public function getUser(): ?UserInterface
     {
         if (null === $tokenStorage = $this->tokenStorage) {
             throw new \RuntimeException('The "app.user" variable is not available.');
 
@@ -119,7 +119,7 @@ public function collect(Request $request, Response $response, \Throwable $except
 
             $this->data = [
                 'enabled' => true,
-                'authenticated' => method_exists($token, 'isAuthenticated') ? $token->isAuthenticated(false) : true,
+                'authenticated' => method_exists($token, 'isAuthenticated') ? $token->isAuthenticated(false) : (bool) $token->getUser(),
                 'impersonated' => null !== $impersonatorUser,
                 'impersonator_user' => $impersonatorUser,
                 'impersonation_exit_path' => null,
 
@@ -29,7 +29,7 @@ final class FlattenExceptionNormalizer implements DenormalizerInterface, Context
     /**
      * {@inheritdoc}
      */
-    public function normalize(mixed $object, string $format = null, array $context = []): array|string|int|float|bool|\ArrayObject|null
+    public function normalize(mixed $object, string $format = null, array $context = []): array
     {
         $normalized = [
             'message' => $object->getMessage(),
@@ -59,7 +59,7 @@ public function supportsNormalization(mixed $data, string $format = null, array
     /**
      * {@inheritdoc}
      */
-    public function denormalize(mixed $data, string $type, string $format = null, array $context = []): mixed
+    public function denormalize(mixed $data, string $type, string $format = null, array $context = []): FlattenException
     {
         $object = new FlattenException();
 
 
@@ -11,7 +11,6 @@
 
 namespace Symfony\Component\Security\Core\Authentication;
 
-use Symfony\Component\Security\Core\Authentication\Token\NullToken;
 use Symfony\Component\Security\Core\Authentication\Token\RememberMeToken;
 use Symfony\Component\Security\Core\Authentication\Token\TokenInterface;
 
@@ -24,30 +23,22 @@ class AuthenticationTrustResolver implements AuthenticationTrustResolverInterfac
 {
     public function isAuthenticated(TokenInterface $token = null): bool
     {
-        return null !== $token && !$token instanceof NullToken;
+        return $token && $token->getUser();
     }
 
     /**
      * {@inheritdoc}
      */
     public function isRememberMe(TokenInterface $token = null)
     {
-        if (null === $token) {
-            return false;
-        }
-
-        return $token instanceof RememberMeToken;
+        return $token && $token instanceof RememberMeToken;
     }
 
     /**
      * {@inheritdoc}
      */
     public function isFullFledged(TokenInterface $token = null)
     {
-        if (null === $token || $token instanceof NullToken) {
-            return false;
-        }
-
-        return !$this->isRememberMe($token);
+        return $this->isAuthenticated($token) && !$this->isRememberMe($token);
     }
 }
@@ -30,7 +30,7 @@ public function getRoleNames(): array
 
     public function getUser()
     {
-        return '';
+        return null;
     }
 
     public function setUser(UserInterface $user)
 
@@ -40,7 +40,7 @@ public function getRoleNames(): array;
     /**
      * Returns a user representation.
      *
-     * @return UserInterface
+     * @return UserInterface|null
      *
      * @see AbstractToken::setUser()
      */
 
@@ -32,7 +32,7 @@ class AuthorizationChecker implements AuthorizationCheckerInterface
 
     public function __construct(TokenStorageInterface $tokenStorage, AccessDecisionManagerInterface $accessDecisionManager, bool $exceptionOnNoToken = false)
     {
-        if (false !== $exceptionOnNoToken) {
+        if ($exceptionOnNoToken) {
             throw new \LogicException('Argument $exceptionOnNoToken of "%s()" must be set to "false".', __METHOD__);
         }
 
@@ -48,7 +48,11 @@ public function __construct(TokenStorageInterface $tokenStorage, AccessDecisionM
      */
     final public function isGranted(mixed $attribute, mixed $subject = null): bool
     {
-        $token = $this->tokenStorage->getToken() ?? new NullToken();
+        $token = $this->tokenStorage->getToken();
+
+        if (!$token || !$token->getUser()) {
+            $token = new NullToken();
+        }
 
         return $this->accessDecisionManager->decide($token, [$attribute], $subject);
     }
Original file line number	Diff line number	Diff line change
`@@ -11,7 +11,6 @@`
`11`	`11`
`12`	`12`	`namespace Symfony\Component\Security\Core\Authentication;`
`13`	`13`
`14`		`-use Symfony\Component\Security\Core\Authentication\Token\NullToken;`
`15`	`14`	`use Symfony\Component\Security\Core\Authentication\Token\RememberMeToken;`
`16`	`15`	`use Symfony\Component\Security\Core\Authentication\Token\TokenInterface;`
`17`	`16`
`@@ -24,30 +23,22 @@ class AuthenticationTrustResolver implements AuthenticationTrustResolverInterfac`
`24`	`23`	`{`
`25`	`24`	`public function isAuthenticated(TokenInterface $token = null): bool`
`26`	`25`	`{`
`27`		`- return null !== $token && !$token instanceof NullToken;`
	`26`	`+ return $token && $token->getUser();`
`28`	`27`	`}`
`29`	`28`
`30`	`29`	`/**`
`31`	`30`	`* {@inheritdoc}`
`32`	`31`	`*/`
`33`	`32`	`public function isRememberMe(TokenInterface $token = null)`
`34`	`33`	`{`
`35`		`- if (null === $token) {`
`36`		`- return false;`
`37`		`- }`
`38`		`-`
`39`		`- return $token instanceof RememberMeToken;`
	`34`	`+ return $token && $token instanceof RememberMeToken;`
`40`	`35`	`}`
`41`	`36`
`42`	`37`	`/**`
`43`	`38`	`* {@inheritdoc}`
`44`	`39`	`*/`
`45`	`40`	`public function isFullFledged(TokenInterface $token = null)`
`46`	`41`	`{`
`47`		`- if (null === $token \|\| $token instanceof NullToken) {`
`48`		`- return false;`
`49`		`- }`
`50`		`-`
`51`		`- return !$this->isRememberMe($token);`
	`42`	`+ return $this->isAuthenticated($token) && !$this->isRememberMe($token);`
`52`	`43`	`}`
`53`	`44`	`}`
Original file line number	Diff line number	Diff line change
`@@ -30,7 +30,7 @@ public function getRoleNames(): array`
`30`	`30`
`31`	`31`	`public function getUser()`
`32`	`32`	`{`
`33`		`- return '';`
	`33`	`+ return null;`
`34`	`34`	`}`
`35`	`35`
`36`	`36`	`public function setUser(UserInterface $user)`
Original file line number	Diff line number	Diff line change
`@@ -40,7 +40,7 @@ public function getRoleNames(): array;`
`40`	`40`	`/**`
`41`	`41`	`* Returns a user representation.`
`42`	`42`	`*`
`43`		`- * @return UserInterface`
	`43`	`+ * @return UserInterface\|null`
`44`	`44`	`*`
`45`	`45`	`* @see AbstractToken::setUser()`
`46`	`46`	`*/`
Original file line number	Diff line number	Diff line change
`@@ -32,7 +32,7 @@ class AuthorizationChecker implements AuthorizationCheckerInterface`
`32`	`32`
`33`	`33`	`public function __construct(TokenStorageInterface $tokenStorage, AccessDecisionManagerInterface $accessDecisionManager, bool $exceptionOnNoToken = false)`
`34`	`34`	`{`
`35`		`- if (false !== $exceptionOnNoToken) {`
	`35`	`+ if ($exceptionOnNoToken) {`
`36`	`36`	`throw new \LogicException('Argument $exceptionOnNoToken of "%s()" must be set to "false".', __METHOD__);`
`37`	`37`	`}`
`38`	`38`
`@@ -48,7 +48,11 @@ public function __construct(TokenStorageInterface $tokenStorage, AccessDecisionM`
`48`	`48`	`*/`
`49`	`49`	`final public function isGranted(mixed $attribute, mixed $subject = null): bool`
`50`	`50`	`{`
`51`		`- $token = $this->tokenStorage->getToken() ?? new NullToken();`
	`51`	`+ $token = $this->tokenStorage->getToken();`
	`52`	`+`
	`53`	`+ if (!$token \|\| !$token->getUser()) {`
	`54`	`+ $token = new NullToken();`
	`55`	`+ }`
`52`	`56`
`53`	`57`	`return $this->accessDecisionManager->decide($token, [$attribute], $subject);`
`54`	`58`	`}`