symfony
diff --git a/‎UPGRADE-5.4.md
Copy file name to clipboardExpand all lines: UPGRADE-5.4.md
+1Lines changed: 1 addition & 0 deletions b/‎UPGRADE-5.4.md
Copy file name to clipboardExpand all lines: UPGRADE-5.4.md
+1Lines changed: 1 addition & 0 deletions
diff --git a/‎UPGRADE-6.0.md
Copy file name to clipboardExpand all lines: UPGRADE-6.0.md
+1Lines changed: 1 addition & 0 deletions b/‎UPGRADE-6.0.md
Copy file name to clipboardExpand all lines: UPGRADE-6.0.md
+1Lines changed: 1 addition & 0 deletions
diff --git a/‎src/Symfony/Bridge/Monolog/Processor/AbstractTokenProcessor.php
Copy file name to clipboardExpand all lines: src/Symfony/Bridge/Monolog/Processor/AbstractTokenProcessor.php
+1-1Lines changed: 1 addition & 1 deletion b/‎src/Symfony/Bridge/Monolog/Processor/AbstractTokenProcessor.php
Copy file name to clipboardExpand all lines: src/Symfony/Bridge/Monolog/Processor/AbstractTokenProcessor.php
+1-1Lines changed: 1 addition & 1 deletion
diff --git a/‎src/Symfony/Bundle/FrameworkBundle/KernelBrowser.php
Copy file name to clipboardExpand all lines: src/Symfony/Bundle/FrameworkBundle/KernelBrowser.php
+4-1Lines changed: 4 additions & 1 deletion b/‎src/Symfony/Bundle/FrameworkBundle/KernelBrowser.php
Copy file name to clipboardExpand all lines: src/Symfony/Bundle/FrameworkBundle/KernelBrowser.php
+4-1Lines changed: 4 additions & 1 deletion
diff --git a/‎src/Symfony/Bundle/SecurityBundle/DataCollector/SecurityDataCollector.php
Copy file name to clipboardExpand all lines: src/Symfony/Bundle/SecurityBundle/DataCollector/SecurityDataCollector.php
+1-1Lines changed: 1 addition & 1 deletion b/‎src/Symfony/Bundle/SecurityBundle/DataCollector/SecurityDataCollector.php
Copy file name to clipboardExpand all lines: src/Symfony/Bundle/SecurityBundle/DataCollector/SecurityDataCollector.php
+1-1Lines changed: 1 addition & 1 deletion
diff --git a/‎src/Symfony/Bundle/SecurityBundle/Tests/DependencyInjection/Compiler/RegisterEntryPointsPassTest.php
Copy file name to clipboardExpand all lines: src/Symfony/Bundle/SecurityBundle/Tests/DependencyInjection/Compiler/RegisterEntryPointsPassTest.php
+2-2Lines changed: 2 additions & 2 deletions b/‎src/Symfony/Bundle/SecurityBundle/Tests/DependencyInjection/Compiler/RegisterEntryPointsPassTest.php
Copy file name to clipboardExpand all lines: src/Symfony/Bundle/SecurityBundle/Tests/DependencyInjection/Compiler/RegisterEntryPointsPassTest.php
+2-2Lines changed: 2 additions & 2 deletions
diff --git a/‎src/Symfony/Bundle/SecurityBundle/Tests/DependencyInjection/SecurityExtensionTest.php
Copy file name to clipboardExpand all lines: src/Symfony/Bundle/SecurityBundle/Tests/DependencyInjection/SecurityExtensionTest.php
+2-1Lines changed: 2 additions & 1 deletion b/‎src/Symfony/Bundle/SecurityBundle/Tests/DependencyInjection/SecurityExtensionTest.php
Copy file name to clipboardExpand all lines: src/Symfony/Bundle/SecurityBundle/Tests/DependencyInjection/SecurityExtensionTest.php
+2-1Lines changed: 2 additions & 1 deletion
diff --git a/‎src/Symfony/Bundle/SecurityBundle/Tests/Functional/Bundle/AuthenticatorBundle/ApiAuthenticator.php
Copy file name to clipboardExpand all lines: src/Symfony/Bundle/SecurityBundle/Tests/Functional/Bundle/AuthenticatorBundle/ApiAuthenticator.php
+2-2Lines changed: 2 additions & 2 deletions b/‎src/Symfony/Bundle/SecurityBundle/Tests/Functional/Bundle/AuthenticatorBundle/ApiAuthenticator.php
Copy file name to clipboardExpand all lines: src/Symfony/Bundle/SecurityBundle/Tests/Functional/Bundle/AuthenticatorBundle/ApiAuthenticator.php
+2-2Lines changed: 2 additions & 2 deletions
diff --git a/‎src/Symfony/Bundle/SecurityBundle/Tests/Functional/Bundle/AuthenticatorBundle/LoginFormAuthenticator.php
Copy file name to clipboardExpand all lines: src/Symfony/Bundle/SecurityBundle/Tests/Functional/Bundle/AuthenticatorBundle/LoginFormAuthenticator.php
+1-2Lines changed: 1 addition & 2 deletions b/‎src/Symfony/Bundle/SecurityBundle/Tests/Functional/Bundle/AuthenticatorBundle/LoginFormAuthenticator.php
Copy file name to clipboardExpand all lines: src/Symfony/Bundle/SecurityBundle/Tests/Functional/Bundle/AuthenticatorBundle/LoginFormAuthenticator.php
+1-2Lines changed: 1 addition & 2 deletions
diff --git a/‎src/Symfony/Bundle/SecurityBundle/Tests/Functional/SecurityTest.php
Copy file name to clipboardExpand all lines: src/Symfony/Bundle/SecurityBundle/Tests/Functional/SecurityTest.php
+9-9Lines changed: 9 additions & 9 deletions b/‎src/Symfony/Bundle/SecurityBundle/Tests/Functional/SecurityTest.php
Copy file name to clipboardExpand all lines: src/Symfony/Bundle/SecurityBundle/Tests/Functional/SecurityTest.php
+9-9Lines changed: 9 additions & 9 deletions
diff --git a/‎src/Symfony/Bundle/SecurityBundle/Tests/Functional/app/StandardFormLogin/base_config.yml
Copy file name to clipboardExpand all lines: src/Symfony/Bundle/SecurityBundle/Tests/Functional/app/StandardFormLogin/base_config.yml
+12-12Lines changed: 12 additions & 12 deletions b/‎src/Symfony/Bundle/SecurityBundle/Tests/Functional/app/StandardFormLogin/base_config.yml
Copy file name to clipboardExpand all lines: src/Symfony/Bundle/SecurityBundle/Tests/Functional/app/StandardFormLogin/base_config.yml
+12-12Lines changed: 12 additions & 12 deletions
diff --git a/‎src/Symfony/Component/PasswordHasher/Hasher/UserPasswordHasher.php
Copy file name to clipboardExpand all lines: src/Symfony/Component/PasswordHasher/Hasher/UserPasswordHasher.php
+1-1Lines changed: 1 addition & 1 deletion b/‎src/Symfony/Component/PasswordHasher/Hasher/UserPasswordHasher.php
Copy file name to clipboardExpand all lines: src/Symfony/Component/PasswordHasher/Hasher/UserPasswordHasher.php
+1-1Lines changed: 1 addition & 1 deletion
diff --git a/‎src/Symfony/Component/PasswordHasher/Tests/Fixtures/TestLegacyPasswordAuthenticatedUser.php
Copy file name to clipboardExpand all lines: src/Symfony/Component/PasswordHasher/Tests/Fixtures/TestLegacyPasswordAuthenticatedUser.php
+4-4Lines changed: 4 additions & 4 deletions b/‎src/Symfony/Component/PasswordHasher/Tests/Fixtures/TestLegacyPasswordAuthenticatedUser.php
Copy file name to clipboardExpand all lines: src/Symfony/Component/PasswordHasher/Tests/Fixtures/TestLegacyPasswordAuthenticatedUser.php
+4-4Lines changed: 4 additions & 4 deletions
diff --git a/‎src/Symfony/Component/Security/Core/AuthenticationEvents.php
Copy file name to clipboardExpand all lines: src/Symfony/Component/Security/Core/AuthenticationEvents.php
+2Lines changed: 2 additions & 0 deletions b/‎src/Symfony/Component/Security/Core/AuthenticationEvents.php
Copy file name to clipboardExpand all lines: src/Symfony/Component/Security/Core/AuthenticationEvents.php
+2Lines changed: 2 additions & 0 deletions
diff --git a/‎src/Symfony/Component/Security/Core/CHANGELOG.md
Copy file name to clipboardExpand all lines: src/Symfony/Component/Security/Core/CHANGELOG.md
+1Lines changed: 1 addition & 0 deletions b/‎src/Symfony/Component/Security/Core/CHANGELOG.md
Copy file name to clipboardExpand all lines: src/Symfony/Component/Security/Core/CHANGELOG.md
+1Lines changed: 1 addition & 0 deletions
diff --git a/‎src/Symfony/Component/Security/Core/User/ChainUserProvider.php
Copy file name to clipboardExpand all lines: src/Symfony/Component/Security/Core/User/ChainUserProvider.php
+5-5Lines changed: 5 additions & 5 deletions b/‎src/Symfony/Component/Security/Core/User/ChainUserProvider.php
Copy file name to clipboardExpand all lines: src/Symfony/Component/Security/Core/User/ChainUserProvider.php
+5-5Lines changed: 5 additions & 5 deletions
diff --git a/‎src/Symfony/Component/Security/Guard/Authenticator/GuardBridgeAuthenticator.php
Copy file name to clipboardExpand all lines: src/Symfony/Component/Security/Guard/Authenticator/GuardBridgeAuthenticator.php
+5Lines changed: 5 additions & 0 deletions b/‎src/Symfony/Component/Security/Guard/Authenticator/GuardBridgeAuthenticator.php
Copy file name to clipboardExpand all lines: src/Symfony/Component/Security/Guard/Authenticator/GuardBridgeAuthenticator.php
+5Lines changed: 5 additions & 0 deletions
diff --git a/‎src/Symfony/Component/Security/Http/Authenticator/AbstractPreAuthenticatedAuthenticator.php
Copy file name to clipboardExpand all lines: src/Symfony/Component/Security/Http/Authenticator/AbstractPreAuthenticatedAuthenticator.php
+1-1Lines changed: 1 addition & 1 deletion b/‎src/Symfony/Component/Security/Http/Authenticator/AbstractPreAuthenticatedAuthenticator.php
Copy file name to clipboardExpand all lines: src/Symfony/Component/Security/Http/Authenticator/AbstractPreAuthenticatedAuthenticator.php
+1-1Lines changed: 1 addition & 1 deletion
diff --git a/‎src/Symfony/Component/Security/Http/Authenticator/HttpBasicAuthenticator.php
Copy file name to clipboardExpand all lines: src/Symfony/Component/Security/Http/Authenticator/HttpBasicAuthenticator.php
+1-1Lines changed: 1 addition & 1 deletion b/‎src/Symfony/Component/Security/Http/Authenticator/HttpBasicAuthenticator.php
Copy file name to clipboardExpand all lines: src/Symfony/Component/Security/Http/Authenticator/HttpBasicAuthenticator.php
+1-1Lines changed: 1 addition & 1 deletion
diff --git a/‎src/Symfony/Component/Security/Http/Authenticator/Token/PostAuthenticationToken.php
Copy file name to clipboardExpand all lines: src/Symfony/Component/Security/Http/Authenticator/Token/PostAuthenticationToken.php
+4-2Lines changed: 4 additions & 2 deletions b/‎src/Symfony/Component/Security/Http/Authenticator/Token/PostAuthenticationToken.php
Copy file name to clipboardExpand all lines: src/Symfony/Component/Security/Http/Authenticator/Token/PostAuthenticationToken.php
+4-2Lines changed: 4 additions & 2 deletions
diff --git a/‎src/Symfony/Component/Security/Http/EventListener/CheckCredentialsListener.php
Copy file name to clipboardExpand all lines: src/Symfony/Component/Security/Http/EventListener/CheckCredentialsListener.php
+1-1Lines changed: 1 addition & 1 deletion b/‎src/Symfony/Component/Security/Http/EventListener/CheckCredentialsListener.php
Copy file name to clipboardExpand all lines: src/Symfony/Component/Security/Http/EventListener/CheckCredentialsListener.php
+1-1Lines changed: 1 addition & 1 deletion
@@ -66,6 +66,7 @@ SecurityBundle
 Security
 --------
 
+ * Deprecate `AuthenticationEvents::AUTHENTICATION_FAILURE`, use the `LoginFailureEvent` instead
  * Deprecate the `$authenticationEntryPoint` argument of `ChannelListener`, and add `$httpPort` and `$httpsPort` arguments
  * Deprecate `RetryAuthenticationEntryPoint`, this code is now inlined in the `ChannelListener`
  * Deprecate `FormAuthenticationEntryPoint` and `BasicAuthenticationEntryPoint`, in the new system the `FormLoginAuthenticator`
 
@@ -208,6 +208,7 @@ Routing
 Security
 --------
 
+ * Remove `AuthenticationEvents::AUTHENTICATION_FAILURE`, use the `LoginFailureEvent` instead
  * Remove the `$authenticationEntryPoint` argument of `ChannelListener`
  * Remove `RetryAuthenticationEntryPoint`, this code was inlined in the `ChannelListener`
  * Remove `FormAuthenticationEntryPoint` and `BasicAuthenticationEntryPoint`, the `FormLoginAuthenticator` and `HttpBasicAuthenticator` should be used instead.
 
@@ -42,7 +42,7 @@ public function __invoke(array $record): array
 
         if (null !== $token = $this->getToken()) {
             $record['extra'][$this->getKey()] = [
-                'authenticated' => $token->isAuthenticated(false), // @deprecated since Symfony 5.4, always true in 6.0
+                'authenticated' => method_exists($token, 'isAuthenticated') ? $token->isAuthenticated(false) : true, // @deprecated since Symfony 5.4, always true in 6.0
                 'roles' => $token->getRoleNames(),
             ];
 
 
@@ -123,7 +123,10 @@ public function loginUser(object $user, string $firewallContext = 'main'): self
         }
 
         $token = new TestBrowserToken($user->getRoles(), $user, $firewallContext);
-        $token->setAuthenticated(true, false);
+        // @deprecated since Symfony 5.4
+        if (method_exists($token, 'isAuthenticated')) {
+            $token->setAuthenticated(true, false);
+        }
 
         $container = $this->getContainer();
         $container->get('security.untracked_token_storage')->setToken($token);
 
@@ -127,7 +127,7 @@ public function collect(Request $request, Response $response, \Throwable $except
 
             $this->data = [
                 'enabled' => true,
-                'authenticated' => $token->isAuthenticated(false),
+                'authenticated' => method_exists($token, 'isAuthenticated') ? $token->isAuthenticated(false) : true,
                 'impersonated' => null !== $impersonatorUser,
                 'impersonator_user' => $impersonatorUser,
                 'impersonation_exit_path' => null,
 
@@ -25,7 +25,7 @@
 use Symfony\Component\Security\Core\Exception\BadCredentialsException;
 use Symfony\Component\Security\Http\Authentication\AuthenticatorManager;
 use Symfony\Component\Security\Http\Authenticator\AbstractAuthenticator;
-use Symfony\Component\Security\Http\Authenticator\Passport\PassportInterface;
+use Symfony\Component\Security\Http\Authenticator\Passport\Passport;
 use Symfony\Component\Security\Http\EntryPoint\AuthenticationEntryPointInterface;
 use Symfony\Component\Security\Http\Firewall\ExceptionListener;
 
@@ -76,7 +76,7 @@ public function supports(Request $request): ?bool
         return false;
     }
 
-    public function authenticate(Request $request): PassportInterface
+    public function authenticate(Request $request): Passport
     {
         throw new BadCredentialsException();
     }
 
@@ -38,6 +38,7 @@
 use Symfony\Component\Security\Guard\AuthenticatorInterface as GuardAuthenticatorInterface;
 use Symfony\Component\Security\Http\Authenticator\AuthenticatorInterface;
 use Symfony\Component\Security\Http\Authenticator\HttpBasicAuthenticator;
+use Symfony\Component\Security\Http\Authenticator\Passport\Passport;
 use Symfony\Component\Security\Http\Authenticator\Passport\PassportInterface;
 
 class SecurityExtensionTest extends TestCase
@@ -841,7 +842,7 @@ public function supports(Request $request): ?bool
     {
     }
 
-    public function authenticate(Request $request): PassportInterface
+    public function authenticate(Request $request): Passport
     {
     }
 
 
@@ -20,7 +20,7 @@
 use Symfony\Component\Security\Core\User\InMemoryUser;
 use Symfony\Component\Security\Http\Authenticator\AbstractAuthenticator;
 use Symfony\Component\Security\Http\Authenticator\Passport\Badge\UserBadge;
-use Symfony\Component\Security\Http\Authenticator\Passport\PassportInterface;
+use Symfony\Component\Security\Http\Authenticator\Passport\Passport;
 use Symfony\Component\Security\Http\Authenticator\Passport\SelfValidatingPassport;
 
 class ApiAuthenticator extends AbstractAuthenticator
@@ -37,7 +37,7 @@ public function supports(Request $request): ?bool
         return $request->headers->has('X-USER-EMAIL');
     }
 
-    public function authenticate(Request $request): PassportInterface
+    public function authenticate(Request $request): Passport
     {
         $email = $request->headers->get('X-USER-EMAIL');
         if (false === strpos($email, '@')) {
 
@@ -21,7 +21,6 @@
 use Symfony\Component\Security\Http\Authenticator\Passport\Badge\UserBadge;
 use Symfony\Component\Security\Http\Authenticator\Passport\Credentials\PasswordCredentials;
 use Symfony\Component\Security\Http\Authenticator\Passport\Passport;
-use Symfony\Component\Security\Http\Authenticator\Passport\PassportInterface;
 use Symfony\Component\Security\Http\Util\TargetPathTrait;
 
 class LoginFormAuthenticator extends AbstractLoginFormAuthenticator
@@ -36,7 +35,7 @@ public function __construct(UrlGeneratorInterface $urlGenerator)
         $this->urlGenerator = $urlGenerator;
     }
 
-    public function authenticate(Request $request): PassportInterface
+    public function authenticate(Request $request): Passport
     {
         $username = $request->request->get('_username', '');
 
 
@@ -177,60 +177,60 @@ public function getPassword(): ?string
     /**
      * {@inheritdoc}
      */
-    public function getSalt()
+    public function getSalt(): string
     {
-        return null;
+        return '';
     }
 
     /**
      * {@inheritdoc}
      */
-    public function getUsername()
+    public function getUsername(): string
     {
         return $this->username;
     }
 
-    public function getUserIdentifier()
+    public function getUserIdentifier(): string
     {
         return $this->username;
     }
 
     /**
      * {@inheritdoc}
      */
-    public function isAccountNonExpired()
+    public function isAccountNonExpired(): bool
     {
         return $this->accountNonExpired;
     }
 
     /**
      * {@inheritdoc}
      */
-    public function isAccountNonLocked()
+    public function isAccountNonLocked(): bool
     {
         return $this->accountNonLocked;
     }
 
     /**
      * {@inheritdoc}
      */
-    public function isCredentialsNonExpired()
+    public function isCredentialsNonExpired(): bool
     {
         return $this->credentialsNonExpired;
     }
 
     /**
      * {@inheritdoc}
      */
-    public function isEnabled()
+    public function isEnabled(): bool
     {
         return $this->enabled;
     }
 
     /**
      * {@inheritdoc}
      */
-    public function eraseCredentials()
+    public function eraseCredentials(): void
     {
     }
 }
@@ -39,19 +39,19 @@ security:
                 path: /second/logout
 
     access_control:
-        - { path: ^/en/$, roles: IS_AUTHENTICATED_ANONYMOUSLY }
-        - { path: ^/unprotected_resource$, roles: IS_AUTHENTICATED_ANONYMOUSLY }
-        - { path: ^/secure-but-not-covered-by-access-control$, roles: IS_AUTHENTICATED_ANONYMOUSLY }
-        - { path: ^/secured-by-one-ip$, ip: 10.10.10.10, roles: IS_AUTHENTICATED_ANONYMOUSLY }
-        - { path: ^/secured-by-two-ips$, ips: [1.1.1.1, 2.2.2.2], roles: IS_AUTHENTICATED_ANONYMOUSLY }
+        - { path: ^/en/$, roles: PUBLIC_ACCESS }
+        - { path: ^/unprotected_resource$, roles: PUBLIC_ACCESS }
+        - { path: ^/secure-but-not-covered-by-access-control$, roles: PUBLIC_ACCESS }
+        - { path: ^/secured-by-one-ip$, ip: 10.10.10.10, roles: PUBLIC_ACCESS }
+        - { path: ^/secured-by-two-ips$, ips: [1.1.1.1, 2.2.2.2], roles: PUBLIC_ACCESS }
         # these real IP addresses are reserved for docs/examples (https://tools.ietf.org/search/rfc5737)
-        - { path: ^/secured-by-one-real-ip$, ips: 198.51.100.0, roles: IS_AUTHENTICATED_ANONYMOUSLY }
-        - { path: ^/secured-by-one-real-ip-with-mask$, ips: '203.0.113.0/24', roles: IS_AUTHENTICATED_ANONYMOUSLY }
-        - { path: ^/secured-by-one-real-ipv6$, ips: 0:0:0:0:0:ffff:c633:6400, roles: IS_AUTHENTICATED_ANONYMOUSLY }
-        - { path: ^/secured-by-one-env-placeholder$, ips: '%env(APP_IP)%', roles: IS_AUTHENTICATED_ANONYMOUSLY }
-        - { path: ^/secured-by-one-env-placeholder-multiple-ips$, ips: '%env(APP_IPS)%', roles: IS_AUTHENTICATED_ANONYMOUSLY }
-        - { path: ^/secured-by-one-env-placeholder-and-one-real-ip$, ips: ['%env(APP_IP)%', 198.51.100.0], roles: IS_AUTHENTICATED_ANONYMOUSLY }
-        - { path: ^/secured-by-one-env-placeholder-multiple-ips-and-one-real-ip$, ips: ['%env(APP_IPS)%', 198.51.100.0], roles: IS_AUTHENTICATED_ANONYMOUSLY }
+        - { path: ^/secured-by-one-real-ip$, ips: 198.51.100.0, roles: PUBLIC_ACCESS }
+        - { path: ^/secured-by-one-real-ip-with-mask$, ips: '203.0.113.0/24', roles: PUBLIC_ACCESS }
+        - { path: ^/secured-by-one-real-ipv6$, ips: 0:0:0:0:0:ffff:c633:6400, roles: PUBLIC_ACCESS }
+        - { path: ^/secured-by-one-env-placeholder$, ips: '%env(APP_IP)%', roles: PUBLIC_ACCESS }
+        - { path: ^/secured-by-one-env-placeholder-multiple-ips$, ips: '%env(APP_IPS)%', roles: PUBLIC_ACCESS }
+        - { path: ^/secured-by-one-env-placeholder-and-one-real-ip$, ips: ['%env(APP_IP)%', 198.51.100.0], roles: PUBLIC_ACCESS }
+        - { path: ^/secured-by-one-env-placeholder-multiple-ips-and-one-real-ip$, ips: ['%env(APP_IPS)%', 198.51.100.0], roles: PUBLIC_ACCESS }
         - { path: ^/highly_protected_resource$, roles: IS_ADMIN }
         - { path: ^/protected-via-expression$, allow_if: "(!is_authenticated() and request.headers.get('user-agent') matches '/Firefox/i') or is_granted('ROLE_USER')" }
         - { path: .*, roles: IS_AUTHENTICATED_FULLY }
@@ -48,7 +48,7 @@ public function hashPassword($user, string $plainPassword): string
         if ($user instanceof LegacyPasswordAuthenticatedUserInterface) {
             $salt = $user->getSalt();
         } elseif ($user instanceof UserInterface) {
-            $salt = $user->getSalt();
+            $salt = method_exists($user, 'getSalt') ? $user->getSalt() : null;
 
             if ($salt) {
                 trigger_deprecation('symfony/password-hasher', '5.3', 'Returning a string from "getSalt()" without implementing the "%s" interface is deprecated, the "%s" class should implement it.', LegacyPasswordAuthenticatedUserInterface::class, get_debug_type($user));
 
@@ -30,23 +30,23 @@ public function getPassword(): ?string
         return $this->password;
     }
 
-    public function getRoles()
+    public function getRoles(): array
     {
         return $this->roles;
     }
 
-    public function eraseCredentials()
+    public function eraseCredentials(): void
     {
         // Do nothing
         return;
     }
 
-    public function getUsername()
+    public function getUsername(): string
     {
         return $this->username;
     }
 
-    public function getUserIdentifier()
+    public function getUserIdentifier(): string
     {
         return $this->username;
     }
 
@@ -29,6 +29,8 @@ final class AuthenticationEvents
      * authenticated by any of the providers.
      *
      * @Event("Symfony\Component\Security\Core\Event\AuthenticationFailureEvent")
+     *
+     * @deprecated since Symfony 5.4, use {@see Event\LoginFailureEvent} instead
      */
     public const AUTHENTICATION_FAILURE = 'security.authentication.failure';
 
 
@@ -4,6 +4,7 @@ CHANGELOG
 5.4
 ---
 
+ * Deprecate `AuthenticationEvents::AUTHENTICATION_FAILURE`, use the `LoginFailureEvent` instead
  * Deprecate `AnonymousToken`, as the related authenticator was deprecated in 5.3
  * Deprecate `Token::getCredentials()`, tokens should no longer contain credentials (as they represent authenticated sessions)
  * Deprecate returning `string|\Stringable` from `Token::getUser()` (it must return a `UserInterface`)
 
@@ -56,25 +56,25 @@ public function loadUserByUsername(string $username)
         return $this->loadUserByIdentifier($username);
     }
 
-    public function loadUserByIdentifier(string $userIdentifier): UserInterface
+    public function loadUserByIdentifier(string $identifier): UserInterface
     {
         foreach ($this->providers as $provider) {
             try {
                 // @deprecated since Symfony 5.3, change to $provider->loadUserByIdentifier() in 6.0
                 if (!method_exists($provider, 'loadUserByIdentifier')) {
                     trigger_deprecation('symfony/security-core', '5.3', 'Not implementing method "loadUserByIdentifier()" in user provider "%s" is deprecated. This method will replace "loadUserByUsername()" in Symfony 6.0.', get_debug_type($provider));
 
-                    return $provider->loadUserByUsername($userIdentifier);
+                    return $provider->loadUserByUsername($identifier);
                 }
 
-                return $provider->loadUserByIdentifier($userIdentifier);
+                return $provider->loadUserByIdentifier($identifier);
             } catch (UserNotFoundException $e) {
                 // try next one
             }
         }
 
-        $ex = new UserNotFoundException(sprintf('There is no user with identifier "%s".', $userIdentifier));
-        $ex->setUserIdentifier($userIdentifier);
+        $ex = new UserNotFoundException(sprintf('There is no user with identifier "%s".', $identifier));
+        $ex->setUserIdentifier($identifier);
         throw $ex;
     }
 
 
@@ -121,6 +121,11 @@ public function createAuthenticatedToken(PassportInterface $passport, string $fi
         return $this->guard->createAuthenticatedToken($passport->getUser(), $firewallName);
     }
 
+    public function createToken(Passport $passport, string $firewallName): TokenInterface
+    {
+        return $this->guard->createAuthenticatedToken($passport->getUser(), $firewallName);
+    }
+
     public function onAuthenticationSuccess(Request $request, TokenInterface $token, string $firewallName): ?Response
     {
         return $this->guard->onAuthenticationSuccess($request, $token, $firewallName);
 
@@ -113,7 +113,7 @@ public function createAuthenticatedToken(PassportInterface $passport, string $fi
 
     public function createToken(Passport $passport, string $firewallName): TokenInterface
     {
-        return new PreAuthenticatedToken($passport->getUser(), null, $firewallName, $passport->getUser()->getRoles());
+        return new PreAuthenticatedToken($passport->getUser(), $firewallName, $passport->getUser()->getRoles());
     }
 
     public function onAuthenticationSuccess(Request $request, TokenInterface $token, string $firewallName): ?Response
 
@@ -95,7 +95,7 @@ public function createAuthenticatedToken(PassportInterface $passport, string $fi
 
     public function createToken(Passport $passport, string $firewallName): TokenInterface
     {
-        return new UsernamePasswordToken($passport->getUser(), null, $firewallName, $passport->getUser()->getRoles());
+        return new UsernamePasswordToken($passport->getUser(), $firewallName, $passport->getUser()->getRoles());
     }
 
     public function onAuthenticationSuccess(Request $request, TokenInterface $token, string $firewallName): ?Response
 
@@ -35,8 +35,10 @@ public function __construct(UserInterface $user, string $firewallName, array $ro
         $this->firewallName = $firewallName;
 
         // @deprecated since Symfony 5.4
-        // this token is meant to be used after authentication success, so it is always authenticated
-        $this->setAuthenticated(true, false);
+        if (method_exists($this, 'setAuthenticated')) {
+            // this token is meant to be used after authentication success, so it is always authenticated
+            $this->setAuthenticated(true, false);
+        }
     }
 
     /**
 
@@ -74,7 +74,7 @@ public function checkPassport(CheckPassportEvent $event): void
                 throw new BadCredentialsException('The presented password is invalid.');
             }
 
-            $salt = $user->getSalt();
+            $salt = method_exists($user, 'getSalt') ? $user->getSalt() : '';
             if ($salt && !$user instanceof LegacyPasswordAuthenticatedUserInterface) {
                 trigger_deprecation('symfony/security-http', '5.3', 'Returning a string from "getSalt()" without implementing the "%s" interface is deprecated, the "%s" class should implement it.', LegacyPasswordAuthenticatedUserInterface::class, get_debug_type($user));
             }
Original file line number	Diff line number	Diff line change
`@@ -25,7 +25,7 @@`
`25`	`25`	`use Symfony\Component\Security\Core\Exception\BadCredentialsException;`
`26`	`26`	`use Symfony\Component\Security\Http\Authentication\AuthenticatorManager;`
`27`	`27`	`use Symfony\Component\Security\Http\Authenticator\AbstractAuthenticator;`
`28`		`-use Symfony\Component\Security\Http\Authenticator\Passport\PassportInterface;`
	`28`	`+use Symfony\Component\Security\Http\Authenticator\Passport\Passport;`
`29`	`29`	`use Symfony\Component\Security\Http\EntryPoint\AuthenticationEntryPointInterface;`
`30`	`30`	`use Symfony\Component\Security\Http\Firewall\ExceptionListener;`
`31`	`31`
`@@ -76,7 +76,7 @@ public function supports(Request $request): ?bool`
`76`	`76`	`return false;`
`77`	`77`	`}`
`78`	`78`
`79`		`- public function authenticate(Request $request): PassportInterface`
	`79`	`+ public function authenticate(Request $request): Passport`
`80`	`80`	`{`
`81`	`81`	`throw new BadCredentialsException();`
`82`	`82`	`}`
Original file line number	Diff line number	Diff line change
`@@ -38,6 +38,7 @@`
`38`	`38`	`use Symfony\Component\Security\Guard\AuthenticatorInterface as GuardAuthenticatorInterface;`
`39`	`39`	`use Symfony\Component\Security\Http\Authenticator\AuthenticatorInterface;`
`40`	`40`	`use Symfony\Component\Security\Http\Authenticator\HttpBasicAuthenticator;`
	`41`	`+use Symfony\Component\Security\Http\Authenticator\Passport\Passport;`
`41`	`42`	`use Symfony\Component\Security\Http\Authenticator\Passport\PassportInterface;`
`42`	`43`
`43`	`44`	`class SecurityExtensionTest extends TestCase`
`@@ -841,7 +842,7 @@ public function supports(Request $request): ?bool`
`841`	`842`	`{`
`842`	`843`	`}`
`843`	`844`
`844`		`- public function authenticate(Request $request): PassportInterface`
	`845`	`+ public function authenticate(Request $request): Passport`
`845`	`846`	`{`
`846`	`847`	`}`
`847`	`848`
Original file line number	Diff line number	Diff line change
`@@ -177,60 +177,60 @@ public function getPassword(): ?string`
`177`	`177`	`/**`
`178`	`178`	`* {@inheritdoc}`
`179`	`179`	`*/`
`180`		`- public function getSalt()`
	`180`	`+ public function getSalt(): string`
`181`	`181`	`{`
`182`		`- return null;`
	`182`	`+ return '';`
`183`	`183`	`}`
`184`	`184`
`185`	`185`	`/**`
`186`	`186`	`* {@inheritdoc}`
`187`	`187`	`*/`
`188`		`- public function getUsername()`
	`188`	`+ public function getUsername(): string`
`189`	`189`	`{`
`190`	`190`	`return $this->username;`
`191`	`191`	`}`
`192`	`192`
`193`		`- public function getUserIdentifier()`
	`193`	`+ public function getUserIdentifier(): string`
`194`	`194`	`{`
`195`	`195`	`return $this->username;`
`196`	`196`	`}`
`197`	`197`
`198`	`198`	`/**`
`199`	`199`	`* {@inheritdoc}`
`200`	`200`	`*/`
`201`		`- public function isAccountNonExpired()`
	`201`	`+ public function isAccountNonExpired(): bool`
`202`	`202`	`{`
`203`	`203`	`return $this->accountNonExpired;`
`204`	`204`	`}`
`205`	`205`
`206`	`206`	`/**`
`207`	`207`	`* {@inheritdoc}`
`208`	`208`	`*/`
`209`		`- public function isAccountNonLocked()`
	`209`	`+ public function isAccountNonLocked(): bool`
`210`	`210`	`{`
`211`	`211`	`return $this->accountNonLocked;`
`212`	`212`	`}`
`213`	`213`
`214`	`214`	`/**`
`215`	`215`	`* {@inheritdoc}`
`216`	`216`	`*/`
`217`		`- public function isCredentialsNonExpired()`
	`217`	`+ public function isCredentialsNonExpired(): bool`
`218`	`218`	`{`
`219`	`219`	`return $this->credentialsNonExpired;`
`220`	`220`	`}`
`221`	`221`
`222`	`222`	`/**`
`223`	`223`	`* {@inheritdoc}`
`224`	`224`	`*/`
`225`		`- public function isEnabled()`
	`225`	`+ public function isEnabled(): bool`
`226`	`226`	`{`
`227`	`227`	`return $this->enabled;`
`228`	`228`	`}`
`229`	`229`
`230`	`230`	`/**`
`231`	`231`	`* {@inheritdoc}`
`232`	`232`	`*/`
`233`		`- public function eraseCredentials()`
	`233`	`+ public function eraseCredentials(): void`
`234`	`234`	`{`
`235`	`235`	`}`
`236`	`236`	`}`
Original file line number	Diff line number	Diff line change
`@@ -30,23 +30,23 @@ public function getPassword(): ?string`
`30`	`30`	`return $this->password;`
`31`	`31`	`}`
`32`	`32`
`33`		`- public function getRoles()`
	`33`	`+ public function getRoles(): array`
`34`	`34`	`{`
`35`	`35`	`return $this->roles;`
`36`	`36`	`}`
`37`	`37`
`38`		`- public function eraseCredentials()`
	`38`	`+ public function eraseCredentials(): void`
`39`	`39`	`{`
`40`	`40`	`// Do nothing`
`41`	`41`	`return;`
`42`	`42`	`}`
`43`	`43`
`44`		`- public function getUsername()`
	`44`	`+ public function getUsername(): string`
`45`	`45`	`{`
`46`	`46`	`return $this->username;`
`47`	`47`	`}`
`48`	`48`
`49`		`- public function getUserIdentifier()`
	`49`	`+ public function getUserIdentifier(): string`
`50`	`50`	`{`
`51`	`51`	`return $this->username;`
`52`	`52`	`}`
Original file line number	Diff line number	Diff line change
`@@ -29,6 +29,8 @@ final class AuthenticationEvents`
`29`	`29`	`* authenticated by any of the providers.`
`30`	`30`	`*`
`31`	`31`	`* @Event("Symfony\Component\Security\Core\Event\AuthenticationFailureEvent")`
	`32`	`+ *`
	`33`	`+ * @deprecated since Symfony 5.4, use {@see Event\LoginFailureEvent} instead`
`32`	`34`	`*/`
`33`	`35`	`public const AUTHENTICATION_FAILURE = 'security.authentication.failure';`
`34`	`36`
Original file line number	Diff line number	Diff line change
`@@ -56,25 +56,25 @@ public function loadUserByUsername(string $username)`
`56`	`56`	`return $this->loadUserByIdentifier($username);`
`57`	`57`	`}`
`58`	`58`
`59`		`- public function loadUserByIdentifier(string $userIdentifier): UserInterface`
	`59`	`+ public function loadUserByIdentifier(string $identifier): UserInterface`
`60`	`60`	`{`
`61`	`61`	`foreach ($this->providers as $provider) {`
`62`	`62`	`try {`
`63`	`63`	`// @deprecated since Symfony 5.3, change to $provider->loadUserByIdentifier() in 6.0`
`64`	`64`	`if (!method_exists($provider, 'loadUserByIdentifier')) {`
`65`	`65`	`trigger_deprecation('symfony/security-core', '5.3', 'Not implementing method "loadUserByIdentifier()" in user provider "%s" is deprecated. This method will replace "loadUserByUsername()" in Symfony 6.0.', get_debug_type($provider));`
`66`	`66`
`67`		`- return $provider->loadUserByUsername($userIdentifier);`
	`67`	`+ return $provider->loadUserByUsername($identifier);`
`68`	`68`	`}`
`69`	`69`
`70`		`- return $provider->loadUserByIdentifier($userIdentifier);`
	`70`	`+ return $provider->loadUserByIdentifier($identifier);`
`71`	`71`	`} catch (UserNotFoundException $e) {`
`72`	`72`	`// try next one`
`73`	`73`	`}`
`74`	`74`	`}`
`75`	`75`
`76`		`- $ex = new UserNotFoundException(sprintf('There is no user with identifier "%s".', $userIdentifier));`
`77`		`- $ex->setUserIdentifier($userIdentifier);`
	`76`	`+ $ex = new UserNotFoundException(sprintf('There is no user with identifier "%s".', $identifier));`
	`77`	`+ $ex->setUserIdentifier($identifier);`
`78`	`78`	`throw $ex;`
`79`	`79`	`}`
`80`	`80`
Original file line number	Diff line number	Diff line change
`@@ -121,6 +121,11 @@ public function createAuthenticatedToken(PassportInterface $passport, string $fi`
`121`	`121`	`return $this->guard->createAuthenticatedToken($passport->getUser(), $firewallName);`
`122`	`122`	`}`
`123`	`123`
	`124`	`+ public function createToken(Passport $passport, string $firewallName): TokenInterface`
	`125`	`+ {`
	`126`	`+ return $this->guard->createAuthenticatedToken($passport->getUser(), $firewallName);`
	`127`	`+ }`
	`128`	`+`
`124`	`129`	`public function onAuthenticationSuccess(Request $request, TokenInterface $token, string $firewallName): ?Response`
`125`	`130`	`{`
`126`	`131`	`return $this->guard->onAuthenticationSuccess($request, $token, $firewallName);`
Original file line number	Diff line number	Diff line change
`@@ -113,7 +113,7 @@ public function createAuthenticatedToken(PassportInterface $passport, string $fi`
`113`	`113`
`114`	`114`	`public function createToken(Passport $passport, string $firewallName): TokenInterface`
`115`	`115`	`{`
`116`		`- return new PreAuthenticatedToken($passport->getUser(), null, $firewallName, $passport->getUser()->getRoles());`
	`116`	`+ return new PreAuthenticatedToken($passport->getUser(), $firewallName, $passport->getUser()->getRoles());`
`117`	`117`	`}`
`118`	`118`
`119`	`119`	`public function onAuthenticationSuccess(Request $request, TokenInterface $token, string $firewallName): ?Response`
Original file line number	Diff line number	Diff line change
`@@ -95,7 +95,7 @@ public function createAuthenticatedToken(PassportInterface $passport, string $fi`
`95`	`95`
`96`	`96`	`public function createToken(Passport $passport, string $firewallName): TokenInterface`
`97`	`97`	`{`
`98`		`- return new UsernamePasswordToken($passport->getUser(), null, $firewallName, $passport->getUser()->getRoles());`
	`98`	`+ return new UsernamePasswordToken($passport->getUser(), $firewallName, $passport->getUser()->getRoles());`
`99`	`99`	`}`
`100`	`100`
`101`	`101`	`public function onAuthenticationSuccess(Request $request, TokenInterface $token, string $firewallName): ?Response`
Original file line number	Diff line number	Diff line change
`@@ -74,7 +74,7 @@ public function checkPassport(CheckPassportEvent $event): void`
`74`	`74`	`throw new BadCredentialsException('The presented password is invalid.');`
`75`	`75`	`}`
`76`	`76`
`77`		`- $salt = $user->getSalt();`
	`77`	`+ $salt = method_exists($user, 'getSalt') ? $user->getSalt() : '';`
`78`	`78`	`if ($salt && !$user instanceof LegacyPasswordAuthenticatedUserInterface) {`
`79`	`79`	`trigger_deprecation('symfony/security-http', '5.3', 'Returning a string from "getSalt()" without implementing the "%s" interface is deprecated, the "%s" class should implement it.', LegacyPasswordAuthenticatedUserInterface::class, get_debug_type($user));`
`80`	`80`	`}`