symfony
diff --git a/‎src/Symfony/Bundle/SecurityBundle/Tests/Functional/Bundle/RememberMeBundle/Security/UserChangingUserProvider.php
Copy file name to clipboardExpand all lines: src/Symfony/Bundle/SecurityBundle/Tests/Functional/Bundle/RememberMeBundle/Security/UserChangingUserProvider.php
+2-1Lines changed: 2 additions & 1 deletion b/‎src/Symfony/Bundle/SecurityBundle/Tests/Functional/Bundle/RememberMeBundle/Security/UserChangingUserProvider.php
Copy file name to clipboardExpand all lines: src/Symfony/Bundle/SecurityBundle/Tests/Functional/Bundle/RememberMeBundle/Security/UserChangingUserProvider.php
+2-1Lines changed: 2 additions & 1 deletion
diff --git a/‎src/Symfony/Component/PasswordHasher/Hasher/UserPasswordHasher.php
Copy file name to clipboardExpand all lines: src/Symfony/Component/PasswordHasher/Hasher/UserPasswordHasher.php
+1-1Lines changed: 1 addition & 1 deletion b/‎src/Symfony/Component/PasswordHasher/Hasher/UserPasswordHasher.php
Copy file name to clipboardExpand all lines: src/Symfony/Component/PasswordHasher/Hasher/UserPasswordHasher.php
+1-1Lines changed: 1 addition & 1 deletion
diff --git a/‎src/Symfony/Component/PasswordHasher/Tests/Hasher/UserPasswordHasherTest.php
Copy file name to clipboardExpand all lines: src/Symfony/Component/PasswordHasher/Tests/Hasher/UserPasswordHasherTest.php
+1-1Lines changed: 1 addition & 1 deletion b/‎src/Symfony/Component/PasswordHasher/Tests/Hasher/UserPasswordHasherTest.php
Copy file name to clipboardExpand all lines: src/Symfony/Component/PasswordHasher/Tests/Hasher/UserPasswordHasherTest.php
+1-1Lines changed: 1 addition & 1 deletion
diff --git a/‎src/Symfony/Component/Security/Http/Firewall/AccessListener.php
Copy file name to clipboardExpand all lines: src/Symfony/Component/Security/Http/Firewall/AccessListener.php
+7-1Lines changed: 7 additions & 1 deletion b/‎src/Symfony/Component/Security/Http/Firewall/AccessListener.php
Copy file name to clipboardExpand all lines: src/Symfony/Component/Security/Http/Firewall/AccessListener.php
+7-1Lines changed: 7 additions & 1 deletion
diff --git a/‎src/Symfony/Component/Security/Http/Tests/Firewall/AccessListenerTest.php
Copy file name to clipboardExpand all lines: src/Symfony/Component/Security/Http/Tests/Firewall/AccessListenerTest.php
+37Lines changed: 37 additions & 0 deletions b/‎src/Symfony/Component/Security/Http/Tests/Firewall/AccessListenerTest.php
Copy file name to clipboardExpand all lines: src/Symfony/Component/Security/Http/Tests/Firewall/AccessListenerTest.php
+37Lines changed: 37 additions & 0 deletions
@@ -11,6 +11,7 @@
 
 namespace Symfony\Bundle\SecurityBundle\Tests\Functional\Bundle\RememberMeBundle\Security;
 
+use Symfony\Component\Security\Core\User\InMemoryUser;
 use Symfony\Component\Security\Core\User\InMemoryUserProvider;
 use Symfony\Component\Security\Core\User\User;
 use Symfony\Component\Security\Core\User\UserInterface;
@@ -39,7 +40,7 @@ public function refreshUser(UserInterface $user)
     {
         $user = $this->inner->refreshUser($user);
 
-        $alterUser = \Closure::bind(function (User $user) { $user->password = 'foo'; }, null, User::class);
+        $alterUser = \Closure::bind(function (InMemoryUser $user) { $user->password = 'foo'; }, null, class_exists(User::class) ? User::class : InMemoryUser::class);
         $alterUser($user);
 
         return $user;
 
@@ -50,7 +50,7 @@ public function hashPassword($user, string $plainPassword): string
         } elseif ($user instanceof UserInterface) {
             $salt = $user->getSalt();
 
-            if (null !== $salt) {
+            if ($salt) {
                 trigger_deprecation('symfony/password-hasher', '5.3', 'Returning a string from "getSalt()" without implementing the "%s" interface is deprecated, the "%s" class should implement it.', LegacyPasswordAuthenticatedUserInterface::class, get_debug_type($user));
             }
         }
 
@@ -158,7 +158,7 @@ public function testNeedsRehash()
 
         $passwordHasher = new UserPasswordHasher($mockPasswordHasherFactory);
 
-        \Closure::bind(function () use ($passwordHasher) { $this->password = $passwordHasher->hashPassword($this, 'foo', 'salt'); }, $user, User::class)();
+        \Closure::bind(function () use ($passwordHasher) { $this->password = $passwordHasher->hashPassword($this, 'foo', 'salt'); }, $user, class_exists(User::class) ? User::class : InMemoryUser::class)();
         $this->assertFalse($passwordHasher->needsRehash($user));
         $this->assertTrue($passwordHasher->needsRehash($user));
         $this->assertFalse($passwordHasher->needsRehash($user));
 
@@ -75,7 +75,13 @@ public function authenticate(RequestEvent $event)
         $attributes = $request->attributes->get('_access_control_attributes');
         $request->attributes->remove('_access_control_attributes');
 
-        if (!$attributes || ([AuthenticatedVoter::IS_AUTHENTICATED_ANONYMOUSLY] === $attributes && $event instanceof LazyResponseEvent)) {
+        if (
+            !$attributes
+            || (
+                ([AuthenticatedVoter::IS_AUTHENTICATED_ANONYMOUSLY] === $attributes || [AuthenticatedVoter::PUBLIC_ACCESS] === $attributes)
+                && $event instanceof LazyResponseEvent
+            )
+        ) {
             return;
         }
 
 
@@ -360,4 +360,41 @@ public function testHandleMWithultipleAttributesShouldBeHandledAsAnd()
 
         $listener(new RequestEvent($this->createMock(HttpKernelInterface::class), $request, HttpKernelInterface::MAIN_REQUEST));
     }
+
+    public function testLazyPublicPagesShouldNotAccessTokenStorage()
+    {
+        $tokenStorage = $this->createMock(TokenStorageInterface::class);
+        $tokenStorage->expects($this->never())->method('getToken');
+
+        $request = new Request();
+        $accessMap = $this->createMock(AccessMapInterface::class);
+        $accessMap->expects($this->any())
+            ->method('getPatterns')
+            ->with($this->equalTo($request))
+            ->willReturn([[AuthenticatedVoter::PUBLIC_ACCESS], null])
+        ;
+
+        $listener = new AccessListener($tokenStorage, $this->createMock(AccessDecisionManagerInterface::class), $accessMap, $this->createMock(AuthenticationManagerInterface::class), false);
+        $listener(new LazyResponseEvent(new RequestEvent($this->createMock(HttpKernelInterface::class), $request, HttpKernelInterface::MAIN_REQUEST)));
+    }
+
+    /**
+     * @group legacy
+     */
+    public function testLegacyLazyPublicPagesShouldNotAccessTokenStorage()
+    {
+        $tokenStorage = $this->createMock(TokenStorageInterface::class);
+        $tokenStorage->expects($this->never())->method('getToken');
+
+        $request = new Request();
+        $accessMap = $this->createMock(AccessMapInterface::class);
+        $accessMap->expects($this->any())
+            ->method('getPatterns')
+            ->with($this->equalTo($request))
+            ->willReturn([[AuthenticatedVoter::IS_AUTHENTICATED_ANONYMOUSLY], null])
+        ;
+
+        $listener = new AccessListener($tokenStorage, $this->createMock(AccessDecisionManagerInterface::class), $accessMap, $this->createMock(AuthenticationManagerInterface::class), false);
+        $listener(new LazyResponseEvent(new RequestEvent($this->createMock(HttpKernelInterface::class), $request, HttpKernelInterface::MAIN_REQUEST)));
+    }
 }
Original file line number	Diff line number	Diff line change
`@@ -50,7 +50,7 @@ public function hashPassword($user, string $plainPassword): string`
`50`	`50`	`} elseif ($user instanceof UserInterface) {`
`51`	`51`	`$salt = $user->getSalt();`
`52`	`52`
`53`		`- if (null !== $salt) {`
	`53`	`+ if ($salt) {`
`54`	`54`	`trigger_deprecation('symfony/password-hasher', '5.3', 'Returning a string from "getSalt()" without implementing the "%s" interface is deprecated, the "%s" class should implement it.', LegacyPasswordAuthenticatedUserInterface::class, get_debug_type($user));`
`55`	`55`	`}`
`56`	`56`	`}`