From 551f9418a3839da0b8d499f94315e27bacbe3c46 Mon Sep 17 00:00:00 2001
From: Robin Chalas <robin.chalas@gmail.com>
Date: Mon, 6 Jul 2020 12:01:01 +0200
Subject: [PATCH] [Security\Http] Skip remember-me logout on empty token

---
 .../RememberMeLogoutListener.php              |  4 +++
 .../RememberMeLogoutListenerTest.php          | 30 +++++++++++++++++++
 2 files changed, 34 insertions(+)
 create mode 100644 src/Symfony/Component/Security/Http/Tests/EventListener/RememberMeLogoutListenerTest.php

diff --git a/src/Symfony/Component/Security/Http/EventListener/RememberMeLogoutListener.php b/src/Symfony/Component/Security/Http/EventListener/RememberMeLogoutListener.php
index 50c5df6caab69..ad04e54285f26 100644
--- a/src/Symfony/Component/Security/Http/EventListener/RememberMeLogoutListener.php
+++ b/src/Symfony/Component/Security/Http/EventListener/RememberMeLogoutListener.php
@@ -40,6 +40,10 @@ public function onLogout(LogoutEvent $event): void
             return;
         }
 
+        if (!$event->getToken()) {
+            return;
+        }
+
         if (null === $event->getResponse()) {
             throw new LogicException(sprintf('No response was set for this logout action. Make sure the DefaultLogoutListener or another listener has set the response before "%s" is called.', __CLASS__));
         }
diff --git a/src/Symfony/Component/Security/Http/Tests/EventListener/RememberMeLogoutListenerTest.php b/src/Symfony/Component/Security/Http/Tests/EventListener/RememberMeLogoutListenerTest.php
new file mode 100644
index 0000000000000..8818cfceb90e4
--- /dev/null
+++ b/src/Symfony/Component/Security/Http/Tests/EventListener/RememberMeLogoutListenerTest.php
@@ -0,0 +1,30 @@
+<?php
+
+/*
+ * This file is part of the Symfony package.
+ *
+ * (c) Fabien Potencier <fabien@symfony.com>
+ *
+ * For the full copyright and license information, please view the LICENSE
+ * file that was distributed with this source code.
+ */
+
+namespace Symfony\Component\Security\Http\Tests\EventListener;
+
+use PHPUnit\Framework\TestCase;
+use Symfony\Component\HttpFoundation\Request;
+use Symfony\Component\Security\Http\Event\LogoutEvent;
+use Symfony\Component\Security\Http\EventListener\RememberMeLogoutListener;
+use Symfony\Component\Security\Http\RememberMe\AbstractRememberMeServices;
+
+class RememberMeLogoutListenerTest extends TestCase
+{
+    public function testOnLogoutDoesNothingIfNoToken()
+    {
+        $rememberMeServices = $this->createMock(AbstractRememberMeServices::class);
+        $rememberMeServices->expects($this->never())->method('logout');
+
+        $rememberMeLogoutListener = new RememberMeLogoutListener($rememberMeServices);
+        $rememberMeLogoutListener->onLogout(new LogoutEvent(new Request(), null));
+    }
+}