[Security] allowed simple pre-auth to be optional if another auth mechanism already authenticated the user

1 files changed, 5 insertions, 0 deletions

diff --git a/Http/Firewall/SimplePreAuthenticationListener.php b/Http/Firewall/SimplePreAuthenticationListener.php
index 80b35a5..2a6b4d5 100644
--- a/Http/Firewall/SimplePreAuthenticationListener.php
+++ b/Http/Firewall/SimplePreAuthenticationListener.php
@@ -19,6 +19,7 @@ use Symfony\Component\HttpKernel\Event\GetResponseEvent;
 use Symfony\Component\HttpFoundation\Response;
 use Symfony\Component\Security\Core\Authentication\SimplePreAuthenticatorInterface;
 use Symfony\Component\Security\Core\Authentication\Token\TokenInterface;
+use Symfony\Component\Security\Core\Authentication\Token\AnonymousToken;
 use Symfony\Component\Security\Core\Exception\AuthenticationException;
 use Symfony\Component\Security\Http\Authentication\AuthenticationFailureHandlerInterface;
 use Symfony\Component\Security\Http\Authentication\AuthenticationSuccessHandlerInterface;
@@ -71,6 +72,10 @@ class SimplePreAuthenticationListener implements ListenerInterface
             $this->logger->info(sprintf('Attempting simple pre-authorization %s', $this->providerKey));
         }
 
+        if (null !== $this->context->getToken() && !$this->context->getToken() instanceof AnonymousToken) {
+            return;
+        }
+
         try {
             $token = $this->simpleAuthenticator->createToken($request, $this->providerKey);
             $token = $this->authenticationManager->authenticate($token);