[Security] fixed a Token serialization bug

4 files changed, 12 insertions, 23 deletions

diff --git a/Core/Authentication/Token/PreAuthenticatedToken.php b/Core/Authentication/Token/PreAuthenticatedToken.php
index c84ea10..8efa508 100644
--- a/Core/Authentication/Token/PreAuthenticatedToken.php
+++ b/Core/Authentication/Token/PreAuthenticatedToken.php
@@ -18,8 +18,6 @@ namespace Symfony\Component\Security\Core\Authentication\Token;
  */
 class PreAuthenticatedToken extends Token
 {
-    protected $providerKey;
-
     /**
      * Constructor.
      */
@@ -35,11 +33,6 @@ class PreAuthenticatedToken extends Token
         $this->providerKey = $providerKey;
     }
 
-    public function getProviderKey()
-    {
-        return $this->providerKey;
-    }
-
     /**
      * {@inheritdoc}
      */
diff --git a/Core/Authentication/Token/RememberMeToken.php b/Core/Authentication/Token/RememberMeToken.php
index 81bf1e0..8ec3063 100644
--- a/Core/Authentication/Token/RememberMeToken.php
+++ b/Core/Authentication/Token/RememberMeToken.php
@@ -22,7 +22,6 @@ use Symfony\Component\Security\Core\User\AccountInterface;
 class RememberMeToken extends Token
 {
     protected $key;
-    protected $providerKey;
 
     /**
      * The persistent token which resulted in this authentication token.
@@ -53,11 +52,6 @@ class RememberMeToken extends Token
         $this->setAuthenticated(true);
     }
 
-    public function getProviderKey()
-    {
-        return $this->providerKey;
-    }
-
     public function getKey()
     {
         return $this->key;
diff --git a/Core/Authentication/Token/Token.php b/Core/Authentication/Token/Token.php
index d41bab5..e4e5d55 100644
--- a/Core/Authentication/Token/Token.php
+++ b/Core/Authentication/Token/Token.php
@@ -28,6 +28,7 @@ abstract class Token implements TokenInterface
     protected $user;
     protected $credentials;
     protected $immutable;
+    protected $providerKey;
 
     /**
      * Constructor.
@@ -184,9 +185,17 @@ abstract class Token implements TokenInterface
     /**
      * {@inheritdoc}
      */
+    public function getProviderKey()
+    {
+        return $this->providerKey;
+    }
+
+    /**
+     * {@inheritdoc}
+     */
     public function serialize()
     {
-        return serialize(array($this->user, $this->credentials, $this->authenticated, $this->roles, $this->immutable));
+        return serialize(array($this->user, $this->credentials, $this->authenticated, $this->roles, $this->immutable, $this->providerKey));
     }
 
     /**
@@ -194,6 +203,6 @@ abstract class Token implements TokenInterface
      */
     public function unserialize($serialized)
     {
-        list($this->user, $this->credentials, $this->authenticated, $this->roles, $this->immutable) = unserialize($serialized);
+        list($this->user, $this->credentials, $this->authenticated, $this->roles, $this->immutable, $this->providerKey) = unserialize($serialized);
     }
 }
diff --git a/Core/Authentication/Token/UsernamePasswordToken.php b/Core/Authentication/Token/UsernamePasswordToken.php
index a61acd4..37f0975 100644
--- a/Core/Authentication/Token/UsernamePasswordToken.php
+++ b/Core/Authentication/Token/UsernamePasswordToken.php
@@ -18,11 +18,9 @@ namespace Symfony\Component\Security\Core\Authentication\Token;
  */
 class UsernamePasswordToken extends Token
 {
-    protected $providerKey;
-
     /**
      * Constructor.
-     * 
+     *
      * @param string $user The username (like a nickname, email address, etc.)
      * @param string $credentials This usually is the password of the user
      */
@@ -37,11 +35,6 @@ class UsernamePasswordToken extends Token
         parent::setAuthenticated((Boolean) count($roles));
     }
 
-    public function getProviderKey()
-    {
-        return $this->providerKey;
-    }
-
     /**
      * {@inheritdoc}
      */