[Security] Delete old session on auth strategy migrate

2 files changed, 2 insertions, 2 deletions

diff --git a/Http/Session/SessionAuthenticationStrategy.php b/Http/Session/SessionAuthenticationStrategy.php
index 0e688c7..dd258a0 100644
--- a/Http/Session/SessionAuthenticationStrategy.php
+++ b/Http/Session/SessionAuthenticationStrategy.php
@@ -47,7 +47,7 @@ class SessionAuthenticationStrategy implements SessionAuthenticationStrategyInte
                 return;
 
             case self::MIGRATE:
-                $request->getSession()->migrate();
+                $request->getSession()->migrate(true);
 
                 return;
 
diff --git a/Tests/Http/Session/SessionAuthenticationStrategyTest.php b/Tests/Http/Session/SessionAuthenticationStrategyTest.php
index 43c52b5..431a002 100644
--- a/Tests/Http/Session/SessionAuthenticationStrategyTest.php
+++ b/Tests/Http/Session/SessionAuthenticationStrategyTest.php
@@ -47,7 +47,7 @@ class SessionAuthenticationStrategyTest extends \PHPUnit_Framework_TestCase
     public function testSessionIsMigrated()
     {
         $session = $this->getMock('Symfony\Component\HttpFoundation\Session\SessionInterface');
-        $session->expects($this->once())->method('migrate');
+        $session->expects($this->once())->method('migrate')->with($this->equalTo(true));
 
         $strategy = new SessionAuthenticationStrategy(SessionAuthenticationStrategy::MIGRATE);
         $strategy->onAuthentication($this->getRequest($session), $this->getToken());