2 files changed, 49 insertions, 2 deletions

diff --git a/Core/Authentication/Token/AbstractToken.php b/Core/Authentication/Token/AbstractToken.php
index 8e008e5..ed6e8de 100644
--- a/Core/Authentication/Token/AbstractToken.php
+++ b/Core/Authentication/Token/AbstractToken.php
@@ -14,6 +14,8 @@ namespace Symfony\Component\Security\Core\Authentication\Token;
 use Symfony\Component\Security\Core\Role\RoleInterface;
 use Symfony\Component\Security\Core\Role\Role;
 use Symfony\Component\Security\Core\User\UserInterface;
+use Symfony\Component\Security\Core\User\AdvancedUserInterface;
+use Symfony\Component\Security\Core\User\EquatableInterface;
 
 /**
  * Base class for Token instances.
@@ -96,7 +98,7 @@ abstract class AbstractToken implements TokenInterface
             if (!$user instanceof UserInterface) {
                 $changed = true;
             } else {
-                $changed = !$this->user->equals($user);
+                $changed = $this->hasUserChanged($user);
             }
         } elseif ($user instanceof UserInterface) {
             $changed = true;
@@ -229,4 +231,49 @@ abstract class AbstractToken implements TokenInterface
 
         return sprintf('%s(user="%s", authenticated=%s, roles="%s")', $class, $this->getUsername(), json_encode($this->authenticated), implode(', ', $roles));
     }
+
+    private function hasUserChanged(UserInterface $user)
+    {
+        if (!($this->user instanceof UserInterface)) {
+            throw new \BadMethodCallException('Method "hasUserChanged" should be called when current user class is instance of "UserInterface".');
+        }
+
+        if ($this->user instanceof EquatableInterface) {
+            return ! (Boolean) $this->user->isEqualTo($user);
+        }
+
+        if ($this->user->getPassword() !== $user->getPassword()) {
+            return true;
+        }
+
+        if ($this->user->getSalt() !== $user->getSalt()) {
+            return true;
+        }
+
+        if ($this->user->getUsername() !== $user->getUsername()) {
+            return true;
+        }
+
+        if ($this->user instanceof AdvancedUserInterface && $user instanceof AdvancedUserInterface) {
+            if ($this->user->isAccountNonExpired() !== $user->isAccountNonExpired()) {
+                return true;
+            }
+
+            if ($this->user->isAccountNonLocked() !== $user->isAccountNonLocked()) {
+                return true;
+            }
+
+            if ($this->user->isCredentialsNonExpired() !== $user->isCredentialsNonExpired()) {
+                return true;
+            }
+
+            if ($this->user->isEnabled() !== $user->isEnabled()) {
+                return true;
+            }
+        } elseif ($this->user instanceof AdvancedUserInterface xor $user instanceof AdvancedUserInterface) {
+            return true;
+        }
+
+        return false;
+    }
 }
diff --git a/Core/Authentication/Token/RememberMeToken.php b/Core/Authentication/Token/RememberMeToken.php
index 7ac9e1c..de50e5c 100644
--- a/Core/Authentication/Token/RememberMeToken.php
+++ b/Core/Authentication/Token/RememberMeToken.php
@@ -52,7 +52,7 @@ class RememberMeToken extends AbstractToken
     public function setAuthenticated($authenticated)
     {
         if ($authenticated) {
-            throw new \RuntimeException('You cannot set this token to authenticated after creation.');
+            throw new \LogicException('You cannot set this token to authenticated after creation.');
         }
 
         parent::setAuthenticated(false);