1 files changed, 18 insertions, 0 deletions

diff --git a/Guard/Tests/Provider/GuardAuthenticationProviderTest.php b/Guard/Tests/Provider/GuardAuthenticationProviderTest.php
index 7df3ecb..99e9b5d 100644
--- a/Guard/Tests/Provider/GuardAuthenticationProviderTest.php
+++ b/Guard/Tests/Provider/GuardAuthenticationProviderTest.php
@@ -11,7 +11,9 @@
 
 namespace Symfony\Component\Security\Guard\Tests\Provider;
 
+use Symfony\Component\Security\Core\Authentication\Token\AnonymousToken;
 use Symfony\Component\Security\Guard\Provider\GuardAuthenticationProvider;
+use Symfony\Component\Security\Guard\Token\PostAuthenticationGuardToken;
 
 /**
  * @author Ryan Weaver <weaverryan@gmail.com>
@@ -75,6 +77,22 @@ class GuardAuthenticationProviderTest extends \PHPUnit_Framework_TestCase
         $this->assertSame($authedToken, $actualAuthedToken);
     }
 
+    public function testGuardWithNoLongerAuthenticatedTriggersLogout()
+    {
+        $providerKey = 'my_firewall_abc';
+
+        // create a token and mark it as NOT authenticated anymore
+        // this mimics what would happen if a user "changed" between request
+        $mockedUser = $this->getMock('Symfony\Component\Security\Core\User\UserInterface');
+        $token = new PostAuthenticationGuardToken($mockedUser, $providerKey, array('ROLE_USER'));
+        $token->setAuthenticated(false);
+
+        $provider = new GuardAuthenticationProvider(array(), $this->userProvider, $providerKey, $this->userChecker);
+        $actualToken = $provider->authenticate($token);
+        // this should return the anonymous user
+        $this->assertEquals(new AnonymousToken($providerKey, 'anon.'), $actualToken);
+    }
+
     protected function setUp()
     {
         $this->userProvider = $this->getMock('Symfony\Component\Security\Core\User\UserProviderInterface');