symfony
diff --git a/‎src/Symfony/Bundle/SecurityBundle/Resources/config/authenticators.xml
Lines changed: 1 addition & 0 deletions b/‎src/Symfony/Bundle/SecurityBundle/Resources/config/authenticators.xml
Lines changed: 1 addition & 0 deletions
diff --git a/‎src/Symfony/Component/Security/Core/Authentication/Authenticator/AnonymousAuthenticator.php
Lines changed: 6 additions & 2 deletions b/‎src/Symfony/Component/Security/Core/Authentication/Authenticator/AnonymousAuthenticator.php
Lines changed: 6 additions & 2 deletions
diff --git a/‎src/Symfony/Component/Security/Core/Authentication/GuardAuthenticationManager.php
Lines changed: 7 additions & 5 deletions b/‎src/Symfony/Component/Security/Core/Authentication/GuardAuthenticationManager.php
Lines changed: 7 additions & 5 deletions
diff --git a/‎src/Symfony/Component/Security/Guard/Firewall/GuardAuthenticatorListenerTrait.php
Lines changed: 5 additions & 0 deletions b/‎src/Symfony/Component/Security/Guard/Firewall/GuardAuthenticatorListenerTrait.php
Lines changed: 5 additions & 0 deletions
@@ -42,6 +42,7 @@
                  class="Symfony\Component\Security\Core\Authentication\Authenticator\AnonymousAuthenticator"
                  abstract="true">
             <argument /> <!-- secret -->
+            <argument type="service" id="security.token_storage" />
         </service>
     </services>
 </container>
@@ -14,6 +14,7 @@
 use Symfony\Component\HttpFoundation\Request;
 use Symfony\Component\HttpFoundation\Response;
 use Symfony\Component\Security\Core\Authentication\Token\AnonymousToken;
+use Symfony\Component\Security\Core\Authentication\Token\Storage\TokenStorageInterface;
 use Symfony\Component\Security\Core\Authentication\Token\TokenInterface;
 use Symfony\Component\Security\Core\Exception\AuthenticationException;
 use Symfony\Component\Security\Core\User\User;
@@ -25,15 +26,18 @@
 class AnonymousAuthenticator implements AuthenticatorInterface
 {
     private $secret;
+    private $tokenStorage;
 
-    public function __construct(string $secret)
+    public function __construct(string $secret, TokenStorageInterface $tokenStorage)
     {
         $this->secret = $secret;
+        $this->tokenStorage = $tokenStorage;
     }
 
     public function supports(Request $request): ?bool
     {
-        return true;
+        // do not overwrite already stored tokens (i.e. from the session)
+        return null === $this->tokenStorage->getToken();
     }
 
     public function getCredentials(Request $request)
 
@@ -86,12 +86,14 @@ public function authenticate(TokenInterface $token)
             $this->handleFailure($exception, $token);
         }
 
-        if (true === $this->eraseCredentials) {
-            $result->eraseCredentials();
-        }
+        if (null !== $result) {
+            if (true === $this->eraseCredentials) {
+                $result->eraseCredentials();
+            }
 
-        if (null !== $this->eventDispatcher) {
-            $this->eventDispatcher->dispatch(new AuthenticationSuccessEvent($result), AuthenticationEvents::AUTHENTICATION_SUCCESS);
+            if (null !== $this->eventDispatcher) {
+                $this->eventDispatcher->dispatch(new AuthenticationSuccessEvent($result), AuthenticationEvents::AUTHENTICATION_SUCCESS);
+            }
         }
 
         return $result;
 
@@ -150,6 +150,11 @@ private function triggerRememberMe($guardAuthenticator, Request $request, TokenI
             throw new \UnexpectedValueException('Invalid guard authenticator passed to '.__METHOD__.'. Expected AuthenticatorInterface of either Security Core or Security Guard.');
         }
 
+        // @todo implement remember me functionality
+        if (!isset($this->rememberMeServices)) {
+            return;
+        }
+
         if (null === $this->rememberMeServices) {
             if (null !== $this->logger) {
                 $this->logger->debug('Remember me skipped: it is not configured for the firewall.', ['authenticator' => \get_class($guardAuthenticator)]);
Original file line number	Diff line number	Diff line change
`@@ -14,6 +14,7 @@`
`14`	`14`	`use Symfony\Component\HttpFoundation\Request;`
`15`	`15`	`use Symfony\Component\HttpFoundation\Response;`
`16`	`16`	`use Symfony\Component\Security\Core\Authentication\Token\AnonymousToken;`
	`17`	`+use Symfony\Component\Security\Core\Authentication\Token\Storage\TokenStorageInterface;`
`17`	`18`	`use Symfony\Component\Security\Core\Authentication\Token\TokenInterface;`
`18`	`19`	`use Symfony\Component\Security\Core\Exception\AuthenticationException;`
`19`	`20`	`use Symfony\Component\Security\Core\User\User;`
`@@ -25,15 +26,18 @@`
`25`	`26`	`class AnonymousAuthenticator implements AuthenticatorInterface`
`26`	`27`	`{`
`27`	`28`	`private $secret;`
	`29`	`+ private $tokenStorage;`
`28`	`30`
`29`		`- public function __construct(string $secret)`
	`31`	`+ public function __construct(string $secret, TokenStorageInterface $tokenStorage)`
`30`	`32`	`{`
`31`	`33`	`$this->secret = $secret;`
	`34`	`+ $this->tokenStorage = $tokenStorage;`
`32`	`35`	`}`
`33`	`36`
`34`	`37`	`public function supports(Request $request): ?bool`
`35`	`38`	`{`
`36`		`- return true;`
	`39`	`+ // do not overwrite already stored tokens (i.e. from the session)`
	`40`	`+ return null === $this->tokenStorage->getToken();`
`37`	`41`	`}`
`38`	`42`
`39`	`43`	`public function getCredentials(Request $request)`