symfony
diff --git a/‎src/Symfony/Component/Security/Core/Authentication/Token/AbstractToken.php
Lines changed: 1 addition & 1 deletion b/‎src/Symfony/Component/Security/Core/Authentication/Token/AbstractToken.php
Lines changed: 1 addition & 1 deletion
diff --git a/‎src/Symfony/Component/Security/Core/Tests/Authentication/Provider/UserAuthenticationProviderTest.php
Lines changed: 1 addition & 1 deletion b/‎src/Symfony/Component/Security/Core/Tests/Authentication/Provider/UserAuthenticationProviderTest.php
Lines changed: 1 addition & 1 deletion
diff --git a/‎src/Symfony/Component/Security/Core/Tests/Authentication/Token/AbstractTokenTest.php
Lines changed: 14 additions & 0 deletions b/‎src/Symfony/Component/Security/Core/Tests/Authentication/Token/AbstractTokenTest.php
Lines changed: 14 additions & 0 deletions
diff --git a/‎src/Symfony/Component/Security/Core/Tests/Authentication/Token/AnonymousTokenTest.php
Lines changed: 31 additions & 0 deletions b/‎src/Symfony/Component/Security/Core/Tests/Authentication/Token/AnonymousTokenTest.php
Lines changed: 31 additions & 0 deletions
diff --git a/‎src/Symfony/Component/Security/Core/Tests/Authentication/Token/PreAuthenticatedTokenTest.php
Lines changed: 31 additions & 0 deletions b/‎src/Symfony/Component/Security/Core/Tests/Authentication/Token/PreAuthenticatedTokenTest.php
Lines changed: 31 additions & 0 deletions
diff --git a/‎src/Symfony/Component/Security/Core/Tests/Authentication/Token/RememberMeTokenTest.php
Lines changed: 31 additions & 0 deletions b/‎src/Symfony/Component/Security/Core/Tests/Authentication/Token/RememberMeTokenTest.php
Lines changed: 31 additions & 0 deletions
diff --git a/‎src/Symfony/Component/Security/Core/Tests/Authentication/Token/UsernamePasswordTokenTest.php
Lines changed: 31 additions & 0 deletions b/‎src/Symfony/Component/Security/Core/Tests/Authentication/Token/UsernamePasswordTokenTest.php
Lines changed: 31 additions & 0 deletions
@@ -46,7 +46,7 @@ public function __construct(array $roles = array())
                 throw new \InvalidArgumentException(sprintf('$roles must be an array of strings, or RoleInterface instances, but got %s.', gettype($role)));
             }
 
-            $this->roles[] = $role;
+            $this->roles[] = clone $role;
         }
     }
 
 
@@ -220,7 +220,7 @@ public function testAuthenticateWithPreservingRoleSwitchUserRole()
         $this->assertInstanceOf('Symfony\Component\Security\Core\Authentication\Token\UsernamePasswordToken', $authToken);
         $this->assertSame($user, $authToken->getUser());
         $this->assertContains(new Role('ROLE_FOO'), $authToken->getRoles(), '', false, false);
-        $this->assertContains($switchUserRole, $authToken->getRoles());
+        $this->assertContains($switchUserRole, $authToken->getRoles(), '', false, false);
         $this->assertEquals('foo', $authToken->getCredentials());
         $this->assertEquals(array('foo' => 'bar'), $authToken->getAttributes(), '->authenticate() copies token attributes');
     }
 
@@ -14,6 +14,7 @@
 use Symfony\Component\Security\Core\Authentication\Token\AbstractToken;
 use Symfony\Component\Security\Core\Role\Role;
 use Symfony\Component\Security\Core\Role\SwitchUserRole;
+use Symfony\Component\Security\Core\User\User;
 
 class TestUser
 {
@@ -96,6 +97,19 @@ public function testSerialize()
         $this->assertEquals($token->getAttributes(), $uToken->getAttributes());
     }
 
+    public function testSerializeWithRoleObjects()
+    {
+        $user = new User('name', 'password', array(new Role('ROLE_FOO')));
+        $token = new ConcreteToken($user, $user->getRoles());
+
+        $serialized = serialize($token);
+        $unserialized = unserialize($serialized);
+
+        $roles = $unserialized->getRoles();
+
+        $this->assertEquals($roles, $user->getRoles());
+    }
+
     public function testSerializeParent()
     {
         $user = new TestUser('fabien');
 
@@ -13,6 +13,7 @@
 
 use Symfony\Component\Security\Core\Authentication\Token\AnonymousToken;
 use Symfony\Component\Security\Core\Role\Role;
+use Symfony\Component\Security\Core\User\User;
 
 class AnonymousTokenTest extends \PHPUnit_Framework_TestCase
 {
@@ -42,4 +43,34 @@ public function testGetUser()
         $token = new AnonymousToken('foo', 'bar');
         $this->assertEquals('bar', $token->getUser());
     }
+
+    public function testSerialize()
+    {
+        $user = new User('name', 'password', array('ROLE_FOO'));
+        $token = new AnonymousToken('secret', $user, $user->getRoles());
+
+        $serialized = serialize($token);
+        $unserialized = unserialize($serialized);
+
+        $roles = $unserialized->getRoles();
+
+        $this->assertCount(1, $roles);
+
+        $role = $roles[0];
+        $this->assertInstanceOf('Symfony\Component\Security\Core\Role\RoleInterface', $role);
+        $this->assertEquals('ROLE_FOO', $role->getRole());
+    }
+
+    public function testSerializeWithRoleObjects()
+    {
+        $user = new User('name', 'password', array(new Role('ROLE_FOO')));
+        $token = new AnonymousToken('secret', $user, $user->getRoles());
+
+        $serialized = serialize($token);
+        $unserialized = unserialize($serialized);
+
+        $roles = $unserialized->getRoles();
+
+        $this->assertEquals($user->getRoles(), $roles);
+    }
 }
@@ -13,6 +13,7 @@
 
 use Symfony\Component\Security\Core\Authentication\Token\PreAuthenticatedToken;
 use Symfony\Component\Security\Core\Role\Role;
+use Symfony\Component\Security\Core\User\User;
 
 class PreAuthenticatedTokenTest extends \PHPUnit_Framework_TestCase
 {
@@ -45,4 +46,34 @@ public function testEraseCredentials()
         $token->eraseCredentials();
         $this->assertEquals('', $token->getCredentials());
     }
+
+    public function testSerialize()
+    {
+        $user = new User('name', 'password', array('ROLE_FOO'));
+        $token = new PreAuthenticatedToken($user, 'password', 'providerKey', $user->getRoles());
+
+        $serialized = serialize($token);
+        $unserialized = unserialize($serialized);
+
+        $roles = $unserialized->getRoles();
+
+        $this->assertCount(1, $roles);
+
+        $role = $roles[0];
+        $this->assertInstanceOf('Symfony\Component\Security\Core\Role\RoleInterface', $role);
+        $this->assertEquals('ROLE_FOO', $role->getRole());
+    }
+
+    public function testSerializeWithRoleObjects()
+    {
+        $user = new User('name', 'password', array(new Role('ROLE_FOO')));
+        $token = new PreAuthenticatedToken($user, 'password', 'providerKey', $user->getRoles());
+
+        $serialized = serialize($token);
+        $unserialized = unserialize($serialized);
+
+        $roles = $unserialized->getRoles();
+
+        $this->assertEquals($user->getRoles(), $roles);
+    }
 }
@@ -13,6 +13,7 @@
 
 use Symfony\Component\Security\Core\Authentication\Token\RememberMeToken;
 use Symfony\Component\Security\Core\Role\Role;
+use Symfony\Component\Security\Core\User\User;
 
 class RememberMeTokenTest extends \PHPUnit_Framework_TestCase
 {
@@ -52,6 +53,36 @@ public function testConstructorKeyCannotBeEmptyString()
         );
     }
 
+    public function testSerialize()
+    {
+        $user = new User('name', 'password', array('ROLE_FOO'));
+        $token = new RememberMeToken($user, 'password', 'providerKey');
+
+        $serialized = serialize($token);
+        $unserialized = unserialize($serialized);
+
+        $roles = $unserialized->getRoles();
+
+        $this->assertCount(1, $roles);
+
+        $role = $roles[0];
+        $this->assertInstanceOf('Symfony\Component\Security\Core\Role\RoleInterface', $role);
+        $this->assertEquals('ROLE_FOO', $role->getRole());
+    }
+
+    public function testSerializeWithRoleObjects()
+    {
+        $user = new User('name', 'password', array(new Role('ROLE_FOO')));
+        $token = new RememberMeToken($user, 'password', 'providerKey');
+
+        $serialized = serialize($token);
+        $unserialized = unserialize($serialized);
+
+        $roles = $unserialized->getRoles();
+
+        $this->assertEquals($user->getRoles(), $roles);
+    }
+
     protected function getUser($roles = array('ROLE_FOO'))
     {
         $user = $this->getMock('Symfony\Component\Security\Core\User\UserInterface');
 
@@ -13,6 +13,7 @@
 
 use Symfony\Component\Security\Core\Authentication\Token\UsernamePasswordToken;
 use Symfony\Component\Security\Core\Role\Role;
+use Symfony\Component\Security\Core\User\User;
 
 class UsernamePasswordTokenTest extends \PHPUnit_Framework_TestCase
 {
@@ -50,6 +51,36 @@ public function testEraseCredentials()
         $this->assertEquals('', $token->getCredentials());
     }
 
+    public function testSerialize()
+    {
+        $user = new User('name', 'password', array('ROLE_FOO'));
+        $token = new UsernamePasswordToken($user, 'password', 'providerKey', $user->getRoles());
+
+        $serialized = serialize($token);
+        $unserialized = unserialize($serialized);
+
+        $roles = $unserialized->getRoles();
+
+        $this->assertCount(1, $roles);
+
+        $role = $roles[0];
+        $this->assertInstanceOf('Symfony\Component\Security\Core\Role\RoleInterface', $role);
+        $this->assertEquals('ROLE_FOO', $role->getRole());
+    }
+
+    public function testSerializeWithRoleObjects()
+    {
+        $user = new User('name', 'password', array(new Role('ROLE_FOO')));
+        $token = new UsernamePasswordToken($user, 'password', 'providerKey', $user->getRoles());
+
+        $serialized = serialize($token);
+        $unserialized = unserialize($serialized);
+
+        $roles = $unserialized->getRoles();
+
+        $this->assertEquals($user->getRoles(), $roles);
+    }
+
     public function testToString()
     {
         $token = new UsernamePasswordToken('foo', '', 'foo', array('A', 'B'));
Original file line number	Diff line number	Diff line change
`@@ -46,7 +46,7 @@ public function __construct(array $roles = array())`
`46`	`46`	`throw new \InvalidArgumentException(sprintf('$roles must be an array of strings, or RoleInterface instances, but got %s.', gettype($role)));`
`47`	`47`	`}`
`48`	`48`
`49`		`- $this->roles[] = $role;`
	`49`	`+ $this->roles[] = clone $role;`
`50`	`50`	`}`
`51`	`51`	`}`
`52`	`52`
Original file line number	Diff line number	Diff line change
`@@ -220,7 +220,7 @@ public function testAuthenticateWithPreservingRoleSwitchUserRole()`
`220`	`220`	`$this->assertInstanceOf('Symfony\Component\Security\Core\Authentication\Token\UsernamePasswordToken', $authToken);`
`221`	`221`	`$this->assertSame($user, $authToken->getUser());`
`222`	`222`	`$this->assertContains(new Role('ROLE_FOO'), $authToken->getRoles(), '', false, false);`
`223`		`- $this->assertContains($switchUserRole, $authToken->getRoles());`
	`223`	`+ $this->assertContains($switchUserRole, $authToken->getRoles(), '', false, false);`
`224`	`224`	`$this->assertEquals('foo', $authToken->getCredentials());`
`225`	`225`	`$this->assertEquals(array('foo' => 'bar'), $authToken->getAttributes(), '->authenticate() copies token attributes');`
`226`	`226`	`}`