From 6265d6be7c9000c6268e1b6623aabd9bd108505f Mon Sep 17 00:00:00 2001
From: MatTheCat <math.lechat@gmail.com>
Date: Sat, 7 Oct 2017 10:37:19 +0200
Subject: [PATCH] call logout handlers even if token is null

---
 .../Core/Authentication/Token/DummyToken.php  | 37 +++++++++++++++++++
 .../Security/Http/Firewall/LogoutListener.php | 11 ++++--
 2 files changed, 44 insertions(+), 4 deletions(-)
 create mode 100644 src/Symfony/Component/Security/Core/Authentication/Token/DummyToken.php

diff --git a/src/Symfony/Component/Security/Core/Authentication/Token/DummyToken.php b/src/Symfony/Component/Security/Core/Authentication/Token/DummyToken.php
new file mode 100644
index 0000000000000..9193d6fcc49a4
--- /dev/null
+++ b/src/Symfony/Component/Security/Core/Authentication/Token/DummyToken.php
@@ -0,0 +1,37 @@
+<?php
+
+/*
+ * This file is part of the Symfony package.
+ *
+ * (c) Fabien Potencier <fabien@symfony.com>
+ *
+ * For the full copyright and license information, please view the LICENSE
+ * file that was distributed with this source code.
+ */
+
+namespace Symfony\Component\Security\Core\Authentication\Token;
+
+/**
+ * DummyToken allows fixing #7104 without introducing any BC break.
+ *
+ * @author Mathieu Lechat <math.lechat@gmail.com>
+ *
+ * @internal
+ */
+class DummyToken extends AbstractToken
+{
+    public function __construct()
+    {
+        parent::__construct(array());
+
+        $this->setUser('dummy');
+    }
+
+    /**
+     * {@inheritdoc}
+     */
+    public function getCredentials()
+    {
+        return null;
+    }
+}
diff --git a/src/Symfony/Component/Security/Http/Firewall/LogoutListener.php b/src/Symfony/Component/Security/Http/Firewall/LogoutListener.php
index 5b5ccbff1009d..ed4b7f5a85cec 100644
--- a/src/Symfony/Component/Security/Http/Firewall/LogoutListener.php
+++ b/src/Symfony/Component/Security/Http/Firewall/LogoutListener.php
@@ -16,6 +16,7 @@
 use Symfony\Component\HttpFoundation\Request;
 use Symfony\Component\HttpFoundation\Response;
 use Symfony\Component\HttpKernel\Event\GetResponseEvent;
+use Symfony\Component\Security\Core\Authentication\Token\DummyToken;
 use Symfony\Component\Security\Core\Authentication\Token\Storage\TokenStorageInterface;
 use Symfony\Component\Security\Core\Exception\InvalidArgumentException;
 use Symfony\Component\Security\Core\Exception\LogoutException;
@@ -109,10 +110,12 @@ public function handle(GetResponseEvent $event)
         }
 
         // handle multiple logout attempts gracefully
-        if ($token = $this->tokenStorage->getToken()) {
-            foreach ($this->handlers as $handler) {
-                $handler->logout($request, $response, $token);
-            }
+        $token = $this->tokenStorage->getToken();
+        if (null === $token) {
+            $token = new DummyToken();
+        }
+        foreach ($this->handlers as $handler) {
+            $handler->logout($request, $response, $token);
         }
 
         $this->tokenStorage->setToken(null);