[Security] fix check for empty usernames

xabbuh · xabbuh · commit d288f518baeb · 2015-07-22T08:52:48.000+02:00
diff --git a/Authentication/Provider/UserAuthenticationProvider.php b/Authentication/Provider/UserAuthenticationProvider.php
@@ -62,7 +62,7 @@ public function authenticate(TokenInterface $token)
         }
 
         $username = $token->getUsername();
-        if (empty($username)) {
+        if ('' === $username || null === $username) {
             $username = 'NONE_PROVIDED';
         }
 
diff --git a/Authentication/RememberMe/PersistentToken.php b/Authentication/RememberMe/PersistentToken.php
@@ -40,7 +40,7 @@ public function __construct($class, $username, $series, $tokenValue, \DateTime $
         if (empty($class)) {
             throw new \InvalidArgumentException('$class must not be empty.');
         }
-        if (empty($username)) {
+        if ('' === $username || null === $username) {
             throw new \InvalidArgumentException('$username must not be empty.');
         }
         if (empty($series)) {
diff --git a/User/User.php b/User/User.php
@@ -30,7 +30,7 @@ final class User implements AdvancedUserInterface
 
     public function __construct($username, $password, array $roles = array(), $enabled = true, $userNonExpired = true, $credentialsNonExpired = true, $userNonLocked = true)
     {
-        if (empty($username)) {
+        if ('' === $username || null === $username) {
             throw new \InvalidArgumentException('The username cannot be empty.');
         }
 

Original file line number	Diff line number	Diff line change
`@@ -62,7 +62,7 @@ public function authenticate(TokenInterface $token)`
`62`	`62`	`}`
`63`	`63`
`64`	`64`	`$username = $token->getUsername();`
`65`		`- if (empty($username)) {`
	`65`	`+ if ('' === $username \|\| null === $username) {`
`66`	`66`	`$username = 'NONE_PROVIDED';`
`67`	`67`	`}`
`68`	`68`
Original file line number	Diff line number	Diff line change
`@@ -40,7 +40,7 @@ public function __construct($class, $username, $series, $tokenValue, \DateTime $`
`40`	`40`	`if (empty($class)) {`
`41`	`41`	`throw new \InvalidArgumentException('$class must not be empty.');`
`42`	`42`	`}`
`43`		`- if (empty($username)) {`
	`43`	`+ if ('' === $username \|\| null === $username) {`
`44`	`44`	`throw new \InvalidArgumentException('$username must not be empty.');`
`45`	`45`	`}`
`46`	`46`	`if (empty($series)) {`
Original file line number	Diff line number	Diff line change
`@@ -30,7 +30,7 @@ final class User implements AdvancedUserInterface`
`30`	`30`
`31`	`31`	`public function __construct($username, $password, array $roles = array(), $enabled = true, $userNonExpired = true, $credentialsNonExpired = true, $userNonLocked = true)`
`32`	`32`	`{`
`33`		`- if (empty($username)) {`
	`33`	`+ if ('' === $username \|\| null === $username) {`
`34`	`34`	`throw new \InvalidArgumentException('The username cannot be empty.');`
`35`	`35`	`}`
`36`	`36`