[Security][Http][SwitchUserListener] Ignore all non existent username protection errors

fancyweb · fancyweb · commit c6197141e6c6 · 2020-04-01T11:15:47.000+02:00
diff --git a/Http/Firewall/SwitchUserListener.php b/Http/Firewall/SwitchUserListener.php
@@ -168,7 +168,7 @@ private function attemptSwitchUser(Request $request, string $username): ?TokenIn
 
             try {
                 $this->provider->loadUserByUsername($nonExistentUsername);
-            } catch (AuthenticationException $e) {
+            } catch (\Exception $e) {
             }
         } catch (AuthenticationException $e) {
             $this->provider->loadUserByUsername($currentUsername);

Original file line number	Diff line number	Diff line change
`@@ -168,7 +168,7 @@ private function attemptSwitchUser(Request $request, string $username): ?TokenIn`
`168`	`168`
`169`	`169`	`try {`
`170`	`170`	`$this->provider->loadUserByUsername($nonExistentUsername);`
`171`		`- } catch (AuthenticationException $e) {`
	`171`	`+ } catch (\Exception $e) {`
`172`	`172`	`}`
`173`	`173`	`} catch (AuthenticationException $e) {`
`174`	`174`	`$this->provider->loadUserByUsername($currentUsername);`