diff --git a/core/authorize.php b/core/authorize.php
index 6bc2808..a5ba64b 100644
--- a/core/authorize.php
+++ b/core/authorize.php
@@ -58,7 +58,7 @@ function authorize_access_denied_page() {
 function authorize_access_allowed() {
   require_once DRUPAL_ROOT . '/' . settings()->get('session_inc', 'core/includes/session.inc');
   drupal_session_initialize();
-  return settings()->get('allow_authorize_operations', TRUE) && user_access('administer software updates');
+  return settings()->get('allow_authorize_operations', TRUE) && \Drupal::currentUser()->hasPermission('administer software updates');
 }
 
 // *** Real work of the script begins here. ***
diff --git a/core/core.services.yml b/core/core.services.yml
index b850c9e..b6c69f8 100644
--- a/core/core.services.yml
+++ b/core/core.services.yml
@@ -101,7 +101,7 @@ services:
     arguments: ['@config.storage', '@config.storage.schema', '@cache.config']
   cron:
     class: Drupal\Core\Cron
-    arguments: ['@module_handler', '@lock', '@queue', '@state']
+    arguments: ['@module_handler', '@lock', '@queue', '@state', '@current_user']
   database:
     class: Drupal\Core\Database\Connection
     factory_class: Drupal\Core\Database\Database
@@ -382,11 +382,9 @@ services:
       - { name: event_subscriber }
   route_enhancer.authentication:
     class: Drupal\Core\Routing\Enhancer\AuthenticationEnhancer
-    calls:
-      - [setContainer, ['@service_container']]
     tags:
       - { name: route_enhancer, priority: 1000 }
-    arguments: ['@authentication']
+    arguments: ['@authentication', '@current_user']
   route_enhancer.content_controller:
     class: Drupal\Core\Routing\Enhancer\ContentControllerEnhancer
     arguments: ['@content_negotiation']
@@ -453,9 +451,7 @@ services:
     arguments: ['@state']
   csrf_token:
     class: Drupal\Core\Access\CsrfTokenGenerator
-    arguments: ['@private_key']
-    calls:
-      - [setCurrentUser, ['@?current_user']]
+    arguments: ['@private_key', '@current_user']
   access_manager:
     class: Drupal\Core\Access\AccessManager
     arguments: ['@router.route_provider', '@url_generator', '@paramconverter_manager']
@@ -465,8 +461,6 @@ services:
   access_subscriber:
     class: Drupal\Core\EventSubscriber\AccessSubscriber
     arguments: ['@access_manager', '@current_user']
-    calls:
-      - [setCurrentUser, ['@?current_user']]
     tags:
       - { name: event_subscriber }
   access_route_subscriber:
@@ -696,11 +690,10 @@ services:
       - { name: event_subscriber }
     arguments: ['@authentication']
   current_user:
-    class: Drupal\Core\Session\AccountInterface
-    factory_method: authenticate
-    factory_service: authentication
-    arguments: ['@request']
-    synchronized: true
+    class: Drupal\Core\Session\CurrentUserFactory
+    arguments: ['@authentication']
+    calls:
+      - [setRequest, ['@?request=']]
   asset.css.collection_renderer:
     class: Drupal\Core\Asset\CssCollectionRenderer
     arguments: [ '@state' ]
diff --git a/core/includes/install.core.inc b/core/includes/install.core.inc
index 0b25e59..29e642d 100644
--- a/core/includes/install.core.inc
+++ b/core/includes/install.core.inc
@@ -3,6 +3,7 @@
 use Drupal\Component\Utility\UserAgent;
 use Drupal\Component\Utility\Crypt;
 
+use Drupal\Core\Authentication\AuthenticationManager;
 use Drupal\Component\Utility\Settings;
 use Drupal\Core\Config\FileStorage;
 use Drupal\Core\DrupalKernel;
@@ -476,6 +477,12 @@ function install_begin_request(&$install_state) {
     // supported by \Drupal\Core\Config\InstallStorage since loading a
     // non-existing file would throw an exception.
     $container->get('config.factory')->setOverrideState(FALSE);
+
+    $container->set('authentication', new AuthenticationManager());
+
+    $container->register('current_user', 'Drupal\Core\Session\CurrentUserFactory')
+      ->addArgument(new Reference('authentication'))
+      ->addMethodCall('setRequest', array(new Reference('request')));
   }
 
   // Set the request in the kernel to the new created Request above
diff --git a/core/lib/Drupal.php b/core/lib/Drupal.php
index 4106c5b..9cb0d7e 100644
--- a/core/lib/Drupal.php
+++ b/core/lib/Drupal.php
@@ -181,7 +181,7 @@ public static function request() {
    * @return \Drupal\Core\Session\AccountInterface
    */
   public static function currentUser() {
-    return static::$container->get('current_user');
+    return static::$container->get('current_user')->getAccount();
   }
 
   /**
diff --git a/core/lib/Drupal/Core/Access/CsrfTokenGenerator.php b/core/lib/Drupal/Core/Access/CsrfTokenGenerator.php
index f2b015c..7fc7eab 100644
--- a/core/lib/Drupal/Core/Access/CsrfTokenGenerator.php
+++ b/core/lib/Drupal/Core/Access/CsrfTokenGenerator.php
@@ -9,7 +9,7 @@
 
 use Drupal\Component\Utility\Crypt;
 use Drupal\Core\PrivateKey;
-use Drupal\Core\Session\AccountInterface;
+use Drupal\Core\Session\CurrentUserFactoryInterface;
 
 /**
  * Generates and validates CSRF tokens.
@@ -26,9 +26,9 @@ class CsrfTokenGenerator {
   protected $privateKey;
 
   /**
-   * The current user.
+   * The current user factory.
    *
-   * @var \Drupal\Core\Session\AccountInterface
+   * @var \Drupal\Core\Session\CurrentUserFactoryInterface
    */
   protected $currentUser;
 
@@ -37,18 +37,11 @@ class CsrfTokenGenerator {
    *
    * @param \Drupal\Core\PrivateKey $private_key
    *   The private key service.
+   * @param \Drupal\Core\Session\CurrentUserFactoryInterface $current_user
+   *   The current user factory.
    */
-  public function __construct(PrivateKey $private_key) {
+  public function __construct(PrivateKey $private_key, CurrentUserFactoryInterface $current_user) {
     $this->privateKey = $private_key;
-  }
-
-  /**
-   * Sets the current user.
-   *
-   * @param \Drupal\Core\Session\AccountInterface|null $current_user
-   *  The current user service.
-   */
-  public function setCurrentUser(AccountInterface $current_user = NULL) {
     $this->currentUser = $current_user;
   }
 
@@ -84,7 +77,7 @@ public function get($value = '') {
    *   is TRUE, the return value will always be TRUE for anonymous users.
    */
   public function validate($token, $value = '', $skip_anonymous = FALSE) {
-    return ($skip_anonymous && $this->currentUser->isAnonymous()) || ($token === $this->get($value));
+    return ($skip_anonymous && $this->currentUser->getAccount()->isAnonymous()) || ($token === $this->get($value));
   }
 
 }
diff --git a/core/lib/Drupal/Core/Authentication/AuthenticationManager.php b/core/lib/Drupal/Core/Authentication/AuthenticationManager.php
index d3630c4..fbafe5b 100644
--- a/core/lib/Drupal/Core/Authentication/AuthenticationManager.php
+++ b/core/lib/Drupal/Core/Authentication/AuthenticationManager.php
@@ -30,14 +30,14 @@ class AuthenticationManager implements AuthenticationProviderInterface, Authenti
    *
    * @var array
    */
-  protected $providers;
+  protected $providers = array();
 
   /**
    * Array of all providers and their priority.
    *
    * @var array
    */
-  protected $providerOrders;
+  protected $providerOrders = array();
 
   /**
    * Sorted list of registered providers.
@@ -54,6 +54,13 @@ class AuthenticationManager implements AuthenticationProviderInterface, Authenti
   protected $triggeredProviderId = '';
 
   /**
+   * The currently authenticated user account.
+   *
+   * @var \Drupal\Core\Session\UserSession
+   */
+  protected $account;
+
+  /**
    * Adds a provider to the array of registered providers.
    *
    * @param string $provider_id
@@ -83,23 +90,23 @@ public function applies(Request $request) {
    * {@inheritdoc}
    */
   public function authenticate(Request $request) {
-    global $user;
-
-    $account = NULL;
+    if (isset($this->account)) {
+      return $this->account;
+    }
 
-    // Iterate the availlable providers.
+    // Iterate the available providers.
     foreach ($this->getSortedProviders() as $provider_id => $provider) {
       if ($provider->applies($request)) {
         // Try to authenticate with this provider, skipping all others.
-        $account = $provider->authenticate($request);
+        $this->account = $provider->authenticate($request);
         $this->triggeredProviderId = $provider_id;
         break;
       }
     }
 
     // No provider returned a valid account, so set the user to anonymous.
-    if (!$account) {
-      $account = drupal_anonymous_user();
+    if (!$this->account) {
+      $this->account = drupal_anonymous_user();
     }
 
     // No provider was fired, so assume the one with the least priority
@@ -115,9 +122,10 @@ public function authenticate(Request $request) {
     // The global $user object is included for backward compatibility only and
     // should be considered deprecated.
     // @todo Remove this line once global $user is no longer used.
-    $user = $account;
+    global $user;
+    $user = $this->account;
 
-    return $account;
+    return $this->account;
   }
 
   /**
diff --git a/core/lib/Drupal/Core/Controller/ControllerBase.php b/core/lib/Drupal/Core/Controller/ControllerBase.php
index 7eb368a..b3c16ee 100644
--- a/core/lib/Drupal/Core/Controller/ControllerBase.php
+++ b/core/lib/Drupal/Core/Controller/ControllerBase.php
@@ -270,7 +270,7 @@ public function l($text, $route_name, array $parameters = array(), array $option
    */
   protected function currentUser() {
     if (!$this->currentUser) {
-      $this->currentUser = $this->container()->get('current_user');
+      $this->currentUser = $this->container()->get('current_user')->getAccount();
     }
     return $this->currentUser;
   }
diff --git a/core/lib/Drupal/Core/Cron.php b/core/lib/Drupal/Core/Cron.php
index 1fe9727..d2f60fd 100644
--- a/core/lib/Drupal/Core/Cron.php
+++ b/core/lib/Drupal/Core/Cron.php
@@ -11,6 +11,7 @@
 use Drupal\Core\KeyValueStore\StateInterface;
 use Drupal\Core\Lock\LockBackendInterface;
 use Drupal\Core\Queue\QueueFactory;
+use Drupal\Core\Session\CurrentUserFactoryInterface;
 use Drupal\Core\Session\UserSession;
 
 /**
@@ -47,6 +48,13 @@ class Cron implements CronInterface {
   protected $state;
 
   /**
+   * The current user factory.
+   *
+   * @var \Drupal\Core\Session\CurrentUserFactoryInterface $current_user
+   */
+  protected $currentUser;
+
+  /**
    * Constructs a cron object.
    *
    * @param \Drupal\Core\Extension\ModuleHandlerInterface $module_handler
@@ -57,12 +65,15 @@ class Cron implements CronInterface {
    *   The queue service.
    * @param \Drupal\Core\KeyValueStore\StateInterface $state
    *   The state service.
+   * @param \Drupal\Core\Session\CurrentUserFactoryInterface $current_user
+   *   The current user factory.
    */
-  public function __construct(ModuleHandlerInterface $module_handler, LockBackendInterface $lock, QueueFactory $queue_factory, StateInterface $state) {
+  public function __construct(ModuleHandlerInterface $module_handler, LockBackendInterface $lock, QueueFactory $queue_factory, StateInterface $state, CurrentUserFactoryInterface $current_user) {
     $this->moduleHandler = $module_handler;
     $this->lock = $lock;
     $this->queueFactory = $queue_factory;
     $this->state = $state;
+    $this->currentUser = $current_user;
   }
 
   /**
@@ -78,10 +89,10 @@ public function run() {
 
     // Force the current user to anonymous to ensure consistent permissions on
     // cron runs.
-    // @todo This currently does not work, as it will not affect the current
-    //   user being injected into services.
-    $original_user = $GLOBALS['user'];
-    $GLOBALS['user'] = new UserSession();
+    $original_user = $this->currentUser->getAccount();
+    $anonymous_user = new UserSession();
+    $this->currentUser->setAccount($anonymous_user);
+    $GLOBALS['user'] = $anonymous_user;
 
     // Try to allocate enough time to run all the hook_cron implementations.
     drupal_set_time_limit(240);
@@ -147,8 +158,7 @@ public function run() {
     }
 
     // Restore the user.
-    // @todo This currently does not work, as it will not affect the current
-    //   user being injected into services.
+    $this->currentUser->setAccount($original_user);
     $GLOBALS['user'] = $original_user;
     drupal_save_session($original_session_saving);
 
diff --git a/core/lib/Drupal/Core/EventSubscriber/AccessSubscriber.php b/core/lib/Drupal/Core/EventSubscriber/AccessSubscriber.php
index 0c31999..d217287 100644
--- a/core/lib/Drupal/Core/EventSubscriber/AccessSubscriber.php
+++ b/core/lib/Drupal/Core/EventSubscriber/AccessSubscriber.php
@@ -9,6 +9,7 @@
 
 use Drupal\Core\Access\AccessManager;
 use Drupal\Core\Session\AccountInterface;
+use Drupal\Core\Session\CurrentUserFactoryInterface;
 use Symfony\Cmf\Component\Routing\RouteObjectInterface;
 use Symfony\Component\HttpKernel\KernelEvents;
 use Symfony\Component\HttpKernel\HttpKernelInterface;
@@ -22,9 +23,9 @@
 class AccessSubscriber implements EventSubscriberInterface {
 
   /**
-   * The current user.
+   * The current user factory.
    *
-   * @var \Drupal\Core\Session\AccountInterface
+   * @var \Drupal\Core\Session\CurrentUserFactoryInterface
    */
   protected $currentUser;
 
@@ -41,10 +42,10 @@ class AccessSubscriber implements EventSubscriberInterface {
    * @param \Drupal\Core\Access\AccessManager $access_manager
    *   The access check manager that will be responsible for applying
    *   AccessCheckers against routes.
-   * @param \Drupal\Core\Session\AccountInterface $current_user
-   *   The current user.
+   * @param \Drupal\Core\Session\CurrentUserFactoryInterface $current_user
+   *   The current user factory.
    */
-  public function __construct(AccessManager $access_manager, AccountInterface $current_user) {
+  public function __construct(AccessManager $access_manager, CurrentUserFactoryInterface $current_user) {
     $this->accessManager = $access_manager;
     $this->currentUser = $current_user;
   }
@@ -74,7 +75,7 @@ public function onKernelRequestAccessCheck(GetResponseEvent $event) {
     // Wrap this in a try/catch to ensure the '_controller_request' attribute
     // can always be removed.
     try {
-      $access = $this->accessManager->check($request->attributes->get(RouteObjectInterface::ROUTE_OBJECT), $request, $this->currentUser);
+      $access = $this->accessManager->check($request->attributes->get(RouteObjectInterface::ROUTE_OBJECT), $request, $this->currentUser->getAccount());
     }
     catch (\Exception $e) {
       $request->attributes->remove('_controller_request');
@@ -89,16 +90,6 @@ public function onKernelRequestAccessCheck(GetResponseEvent $event) {
   }
 
   /**
-   * Sets the current user.
-   *
-   * @param \Drupal\Core\Session\AccountInterface|null $current_user
-   *  The current user service.
-   */
-  public function setCurrentUser(AccountInterface $current_user = NULL) {
-    $this->currentUser = $current_user;
-  }
-
-  /**
    * Registers the methods in this class that should be listeners.
    *
    * @return array
diff --git a/core/lib/Drupal/Core/Form/FormBuilder.php b/core/lib/Drupal/Core/Form/FormBuilder.php
index cd82931..b1e3a97 100644
--- a/core/lib/Drupal/Core/Form/FormBuilder.php
+++ b/core/lib/Drupal/Core/Form/FormBuilder.php
@@ -1810,14 +1810,9 @@ protected function drupalStaticReset($name = NULL) {
    */
   protected function currentUser() {
     if (!$this->currentUser) {
-      if (\Drupal::hasService('current_user')) {
-        $this->currentUser = \Drupal::currentUser();
-      }
-      else {
-        global $user;
-        $this->currentUser = $user;
-      }
+      $this->currentUser = \Drupal::currentUser();
     }
+
     return $this->currentUser;
   }
 
diff --git a/core/lib/Drupal/Core/Menu/ContextualLinkManager.php b/core/lib/Drupal/Core/Menu/ContextualLinkManager.php
index 5141f5c..87639a6 100644
--- a/core/lib/Drupal/Core/Menu/ContextualLinkManager.php
+++ b/core/lib/Drupal/Core/Menu/ContextualLinkManager.php
@@ -18,6 +18,7 @@
 use Drupal\Core\Plugin\Discovery\YamlDiscovery;
 use Drupal\Core\Plugin\Factory\ContainerFactory;
 use Drupal\Core\Session\AccountInterface;
+use Drupal\Core\Session\CurrentUserFactoryInterface;
 
 /**
  * Defines a contextual link plugin manager to deal with contextual links.
@@ -63,11 +64,11 @@ class ContextualLinkManager extends DefaultPluginManager implements ContextualLi
   protected $accessManager;
 
   /**
-   * The current user.
+   * The current user factory.
    *
-   * @var \Drupal\Core\Session\AccountInterface
+   * @var \Drupal\Core\Session\CurrentUserFactoryInterface
    */
-  protected $account;
+  protected $currentUser;
 
   /**
    * A static cache of all the contextual link plugins by group name.
@@ -89,17 +90,17 @@ class ContextualLinkManager extends DefaultPluginManager implements ContextualLi
    *   The language manager.
    * @param \Drupal\Core\Access\AccessManager $access_manager
    *   The access manager.
-   * @param \Drupal\Core\Session\AccountInterface $account
-   *   The current user.
+   * @param \Drupal\Core\Session\CurrentUserFactoryInterface $account
+   *   The current user factory.
    */
-  public function __construct(ControllerResolverInterface $controller_resolver, ModuleHandlerInterface $module_handler, CacheBackendInterface $cache_backend, LanguageManager $language_manager, AccessManager $access_manager, AccountInterface $account) {
+  public function __construct(ControllerResolverInterface $controller_resolver, ModuleHandlerInterface $module_handler, CacheBackendInterface $cache_backend, LanguageManager $language_manager, AccessManager $access_manager, CurrentUserFactoryInterface $current_user) {
     $this->discovery = new YamlDiscovery('contextual_links', $module_handler->getModuleDirectories());
     $this->discovery = new ContainerDerivativeDiscoveryDecorator($this->discovery);
     $this->factory = new ContainerFactory($this);
 
     $this->controllerResolver = $controller_resolver;
     $this->accessManager = $access_manager;
-    $this->account = $account;
+    $this->currentUser = $current_user;
     $this->alterInfo($module_handler, 'contextual_links_plugins');
     $this->setCacheBackend($cache_backend, $language_manager, 'contextual_links_plugins');
   }
@@ -155,7 +156,7 @@ public function getContextualLinksArrayByGroup($group_name, array $route_paramet
       $route_name = $plugin->getRouteName();
 
       // Check access.
-      if (!$this->accessManager->checkNamedRoute($route_name, $route_parameters, $this->account)) {
+      if (!$this->accessManager->checkNamedRoute($route_name, $route_parameters, $this->currentUser->getAccount())) {
         continue;
       }
 
diff --git a/core/lib/Drupal/Core/Menu/LocalActionManager.php b/core/lib/Drupal/Core/Menu/LocalActionManager.php
index 32ae80e..6701dca 100644
--- a/core/lib/Drupal/Core/Menu/LocalActionManager.php
+++ b/core/lib/Drupal/Core/Menu/LocalActionManager.php
@@ -18,9 +18,9 @@
 use Drupal\Core\Plugin\Discovery\YamlDiscovery;
 use Drupal\Core\Plugin\Factory\ContainerFactory;
 use Drupal\Core\Routing\RouteProviderInterface;
+use Drupal\Core\Session\CurrentUserFactoryInterface;
 use Symfony\Component\HttpFoundation\Request;
 use Symfony\Component\HttpKernel\Controller\ControllerResolverInterface;
-use Drupal\Core\Session\AccountInterface;
 
 /**
  * Manages discovery and instantiation of menu local action plugins.
@@ -85,11 +85,11 @@ class LocalActionManager extends DefaultPluginManager {
   protected $accessManager;
 
   /**
-   * The current user.
+   * The current user factory.
    *
-   * @var \Drupal\Core\Session\AccountInterface
+   * @var \Drupal\Core\Session\CurrentUserFactoryInterface
    */
-  protected $account;
+  protected $currentUser;
 
 /**
    * The plugin instances.
@@ -116,8 +116,10 @@ class LocalActionManager extends DefaultPluginManager {
    *   The language manager.
    * @param \Drupal\Core\Access\AccessManager $access_manager
    *   The access manager.
+   * @param \Drupal\Core\Session\CurrentUserFactoryInterface $current_user
+   *   The current user factory.
    */
-  public function __construct(ControllerResolverInterface $controller_resolver, Request $request, RouteProviderInterface $route_provider, ModuleHandlerInterface $module_handler, CacheBackendInterface $cache_backend, LanguageManager $language_manager, AccessManager $access_manager, AccountInterface $account) {
+  public function __construct(ControllerResolverInterface $controller_resolver, Request $request, RouteProviderInterface $route_provider, ModuleHandlerInterface $module_handler, CacheBackendInterface $cache_backend, LanguageManager $language_manager, AccessManager $access_manager, CurrentUserFactoryInterface $current_user) {
     // Skip calling the parent constructor, since that assumes annotation-based
     // discovery.
     $this->discovery = new YamlDiscovery('local_actions', $module_handler->getModuleDirectories());
@@ -125,7 +127,7 @@ public function __construct(ControllerResolverInterface $controller_resolver, Re
     $this->factory = new ContainerFactory($this);
     $this->routeProvider = $route_provider;
     $this->accessManager = $access_manager;
-    $this->account = $account;
+    $this->currentUser = $current_user;
     $this->controllerResolver = $controller_resolver;
     $this->request = $request;
     $this->alterInfo($module_handler, 'menu_local_actions');
@@ -190,7 +192,7 @@ public function getActionsForRoute($route_appears) {
           'route_parameters' => $route_parameters,
           'localized_options' => $plugin->getOptions($this->request),
         ),
-        '#access' => $this->accessManager->checkNamedRoute($route_name, $route_parameters, $this->account),
+        '#access' => $this->accessManager->checkNamedRoute($route_name, $route_parameters, $this->currentUser->getAccount()),
         '#weight' => $plugin->getWeight(),
       );
     }
diff --git a/core/lib/Drupal/Core/Menu/LocalTaskManager.php b/core/lib/Drupal/Core/Menu/LocalTaskManager.php
index a436d57..8cb1e9f 100644
--- a/core/lib/Drupal/Core/Menu/LocalTaskManager.php
+++ b/core/lib/Drupal/Core/Menu/LocalTaskManager.php
@@ -19,7 +19,7 @@
 use Drupal\Core\Plugin\Discovery\YamlDiscovery;
 use Drupal\Core\Plugin\Factory\ContainerFactory;
 use Drupal\Core\Routing\RouteProviderInterface;
-use Drupal\Core\Session\AccountInterface;
+use Drupal\Core\Session\CurrentUserFactoryInterface;
 use Symfony\Component\HttpFoundation\Request;
 
 /**
@@ -91,11 +91,11 @@ class LocalTaskManager extends DefaultPluginManager {
   protected $accessManager;
 
   /**
-   * The current user.
+   * The current user factory.
    *
-   * @var \Drupal\Core\Session\AccountInterface
+   * @var \Drupal\Core\Session\CurrentUserFactoryInterface
    */
-  protected $account;
+  protected $currentUser;
 
   /**
    * Constructs a \Drupal\Core\Menu\LocalTaskManager object.
@@ -114,10 +114,10 @@ class LocalTaskManager extends DefaultPluginManager {
    *   The language manager.
    * @param \Drupal\Core\Access\AccessManager $access_manager
    *   The access manager.
-   * @param \Drupal\Core\Session\AccountInterface $account
-   *   The current user.
+   * @param \Drupal\Core\Session\CurrentUserFactoryInterface $current_user
+   *   The current user factory.
    */
-  public function __construct(ControllerResolverInterface $controller_resolver, Request $request, RouteProviderInterface $route_provider, ModuleHandlerInterface $module_handler, CacheBackendInterface $cache, LanguageManager $language_manager, AccessManager $access_manager, AccountInterface $account) {
+  public function __construct(ControllerResolverInterface $controller_resolver, Request $request, RouteProviderInterface $route_provider, ModuleHandlerInterface $module_handler, CacheBackendInterface $cache, LanguageManager $language_manager, AccessManager $access_manager, CurrentUserFactoryInterface $current_user) {
     $this->discovery = new YamlDiscovery('local_tasks', $module_handler->getModuleDirectories());
     $this->discovery = new ContainerDerivativeDiscoveryDecorator($this->discovery);
     $this->factory = new ContainerFactory($this);
@@ -125,7 +125,7 @@ public function __construct(ControllerResolverInterface $controller_resolver, Re
     $this->request = $request;
     $this->routeProvider = $route_provider;
     $this->accessManager = $access_manager;
-    $this->account = $account;
+    $this->currentUser = $current_user;
     $this->alterInfo($module_handler, 'local_tasks');
     $this->setCacheBackend($cache, $language_manager, 'local_task_plugins', array('local_task' => TRUE));
   }
@@ -286,7 +286,7 @@ public function getTasksBuild($current_route_name) {
         $route_parameters = $child->getRouteParameters($this->request);
 
         // Find out whether the user has access to the task.
-        $access = $this->accessManager->checkNamedRoute($route_name, $route_parameters, $this->account);
+        $access = $this->accessManager->checkNamedRoute($route_name, $route_parameters, $this->currentUser->getAccount());
         if ($access) {
           $active = $this->isRouteActive($current_route_name, $route_name, $route_parameters);
 
diff --git a/core/lib/Drupal/Core/Routing/Enhancer/AuthenticationEnhancer.php b/core/lib/Drupal/Core/Routing/Enhancer/AuthenticationEnhancer.php
index 6e577b9..0d8218f 100644
--- a/core/lib/Drupal/Core/Routing/Enhancer/AuthenticationEnhancer.php
+++ b/core/lib/Drupal/Core/Routing/Enhancer/AuthenticationEnhancer.php
@@ -8,8 +8,8 @@
 namespace Drupal\Core\Routing\Enhancer;
 
 use Drupal\Core\Authentication\AuthenticationManagerInterface;
+use Drupal\Core\Session\CurrentUserFactoryInterface;
 use Symfony\Cmf\Component\Routing\Enhancer\RouteEnhancerInterface;
-use Symfony\Component\DependencyInjection\ContainerAware;
 use Symfony\Component\HttpFoundation\Request;
 use Symfony\Cmf\Component\Routing\RouteObjectInterface;
 
@@ -21,7 +21,7 @@
  * all authentication mechanisms. Instead, we check if the used provider is
  * valid for the matched route and if not, force the user to anonymous.
  */
-class AuthenticationEnhancer extends ContainerAware implements RouteEnhancerInterface {
+class AuthenticationEnhancer implements RouteEnhancerInterface {
 
   /**
    * The authentication manager.
@@ -31,13 +31,21 @@ class AuthenticationEnhancer extends ContainerAware implements RouteEnhancerInte
   protected $manager;
 
   /**
+   * The current user factory.
+   *
+   * @var \Drupal\Core\Session\CurrentUserFactoryInterface
+   */
+  protected $currentUser;
+
+  /**
    * Constructs a AuthenticationEnhancer object.
    *
    * @param AuthenticationManagerInterface $manager
    *   The authentication manager.
    */
-  function __construct(AuthenticationManagerInterface $manager) {
+  function __construct(AuthenticationManagerInterface $manager, CurrentUserFactoryInterface $current_user) {
     $this->manager = $manager;
+    $this->currentUser = $current_user;
   }
 
   /**
@@ -54,7 +62,7 @@ public function enhance(array $defaults, Request $request) {
       if (!in_array($auth_provider_triggered, $auth_providers)) {
         $anonymous_user = drupal_anonymous_user();
 
-        $this->container->set('current_user', $anonymous_user, 'request');
+        $this->currentUser->setAccount($anonymous_user);
 
         // The global $user object is included for backward compatibility only
         // and should be considered deprecated.
diff --git a/core/lib/Drupal/Core/Session/CurrentUserFactory.php b/core/lib/Drupal/Core/Session/CurrentUserFactory.php
new file mode 100644
index 0000000..a3f157e
--- /dev/null
+++ b/core/lib/Drupal/Core/Session/CurrentUserFactory.php
@@ -0,0 +1,77 @@
+<?php
+
+/**
+ * @file
+ * Contains \Drupal\Core\Session\CurrentUserFactory.
+ */
+
+namespace Drupal\Core\Session;
+
+use Drupal\Core\Authentication\AuthenticationManagerInterface;
+use Symfony\Component\HttpFoundation\Request;
+
+/**
+ * A factory class to get the currently authenticated user.
+ */
+class CurrentUserFactory implements CurrentUserFactoryInterface {
+
+  /**
+   * The authentication manager.
+   *
+   * @var \Drupal\Core\Authentication\AuthenticationManagerInterface
+   */
+  protected $authManager;
+
+  /**
+   * The current request.
+   *
+   * @var \Symfony\Component\HttpFoundation\Request
+   */
+  protected $request;
+
+  /**
+   * The current user account.
+   *
+   * @var \Drupal\Core\Session\AccountInterface
+   */
+  protected $account;
+
+  /**
+   * Constructs a CurrentUserFactory object.
+   *
+   * @param \Drupal\Core\Authentication\AuthenticationManagerInterface $auth_manager
+   *   The authentication manager.
+   */
+  public function __construct(AuthenticationManagerInterface $auth_manager) {
+    $this->authManager = $auth_manager;
+  }
+
+  /**
+   * Sets the current request.
+   *
+   * @param \Symfony\Component\HttpFoundation\Request $request
+   *   The current request.
+   */
+  public function setRequest(Request $request) {
+    $this->request = $request;
+  }
+
+  /**
+   * {@inheritdoc}
+   */
+  public function getAccount() {
+    if (empty($this->account)) {
+      $this->setAccount($this->authManager->authenticate($this->request));
+    }
+
+    return $this->account;
+  }
+
+  /**
+   * {@inheritdoc}
+   */
+  public function setAccount(AccountInterface $account) {
+    $this->account = $account;
+  }
+
+}
diff --git a/core/lib/Drupal/Core/Session/CurrentUserFactoryInterface.php b/core/lib/Drupal/Core/Session/CurrentUserFactoryInterface.php
new file mode 100644
index 0000000..815d899
--- /dev/null
+++ b/core/lib/Drupal/Core/Session/CurrentUserFactoryInterface.php
@@ -0,0 +1,33 @@
+<?php
+
+/**
+ * @file
+ * Contains \Drupal\Core\Session\CurrentUserFactoryInterface.
+ */
+
+namespace Drupal\Core\Session;
+
+use Drupal\Core\Session\AccountInterface;
+
+/**
+ * Interface CurrentUserFactoryInterface.
+ */
+interface CurrentUserFactoryInterface {
+
+  /**
+   * Gets the current account.
+   *
+   * @return \Drupal\Core\Session\AccountInterface
+   *   The current account.
+   */
+  public function getAccount();
+
+  /**
+   * Sets the current user.
+   *
+   * @param \Drupal\Core\Session\AccountInterface $account
+   *   The account to set.
+   */
+  public function setAccount(AccountInterface $account);
+
+}
diff --git a/core/misc/icons/0074bd/chevron-left.png b/core/misc/icons/0074bd/chevron-left.png
deleted file mode 100644
index e42435d..0000000
--- a/core/misc/icons/0074bd/chevron-left.png
+++ /dev/null
@@ -1,3 +0,0 @@
-�PNG
-
-
IHDR��aEIDATx�ݓ�	 ɑ2��8�d�� |5p��#�鑔�'��A,�ɂ�,p��nr������/��?��zG�IEND�B`�
\ No newline at end of file
diff --git a/core/misc/icons/0074bd/chevron-left.svg b/core/misc/icons/0074bd/chevron-left.svg
deleted file mode 100644
index 122e1c0..0000000
--- a/core/misc/icons/0074bd/chevron-left.svg
+++ /dev/null
@@ -1 +0,0 @@
-<svg xmlns="http://www.w3.org/2000/svg" width="16" height="16"><path fill="#0074bd" d="M7.951 7.645c-.193.196-.193.516 0 .71l3.258 3.29c.193.193.191.519-.002.709l-1.371 1.371c-.193.192-.512.191-.707 0l-5.335-5.371c-.194-.194-.194-.514 0-.708l5.335-5.369c.195-.195.514-.195.707-.001l1.371 1.371c.193.194.195.513.002.709l-3.258 3.289z"/></svg>
diff --git a/core/misc/icons/0074bd/chevron-right.png b/core/misc/icons/0074bd/chevron-right.png
deleted file mode 100644
index e2ff9a9..0000000
--- a/core/misc/icons/0074bd/chevron-right.png
+++ /dev/null
@@ -1,3 +0,0 @@
-�PNG
-
-
IHDR��aFIDATx�ݓ�	 C;�#e�q�h~P<�H���#�V>N�i��1�v�t�GB-�#)�@��`�;��^��zG���IEND�B`�
\ No newline at end of file
diff --git a/core/misc/icons/0074bd/chevron-right.svg b/core/misc/icons/0074bd/chevron-right.svg
deleted file mode 100644
index b16a8ce..0000000
--- a/core/misc/icons/0074bd/chevron-right.svg
+++ /dev/null
@@ -1 +0,0 @@
-<svg xmlns="http://www.w3.org/2000/svg" width="16" height="16"><path fill="#0074bd" d="M8.053 8.355c.193-.195.193-.517 0-.711l-3.26-3.289c-.193-.195-.192-.514.002-.709l1.371-1.371c.194-.194.512-.193.706.001l5.335 5.369c.195.195.195.515 0 .708l-5.335 5.37c-.194.192-.512.193-.706.002l-1.371-1.371c-.194-.195-.195-.514-.002-.709l3.26-3.29z"/></svg>
diff --git a/core/misc/jquery.intrinsic.js b/core/misc/jquery.intrinsic.js
deleted file mode 100644
index 3d05412..0000000
--- a/core/misc/jquery.intrinsic.js
+++ /dev/null
@@ -1,51 +0,0 @@
-/**
- * @file
- * Measure an element’s intrinsic width or height when neither constrained by
- * a container nor forced full width as in 'display: block'.
- */
-(function ($) {
-  'use strict';
-
-  // Style block applied momentarily in order to measure the element.
-  //
-  // 1. Shrink-wrap the element. Block display would give us the width of the
-  //    container, not the element’s intrinsic width.
-  // 2. Preventative measure. The styles should be reverted before the browser’s
-  //    UI thread updates.
-  //
-  // We avoid 'position: absolute' because this causes the element to wrap if
-  // it’s wider than the viewport, regardless of the width of <body> and <html>.
-  //
-  var tempElementCSS = {
-    display: 'table', /* 1 */
-    visibility: 'hidden', /* 2 */
-    width: 'auto',
-    height: 'auto',
-    maxWidth: 'none',
-    maxHeight: 'none'
-  };
-
-  // Style block applied momentarily to the body in order to ensure the
-  // element’s layout area isn’t constrained.
-  var tempBodyCSS = {
-    width: '999em',
-    height: '999em'
-  };
-
-  $.fn.intrinsic = function (dimension) {
-
-    // The measured element may be a plain object or jQuery.
-    var element = this instanceof jQuery ? this[0] : this;
-    var measurement;
-
-    // Use jQuery’s internal swap() method to temporarily apply the styles, then
-    // measure the element’s width() or height().
-    $.swap(document.body, tempBodyCSS, function () {
-      $.swap(element, tempElementCSS, function () {
-        measurement = $(element)[dimension]();
-      });
-    });
-
-    return measurement;
-  };
-})(jQuery);
diff --git a/core/modules/block/custom_block/lib/Drupal/custom_block/Plugin/Block/CustomBlockBlock.php b/core/modules/block/custom_block/lib/Drupal/custom_block/Plugin/Block/CustomBlockBlock.php
index fe7f461..6b693e6 100644
--- a/core/modules/block/custom_block/lib/Drupal/custom_block/Plugin/Block/CustomBlockBlock.php
+++ b/core/modules/block/custom_block/lib/Drupal/custom_block/Plugin/Block/CustomBlockBlock.php
@@ -10,8 +10,8 @@
 use Drupal\block\BlockBase;
 use Drupal\Core\Plugin\ContainerFactoryPluginInterface;
 use Drupal\Core\Extension\ModuleHandlerInterface;
-use Drupal\Core\Session\AccountInterface;
 use Drupal\block\Plugin\Type\BlockManager;
+use Drupal\Core\Session\CurrentUserFactoryInterface;
 use Symfony\Component\DependencyInjection\ContainerInterface;
 
 /**
@@ -41,11 +41,11 @@ class CustomBlockBlock extends BlockBase implements ContainerFactoryPluginInterf
   protected $moduleHandler;
 
   /**
-   * The Drupal account to use for checking for access to block.
+   * The current user factory.
    *
-   * @var \Drupal\Core\Session\AccountInterface.
+   * @var \Drupal\Core\Session\CurrentUserFactoryInterface
    */
-  protected $account;
+  protected $currentUser;
 
   /**
    * Constructs a new CustomBlockBlock.
@@ -60,15 +60,15 @@ class CustomBlockBlock extends BlockBase implements ContainerFactoryPluginInterf
    *   The Plugin Block Manager.
    * @param \Drupal\Core\Extension\ModuleHandlerInterface
    *   The Module Handler.
-   * @param \Drupal\Core\Session\AccountInterface $account
-   *   The account for which view access should be checked.
+   * @param \Drupal\Core\Session\CurrentUserFactoryInterface $current_user
+   *   The current user factory.
    */
-  public function __construct(array $configuration, $plugin_id, array $plugin_definition, BlockManager $block_manager, ModuleHandlerInterface $module_handler, AccountInterface $account) {
+  public function __construct(array $configuration, $plugin_id, array $plugin_definition, BlockManager $block_manager, ModuleHandlerInterface $module_handler, CurrentUserFactoryInterface $current_user) {
     parent::__construct($configuration, $plugin_id, $plugin_definition);
 
     $this->blockManager = $block_manager;
     $this->moduleHandler = $module_handler;
-    $this->account = $account;
+    $this->currentUser = $current_user;
   }
 
   /**
@@ -143,7 +143,7 @@ public function build() {
           '%uuid' => $uuid,
           '!url' => url('block/add')
         )),
-        '#access' => $this->account->hasPermission('administer blocks')
+        '#access' => $this->currentUser->getAccount()->hasPermission('administer blocks')
       );
     }
   }
diff --git a/core/modules/book/lib/Drupal/book/BookBreadcrumbBuilder.php b/core/modules/book/lib/Drupal/book/BookBreadcrumbBuilder.php
index 6dd54ff..f07ecd2 100644
--- a/core/modules/book/lib/Drupal/book/BookBreadcrumbBuilder.php
+++ b/core/modules/book/lib/Drupal/book/BookBreadcrumbBuilder.php
@@ -10,7 +10,7 @@
 use Drupal\Core\Access\AccessManager;
 use Drupal\Core\Breadcrumb\BreadcrumbBuilderBase;
 use Drupal\Core\Entity\EntityManagerInterface;
-use Drupal\Core\Session\AccountInterface;
+use Drupal\Core\Session\CurrentUserFactoryInterface;
 use Drupal\node\NodeInterface;
 
 /**
@@ -33,11 +33,11 @@ class BookBreadcrumbBuilder extends BreadcrumbBuilderBase {
   protected $accessManager;
 
   /**
-   * The current user account.
+   * The current user factory.
    *
-   * @var \Drupal\Core\Session\AccountInterface
+   * @var \Drupal\Core\Session\CurrentUserFactoryInterface
    */
-  protected $account;
+  protected $currentUser;
 
   /**
    * Constructs the BookBreadcrumbBuilder.
@@ -46,13 +46,13 @@ class BookBreadcrumbBuilder extends BreadcrumbBuilderBase {
    *   The entity manager service.
    * @param \Drupal\Core\Access\AccessManager $access_manager
    *   The access manager.
-   * @param \Drupal\Core\Session\AccountInterface $account
-   *   The current user account.
+   * @param \Drupal\Core\Session\CurrentUserFactoryInterface $current_user
+   *   The current user factory.
    */
-  public function __construct(EntityManagerInterface $entity_manager, AccessManager $access_manager, AccountInterface $account) {
+  public function __construct(EntityManagerInterface $entity_manager, AccessManager $access_manager, CurrentUserFactoryInterface $current_user) {
     $this->menuLinkStorage = $entity_manager->getStorageController('menu_link');
     $this->accessManager = $access_manager;
-    $this->account = $account;
+    $this->currentUser = $current_user;
   }
 
   /**
@@ -82,7 +82,7 @@ public function build(array $attributes) {
       $depth = 1;
       while (!empty($book['p' . ($depth + 1)])) {
         if (!empty($menu_links[$book['p' . $depth]]) && ($menu_link = $menu_links[$book['p' . $depth]])) {
-          if ($this->accessManager->checkNamedRoute($menu_link->route_name, $menu_link->route_parameters, $this->account)) {
+          if ($this->accessManager->checkNamedRoute($menu_link->route_name, $menu_link->route_parameters, $this->currentUser->getAccount())) {
             $links[] = $this->l($menu_link->label(), $menu_link->route_name, $menu_link->route_parameters, $menu_link->options);
           }
         }
diff --git a/core/modules/comment/lib/Drupal/comment/CommentFormController.php b/core/modules/comment/lib/Drupal/comment/CommentFormController.php
index 322d18a..6609c9e 100644
--- a/core/modules/comment/lib/Drupal/comment/CommentFormController.php
+++ b/core/modules/comment/lib/Drupal/comment/CommentFormController.php
@@ -14,7 +14,7 @@
 use Drupal\Core\Entity\ContentEntityFormController;
 use Drupal\Core\Entity\EntityManagerInterface;
 use Drupal\Core\Language\Language;
-use Drupal\Core\Session\AccountInterface;
+use Drupal\Core\Session\CurrentUserFactoryInterface;
 use Drupal\field\FieldInfo;
 use Symfony\Component\DependencyInjection\ContainerInterface;
 
@@ -31,9 +31,9 @@ class CommentFormController extends ContentEntityFormController {
   protected $fieldInfo;
 
   /**
-   * The current user.
+   * The current user factory.
    *
-   * @var \Drupal\Core\Session\AccountInterface
+   * @var \Drupal\Core\Session\CurrentUserFactoryInterface
    */
   protected $currentUser;
 
@@ -55,10 +55,10 @@ public static function create(ContainerInterface $container) {
    *   The entity manager service.
    * @param \Drupal\field\FieldInfo $field_info
    *   The field info service.
-   * @param \Drupal\Core\Session\AccountInterface $current_user
-   *   The current user.
+   * @param \Drupal\Core\Session\CurrentUserFactoryInterface $current_user
+   *   The current user factory.
    */
-  public function __construct(EntityManagerInterface $entity_manager, FieldInfo $field_info, AccountInterface $current_user) {
+  public function __construct(EntityManagerInterface $entity_manager, FieldInfo $field_info, CurrentUserFactoryInterface $current_user) {
     parent::__construct($entity_manager);
     $this->fieldInfo = $field_info;
     $this->currentUser = $current_user;
@@ -89,15 +89,16 @@ public function form(array $form, array &$form_state) {
     $entity = $this->entityManager->getStorageController($comment->entity_type->value)->load($comment->entity_id->value);
     $field_name = $comment->field_name->value;
     $instance = $this->fieldInfo->getInstance($entity->getEntityTypeId(), $entity->bundle(), $field_name);
+    $current_user = $this->currentUser->getAccount();
 
     // Use #comment-form as unique jump target, regardless of entity type.
     $form['#id'] = drupal_html_id('comment_form');
     $form['#theme'] = array('comment_form__' . $entity->getEntityTypeId() . '__' . $entity->bundle() . '__' . $field_name, 'comment_form');
 
     $anonymous_contact = $instance->getSetting('anonymous');
-    $is_admin = $comment->id() && $this->currentUser->hasPermission('administer comments');
+    $is_admin = $comment->id() && $current_user->hasPermission('administer comments');
 
-    if (!$this->currentUser->isAuthenticated() && $anonymous_contact != COMMENT_ANONYMOUS_MAYNOT_CONTACT) {
+    if (!$current_user->isAuthenticated() && $anonymous_contact != COMMENT_ANONYMOUS_MAYNOT_CONTACT) {
       $form['#attached']['library'][] = array('system', 'jquery.cookie');
       $form['#attributes']['class'][] = 'user-info-from-cookie';
     }
@@ -133,13 +134,13 @@ public function form(array $form, array &$form_state) {
       }
     }
     else {
-      if ($this->currentUser->isAuthenticated()) {
-        $author = $this->currentUser->getUsername();
+      if ($current_user->isAuthenticated()) {
+        $author = $current_user->getUsername();
       }
       else {
         $author = ($comment->name->value ? $comment->name->value : '');
       }
-      $status = ($this->currentUser->hasPermission('skip comment approval') ? CommentInterface::PUBLISHED : CommentInterface::NOT_PUBLISHED);
+      $status = ($current_user->hasPermission('skip comment approval') ? CommentInterface::PUBLISHED : CommentInterface::NOT_PUBLISHED);
     }
 
     $date = '';
@@ -152,7 +153,7 @@ public function form(array $form, array &$form_state) {
       '#type' => 'textfield',
       '#title' => $this->t('Your name'),
       '#default_value' => $author,
-      '#required' => ($this->currentUser->isAnonymous() && $anonymous_contact == COMMENT_ANONYMOUS_MUST_CONTACT),
+      '#required' => ($current_user->isAnonymous() && $anonymous_contact == COMMENT_ANONYMOUS_MUST_CONTACT),
       '#maxlength' => 60,
       '#size' => 30,
     );
@@ -161,11 +162,11 @@ public function form(array $form, array &$form_state) {
       $form['author']['name']['#description'] = $this->t('Leave blank for %anonymous.', array('%anonymous' => $this->config('user.settings')->get('anonymous')));
       $form['author']['name']['#autocomplete_route_name'] = 'user.autocomplete';
     }
-    elseif ($this->currentUser->isAuthenticated()) {
+    elseif ($current_user->isAuthenticated()) {
       $form['author']['name']['#type'] = 'item';
       $form['author']['name']['#value'] = $form['author']['name']['#default_value'];
       $form['author']['name']['#theme'] = 'username';
-      $form['author']['name']['#account'] = $this->currentUser;
+      $form['author']['name']['#account'] = $current_user;
     }
 
     // Add author e-mail and homepage fields depending on the current user.
@@ -173,11 +174,11 @@ public function form(array $form, array &$form_state) {
       '#type' => 'email',
       '#title' => $this->t('E-mail'),
       '#default_value' => $comment->mail->value,
-      '#required' => ($this->currentUser->isAnonymous() && $anonymous_contact == COMMENT_ANONYMOUS_MUST_CONTACT),
+      '#required' => ($current_user->isAnonymous() && $anonymous_contact == COMMENT_ANONYMOUS_MUST_CONTACT),
       '#maxlength' => 64,
       '#size' => 30,
       '#description' => $this->t('The content of this field is kept private and will not be shown publicly.'),
-      '#access' => $is_admin || ($this->currentUser->isAnonymous() && $anonymous_contact != COMMENT_ANONYMOUS_MAYNOT_CONTACT),
+      '#access' => $is_admin || ($current_user->isAnonymous() && $anonymous_contact != COMMENT_ANONYMOUS_MAYNOT_CONTACT),
     );
 
     $form['author']['homepage'] = array(
@@ -186,7 +187,7 @@ public function form(array $form, array &$form_state) {
       '#default_value' => $comment->homepage->value,
       '#maxlength' => 255,
       '#size' => 30,
-      '#access' => $is_admin || ($this->currentUser->isAnonymous() && $anonymous_contact != COMMENT_ANONYMOUS_MAYNOT_CONTACT),
+      '#access' => $is_admin || ($current_user->isAnonymous() && $anonymous_contact != COMMENT_ANONYMOUS_MAYNOT_CONTACT),
     );
 
     // Add administrative comment publishing options.
@@ -220,7 +221,7 @@ public function form(array $form, array &$form_state) {
     // Used for conditional validation of author fields.
     $form['is_anonymous'] = array(
       '#type' => 'value',
-      '#value' => ($comment->id() ? !$comment->getOwnerId() : $this->currentUser->isAnonymous()),
+      '#value' => ($comment->id() ? !$comment->getOwnerId() : $current_user->isAnonymous()),
     );
 
     // Add internal comment properties.
@@ -251,7 +252,7 @@ protected function actions(array $form, array &$form_state) {
 
     // Only show the save button if comment previews are optional or if we are
     // already previewing the submission.
-    $element['submit']['#access'] = ($comment->id() && $this->currentUser->hasPermission('administer comments')) || $preview_mode != DRUPAL_REQUIRED || isset($form_state['comment_preview']);
+    $element['submit']['#access'] = ($comment->id() && $this->currentUser->getAccount()->hasPermission('administer comments')) || $preview_mode != DRUPAL_REQUIRED || isset($form_state['comment_preview']);
 
     $element['preview'] = array(
       '#type' => 'submit',
@@ -378,10 +379,11 @@ public function save(array $form, array &$form_state) {
     $comment = $this->entity;
     $field_name = $comment->field_name->value;
     $uri = $entity->urlInfo();
+    $current_user = $this->currentUser->getAccount();
 
-    if ($this->currentUser->hasPermission('post comments') && ($this->currentUser->hasPermission('administer comments') || $entity->{$field_name}->status == COMMENT_OPEN)) {
+    if ($current_user->hasPermission('post comments') && ($current_user->hasPermission('administer comments') || $entity->{$field_name}->status == COMMENT_OPEN)) {
       // Save the anonymous user information to a cookie for reuse.
-      if ($this->currentUser->isAnonymous()) {
+      if ($current_user->isAnonymous()) {
         user_cookie_save(array_intersect_key($form_state['values'], array_flip(array('name', 'mail', 'homepage'))));
       }
 
@@ -393,7 +395,7 @@ public function save(array $form, array &$form_state) {
 
       // Explain the approval queue if necessary.
       if ($comment->status->value == CommentInterface::NOT_PUBLISHED) {
-        if (!$this->currentUser->hasPermission('administer comments')) {
+        if (!$current_user->hasPermission('administer comments')) {
           drupal_set_message($this->t('Your comment has been queued for review by site administrators and will be published after approval.'));
         }
       }
diff --git a/core/modules/comment/lib/Drupal/comment/CommentManager.php b/core/modules/comment/lib/Drupal/comment/CommentManager.php
index debd1eb..270b6fb 100644
--- a/core/modules/comment/lib/Drupal/comment/CommentManager.php
+++ b/core/modules/comment/lib/Drupal/comment/CommentManager.php
@@ -12,7 +12,7 @@
 use Drupal\Core\Entity\EntityInterface;
 use Drupal\Core\Entity\EntityManagerInterface;
 use Drupal\Core\Routing\UrlGeneratorInterface;
-use Drupal\Core\Session\AccountInterface;
+use Drupal\Core\Session\CurrentUserFactoryInterface;
 use Drupal\Core\StringTranslation\TranslationInterface;
 use Drupal\field\FieldInfo;
 
@@ -36,9 +36,9 @@ class CommentManager implements CommentManagerInterface {
   protected $entityManager;
 
   /**
-   * The current user.
+   * The current user factory.
    *
-   * @var \Drupal\Core\Session\AccountInterface $current_user
+   * @var \Drupal\Core\Session\CurrentUserFactoryInterface $current_user
    */
   protected $currentUser;
 
@@ -77,8 +77,8 @@ class CommentManager implements CommentManagerInterface {
    *   The field info service.
    * @param \Drupal\Core\Entity\EntityManagerInterface $entity_manager
    *   The entity manager service.
-   * @param \Drupal\Core\Session\AccountInterface $current_user
-   *   The current user.
+   * @param \Drupal\Core\Session\CurrentUserFactoryInterface $current_user
+   *   The current user factory.
    * @param \Drupal\Core\Config\ConfigFactory $config_factory
    *   The config factory.
    * @param \Drupal\Core\StringTranslation\TranslationInterface $translation_manager
@@ -86,7 +86,7 @@ class CommentManager implements CommentManagerInterface {
    * @param \Drupal\Core\Routing\UrlGeneratorInterface $url_generator
    *   The url generator service.
    */
-  public function __construct(FieldInfo $field_info, EntityManagerInterface $entity_manager, AccountInterface $current_user, ConfigFactory $config_factory, TranslationInterface $translation_manager, UrlGeneratorInterface $url_generator) {
+  public function __construct(FieldInfo $field_info, EntityManagerInterface $entity_manager, CurrentUserFactoryInterface $current_user, ConfigFactory $config_factory, TranslationInterface $translation_manager, UrlGeneratorInterface $url_generator) {
     $this->fieldInfo = $field_info;
     $this->entityManager = $entity_manager;
     $this->currentUser = $current_user;
@@ -256,7 +256,7 @@ public function getFieldUIPageTitle($commented_entity_type, $field_name) {
    * {@inheritdoc}
    */
   public function forbiddenMessage(EntityInterface $entity, $field_name) {
-    if ($this->currentUser->isAnonymous()) {
+    if ($this->currentUser->getAccount()->isAnonymous()) {
       if (!isset($this->authenticatedCanPostComments)) {
         // We only output a link if we are certain that users will get the
         // permission to post comments by logging in.
diff --git a/core/modules/comment/lib/Drupal/comment/Plugin/Field/FieldFormatter/CommentDefaultFormatter.php b/core/modules/comment/lib/Drupal/comment/Plugin/Field/FieldFormatter/CommentDefaultFormatter.php
index bcdf86f..255ab26 100644
--- a/core/modules/comment/lib/Drupal/comment/Plugin/Field/FieldFormatter/CommentDefaultFormatter.php
+++ b/core/modules/comment/lib/Drupal/comment/Plugin/Field/FieldFormatter/CommentDefaultFormatter.php
@@ -10,10 +10,10 @@
 use Drupal\comment\CommentStorageControllerInterface;
 use Drupal\Core\Entity\EntityViewBuilderInterface;
 use Drupal\Core\Field\FieldItemListInterface;
-use Drupal\Core\Session\AccountInterface;
 use Drupal\Core\Field\FieldDefinitionInterface;
 use Drupal\Core\Field\FormatterBase;
 use Drupal\Core\Plugin\ContainerFactoryPluginInterface;
+use Drupal\Core\Session\CurrentUserFactoryInterface;
 use Symfony\Component\DependencyInjection\ContainerInterface;
 
 /**
@@ -44,9 +44,9 @@ class CommentDefaultFormatter extends FormatterBase implements ContainerFactoryP
   protected $storageController;
 
   /**
-   * The current user.
+   * The current user factory.
    *
-   * @var \Drupal\Core\Session\AccountInterface
+   * @var \Drupal\Core\Session\CurrentUserFactoryInterface
    */
   protected $currentUser;
 
@@ -89,14 +89,14 @@ public static function create(ContainerInterface $container, array $configuratio
    *   The formatter label display setting.
    * @param string $view_mode
    *   The view mode.
-   * @param \Drupal\Core\Session\AccountInterface $current_user
-   *   The current user.
+   * @param \Drupal\Core\Session\CurrentUserFactoryInterface $current_user
+   *   The current user factory.
    * @param \Drupal\comment\CommentStorageControllerInterface $comment_storage_controller
    *   The comment storage controller.
    * @param \Drupal\Core\Entity\EntityViewBuilderInterface $comment_view_builder
    *   The comment view builder.
    */
-  public function __construct($plugin_id, array $plugin_definition, FieldDefinitionInterface $field_definition, array $settings, $label, $view_mode, AccountInterface $current_user, CommentStorageControllerInterface $comment_storage_controller, EntityViewBuilderInterface $comment_view_builder) {
+  public function __construct($plugin_id, array $plugin_definition, FieldDefinitionInterface $field_definition, array $settings, $label, $view_mode, CurrentUserFactoryInterface $current_user, CommentStorageControllerInterface $comment_storage_controller, EntityViewBuilderInterface $comment_view_builder) {
     parent::__construct($plugin_id, $plugin_definition, $field_definition, $settings, $label, $view_mode);
     $this->viewBuilder = $comment_view_builder;
     $this->storageController = $comment_storage_controller;
@@ -121,13 +121,14 @@ public function viewElements(FieldItemListInterface $items) {
       // return anything if the view mode is search_index or search_result.
       !in_array($this->viewMode, array('search_result', 'search_index'))) {
       $comment_settings = $this->getFieldSettings();
+      $current_user = $this->currentUser->getAccount();
 
       // Only attempt to render comments if the entity has visible comments.
       // Unpublished comments are not included in
       // $entity->get($field_name)->comment_count, but unpublished comments
       // should display if the user is an administrator.
-      if ((($entity->get($field_name)->comment_count && $this->currentUser->hasPermission('access comments')) ||
-        $this->currentUser->hasPermission('administer comments'))) {
+      if ((($entity->get($field_name)->comment_count && $current_user->hasPermission('access comments')) ||
+        $current_user->hasPermission('administer comments'))) {
         $mode = $comment_settings['default_mode'];
         $comments_per_page = $comment_settings['per_page'];
         if ($cids = comment_get_thread($entity, $field_name, $mode, $comments_per_page, $this->settings['pager_id'])) {
@@ -146,10 +147,10 @@ public function viewElements(FieldItemListInterface $items) {
       // display below the entity.
       if ($status == COMMENT_OPEN && $comment_settings['form_location'] == COMMENT_FORM_BELOW) {
         // Only show the add comment form if the user has permission.
-        if ($this->currentUser->hasPermission('post comments')) {
+        if ($current_user->hasPermission('post comments')) {
           // All users in the "anonymous" role can use the same form: it is fine
           // for this form to be stored in the render cache.
-          if ($this->currentUser->isAnonymous()) {
+          if ($current_user->isAnonymous()) {
             $output['comment_form'] = comment_add($entity, $field_name);
           }
           // All other users need a user-specific form, which would break the
diff --git a/core/modules/comment/tests/Drupal/comment/Tests/Entity/CommentLockTest.php b/core/modules/comment/tests/Drupal/comment/Tests/Entity/CommentLockTest.php
index d5f2eee..b370e5e 100644
--- a/core/modules/comment/tests/Drupal/comment/Tests/Entity/CommentLockTest.php
+++ b/core/modules/comment/tests/Drupal/comment/Tests/Entity/CommentLockTest.php
@@ -33,7 +33,7 @@ public static function getInfo() {
    */
   public function testLocks() {
     $container = new ContainerBuilder();
-    $container->set('current_user', $this->getMock('Drupal\Core\Session\AccountInterface'));
+    $container->set('current_user', $this->getCurrentUserFactoryStub());
     $container->register('request', 'Symfony\Component\HttpFoundation\Request');
     $lock = $this->getMock('Drupal\Core\Lock\LockBackendInterface');
     $cid = 2;
diff --git a/core/modules/config_translation/lib/Drupal/config_translation/Controller/ConfigTranslationController.php b/core/modules/config_translation/lib/Drupal/config_translation/Controller/ConfigTranslationController.php
index 0235678..a6aca5c 100644
--- a/core/modules/config_translation/lib/Drupal/config_translation/Controller/ConfigTranslationController.php
+++ b/core/modules/config_translation/lib/Drupal/config_translation/Controller/ConfigTranslationController.php
@@ -15,6 +15,7 @@
 use Drupal\Core\ParamConverter\ParamNotConvertedException;
 use Drupal\Core\PathProcessor\InboundPathProcessorInterface;
 use Drupal\Core\Session\AccountInterface;
+use Drupal\Core\Session\CurrentUserFactoryInterface;
 use Symfony\Cmf\Component\Routing\RouteObjectInterface;
 use Symfony\Component\DependencyInjection\ContainerInterface;
 use Symfony\Component\HttpFoundation\Request;
@@ -55,11 +56,11 @@ class ConfigTranslationController extends ControllerBase {
   protected $pathProcessor;
 
   /**
-   * The current user.
+   * The current user factory.
    *
-   * @var \Drupal\Core\Session\AccountInterface
+   * @var \Drupal\Core\Session\CurrentUserFactoryInterface
    */
-  protected $account;
+  protected $currentUser;
 
   /**
    * The language manager.
@@ -79,17 +80,17 @@ class ConfigTranslationController extends ControllerBase {
    *   The dynamic router service.
    * @param \Drupal\Core\PathProcessor\InboundPathProcessorInterface $path_processor
    *   The inbound path processor.
-   * @param \Drupal\Core\Session\AccountInterface $account
-   *   The current user.
+   * @param \Drupal\Core\Session\CurrentUserFactoryInterface $current_user
+   *   The current user factory.
    * @param \Drupal\Core\Language\LanguageManagerInterface $language_manager
    *   The language manager.
    */
-  public function __construct(ConfigMapperManagerInterface $config_mapper_manager, AccessManager $access_manager, RequestMatcherInterface $router, InboundPathProcessorInterface $path_processor, AccountInterface $account, LanguageManagerInterface $language_manager) {
+  public function __construct(ConfigMapperManagerInterface $config_mapper_manager, AccessManager $access_manager, RequestMatcherInterface $router, InboundPathProcessorInterface $path_processor, CurrentUserFactoryInterface $current_user, LanguageManagerInterface $language_manager) {
     $this->configMapperManager = $config_mapper_manager;
     $this->accessManager = $access_manager;
     $this->router = $router;
     $this->pathProcessor = $path_processor;
-    $this->account = $account;
+    $this->currentUser = $current_user;
     $this->languageManager = $language_manager;
   }
 
@@ -174,7 +175,7 @@ public function itemPage(Request $request, $plugin_id) {
           // Note that the parameters don't really matter here since we're
           // passing in the request which already has the upcast attributes.
           $parameters = array();
-          $edit_access = $this->accessManager->checkNamedRoute($route_name, $parameters, $this->account, $route_request);
+          $edit_access = $this->accessManager->checkNamedRoute($route_name, $parameters, $this->currentUser->getAccount(), $route_request);
         }
 
         // Build list of operations.
diff --git a/core/modules/entity_reference/lib/Drupal/entity_reference/Tests/EntityReferenceSelectionAccessTest.php b/core/modules/entity_reference/lib/Drupal/entity_reference/Tests/EntityReferenceSelectionAccessTest.php
index 3fb6460..21446bc 100644
--- a/core/modules/entity_reference/lib/Drupal/entity_reference/Tests/EntityReferenceSelectionAccessTest.php
+++ b/core/modules/entity_reference/lib/Drupal/entity_reference/Tests/EntityReferenceSelectionAccessTest.php
@@ -120,7 +120,7 @@ public function testNodeHandler() {
 
     // Test as a non-admin.
     $normal_user = $this->drupalCreateUser(array('access content'));
-    $this->container->set('current_user', $normal_user);
+    $this->container->get('current_user')->setAccount($normal_user);
     $referenceable_tests = array(
       array(
         'arguments' => array(
@@ -172,7 +172,7 @@ public function testNodeHandler() {
 
     // Test as an admin.
     $admin_user = $this->drupalCreateUser(array('access content', 'bypass node access'));
-    $this->container->set('current_user', $admin_user);
+    $this->container->get('current_user')->setAccount($admin_user);
     $referenceable_tests = array(
       array(
         'arguments' => array(
@@ -266,7 +266,7 @@ public function testUserHandler() {
     }
 
     // Test as a non-admin.
-    $this->container->set('current_user', $users['non_admin']);
+    $this->container->get('current_user')->setAccount($users['non_admin']);
     $referenceable_tests = array(
       array(
         'arguments' => array(
@@ -305,7 +305,7 @@ public function testUserHandler() {
     );
     $this->assertReferenceable($instance, $referenceable_tests, 'User handler');
 
-    $this->container->set('current_user', $users['admin']);
+    $this->container->get('current_user')->setAccount($users['admin']);
     $referenceable_tests = array(
       array(
         'arguments' => array(
@@ -447,7 +447,7 @@ public function testCommentHandler() {
 
     // Test as a non-admin.
     $normal_user = $this->drupalCreateUser(array('access content', 'access comments'));
-    $this->container->set('current_user', $normal_user);
+    $this->container->get('current_user')->setAccount($normal_user);
     $referenceable_tests = array(
       array(
         'arguments' => array(
@@ -486,7 +486,7 @@ public function testCommentHandler() {
 
     // Test as a comment admin.
     $admin_user = $this->drupalCreateUser(array('access content', 'access comments', 'administer comments'));
-    $this->container->set('current_user', $admin_user);
+    $this->container->get('current_user')->setAccount($admin_user);
     $referenceable_tests = array(
       array(
         'arguments' => array(
@@ -504,7 +504,7 @@ public function testCommentHandler() {
 
     // Test as a node and comment admin.
     $admin_user = $this->drupalCreateUser(array('access content', 'access comments', 'administer comments', 'bypass node access'));
-    $this->container->set('current_user', $admin_user);
+    $this->container->get('current_user')->setAccount($admin_user);
     $referenceable_tests = array(
       array(
         'arguments' => array(
diff --git a/core/modules/file/lib/Drupal/file/Tests/ValidatorTest.php b/core/modules/file/lib/Drupal/file/Tests/ValidatorTest.php
index 76abd8a..406319b 100644
--- a/core/modules/file/lib/Drupal/file/Tests/ValidatorTest.php
+++ b/core/modules/file/lib/Drupal/file/Tests/ValidatorTest.php
@@ -129,7 +129,7 @@ function testFileValidateNameLength() {
    * Test file_validate_size().
    */
   function testFileValidateSize() {
-    $user = $this->container->get('current_user');
+    $user = $this->container->get('current_user')->getAccount();
     $original_user = $user;
     drupal_save_session(FALSE);
 
diff --git a/core/modules/filter/lib/Drupal/filter/Tests/FilterAPITest.php b/core/modules/filter/lib/Drupal/filter/Tests/FilterAPITest.php
index c36b009..3d27843 100644
--- a/core/modules/filter/lib/Drupal/filter/Tests/FilterAPITest.php
+++ b/core/modules/filter/lib/Drupal/filter/Tests/FilterAPITest.php
@@ -206,7 +206,7 @@ function testTypedDataAPI() {
 
     // Test with anonymous user.
     $user = drupal_anonymous_user();
-    $this->container->set('current_user', $user);
+    $this->container->get('current_user')->setAccount($user);
 
     $expected_available_options = array(
       'filtered_html' => 'Filtered HTML',
@@ -245,7 +245,7 @@ function testTypedDataAPI() {
     $this->assertFilterFormatViolation($violations, 'filtered_html');
 
     // Set user with access to 'filtered_html' format.
-    $this->container->set('current_user', $filtered_html_user);
+    $this->container->get('current_user')->setAccount($filtered_html_user);
     $violations = $data->validate();
     $this->assertEqual(count($violations), 0, "No validation violation for accessible format 'filtered_html' found.");
 
diff --git a/core/modules/language/lib/Drupal/language/EventSubscriber/LanguageRequestSubscriber.php b/core/modules/language/lib/Drupal/language/EventSubscriber/LanguageRequestSubscriber.php
index 26c8190..2d17816 100644
--- a/core/modules/language/lib/Drupal/language/EventSubscriber/LanguageRequestSubscriber.php
+++ b/core/modules/language/lib/Drupal/language/EventSubscriber/LanguageRequestSubscriber.php
@@ -9,7 +9,7 @@
 
 use Drupal\Core\Config\ConfigFactory;
 use Drupal\Core\Language\Language;
-use Drupal\Core\Session\AccountInterface;
+use Drupal\Core\Session\CurrentUserFactoryInterface;
 use Drupal\Core\StringTranslation\Translator\TranslatorInterface;
 use Drupal\language\ConfigurableLanguageManagerInterface;
 use Drupal\language\LanguageNegotiatorInterface;
@@ -45,9 +45,9 @@ class LanguageRequestSubscriber implements EventSubscriberInterface {
   protected $translation;
 
   /**
-   * The current active user.
+   * The current user factory.
    *
-   * @return \Drupal\Core\Session\AccountInterface
+   * @var \Drupal\Core\Session\CurrentUserFactoryInterface
    */
   protected $currentUser;
 
@@ -67,12 +67,12 @@ class LanguageRequestSubscriber implements EventSubscriberInterface {
    *   The language negotiator.
    * @param \Drupal\Core\Translation\Translator\TranslatorInterface $translation
    *   The translation service.
-   * @param \Drupal\Core\Session\AccountInterface $current_user
-   *   The current active user.
+   * @param \Drupal\Core\Session\CurrentUserFactoryInterface $current_user
+   *   The current user factory.
    * @param \Drupal\Core\Config\ConfigFactory $config_factory
    *   The configuration factory.
    */
-  public function __construct(ConfigurableLanguageManagerInterface $language_manager, LanguageNegotiatorInterface $negotiator, TranslatorInterface $translation, AccountInterface $current_user, ConfigFactory $config_factory) {
+  public function __construct(ConfigurableLanguageManagerInterface $language_manager, LanguageNegotiatorInterface $negotiator, TranslatorInterface $translation, CurrentUserFactoryInterface $current_user, ConfigFactory $config_factory) {
     $this->languageManager = $language_manager;
     $this->negotiator = $negotiator;
     $this->translation = $translation;
@@ -89,7 +89,7 @@ public function __construct(ConfigurableLanguageManagerInterface $language_manag
   public function onKernelRequestLanguage(GetResponseEvent $event) {
     if ($event->getRequestType() == HttpKernelInterface::MASTER_REQUEST) {
       $request = $event->getRequest();
-      $this->negotiator->setCurrentUser($this->currentUser);
+      $this->negotiator->setCurrentUser($this->currentUser->getAccount());
       $this->negotiator->setRequest($request);
       if ($this->languageManager instanceof ConfigurableLanguageManagerInterface) {
         $this->languageManager->setNegotiator($this->negotiator);
diff --git a/core/modules/language/lib/Drupal/language/HttpKernel/PathProcessorLanguage.php b/core/modules/language/lib/Drupal/language/HttpKernel/PathProcessorLanguage.php
index 71a5cfe..5147d78 100644
--- a/core/modules/language/lib/Drupal/language/HttpKernel/PathProcessorLanguage.php
+++ b/core/modules/language/lib/Drupal/language/HttpKernel/PathProcessorLanguage.php
@@ -12,6 +12,7 @@
 use Drupal\Core\Config\ConfigFactory;
 use Drupal\Core\PathProcessor\InboundPathProcessorInterface;
 use Drupal\Core\PathProcessor\OutboundPathProcessorInterface;
+use Drupal\Core\Session\CurrentUserFactoryInterface;
 use Drupal\language\ConfigurableLanguageManagerInterface;
 use Drupal\language\LanguageNegotiatorInterface;
 use Symfony\Component\HttpFoundation\Request;
@@ -75,15 +76,15 @@ class PathProcessorLanguage implements InboundPathProcessorInterface, OutboundPa
    *   The configurable language manager.
    * @param \Drupal\language\LanguageNegotiatorInterface
    *   The language negotiator.
-   * @param \Drupal\Core\Session\AccountInterface $current_user
-   *   The current active user.
+   * @param \Drupal\Core\Session\CurrentUserFactoryInterface $current_user
+   *   The current user factory.
    */
-  public function __construct(ConfigFactory $config, Settings $settings, ConfigurableLanguageManagerInterface $language_manager, LanguageNegotiatorInterface $negotiator, AccountInterface $current_user) {
+  public function __construct(ConfigFactory $config, Settings $settings, ConfigurableLanguageManagerInterface $language_manager, LanguageNegotiatorInterface $negotiator, CurrentUserFactoryInterface $current_user) {
     $this->config = $config;
     $this->mixedModeSessions = $settings->get('mixed_mode_sessions', FALSE);
     $this->languageManager = $language_manager;
     $this->negotiator = $negotiator;
-    $this->negotiator->setCurrentUser($current_user);
+    $this->negotiator->setCurrentUser($current_user->getAccount());
   }
 
   /**
diff --git a/core/modules/node/lib/Drupal/node/Plugin/Search/NodeSearch.php b/core/modules/node/lib/Drupal/node/Plugin/Search/NodeSearch.php
index 9f34d43..cac297d 100644
--- a/core/modules/node/lib/Drupal/node/Plugin/Search/NodeSearch.php
+++ b/core/modules/node/lib/Drupal/node/Plugin/Search/NodeSearch.php
@@ -17,6 +17,7 @@
 use Drupal\Core\Session\AccountInterface;
 use Drupal\Core\Access\AccessibleInterface;
 use Drupal\Core\Database\Query\Condition;
+use Drupal\Core\Session\CurrentUserFactoryInterface;
 use Drupal\node\NodeInterface;
 use Drupal\search\Plugin\ConfigurableSearchPluginBase;
 use Drupal\search\Plugin\SearchIndexingInterface;
@@ -68,11 +69,11 @@ class NodeSearch extends ConfigurableSearchPluginBase implements AccessibleInter
   protected $state;
 
   /**
-   * The Drupal account to use for checking for access to advanced search.
+   * The current user factory.
    *
-   * @var \Drupal\Core\Session\AccountInterface
+   * @var \Drupal\Core\Session\CurrentUserFactoryInterface
    */
-  protected $account;
+  protected $currentUser;
 
   /**
    * An array of additional rankings from hook_ranking().
@@ -137,16 +138,16 @@ static public function create(ContainerInterface $container, array $configuratio
    *   A config object for 'search.settings'.
    * @param \Drupal\Core\KeyValueStore\StateInterface $state
    *   The Drupal state object used to set 'node.cron_last'.
-   * @param \Drupal\Core\Session\AccountInterface $account
-   *   The $account object to use for checking for access to advanced search.
+   * @param \Drupal\Core\Session\CurrentUserFactoryInterface $current_user
+   *   The current user factory.
    */
-  public function __construct(array $configuration, $plugin_id, array $plugin_definition, Connection $database, EntityManagerInterface $entity_manager, ModuleHandlerInterface $module_handler, Config $search_settings, StateInterface $state, AccountInterface $account = NULL) {
+  public function __construct(array $configuration, $plugin_id, array $plugin_definition, Connection $database, EntityManagerInterface $entity_manager, ModuleHandlerInterface $module_handler, Config $search_settings, StateInterface $state, CurrentUserFactoryInterface $current_user) {
     $this->database = $database;
     $this->entityManager = $entity_manager;
     $this->moduleHandler = $module_handler;
     $this->searchSettings = $search_settings;
     $this->state = $state;
-    $this->account = $account;
+    $this->currentUser = $current_user;
     parent::__construct($configuration, $plugin_id, $plugin_definition);
   }
 
@@ -371,13 +372,14 @@ public function indexStatus() {
    * {@inheritdoc}
    */
   public function searchFormAlter(array &$form, array &$form_state) {
+    $account = $this->currentUser->getAccount();
     // Add keyword boxes.
     $form['advanced'] = array(
       '#type' => 'details',
       '#title' => t('Advanced search'),
       '#collapsed' => TRUE,
       '#attributes' => array('class' => array('search-advanced')),
-      '#access' => $this->account && $this->account->hasPermission('use advanced search'),
+      '#access' => $account && $account->hasPermission('use advanced search'),
     );
     $form['advanced']['keywords-fieldset'] = array(
       '#type' => 'fieldset',
diff --git a/core/modules/shortcut/css/shortcut.icons.css b/core/modules/shortcut/css/shortcut.icons.css
index 143b115..d7f5970 100644
--- a/core/modules/shortcut/css/shortcut.icons.css
+++ b/core/modules/shortcut/css/shortcut.icons.css
@@ -25,21 +25,44 @@
  * Add/remove links.
  */
 .add-or-remove-shortcuts .icon {
-  background: transparent url('../images/favstar.svg') no-repeat left top;
-  width: 20px;
-  height: 20px;
+  background: transparent url("../images/shortcut-add.png") no-repeat;
+  height: 12px;
+  margin-left: 8px; /* LTR */
+  overflow: hidden;
+  text-indent: 12px;
+  width: 12px;
 }
 .no-svg .add-or-remove-shortcuts .icon {
-  background-image: url('../images/favstar.png');
+  background: transparent url("../images/shortcut-add.png") no-repeat;
 }
-.add-shortcut a:hover .icon,
-.add-shortcut a:focus .icon {
-  background-position: -20px top;
+[dir="rtl"] .add-or-remove-shortcuts .icon {
+  margin-left: 0;
+  margin-right: 8px;
+}
+[dir="rtl"] .add-or-remove-shortcuts .text {
+  padding: 0 10px 0 6px;
+}
+[dir="rtl"] .add-or-remove-shortcuts a:focus .text,
+[dir="rtl"] .add-or-remove-shortcuts a:hover .text {
+  border-radius: 5px 0 0 5px;
+}
+.add-shortcut a:focus .icon,
+.add-shortcut a:hover .icon {
+  background-position: 0 -12px; /* LTR */
+}
+[dir="rtl"] .add-shortcut a:focus .icon,
+[dir="rtl"] .add-shortcut a:hover .icon {
+  background-position: 0 -24px;
 }
 .remove-shortcut .icon {
-  background-position: -40px top;
+  margin-top: 4px;
+  background-position: -12px 0;
 }
 .remove-shortcut a:focus .icon,
 .remove-shortcut a:hover .icon {
-  background-position: -60px top; /* LTR */
+  background-position: -12px -12px; /* LTR */
+}
+[dir="rtl"] .remove-shortcut a:focus .icon,
+[dir="rtl"] .remove-shortcut a:hover .icon {
+  background-position: -12px -24px;
 }
diff --git a/core/modules/shortcut/css/shortcut.module.css b/core/modules/shortcut/css/shortcut.module.css
index d9e556e..05672e9 100644
--- a/core/modules/shortcut/css/shortcut.module.css
+++ b/core/modules/shortcut/css/shortcut.module.css
@@ -7,6 +7,20 @@
  * Add/remove links.
  */
 .add-or-remove-shortcuts .icon {
-  display: inline-block;
-  vertical-align: -2px;
+  display: block;
+  float: left; /* LTR */
+  margin-top: 5px;
+}
+.add-or-remove-shortcuts .text {
+  display: none;
+  float: left; /* LTR */
+  padding-top: 2px;
+}
+[dir="rtl"] .add-or-remove-shortcuts .icon,
+[dir="rtl"] .add-or-remove-shortcuts .text {
+  float: right;
+}
+.add-or-remove-shortcuts a:focus .text,
+.add-or-remove-shortcuts a:hover .text {
+  display: block;
 }
diff --git a/core/modules/shortcut/css/shortcut.theme.css b/core/modules/shortcut/css/shortcut.theme.css
index c7bd081..018f328 100644
--- a/core/modules/shortcut/css/shortcut.theme.css
+++ b/core/modules/shortcut/css/shortcut.theme.css
@@ -19,41 +19,3 @@
 [dir="rtl"] .toolbar .toolbar-tray-horizontal .edit-shortcuts {
   float: right;
 }
-
-/**
- * Add/remove links.
- */
-.add-or-remove-shortcuts {
-  display: inline-block;
-  margin-left: 0.3em;
-}
-.add-or-remove-shortcuts .text {
-  background: #000000;
-  background: rgba(0, 0, 0, 0.5);
-  border-radius: 5px;
-  padding: 0 5px;
-  color: #ffffff;
-  display: inline-block;
-  margin-left: 0.3em;
-  opacity: 0;
-  -ms-transform: translateY(-12px);
-  -moz-transform: translateY(-12px);
-  -webkit-transform: translateY(-12px);
-  transform: translateY(-12px);
-  -webkit-transition: all 200ms ease-out;
-  -moz-transition: all 200ms ease-out;
-  transition: all 200ms ease-out;
-  -ms-backface-visibility: hidden;
-  -moz-backface-visibility: hidden;
-  -webkit-backface-visibility: hidden;
-  backface-visibility: hidden;
-}
-.add-or-remove-shortcuts a:hover .text,
-.add-or-remove-shortcuts a:focus .text {
-  opacity: 1;
-  -o-transform: translateY(-2px);
-  -ms-transform: translateY(-2px);
-  -moz-transform: translateY(-2px);
-  -webkit-transform: translateY(-2px);
-  transform: translateY(-2px);
-}
diff --git a/core/modules/shortcut/images/favstar.png b/core/modules/shortcut/images/favstar.png
deleted file mode 100755
index bd51fde..0000000
--- a/core/modules/shortcut/images/favstar.png
+++ /dev/null
@@ -1,8 +0,0 @@
-�PNG
-
-
IHDRPغ��IDATXG�XkPSG�{�@�X�"tF�?��RG�೭�'Qe���cSZ�z[!Z�:�(�@m%��G��l���"vF��h�A^��{�{�21$�&�Ow&��ݳߞ���
޴�b㚝�(��&���ܩ<~�N�����#���`lZ���F������
��6�AuL���$p�,n��G���z��88�xD�T��i��Ɔ��Dn#��#m/   	�7�L�\x�*dq�V@�!@
��j��6��94o��r�M&O^�6�.���j��i#ҧ�*df���Z���[_���J�b��P�34�����O�)�y$�6����'�ڲ#M��9��pOwGg,�n�����d��x��0*ɍ#'P6{�}�2��U�'�Ӧp��a����ZKl�R�د�
-f���5�I�1���U5��E�6k�m����k���3#�Ï>�G��5?ԜМV��P���J(� e�1�8��s�,J��D�n��eU���䕱�m��$�S1q�g���8 ��/�E����fG�G-6k{ W�w$xP<Z�N���ָq�	<�_fy���
(PIL���U��(�W		���e���
l�]��E�þO����`����)�����a#P�-�b��o��s���������>�{������K(��c߭ŨwZx9���6aS߭��W'0���^p�gmkW�%�&5D���T�*��j������ٵvլ��IST%��!��L8��ٽ>E!
-���3��M͠D[ڳ�����浊$��)�#�������c:D���@$<AIR�'��/s�ڏ�K�=DZT`�f2��.������󫖬X"���{���p��l���H\�q}�����Ĺql�4�6����g&'�@��1�&
-`������xI�3��
e�sTfO�r zioﲈ�����.���=w�|_�����m�"�2������?�0��8��_O��O��n��X�=���}K#V
��ϥ�HQ
���^vf�O��C
-��kl
�U�+���6��dY׿w�=����r%(�p�b�����Ͽ�l�#ީ��P����m��u���B���(�a�Iq�Š5qP�	����0��غC �s�+;�5H���
�v�$r��N��U`႘z�����A�1B��"�{O��� ��	�;医x���S&������l}��rf�>ؕ�5�͇�ܟ6�?|�o�!E���2X�d�
���V��d��Қlv�⡜���5q՗���AA���~�/ۺ�G�u��>I&՗��!<��7�m�fVE>�s��c��x���ХS��d���
ꃥΏL��h����ƃwU"a^�n���4�J��-�y՚�L�Sy�������@�65L����4tڒqh�{��:�����I��@U?���]�����1��o��W7T�Q$v���Ck��
�c@��IM�2g���I����k���"mI_�x8���9�Ώ�z���i�
�rn���e#Ҧ�׮�I&O)֖�niy��z�JO�K����������:3q�Aj6�@��)�R�J]NQ��o�T3a��Y��X	ǂ��^���h⡄�|�Rp�•n��Wo���3y	�3�׸"���`�<�S�g8��I���u���6��Ũ�{<
-�+��Xt|�\��ʵ9���*�������N�;^��z0�G
ooF�>���^k_�����@�ppi��v;WÓ&�5��
���L�f[���p�y��B?
��IEND�B`�
\ No newline at end of file
diff --git a/core/modules/shortcut/images/favstar.svg b/core/modules/shortcut/images/favstar.svg
deleted file mode 100644
index 9c8ef1d..0000000
--- a/core/modules/shortcut/images/favstar.svg
+++ /dev/null
@@ -1 +0,0 @@
-<svg xmlns="http://www.w3.org/2000/svg" width="80" height="20" viewBox="0 0 80 20"><g><path fill="#FEF6A8" d="M69.729 2.259c.149-.385.394-.385.543 0l1.959 5.049c.149.385.609.699 1.021.699l1.75.169c.412 0 .493.219.18.487l-1.31.981c-.313.268-.497.816-.407 1.22l1.472 6.562c.09.403-.118.547-.463.319l-3.848-2.539c-.345-.228-.907-.228-1.252 0l-3.848 2.539c-.345.228-.553.084-.463-.319l1.047-4.707c.09-.403-.094-.952-.407-1.22l-3.518-3.006c-.313-.268-.232-.487.18-.487h4.381c.412 0 .872-.314 1.021-.699l1.962-5.048z"/><polygon fill="#807640" points="77.548,5 75.002,7.547 72.456,5 71.041,6.415 73.587,8.961 71.044,11.505 72.457,12.919 75.001,10.375 77.546,12.919 78.96,11.505 76.415,8.96 78.962,6.414"/><path fill="#80722D" d="M75.172 13.897s-.133-.516-.651-.349c-.516.166-.302.674-.302.674l.719 3.204c.061.273-.016.428-.178.428-.078 0-.174-.035-.285-.107l-3.848-2.539c-.174-.115-.4-.172-.627-.172s-.453.057-.625.172l-3.848 2.539c-.111.072-.209.107-.285.107-.164 0-.24-.154-.178-.428l1.047-4.707c.09-.402-.094-.951-.408-1.219l-3.518-3.007c-.314-.269-.232-.487.18-.487h4.383c.412 0 .871-.314 1.021-.699l1.959-5.049c.075-.192.174-.287.272-.287s.197.096.271.288l.461 1.158s.255.409.635.219c.44-.221.227-.66.227-.66l-.389-1.078c-.336-.861-1.008-.927-1.205-.927s-.869.066-1.203.926l-1.961 5.049-.109.062-4.361-.001c-.934 0-1.23.609-1.301.796-.068.187-.238.844.471 1.451l3.52 3.007c.037.041.086.186.078.25l-1.045 4.699c-.133.596.051.984.229 1.205.225.279.561.439.926.439.279 0 .561-.092.836-.273l3.848-2.539v.002l.074-.008.088.014 3.836 2.531c.273.182.557.273.836.273.363 0 .701-.16.924-.439.178-.221.361-.609.23-1.205l-.744-3.313z"/></g><g><path fill="#FEF6A8" d="M54.759 18.355c-.18 0-.369-.064-.561-.191l-3.848-2.539c-.083-.055-.215-.088-.351-.088s-.268.033-.351.088l-3.848 2.539c-.191.127-.381.191-.561.191-.212 0-.407-.092-.535-.252-.109-.136-.22-.383-.131-.784l1.047-4.708c.05-.222-.071-.584-.243-.731l-3.517-3.006c-.451-.386-.378-.756-.326-.897.053-.141.237-.47.831-.47h4.381c.206 0 .48-.188.556-.38l1.961-5.049c.213-.549.587-.608.737-.608s.524.059.737.607l1.959 5.049c.075.191.35.38.556.38h4.383c.594 0 .778.329.831.47.052.142.125.512-.326.897l-3.518 3.006c-.173.147-.294.51-.244.731l1.047 4.708c.089.401-.021.647-.131.784-.128.162-.323.253-.535.253z"/><path fill="#80722D" d="M50 1.97c.099 0 .196.096.271.289l1.959 5.049c.149.385.609.699 1.021.699h4.383c.412 0 .493.219.18.487l-3.517 3.006c-.313.268-.497.816-.407 1.22l1.047 4.708c.061.273-.015.428-.178.428-.077 0-.174-.035-.285-.108l-3.848-2.539c-.173-.113-.399-.171-.626-.171s-.453.058-.626.171l-3.848 2.539c-.111.073-.208.108-.285.108-.163 0-.238-.154-.178-.428l1.047-4.708c.09-.403-.094-.952-.407-1.22l-3.518-3.006c-.313-.268-.232-.487.18-.487h4.381c.412 0 .872-.314 1.021-.699l1.961-5.049c.076-.193.173-.289.272-.289m0-1c-.198 0-.87.067-1.204.927l-1.961 5.049-.109.062-4.36-.001c-.934 0-1.231.61-1.3.797-.069.187-.239.844.471 1.451l3.518 3.005c.039.043.086.186.079.25l-1.046 4.701c-.132.595.052.983.229 1.205.224.279.561.439.925.439.28 0 .562-.093.836-.273l3.848-2.539.001.001.074-.007.089.014 3.834 2.531c.274.181.557.273.836.273.364 0 .701-.16.925-.439.178-.222.361-.61.229-1.206l-1.046-4.707c-.006-.058.041-.2.086-.248l3.512-3c.71-.607.54-1.264.471-1.451-.068-.187-.366-.797-1.3-.797h-4.383l-.098-.08-1.95-5.03c-.336-.86-1.008-.927-1.206-.927z"/></g><g><path opacity=".7" fill="#5A563B" d="M35.414 14.96s-.133-.516-.651-.349c-.516.166-.302.674-.302.674l.477 2.142c.061.273-.016.428-.178.428-.078 0-.174-.035-.285-.107l-3.848-2.539c-.174-.115-.4-.172-.627-.172s-.453.057-.625.172l-3.848 2.539c-.111.072-.209.107-.285.107-.164 0-.24-.154-.178-.428l1.047-4.707c.09-.402-.094-.951-.408-1.219l-3.518-3.007c-.314-.269-.232-.487.18-.487h4.383c.412 0 .871-.314 1.021-.699l1.959-5.049c.075-.193.174-.288.272-.288s.197.096.271.288l1.377 3.538s.255.409.635.219c.44-.221.227-.66.227-.66l-.607-1.658-.697-1.801c-.337-.86-1.009-.926-1.206-.926s-.869.066-1.203.926l-1.961 5.049-.109.062-4.361-.001c-.934 0-1.23.609-1.301.796-.068.187-.238.844.471 1.451l3.52 3.007c.037.041.086.186.078.25l-1.045 4.699c-.133.596.051.984.229 1.205.225.279.561.439.926.439.279 0 .561-.092.836-.273l3.848-2.539v.002l.074-.008.088.014 3.836 2.531c.273.182.557.273.836.273.363 0 .701-.16.924-.439.178-.221.361-.609.23-1.205l-.502-2.25z"/><polygon fill="#807640" points="39,7.96 36,7.96 36,4.96 34,4.96 34,7.96 31,7.96 31,9.959 34,9.959 34,12.96 36,12.96 36,9.959 39,9.959"/></g><path opacity=".7" fill="#5A563B" d="M10 1.97c.098 0 .197.096.271.289l1.959 5.049c.149.385.609.699 1.021.699h4.383c.412 0 .493.219.18.487l-3.517 3.006c-.313.268-.497.816-.407 1.22l1.047 4.707c.061.273-.015.428-.178.428-.077 0-.174-.035-.285-.108l-3.848-2.539c-.172-.114-.399-.171-.626-.171s-.454.057-.626.171l-3.848 2.539c-.111.073-.208.108-.285.108-.163 0-.239-.154-.178-.428l1.047-4.707c.09-.403-.094-.951-.407-1.22l-3.518-3.006c-.313-.268-.233-.487.18-.487h4.382c.413 0 .872-.314 1.021-.699l1.96-5.049c.075-.193.173-.289.272-.289m0-1c-.198 0-.87.067-1.204.927l-1.96 5.049-.109.062-4.362-.001c-.934 0-1.231.61-1.3.796-.069.187-.239.844.47 1.451l3.519 3.007c.038.041.086.185.079.249l-1.046 4.7c-.133.595.051.983.229 1.205.224.279.561.439.925.439.28 0 .562-.093.836-.274l3.848-2.538v.001l.075-.007.088.014 3.834 2.531c.274.181.557.273.836.273.364 0 .701-.16.925-.439.178-.222.361-.61.229-1.206l-1.047-4.706c-.006-.058.041-.2.086-.248l3.512-3c.71-.607.54-1.264.471-1.451-.068-.187-.366-.797-1.3-.797h-4.383l-.098-.08-1.95-5.03c-.333-.86-1.005-.927-1.203-.927z"/></svg>
\ No newline at end of file
diff --git a/core/modules/shortcut/images/shortcut-add.png b/core/modules/shortcut/images/shortcut-add.png
new file mode 100644
index 0000000..2924557
--- /dev/null
+++ b/core/modules/shortcut/images/shortcut-add.png
@@ -0,0 +1,5 @@
+�PNG
+
+
IHDR$�
+gAMA��|�Q��PLTE��������������������������������������������������������إ��~~~���NNNlllHHH���EEExxx�����ɥ�����pql���---���������cd_KKK_`[���|��
tRNS�lo�������6e��
-IDAT(�]�Y��0D��B&���v��O7vg,��>Ѓ�Z�O���dIA�s8~�/ͱ�>�`��l�L��0��KfN.)~�A3sژF��l�i&�8�A�ĭJ�*!u���b朔�{e춦�c}T������>�U4����)�EV�������{��T52���U��f�j�JJd,��U
+�Rt�Wkpe�:v~*s �����q��٢,�_B��5/������2���[dd�r[��̜BҬ��w��y�T6VC7B�%� S�V%�[���d7�̹)]w�1_M]����;<�<=6��a����8�m�ڴ[�IEND�B`�
\ No newline at end of file
diff --git a/core/modules/shortcut/shortcut.module b/core/modules/shortcut/shortcut.module
index dd7298f..a988cf4 100644
--- a/core/modules/shortcut/shortcut.module
+++ b/core/modules/shortcut/shortcut.module
@@ -433,7 +433,7 @@ function shortcut_preprocess_page(&$variables) {
         ),
         '#prefix' => '<div class="add-or-remove-shortcuts ' . $link_mode . '-shortcut">',
         '#type' => 'link',
-        '#title' => '<span class="icon"></span><span class="text">'. $link_text .'</span>',
+        '#title' => '<span class="icon">'. t('Add or remove shortcut') .'</span><span class="text">' . $link_text . '</span>',
         '#route_name' => $route_name,
         '#route_parameters' => $route_parameters,
         '#options' => array('query' => $query, 'html' => TRUE),
diff --git a/core/modules/simpletest/lib/Drupal/simpletest/TestBase.php b/core/modules/simpletest/lib/Drupal/simpletest/TestBase.php
index b6df347..d1627bb 100644
--- a/core/modules/simpletest/lib/Drupal/simpletest/TestBase.php
+++ b/core/modules/simpletest/lib/Drupal/simpletest/TestBase.php
@@ -8,6 +8,7 @@
 namespace Drupal\simpletest;
 
 use Drupal\Component\Utility\Random;
+use Drupal\Core\Authentication\AuthenticationManager;
 use Drupal\Core\Database\Database;
 use Drupal\Component\Utility\Settings;
 use Drupal\Core\Config\ConfigImporter;
@@ -17,6 +18,7 @@
 use Drupal\Core\Config\StorageInterface;
 use Drupal\Core\DrupalKernel;
 use Drupal\Core\Language\Language;
+use Drupal\Core\Session\CurrentUserFactory;
 use Drupal\Core\StreamWrapper\PublicStream;
 use Drupal\Core\Utility\Error;
 use Symfony\Component\HttpFoundation\Request;
@@ -1035,7 +1037,10 @@ private function prepareEnvironment() {
 
     $request = Request::create('/');
     $this->container->set('request', $request);
-    $this->container->set('current_user', $GLOBALS['user']);
+    $current_user = new CurrentUserFactory(new AuthenticationManager());
+    $current_user->setRequest($request);
+    $current_user->setAccount($GLOBALS['user']);
+    $this->container->set('current_user', $current_user);
 
     \Drupal::setContainer($this->container);
 
@@ -1114,7 +1119,10 @@ protected function rebuildContainer() {
     $this->container = \Drupal::getContainer();
     // The global $user is set in TestBase::prepareEnvironment().
     $this->container->set('request', $request);
-    $this->container->set('current_user', $GLOBALS['user']);
+    $current_user = new CurrentUserFactory(new AuthenticationManager());
+    $current_user->setRequest($request);
+    $current_user->setAccount($GLOBALS['user']);
+    $this->container->set('current_user', $current_user);
   }
 
   /**
diff --git a/core/modules/simpletest/lib/Drupal/simpletest/Tests/SimpleTestTest.php b/core/modules/simpletest/lib/Drupal/simpletest/Tests/SimpleTestTest.php
index 2a19a5c1..033d624 100644
--- a/core/modules/simpletest/lib/Drupal/simpletest/Tests/SimpleTestTest.php
+++ b/core/modules/simpletest/lib/Drupal/simpletest/Tests/SimpleTestTest.php
@@ -63,11 +63,11 @@ function testInternalBrowser() {
       )));
       $this->assertNoTitle('Foo');
 
-      $old_user_id = $this->container->get('current_user')->id();
+      $old_user_id = $this->container->get('current_user')->getAccount()->id();
       $user = $this->drupalCreateUser();
       $this->drupalLogin($user);
       // Check that current user service updated.
-      $this->assertNotEqual($old_user_id, $this->container->get('current_user')->id(), 'Current user service updated.');
+      $this->assertNotEqual($old_user_id, $this->container->get('current_user')->getAccount()->id(), 'Current user service updated.');
       $headers = $this->drupalGetHeaders(TRUE);
       $this->assertEqual(count($headers), 2, 'There was one intermediate request.');
       $this->assertTrue(strpos($headers[0][':status'], '302') !== FALSE, 'Intermediate response code was 302.');
@@ -79,7 +79,7 @@ function testInternalBrowser() {
       // Test the maximum redirection option.
       $this->drupalLogout();
       // Check that current user service updated to anonymous user.
-      $this->assertEqual(0, $this->container->get('current_user')->id(), 'Current user service updated.');
+      $this->assertEqual(0, $this->container->get('current_user')->getAccount()->id(), 'Current user service updated.');
       $edit = array(
         'name' => $user->getUsername(),
         'pass' => $user->pass_raw
diff --git a/core/modules/simpletest/lib/Drupal/simpletest/WebTestBase.php b/core/modules/simpletest/lib/Drupal/simpletest/WebTestBase.php
index 3917ffa..002c509 100644
--- a/core/modules/simpletest/lib/Drupal/simpletest/WebTestBase.php
+++ b/core/modules/simpletest/lib/Drupal/simpletest/WebTestBase.php
@@ -680,10 +680,7 @@ protected function drupalLogin(AccountInterface $account) {
     $pass = $this->assert($this->drupalUserIsLoggedIn($account), format_string('User %name successfully logged in.', array('%name' => $account->getUsername())), 'User login');
     if ($pass) {
       $this->loggedInUser = $account;
-      $this->container->set('current_user', $account);
-      // @todo Temporary workaround for not being able to use synchronized
-      //   services in non dumped container.
-      $this->container->get('access_subscriber')->setCurrentUser($account);
+      $this->container->get('current_user')->setAccount($account);
     }
   }
 
@@ -728,7 +725,7 @@ protected function drupalLogout() {
       // @see WebTestBase::drupalUserIsLoggedIn()
       unset($this->loggedInUser->session_id);
       $this->loggedInUser = FALSE;
-      $this->container->set('current_user', drupal_anonymous_user());
+      $this->container->get('current_user')->setAccount(drupal_anonymous_user());
     }
   }
 
diff --git a/core/modules/system/css/system.module.css b/core/modules/system/css/system.module.css
index fdf5ac2..dddac44 100644
--- a/core/modules/system/css/system.module.css
+++ b/core/modules/system/css/system.module.css
@@ -365,24 +365,3 @@ tr .ajax-progress-throbber .throbber {
   margin-left: auto;
   margin-right: auto;
 }
-
-/*
- * Remove browser styles, especially for <buttons> and so on.
- */
-.reset-appearance {
-  -webkit-appearance: none;
-  -moz-appearance: none;
-  appearance: none;
-  border: 0 none;
-  background: transparent;
-  padding: 0;
-  margin: 0;
-  line-height: inherit;
-}
-
-/*
- * Contain positioned elements.
- */
-.position-container {
-  position: relative;
-}
diff --git a/core/modules/system/css/system.theme.css b/core/modules/system/css/system.theme.css
index 9a0153d..f205034 100644
--- a/core/modules/system/css/system.theme.css
+++ b/core/modules/system/css/system.theme.css
@@ -441,12 +441,15 @@ ul.links a.active {
 /**
  * Markup generated by theme_menu_local_tasks().
  */
-.tabs {
+div.tabs {
+  margin: 1em 0;
+}
+ul.tabs {
   list-style: none;
   margin: 0 0 0.5em;
   padding: 0;
 }
-.tabs__tab {
+.tabs > li {
   display: inline-block;
   margin-right: 0.3em; /* LTR */
 }
diff --git a/core/modules/system/lib/Drupal/system/Tests/Entity/EntityTranslationTest.php b/core/modules/system/lib/Drupal/system/Tests/Entity/EntityTranslationTest.php
index 777fa46..cac2e08 100644
--- a/core/modules/system/lib/Drupal/system/Tests/Entity/EntityTranslationTest.php
+++ b/core/modules/system/lib/Drupal/system/Tests/Entity/EntityTranslationTest.php
@@ -43,7 +43,7 @@ public function testEntityLanguageMethods() {
   protected function _testEntityLanguageMethods($entity_type) {
     $entity = entity_create($entity_type, array(
       'name' => 'test',
-      'user_id' => $this->container->get('current_user')->id(),
+      'user_id' => $this->container->get('current_user')->getAccount()->id(),
     ));
     $this->assertEqual($entity->language()->id, Language::LANGCODE_NOT_SPECIFIED, format_string('%entity_type: Entity language not specified.', array('%entity_type' => $entity_type)));
     $this->assertFalse($entity->getTranslationLanguages(FALSE), format_string('%entity_type: No translations are available', array('%entity_type' => $entity_type)));
diff --git a/core/modules/system/lib/Drupal/system/Tests/Form/FormCacheTest.php b/core/modules/system/lib/Drupal/system/Tests/Form/FormCacheTest.php
index 0e6d629..182a8c9 100644
--- a/core/modules/system/lib/Drupal/system/Tests/Form/FormCacheTest.php
+++ b/core/modules/system/lib/Drupal/system/Tests/Form/FormCacheTest.php
@@ -46,7 +46,7 @@ public function setUp() {
    * Tests the form cache with a logged-in user.
    */
   function testCacheToken() {
-    $this->container->set('current_user', new UserSession(array('uid' => 1)));
+    $this->container->get('current_user')->setAccount(new UserSession(array('uid' => 1)));
     form_set_cache($this->form_build_id, $this->form, $this->form_state);
 
     $cached_form_state = form_state_defaults();
@@ -75,7 +75,7 @@ function testCacheToken() {
    * Tests the form cache without a logged-in user.
    */
   function testNoCacheToken() {
-    $this->container->set('current_user', new UserSession(array('uid' => 0)));
+    $this->container->get('current_user')->setAccount(new UserSession(array('uid' => 0)));
 
     $this->form_state['example'] = $this->randomName();
     form_set_cache($this->form_build_id, $this->form, $this->form_state);
diff --git a/core/modules/system/lib/Drupal/system/Tests/Theme/FunctionsTest.php b/core/modules/system/lib/Drupal/system/Tests/Theme/FunctionsTest.php
index 586e1eb..5013e5a 100644
--- a/core/modules/system/lib/Drupal/system/Tests/Theme/FunctionsTest.php
+++ b/core/modules/system/lib/Drupal/system/Tests/Theme/FunctionsTest.php
@@ -243,7 +243,7 @@ function testLinks() {
     $this->assertThemeOutput('links', $variables, $expected);
 
     // Verify the data- attributes for setting the "active" class on links.
-    $this->container->set('current_user', new UserSession(array('uid' => 1)));
+    $this->container->get('current_user')->setAccount(new UserSession(array('uid' => 1)));
     $variables['set_active_class'] = TRUE;
     $expected_links = '';
     $expected_links .= '<ul id="somelinks">';
diff --git a/core/modules/system/system.module b/core/modules/system/system.module
index 1657f9f..065d280 100644
--- a/core/modules/system/system.module
+++ b/core/modules/system/system.module
@@ -1390,18 +1390,6 @@ function system_library_info() {
     ),
   );
 
-  // jQuery Intrinsic Measurements.
-  $libraries['jquery.intrinsic'] = array(
-    'title' => 'Instric Measurements',
-    'version' => '1.0',
-    'js' => array(
-      'core/misc/jquery.intrinsic.js' => array(),
-    ),
-    'dependencies' => array(
-      array('system', 'jquery'),
-    ),
-  );
-
   // jQuery Form Plugin.
   $libraries['jquery.form'] = array(
     'title' => 'jQuery Form Plugin',
diff --git a/core/modules/system/tests/modules/router_test_directory/lib/Drupal/router_test/TestContent.php b/core/modules/system/tests/modules/router_test_directory/lib/Drupal/router_test/TestContent.php
index 57a1a85..fe5b38d 100644
--- a/core/modules/system/tests/modules/router_test_directory/lib/Drupal/router_test/TestContent.php
+++ b/core/modules/system/tests/modules/router_test_directory/lib/Drupal/router_test/TestContent.php
@@ -59,7 +59,6 @@ public function test11() {
 
   public function testAccount(UserInterface $user) {
     $current_user = $this->currentUser();
-    \Drupal::getContainer()->set('current_user', $user);
     return $current_user->getUsername() . ':' . $user->getUsername();
   }
 
diff --git a/core/modules/user/lib/Drupal/user/EventSubscriber/MaintenanceModeSubscriber.php b/core/modules/user/lib/Drupal/user/EventSubscriber/MaintenanceModeSubscriber.php
index 0a42c91..93abca6 100644
--- a/core/modules/user/lib/Drupal/user/EventSubscriber/MaintenanceModeSubscriber.php
+++ b/core/modules/user/lib/Drupal/user/EventSubscriber/MaintenanceModeSubscriber.php
@@ -7,6 +7,7 @@
 
 namespace Drupal\user\EventSubscriber;
 
+use Drupal\Core\Session\CurrentUserFactoryInterface;
 use Symfony\Component\EventDispatcher\EventSubscriberInterface;
 use Symfony\Component\HttpFoundation\RedirectResponse;
 use Symfony\Component\HttpKernel\Event\GetResponseEvent;
@@ -18,13 +19,30 @@
 class MaintenanceModeSubscriber implements EventSubscriberInterface {
 
   /**
+   * The current user factory.
+   *
+   * @var \Drupal\Core\Session\CurrentUserFactoryInterface $current_user
+   */
+  protected $currentUser;
+
+  /**
+   * Constructs a MaintenanceModeSubscriber object.
+   *
+   * @param \Drupal\Core\Session\CurrentUserFactoryInterface $current_user
+   *   The current user factory.
+   */
+  public function __construct(CurrentUserFactoryInterface $current_user) {
+    $this->currentUser = $current_user;
+  }
+
+  /**
    * Determine whether the page is configured to be offline.
    *
    * @param \Symfony\Component\HttpKernel\Event\GetResponseEvent $event
    *   The event to process.
    */
   public function onKernelRequestMaintenance(GetResponseEvent $event) {
-    $user = \Drupal::currentUser();
+    $user = $this->currentUser->getAccount();
     $request = $event->getRequest();
     $site_status = $request->attributes->get('_maintenance');
     $path = $request->attributes->get('_system_path');
@@ -37,7 +55,7 @@ public function onKernelRequestMaintenance(GetResponseEvent $event) {
         return;
       }
 
-      if (user_is_anonymous()) {
+      if ($user->isAnonymous()) {
         switch ($path) {
           case 'user':
             // Forward anonymous user to login page.
diff --git a/core/modules/user/lib/Drupal/user/Plugin/Search/UserSearch.php b/core/modules/user/lib/Drupal/user/Plugin/Search/UserSearch.php
index 518d9c0..7d844f1 100644
--- a/core/modules/user/lib/Drupal/user/Plugin/Search/UserSearch.php
+++ b/core/modules/user/lib/Drupal/user/Plugin/Search/UserSearch.php
@@ -12,6 +12,7 @@
 use Drupal\Core\Extension\ModuleHandlerInterface;
 use Drupal\Core\Session\AccountInterface;
 use Drupal\Core\Access\AccessibleInterface;
+use Drupal\Core\Session\CurrentUserFactoryInterface;
 use Drupal\search\Plugin\SearchPluginBase;
 use Symfony\Component\DependencyInjection\ContainerInterface;
 
@@ -47,9 +48,9 @@ class UserSearch extends SearchPluginBase implements AccessibleInterface {
   protected $moduleHandler;
 
   /**
-   * The current user.
+   * The current user factory.
    *
-   * @var \Drupal\Core\Session\AccountInterface
+   * @var \Drupal\Core\Session\CurrentUserFactoryInterface
    */
   protected $currentUser;
 
@@ -77,8 +78,8 @@ static public function create(ContainerInterface $container, array $configuratio
    *   The entity manager.
    * @param ModuleHandlerInterface $module_handler
    *   The module handler.
-   * @param \Drupal\Core\Session\AccountInterface $current_user
-   *   The current user.
+   * @param \Drupal\Core\Session\CurrentUserFactoryInterface $current_user
+   *   The current user factory.
    * @param array $configuration
    *   A configuration array containing information about the plugin instance.
    * @param string $plugin_id
@@ -86,7 +87,7 @@ static public function create(ContainerInterface $container, array $configuratio
    * @param array $plugin_definition
    *   The plugin implementation definition.
    */
-  public function __construct(Connection $database, EntityManagerInterface $entity_manager, ModuleHandlerInterface $module_handler, AccountInterface $current_user, array $configuration, $plugin_id, array $plugin_definition) {
+  public function __construct(Connection $database, EntityManagerInterface $entity_manager, ModuleHandlerInterface $module_handler, CurrentUserFactoryInterface $current_user, array $configuration, $plugin_id, array $plugin_definition) {
     $this->database = $database;
     $this->entityManager = $entity_manager;
     $this->moduleHandler = $module_handler;
@@ -105,7 +106,9 @@ public function access($operation = 'view', AccountInterface $account = NULL) {
    * {@inheritdoc}
    */
   public function execute() {
+    $current_user = $this->currentUser->getAccount();
     $results = array();
+
     if (!$this->isSearchExecutable()) {
       return $results;
     }
@@ -116,7 +119,7 @@ public function execute() {
       ->select('users')
       ->extend('Drupal\Core\Database\Query\PagerSelectExtender');
     $query->fields('users', array('uid'));
-    if ($this->currentUser->hasPermission('administer users')) {
+    if ($current_user->hasPermission('administer users')) {
       // Administrators can also search in the otherwise private email field, and
       // they don't need to be restricted to only active users.
       $query->fields('users', array('mail'));
@@ -142,7 +145,7 @@ public function execute() {
         'title' => $account->getUsername(),
         'link' => url('user/' . $account->id(), array('absolute' => TRUE)),
       );
-      if ($this->currentUser->hasPermission('administer users')) {
+      if ($current_user->hasPermission('administer users')) {
         $result['title'] .= ' (' . $account->getEmail() . ')';
       }
       $results[] = $result;
diff --git a/core/modules/user/lib/Drupal/user/Theme/AdminNegotiator.php b/core/modules/user/lib/Drupal/user/Theme/AdminNegotiator.php
index faaeb40..806a2ee 100644
--- a/core/modules/user/lib/Drupal/user/Theme/AdminNegotiator.php
+++ b/core/modules/user/lib/Drupal/user/Theme/AdminNegotiator.php
@@ -9,7 +9,7 @@
 
 use Drupal\Core\Config\ConfigFactory;
 use Drupal\Core\Entity\EntityManagerInterface;
-use Drupal\Core\Session\AccountInterface;
+use Drupal\Core\Session\CurrentUserFactoryInterface;
 use Drupal\Core\Theme\ThemeNegotiatorInterface;
 use Symfony\Component\HttpFoundation\Request;
 
@@ -19,11 +19,11 @@
 class AdminNegotiator implements ThemeNegotiatorInterface {
 
   /**
-   * The current user.
+   * The current user factory.
    *
-   * @var \Drupal\Core\Session\AccountInterface
+   * @var \Drupal\Core\Session\CurrentUserFactoryInterface
    */
-  protected $user;
+  protected $currentUser;
 
   /**
    * The config factory.
@@ -42,15 +42,15 @@ class AdminNegotiator implements ThemeNegotiatorInterface {
   /**
    * Creates a new AdminNegotiator instance.
    *
-   * @param \Drupal\Core\Session\AccountInterface $user
-   *   The current user.
+   * @param \Drupal\Core\Session\CurrentUserFactoryInterface $current_user
+   *   The current user factory.
    * @param \Drupal\Core\Config\ConfigFactory $config_factory
    *   The config factory.
    * @param \Drupal\Core\Entity\EntityManagerInterface $entity_manager
    *   The entity manager.
    */
-  public function __construct(AccountInterface $user, ConfigFactory $config_factory, EntityManagerInterface $entity_manager) {
-    $this->user = $user;
+  public function __construct(CurrentUserFactoryInterface $current_user, ConfigFactory $config_factory, EntityManagerInterface $entity_manager) {
+    $this->currentUser = $current_user;
     $this->configFactory = $config_factory;
     $this->entityManager = $entity_manager;
   }
@@ -60,7 +60,7 @@ public function __construct(AccountInterface $user, ConfigFactory $config_factor
    */
   public function applies(Request $request) {
     $path = $request->attributes->get('_system_path');
-    return ($this->entityManager->hasController('user_role', 'storage') && $this->user->hasPermission('view the administration theme') && path_is_admin($path));
+    return ($this->entityManager->hasController('user_role', 'storage') && $this->currentUser->getAccount()->hasPermission('view the administration theme') && path_is_admin($path));
   }
 
   /**
diff --git a/core/modules/user/user.services.yml b/core/modules/user/user.services.yml
index 23d8706..7e27107 100644
--- a/core/modules/user/user.services.yml
+++ b/core/modules/user/user.services.yml
@@ -23,6 +23,7 @@ services:
     arguments: ['@database', '@config.factory', '@entity.manager', '@entity.query']
   user_maintenance_mode_subscriber:
     class: Drupal\user\EventSubscriber\MaintenanceModeSubscriber
+    arguments: ['@current_user']
     tags:
       - { name: event_subscriber }
   theme.negotiator.admin_theme:
diff --git a/core/modules/views/lib/Drupal/views/Plugin/Block/ViewsBlockBase.php b/core/modules/views/lib/Drupal/views/Plugin/Block/ViewsBlockBase.php
index 56f3c86..4c4ea4d 100644
--- a/core/modules/views/lib/Drupal/views/Plugin/Block/ViewsBlockBase.php
+++ b/core/modules/views/lib/Drupal/views/Plugin/Block/ViewsBlockBase.php
@@ -41,13 +41,6 @@
   protected $displaySet;
 
   /**
-   * The current user.
-   *
-   * @var \Drupal\Core\Session\AccountInterface
-   */
-  protected $user;
-
-  /**
    * Constructs a \Drupal\views\Plugin\Block\ViewsBlockBase object.
    *
    * @param array $configuration
@@ -60,10 +53,8 @@
    *   The view executable factory.
    * @param \Drupal\Core\Entity\EntityStorageControllerInterface $storage_controller
    *   The views storage controller.
-   * @param \Drupal\Core\Session\AccountInterface $user
-   *   The current user.
    */
-  public function __construct(array $configuration, $plugin_id, array $plugin_definition, ViewExecutableFactory $executable_factory, EntityStorageControllerInterface $storage_controller, AccountInterface $user) {
+  public function __construct(array $configuration, $plugin_id, array $plugin_definition, ViewExecutableFactory $executable_factory, EntityStorageControllerInterface $storage_controller) {
     $this->pluginId = $plugin_id;
     $delta = $this->getDerivativeId();
     list($name, $this->displayID) = explode('-', $delta, 2);
@@ -71,7 +62,6 @@ public function __construct(array $configuration, $plugin_id, array $plugin_defi
     $view = $storage_controller->load($name);
     $this->view = $executable_factory->get($view);
     $this->displaySet = $this->view->setDisplay($this->displayID);
-    $this->user = $user;
 
     parent::__construct($configuration, $plugin_id, $plugin_definition);
   }
diff --git a/core/modules/views/lib/Drupal/views/ViewExecutableFactory.php b/core/modules/views/lib/Drupal/views/ViewExecutableFactory.php
index c6f9828..76fb8ef 100644
--- a/core/modules/views/lib/Drupal/views/ViewExecutableFactory.php
+++ b/core/modules/views/lib/Drupal/views/ViewExecutableFactory.php
@@ -7,8 +7,7 @@
 
 namespace Drupal\views;
 
-use Drupal\Core\Session\AccountInterface;
-use Drupal\views\ViewStorageInterface;
+use Drupal\Core\Session\CurrentUserFactoryInterface;
 
 /**
  * Defines the cache backend factory.
@@ -18,18 +17,18 @@ class ViewExecutableFactory {
   /**
    * Stores the current user.
    *
-   * @var \Drupal\Core\Session\AccountInterface
+   * @var \Drupal\Core\Session\CurrentUserFactoryInterface
    */
-  protected $user;
+  protected $currentUser;
 
   /**
    * Constructs a new ViewExecutableFactory
    *
-   * @param \Drupal\Core\Session\AccountInterface $user
-   *   The current user.
+   * @param \Drupal\Core\Session\CurrentUserFactoryInterface $current_user
+   *   The current user factory..
    */
-  public function __construct(AccountInterface $user) {
-    $this->user = $user;
+  public function __construct(CurrentUserFactoryInterface $current_user) {
+    $this->currentUser = $current_user;
   }
 
   /**
@@ -42,7 +41,7 @@ public function __construct(AccountInterface $user) {
    *   A ViewExecutable instance.
    */
   public function get(ViewStorageInterface $view) {
-    return new ViewExecutable($view, $this->user);
+    return new ViewExecutable($view, $this->currentUser->getAccount());
   }
 
 }
diff --git a/core/modules/views/tests/Drupal/views/Tests/ViewsTest.php b/core/modules/views/tests/Drupal/views/Tests/ViewsTest.php
index 9466c0b..006db57 100644
--- a/core/modules/views/tests/Drupal/views/Tests/ViewsTest.php
+++ b/core/modules/views/tests/Drupal/views/Tests/ViewsTest.php
@@ -30,8 +30,8 @@ protected function setUp() {
     parent::setUp();
 
     $container = new ContainerBuilder();
-    $user = $this->getMock('Drupal\Core\Session\AccountInterface');
-    $container->set('views.executable', new ViewExecutableFactory($user));
+    $current_user = $this->getCurrentUserFactoryStub();
+    $container->set('views.executable', new ViewExecutableFactory($current_user));
 
     $this->view = new View(array('id' => 'test_view'), 'view');
 
diff --git a/core/modules/views_ui/css/views_ui.admin.theme.css b/core/modules/views_ui/css/views_ui.admin.theme.css
index e6f0614..0a4aa70 100644
--- a/core/modules/views_ui/css/views_ui.admin.theme.css
+++ b/core/modules/views_ui/css/views_ui.admin.theme.css
@@ -448,31 +448,20 @@ td.group-title {
  * The tabs that switch between sections
  */
 
-.views-displays .tabs.secondary {
+ul#views-display-menu-tabs {
   margin-right: 200px;
-  border: 0;
 }
 
-.views-displays .tabs.secondary li,
-.views-displays .tabs.secondary li.active {
-  background: transparent;
+ul#views-display-menu-tabs li {
   margin-bottom: 5px;
-  border: 0;
-  padding: 0;
-  width: auto;
 }
 
-.views-displays .tabs.secondary li.add ul.action-list li{
+ul#views-display-menu-tabs li.add ul.action-list li{
   margin: 0;
 }
 
-.views-displays .tabs.secondary li {
-  margin: 0 5px 0 6px;
-}
-
-.views-displays .tabs.secondary a {
+.views-displays .secondary a {
   border: 1px solid #cbcbcb;
-  border-radius: 7px;
   display: inline-block;
   font-size: small;
   line-height: 1.3333;
@@ -482,38 +471,38 @@ td.group-title {
 /**
  * Display a red border if the display doesn't validate.
  */
-.views-displays .tabs.secondary li.active a.active.error,
-.views-displays .tabs.secondary a.error {
+.views-displays ul.secondary li.active a.active.error,
+.views-displays .secondary a.error {
   border: 2px solid #ed541d;
   padding: 1px 6px;
 }
 
-.views-displays .tabs.secondary a:focus {
+.views-displays .secondary a:focus {
   outline: none;
 }
 
-.views-displays .tabs.secondary li a {
+.views-displays ul.secondary li a {
   background-color: #fff;
 }
 
-.views-displays .tabs.secondary li a:hover,
-.views-displays .tabs.secondary li.active a,
-.views-displays .tabs.secondary li.active a.active {
+.views-displays ul.secondary li a:hover,
+.views-displays ul.secondary li.active a,
+.views-displays ul.secondary li.active a.active {
   background-color: #555;
   color: #fff;
 }
 
-.views-displays .tabs.secondary .open > a {
+.views-displays .secondary .open > a {
   background-color: #f1f1f1;
   border-bottom: 1px solid transparent;
   position: relative;
 }
 
-.views-displays .tabs.secondary .open > a:hover {
+.views-displays .secondary .open > a:hover {
   background-color: #f1f1f1;
 }
 
-.views-displays .tabs.secondary .action-list  li {
+.views-displays .secondary .action-list  li {
   background-color: #f1f1f1;
   border-color: #cbcbcb;
   border-style: solid;
@@ -521,7 +510,7 @@ td.group-title {
   padding: 2px 9px;
 }
 
-.views-displays .tabs.secondary .action-list  li:first-child {
+.views-displays .secondary .action-list  li:first-child {
   border-width: 1px 1px 0;
 }
 
@@ -529,18 +518,18 @@ td.group-title {
   border-width: 0 1px 1px;
 }
 
-.views-displays .tabs.secondary .action-list  li:last-child {
+.views-displays .secondary .action-list  li:last-child {
   border-width: 0 1px 1px;
 }
 
-.views-displays .tabs.secondary .action-list input.form-submit {
+.views-displays .secondary .action-list input.form-submit {
   background: none repeat scroll 0 0 transparent;
   border: medium none;
   margin: 0;
   padding: 0;
 }
 
-.views-displays .tabs.secondary .action-list li:hover {
+.views-displays .secondary .action-list li:hover {
   background-color: #ddd;
 }
 
diff --git a/core/modules/views_ui/tests/Drupal/views_ui/Tests/ViewListControllerTest.php b/core/modules/views_ui/tests/Drupal/views_ui/Tests/ViewListControllerTest.php
index 534f824..f5542ba 100644
--- a/core/modules/views_ui/tests/Drupal/views_ui/Tests/ViewListControllerTest.php
+++ b/core/modules/views_ui/tests/Drupal/views_ui/Tests/ViewListControllerTest.php
@@ -115,8 +115,8 @@ public function testBuildRowEntityList() {
       )));
 
     $container = new ContainerBuilder();
-    $user = $this->getMock('Drupal\Core\Session\AccountInterface');
-    $executable_factory = new ViewExecutableFactory($user);
+    $current_user = $this->getCurrentUserFactoryStub();
+    $executable_factory = new ViewExecutableFactory($current_user);
     $container->set('views.executable', $executable_factory);
     $container->set('plugin.manager.views.display', $display_manager);
     \Drupal::setContainer($container);
diff --git a/core/modules/views_ui/tests/Drupal/views_ui/Tests/ViewUIObjectTest.php b/core/modules/views_ui/tests/Drupal/views_ui/Tests/ViewUIObjectTest.php
index b8256a5..fa79834 100644
--- a/core/modules/views_ui/tests/Drupal/views_ui/Tests/ViewUIObjectTest.php
+++ b/core/modules/views_ui/tests/Drupal/views_ui/Tests/ViewUIObjectTest.php
@@ -91,7 +91,7 @@ public function testIsLocked() {
       ->will($this->returnValue(1));
 
     $container = new ContainerBuilder();
-    $container->set('current_user', $account);
+    $container->set('current_user', $this->getCurrentUserFactoryStub($account));
     \Drupal::setContainer($container);
 
     $view_ui = new ViewUI($storage, $executable);
diff --git a/core/tests/Drupal/Tests/Core/Access/CsrfTokenGeneratorTest.php b/core/tests/Drupal/Tests/Core/Access/CsrfTokenGeneratorTest.php
index 3a6d75c..b59db7e 100644
--- a/core/tests/Drupal/Tests/Core/Access/CsrfTokenGeneratorTest.php
+++ b/core/tests/Drupal/Tests/Core/Access/CsrfTokenGeneratorTest.php
@@ -10,7 +10,6 @@
 use Drupal\Tests\UnitTestCase;
 use Drupal\Core\Access\CsrfTokenGenerator;
 use Drupal\Component\Utility\Crypt;
-use Symfony\Component\HttpFoundation\Request;
 
 /**
  * Tests the CSRF token generator.
@@ -24,6 +23,20 @@ class CsrfTokenGeneratorTest extends UnitTestCase {
    */
   protected $generator;
 
+  /**
+   * The private key.
+   *
+   * @var string
+   */
+  protected $key;
+
+  /**
+   * The mocked current user factory.
+   *
+   * @var \Drupal\Core\Session\CurrentUserFactoryInterface|\PHPUnit_Framework_MockObject_MockObject
+   */
+  protected $currentUserFactory;
+
   public static function getInfo() {
     return array(
       'name' => 'CsrfTokenGenerator test',
@@ -48,7 +61,9 @@ function setUp() {
       ->method('get')
       ->will($this->returnValue($this->key));
 
-    $this->generator = new CsrfTokenGenerator($private_key);
+    $this->currentUserFactory = $this->getMock('Drupal\Core\Session\CurrentUserFactoryInterface');
+
+    $this->generator = new CsrfTokenGenerator($private_key, $this->currentUserFactory);
   }
 
   /**
@@ -64,6 +79,9 @@ public function testGet() {
    * Tests CsrfTokenGenerator::validate().
    */
   public function testValidate() {
+    $this->currentUserFactory->expects($this->never())
+      ->method('getAccount');
+
     $token = $this->generator->get();
     $this->assertTrue($this->generator->validate($token));
     $this->assertFalse($this->generator->validate($token, 'foo'));
@@ -71,21 +89,42 @@ public function testValidate() {
 
     $token = $this->generator->get('bar');
     $this->assertTrue($this->generator->validate($token, 'bar'));
+  }
 
+  /**
+   * Tests CsrfTokenGenerator::validate() with an anonymous user.
+   */
+  public function testValidateAnonymousPass() {
     // Check the skip_anonymous option with both a anonymous user and a real
     // user.
+    $token = $this->generator->get();
+
     $account = $this->getMock('Drupal\Core\Session\AccountInterface');
     $account->expects($this->once())
       ->method('isAnonymous')
       ->will($this->returnValue(TRUE));
-    $this->generator->setCurrentUser($account);
+
+    $this->currentUserFactory->expects($this->once())
+      ->method('getAccount')
+      ->will($this->returnValue($account));
+
     $this->assertTrue($this->generator->validate($token, 'foo', TRUE));
+  }
+
+  /**
+   * Tests CsrfTokenGenerator::validate() without an anonymous user.
+   */
+  public function testValidateAnonymousFail() {
+    $token = $this->generator->get();
 
     $account = $this->getMock('Drupal\Core\Session\AccountInterface');
     $account->expects($this->once())
       ->method('isAnonymous')
       ->will($this->returnValue(FALSE));
-    $this->generator->setCurrentUser($account);
+
+    $this->currentUserFactory->expects($this->once())
+      ->method('getAccount')
+      ->will($this->returnValue($account));
 
     $this->assertFalse($this->generator->validate($token, 'foo', TRUE));
   }
diff --git a/core/tests/Drupal/Tests/Core/DrupalTest.php b/core/tests/Drupal/Tests/Core/DrupalTest.php
index b37010f..4483194 100644
--- a/core/tests/Drupal/Tests/Core/DrupalTest.php
+++ b/core/tests/Drupal/Tests/Core/DrupalTest.php
@@ -67,7 +67,7 @@ public function testRequest() {
    * Tests the currentUser() method.
    */
   public function testCurrentUser() {
-    $this->setMockContainerService('current_user');
+    $this->setMockContainerService('current_user', $this->getCurrentUserFactoryStub());
     $this->assertNotNull(\Drupal::currentUser());
   }
 
diff --git a/core/tests/Drupal/Tests/Core/EventSubscriber/AccessSubscriberTest.php b/core/tests/Drupal/Tests/Core/EventSubscriber/AccessSubscriberTest.php
index c473129..9662f2b 100644
--- a/core/tests/Drupal/Tests/Core/EventSubscriber/AccessSubscriberTest.php
+++ b/core/tests/Drupal/Tests/Core/EventSubscriber/AccessSubscriberTest.php
@@ -100,9 +100,7 @@ public function setUp() {
       ->disableOriginalConstructor()
       ->getMock();
 
-    $this->currentUser = $this->getMockBuilder('Drupal\Core\Session\AccountInterface')
-      ->disableOriginalConstructor()
-      ->getMock();
+    $this->currentUser = $this->getCurrentUserFactoryStub();
   }
 
   /**
diff --git a/core/tests/Drupal/Tests/Core/Menu/ContextualLinkManagerTest.php b/core/tests/Drupal/Tests/Core/Menu/ContextualLinkManagerTest.php
index 0e52b9f..44be328 100644
--- a/core/tests/Drupal/Tests/Core/Menu/ContextualLinkManagerTest.php
+++ b/core/tests/Drupal/Tests/Core/Menu/ContextualLinkManagerTest.php
@@ -69,6 +69,13 @@ class ContextualLinkManagerTest extends UnitTestCase {
    */
   protected $accessManager;
 
+  /**
+   * The mocked current user factory.
+   *
+   * @var \Drupal\Core\Session\CurrentUserFactoryInterface|\PHPUnit_Framework_MockObject_MockObject
+   */
+  protected $currentUser;
+
   public static function getInfo() {
     return array(
       'name' => 'Contextual links manager.',
@@ -91,7 +98,10 @@ protected function setUp() {
     $this->accessManager = $this->getMockBuilder('Drupal\Core\Access\AccessManager')
       ->disableOriginalConstructor()
       ->getMock();
-    $this->account = $this->getMock('Drupal\Core\Session\AccountInterface');
+    $this->account = $this->getMockBuilder('Drupal\Core\Session\AccountInterface')
+      ->disableOriginalConstructor()
+      ->getMock();
+    $this->currentUser = $this->getCurrentUserFactoryStub($this->account);
 
     $property = new \ReflectionProperty('Drupal\Core\Menu\ContextualLinkManager', 'controllerResolver');
     $property->setAccessible(TRUE);
@@ -105,9 +115,9 @@ protected function setUp() {
     $property->setAccessible(TRUE);
     $property->setValue($this->contextualLinkManager, $this->factory);
 
-    $property = new \ReflectionProperty('Drupal\Core\Menu\ContextualLinkManager', 'account');
+    $property = new \ReflectionProperty('Drupal\Core\Menu\ContextualLinkManager', 'currentUser');
     $property->setAccessible(TRUE);
-    $property->setValue($this->contextualLinkManager, $this->account);
+    $property->setValue($this->contextualLinkManager, $this->currentUser);
 
     $property = new \ReflectionProperty('Drupal\Core\Menu\ContextualLinkManager', 'accessManager');
     $property->setAccessible(TRUE);
diff --git a/core/tests/Drupal/Tests/Core/PathProcessor/PathProcessorTest.php b/core/tests/Drupal/Tests/Core/PathProcessor/PathProcessorTest.php
index 9197085..81928d7 100644
--- a/core/tests/Drupal/Tests/Core/PathProcessor/PathProcessorTest.php
+++ b/core/tests/Drupal/Tests/Core/PathProcessor/PathProcessorTest.php
@@ -142,8 +142,7 @@ function testProcessInbound() {
       ->will($this->returnValue($method));
 
     // Create a user stub.
-    $current_user = $this->getMockBuilder('Drupal\Core\Session\AccountInterface')
-      ->getMock();
+    $current_user = $this->getCurrentUserFactoryStub();
 
     // Create the processors.
     $alias_processor = new PathProcessorAlias($alias_manager);
diff --git a/core/tests/Drupal/Tests/UnitTestCase.php b/core/tests/Drupal/Tests/UnitTestCase.php
index a76611c..3d7059e 100644
--- a/core/tests/Drupal/Tests/UnitTestCase.php
+++ b/core/tests/Drupal/Tests/UnitTestCase.php
@@ -221,4 +221,27 @@ protected function getContainerWithCacheBins(CacheBackendInterface $backend) {
     return $container;
   }
 
+  /**
+   * Returns a stub current user factory that returns a stub user object.
+   *
+   * @param \Drupal\Core\Session\AccountInterface $account
+   *   A user account object to return from the mocked manager. This can also be
+   *   a mock user object.
+   *
+   * @return \Drupal\Core\Authentication\AuthenticationManagerInterface|\PHPUnit_Framework_MockObject_MockObject
+   *   A mocked Authentication manager object.
+   */
+  public function getCurrentUserFactoryStub($account = NULL) {
+    if (empty($account)) {
+      $account = $this->getMock('Drupal\Core\Session\AccountInterface');
+    }
+
+    $current_user = $this->getMock('Drupal\Core\Session\CurrentUserFactoryInterface');
+    $current_user->expects($this->any())
+      ->method('getAccount')
+      ->will($this->returnValue($account));
+
+    return $current_user;
+  }
+
 }
diff --git a/core/themes/seven/js/nav-tabs.js b/core/themes/seven/js/nav-tabs.js
deleted file mode 100644
index d48711a..0000000
--- a/core/themes/seven/js/nav-tabs.js
+++ /dev/null
@@ -1,56 +0,0 @@
-/**
- * @file
- * Responsive navigation tabs.
- * Utilizes jquery.intrinsic.js to calculate if the tabs are larger than their
- * container and toggles the 'is-horizontal' class.
- *
- * This also supports collapsible navigable is the 'is-collasible' class is
- * added to the main element, and a target element is included.
- */
-(function ($, Drupal) {
-
-  "use strict";
-
-  function init (i, tab) {
-    var $tab = $(tab);
-    var $target = $tab.find('[data-drupal-nav-tabs-target]');
-    var isCollapsible = $tab.hasClass('is-collapsible');
-
-    function openMenu (e) {
-      $target.toggleClass('is-open');
-    }
-
-    function handleResize (e) {
-      $tab.addClass('is-horizontal');
-      var isHorizontal = $tab.parent().width() > $tab.intrinsic('width');
-      $tab.toggleClass('is-horizontal', isHorizontal);
-      if(isCollapsible) {
-        $tab.toggleClass('is-collapse-enabled', !isHorizontal);
-      }
-      if (isHorizontal) {
-        $target.removeClass('is-open');
-      }
-    }
-
-    $tab.addClass('position-container is-horizontal-enabled');
-
-    $tab.on('click.tabs', '[data-drupal-nav-tabs-trigger]', openMenu);
-    $(window).on('resize.tabs', Drupal.debounce(handleResize)).trigger('resize.tabs');
-  }
-
-  /**
-   * Initialise the tabs JS.
-   */
-  Drupal.behaviors.navTabs = {
-    attach: function (context, settings) {
-      var $tabs = $(context).find('[data-drupal-nav-tabs]');
-      if ($tabs.length) {
-        var notSmartPhone = window.matchMedia('(min-width: 300px)');
-        if (notSmartPhone.matches) {
-          $tabs.once('nav-tabs').each(init);
-        }
-      }
-    }
-  };
-
-})(jQuery, Drupal);
diff --git a/core/themes/seven/seven.theme b/core/themes/seven/seven.theme
index 409632b..9db50d1 100644
--- a/core/themes/seven/seven.theme
+++ b/core/themes/seven/seven.theme
@@ -6,7 +6,6 @@
  */
 
 use Drupal\Core\Template\RenderWrapper;
-use Drupal\Component\Utility\String;
 
 /**
  * Implements hook_library_info().
@@ -28,20 +27,6 @@ function seven_library_info() {
     ),
   );
 
-  $libraries['drupal.nav-tabs'] = array(
-    'version' => \Drupal::VERSION,
-    'js' => array(
-      drupal_get_path('theme', 'seven') . '/js/nav-tabs.js' => array('group' => JS_THEME),
-    ),
-    'dependencies' => array(
-      array('system', 'matchmedia'),
-      array('system', 'jquery'),
-      array('system', 'drupal'),
-      array('system', 'jquery.once'),
-      array('system', 'jquery.intrinsic'),
-    ),
-  );
-
   return $libraries;
 }
 
@@ -73,82 +58,6 @@ function seven_preprocess_page(&$variables) {
 }
 
 /**
- * Overrides theme_menu_local_tasks().
- *
- * Returns HTML for primary and secondary local tasks.
- *
- **/
-function seven_menu_local_tasks(&$variables) {
-  $output = '';
-
-  if (!empty($variables['primary'])) {
-    $variables['primary']['#attached'] = array(
-      'library' => array(
-        array('seven', 'drupal.nav-tabs'),
-      ),
-    );
-    $variables['primary']['#prefix'] = '<h2 id="primary-tabs-title" class="visually-hidden">' . t('Primary tabs') . '</h2>';
-    $variables['primary']['#prefix'] .= '<nav role="navigation" class="is-horizontal is-collapsible" aria-labelledby="primary-tabs-title" data-drupal-nav-tabs>';
-    $variables['primary']['#prefix'] .= '<button class="reset-appearance tabs__tab tabs__trigger" aria-label="Primary tabs display toggle" data-drupal-nav-tabs-trigger>&bull;&bull;&bull;</button>';
-    $variables['primary']['#prefix'] .= '<ul class="tabs primary clearfix" data-drupal-nav-tabs-target>';
-    $variables['primary']['#suffix'] = '</ul>';
-    $variables['primary']['#suffix'] .= '</nav>';
-    $output .= drupal_render($variables['primary']);
-  }
-  if (!empty($variables['secondary'])) {
-    $variables['secondary']['#attached'] = array(
-      'library' => array(
-        array('seven', 'drupal.nav-tabs'),
-      ),
-    );
-    $variables['secondary']['#prefix'] = '<h2 id="secondary-tabs-title" class="visually-hidden">' . t('Secondary tabs') . '</h2>';
-    $variables['secondary']['#prefix'] .= '<nav role="navigation" class="is-horizontal" aria-labelledby="secondary-tabs-title" data-drupal-nav-tabs>';
-    $variables['secondary']['#prefix'] .= '<ul class="tabs secondary clearfix">';
-    $variables['secondary']['#suffix'] = '</ul>';
-    $variables['secondary']['#suffix'] .= '</nav>';
-    $output .= drupal_render($variables['secondary']);
-  }
-
-  return $output;
-}
-
-/**
- * Overrides theme_menu_local_task().
- *
- * Returns HTML for a local task.
- *
- **/
-function seven_menu_local_task($variables) {
-  $link = $variables['element']['#link'];
-  $link += array(
-    'localized_options' => array(),
-  );
-  $link_text = $link['title'];
-
-  if (!empty($variables['element']['#active'])) {
-    // Add text to indicate active tab for non-visual users.
-    $active = '<span class="visually-hidden">' . t('(active tab)') . '</span>';
-
-    // If the link does not contain HTML already, String::checkPlain() it now.
-    // After we set 'html'=TRUE the link will not be sanitized by l().
-    if (empty($link['localized_options']['html'])) {
-      $link['title'] = String::checkPlain($link['title']);
-    }
-    $link['localized_options']['html'] = TRUE;
-    $link_text = t('!local-task-title!active', array('!local-task-title' => $link['title'], '!active' => $active));
-  }
-  if (!empty($link['href'])) {
-    // @todo - remove this once all pages are converted to routes.
-    $a_tag = l($link_text, $link['href'], $link['localized_options']);
-  }
-  else {
-    $a_tag = \Drupal::l($link_text, $link['route_name'], $link['route_parameters'], $link['localized_options']);
-  }
-
-  return '<li' . (!empty($variables['element']['#active']) ? ' class="tabs__tab active"' : ' class="tabs__tab"') . '>' . $a_tag . '</li>';
-}
-
-/**
  * Displays the list of available node types for node creation.
  */
 function seven_node_add_list($variables) {
diff --git a/core/themes/seven/style.css b/core/themes/seven/style.css
index aa699e0..0d594cb 100644
--- a/core/themes/seven/style.css
+++ b/core/themes/seven/style.css
@@ -70,21 +70,9 @@ ul.menu li.expanded {
  */
 #branding {
   overflow: hidden;
+  padding: 20px 20px 0 20px; /* LTR */
+  position: relative;
   background-color: #e0e0d8;
-  padding: 24px 0 0;
-}
-/* This layout styling is a copy of #page.
- * @TODO: Replace with reuseable layout classes.
- **/
-.branding__inner {
-  margin-left: 1.25em;
-  margin-right: 1.25em;
-}
-@media screen and (min-width:45em) { /* 720px */
-  .branding__inner {
-    margin-left: 2.5em;
-    margin-right: 2.5em;
-  }
 }
 [dir="rtl"] #branding {
   padding: 20px 20px 0 20px;
@@ -92,7 +80,7 @@ ul.menu li.expanded {
 .breadcrumb {
   font-size: 0.846em;
   line-height: 1em;
-  padding: 20px 0 10px 0;
+  padding: 0 0 10px 0;
 }
 
 /**
@@ -115,16 +103,16 @@ ul.menu li.expanded {
  * Page title.
  */
 #page-title {
+  background: #333;
   padding-top: 20px;
 }
-#branding .page-title {
-  color: #333;
-  display: inline-block;
+#branding h1.page-title {
+  color: #000;
   margin: 0;
-  font-size: 1.625em;
-  line-height: 1.875em;
-  font-weight: 600;
-  -webkit-font-smoothing: antialiased;
+  padding-bottom: 10px;
+  font-size: 1.385em;
+  font-weight: normal;
+  float: left; /* LTR */
 }
 [dir="rtl"] #branding h1.page-title {
   float: right;
@@ -140,291 +128,151 @@ ul.menu li.expanded {
 /**
  * Tabs.
  */
-.is-collapse-enabled  .tabs,
-.is-horizontal .tabs {
-  position: relative;
-}
-.is-collapse-enabled .tabs:before,
-.is-horizontal .tabs:before {
-  content: '';
-  display: block;
-  background-color: #A6A6A6;
-  height: 1px;
-  position: absolute;
-  bottom: 0;
-  left: 0;
-  z-index: 10;
-  right: 0;
-}
-
-/* Span the full width of the viewport */
-.branding__inner .is-horizontal .tabs:before,
-.branding__inner .is-collapse-enabled .tabs:before {
-  left: -2.5em;
-  right: -2.5em;
-}
-
-/**
- * Tab
- *
- * 1. Required by some elements such as <button>
- * 2. Fixed height needed to ensure alignment with absolutely-positioned
- *    active tab.
- */
-.tabs__tab {
-  position: relative;
-  display: block;
-  overflow: hidden;
-  -webkit-box-sizing: border-box;
-  -moz-box-sizing: border-box;
-  box-sizing: border-box;
-  margin: -1px 0 0;
-  padding: 9px 2em 7px 1em;
-  width: 100%;  /* 1 */
-  border: 1px solid #bfbfbf;
-  background-color: rgba(242, 242, 240, 0.7);
-  color: #0074bd;
-  text-overflow: ellipsis;
-  white-space: nowrap;
-}
-.tabs__tab:hover {
-  color: #008ee6;
-  background-color: #fafaf7;
-}
-li.tabs__tab {
-  padding: 0;
-}
-li.tabs__tab a {
-  padding: 9px 2em 7px 1em;
-}
-.tabs a:hover,
-.tabs a:focus {
-  text-decoration: none;
-}
-
-/* Primary tabs */
-.tabs.primary {
-  clear: both;
-  margin: 16px 0 0;
-  margin: 1rem 0 0;
-}
-.tabs.primary .tabs__tab.active {
-  z-index: 15;
-  border-color: #a6a6a6;
-  border-radius: 4px 0 0 0;
-  background-color: #ffffff;
-  color: #004f80;
-}
-.tabs.primary a {
-  background: none;
-}
-.tabs.primary a:focus {
-  color: #008ee6;
-  background-color: #fafaf7;
-  text-decoration: underline;
+ul.primary {
+  float: right; /* LTR */
+  border-bottom: none;
+  text-transform: uppercase;
+  font-size: 0.923em;
+  margin: 0;
+  padding-top: 0;
 }
-.tabs.primary .active a:focus {
-  background: none;
-  text-decoration: underline;
+[dir="rtl"] ul.primary {
+  float: left;
 }
-
-/* Only add the arrow if there's space */
-@media screen and (min-width:18.75em) { /* 300px */
-  .tabs.primary a {
-    background: url(../../misc/icons/0074bd/chevron-right.svg) 99% center no-repeat;
-  }
-  .no-svg .tabs.primary a {
-    background-image: url(../../misc/icons/0074bd/chevron-right.png);
-  }
-  [dir="rtl"] .tabs.primary a {
-    background: url(../../misc/icons/0074bd/chevron-left.svg) 1% center no-repeat;
-  }
-  [dir="rtl"] .no-svg .tabs.primary a {
-    background-image: url(../../misc/icons/0074bd/chevron-left.png);
-  }
-  .tabs.primary .tabs__tab.active a {
-    background-image: none;
-  }
+ul.primary li {
+  float: left; /* LTR */
+  list-style: none;
+  height: 2.60em;
+  margin: 0 2px;
 }
-.tabs__trigger {
-  display: none;
+[dir="rtl"] ul.primary li {
+  float: right;
 }
-
-/* JS dependent styling */
- .is-collapse-enabled .tabs__trigger {
-  -webkit-box-sizing: content-box;
-  -moz-box-sizing: content-box;
-  box-sizing: content-box;
+ul.primary li a:link,
+ul.primary li a.active,
+ul.primary li a:active,
+ul.primary li a:visited,
+ul.primary li a:hover,
+ul.primary li.active a {
   display: block;
-  position: absolute;
-  z-index: 10;
-  right: 0;
-  top: 2px;
-  left: auto;
-  width: 25%;
-  padding-right: 4px;
-  padding-left: 4px;
-  border-left: 0;
-  border-radius: 0 4px 0 0;
-  font-family: Arial, sans-serif;
-  font-size: 1.25em;
-  letter-spacing: 0.1em;
-  text-align: center;
-  outline: 0;
-}
-[dir="rtl"] .is-collapse-enabled .tabs__trigger {
-  border-right: 0;
-  border-left: 1px solid #bfbfbf;
-  border-radius: 4px 0 0 0;
-  right: auto;
-  left: 0;
-  top: 11px;
-}
-.is-collapse-enabled .tabs {
-  padding-top: 38px;
-  max-height: 0;
-}
-.tabs.is-open {
-  max-height: 999em;
-  padding-bottom:16px;
-  padding-bottom: 1rem;
-}
-.is-collapse-enabled .tabs__tab.active {
-  position: absolute;
-  top: 2px;
-  left: 0;
-  width: 75%;
-  border-bottom: 0;
-}
-[dir="rtl"] .is-collapse-enabled .tabs__tab.active {
-  left: auto;
-  right: 0;
-}
-.is-collapse-enabled .tabs.primary a.active:before {
-  content: none;
-}
-.is-open .tabs__tab.active {
-  border-color: #a6a6a6;
-  background-color: #ffffff;
-  color: #004f80;
-  border-bottom: 1px solid #a6a6a6;
-}
-
-/* Styles for the horizontal state always take priority */
-.is-horizontal .tabs {
-  max-height: none !important;
-  padding-top: 0 !important;
-  overflow: visible;
-}
-.is-horizontal .tabs__tab {
-  float: left;
-  height: auto;
-  width: auto;
-  margin: 0 0 -1px;
-  text-align: center;
-  border-bottom-color: #a6a6a6;
-}
-[dir="rtl"] .is-horizontal .tabs__tab {
+  float: left; /* LTR */
+  padding: 0.615em 18px;
+  background-color: #a6a7a2;
+  color: #000;
+  font-weight: bold;
+  border-width: 1px 1px 0 1px;
+  border-style: solid;
+  border-color: #a6a7a2;
+  border-radius: 8px 8px 0 0;
+}
+[dir="rtl"] ul.primary li a:link,
+[dir="rtl"] ul.primary li a.active,
+[dir="rtl"] ul.primary li a:active,
+[dir="rtl"] ul.primary li a:visited,
+[dir="rtl"] ul.primary li a:hover,
+[dir="rtl"] ul.primary li.active a {
   float: right;
 }
-.is-horizontal .tabs__tab + .tabs__tab {
-  margin-left: -1px;
-}
-.is-horizontal .tabs.primary .tabs__tab:first-child {
-  border-radius: 4px 0 0 0;
-}
-[dir="rtl"] .is-horizontal .tabs.primary .tabs__tab:first-child {
-  border-radius: 0 4px 0 0;
-}
-.is-horizontal .tabs.primary .tabs__tab:last-child {
-  border-radius: 0 4px 0 0;
-}
-[dir="rtl"] .is-horizontal .tabs.primary .tabs__tab:last-child {
-  border-radius: 4px 0 0 0;
-}
-
-/* Override the states above */
-.is-horizontal .tabs__tab.active,
-.is-horizontal .tabs.primary .tabs__tab.active,
-[dir="rtl"] .is-horizontal .tabs.primary .tabs__tab.active {
-  border-radius: 4px 4px 0 0;
-  position: relative;
-  width: auto;
-  top: 0;
-  border-bottom: 0;
-  margin: 0 -4px;
-}
-[dir="rtl"] .is-horizontal .tabs__tab.active {
-  margin: 0 -6px;
-}
-.is-horizontal .tabs.primary a {
-  background-image: none;
-  padding: 7px 2em 7px 2em;
+ul.primary li.active a,
+ul.primary li.active a.active,
+ul.primary li.active a:active,
+ul.primary li.active a:visited {
+  background-color: #fff;
+  border-color: #c9cac4;
 }
-.is-horizontal .tabs__trigger {
-  display: none;
+ul.primary li a:hover {
+  color: #fff;
 }
-
-/* Secondary tabs */
-.tabs.secondary {
-  display: block;
-  margin-top: 16px;
-  margin-top: 1rem;
+ul.primary li.active a:hover {
+  color: #000;
 }
-.tabs.secondary .tabs__tab {
-  display: block;
-  padding: 5px 15px 5px 16px;
-  margin-left: -1px;
-  color: #0074bd;
-  -webkit-transition: border-color 0.2s, background-color 0.2s;
-  -moz-transition: border-color 0.2s, background-color 0.2s;
-  transition: border-color 0.2s, background-color 0.2s;
+.tabs-secondary {
+  clear: both;
 }
-.tabs.secondary .tabs__tab + .tabs__tab {
-  border-top: 1px solid #d9d8d4;
+ul.secondary {
+  float: right; /* LTR */
+  font-size: 0.923em;
+  padding: 0 3px 5px;
+  line-height: 1.385em;
+  overflow: hidden;
+  background-color: #fff;
 }
-.tabs.secondary .tabs__tab.active {
-  color: #004f80;
-  border-left: 2px solid #004f80;
-  padding-left: 15px;
+[dir="rtl"] ul.secondary {
+  float: left;
 }
-.tabs.secondary .tabs__tab:hover {
-  color: #008ee6;
-  border-left: 2px solid #008ee6;
-  padding-left: 15px;
+ul.secondary li {
+  margin: 0 5px;
+  float: none; /* LTR */
 }
-.tabs.secondary a {
-  background-color: transparent;
-  padding: 7px 13px 5px;
-  text-decoration: none;
+[dir="rtl"] ul.secondary li {
+  float: none;
 }
-.tabs.secondary .active a {
-  color: #004f80;
+ul.secondary li a {
+  background-color: #ddd;
+  color: #000;
+  display: inline-block;
 }
-.tabs.secondary a:focus {
-  text-decoration: underline;
+ul.secondary li a,
+ul.secondary li a:hover,
+ul.secondary li.active a,
+ul.secondary li.active a.active {
+  padding: 2px 10px;
+  border-radius: 7px;
 }
-
-/* Styles for the horizontal state */
-.is-horizontal .tabs.secondary .tabs__tab {
-  background: none;
-  float: left;
-  position: relative;
-  top: 0;
-  z-index: 15;
-  margin-left: 1em;
-  margin-right: 1em;
-  border-bottom: 2px solid transparent;
-  border-left: 1px solid transparent;
-  border-right-color: transparent;
-  border-top: 0;
-  padding: 0;
+ul.secondary li a:hover,
+ul.secondary li.active a,
+ul.secondary li.active a.active {
+  color: #fff;
+  background: #666;
 }
-.is-horizontal .tabs.secondary .tabs__tab.active {
-  border-bottom-color: #004f80;
+#content {
+  clear: left;
 }
-.is-horizontal .tabs.secondary .tabs__tab:hover {
-  border-bottom-color: #008ee6;
+@media screen and (max-width:56.538em) { /* 735px */
+  .touch #branding {
+    padding-right: 0;
+    position: relative;
+  }
+  .touch ul.primary {
+    clear: both;
+    float: none;
+    margin-bottom: -3px;
+    overflow-x: scroll;
+    -webkit-overflow-scrolling: touch;
+    white-space: nowrap;
+    padding-right: 40px;
+  }
+  .touch #branding:after {
+    background-image: -moz-linear-gradient(360deg, rgba(224, 224, 216, 0), #E0E0D8 80%);
+    background-image: -o-linear-gradient(360deg, rgba(224, 224, 216, 0), #E0E0D8  80%);
+    background-image: -webkit-linear-gradient(360deg, rgba(224, 224, 216, 0), #E0E0D8 80%);
+    background-image: linear-gradient(360deg, rgba(224, 224, 216, 0), #E0E0D8 80%);
+    content: ' ';
+    display: block;
+    float: right;
+    height: 40px;
+    width: 80px;
+    position: relative;
+    right: 0;
+    top: -40px;
+    margin-bottom: -40px;
+  }
+  .touch ul.primary li {
+    float: none;
+    white-space: nowrap;
+  }
+  .touch ul.primary li a:link,
+  .touch ul.primary li a.active,
+  .touch ul.primary li a:active,
+  .touch ul.primary li a:visited,
+  .touch ul.primary li a:hover,
+  .touch ul.primary li.active a {
+    -webkit-box-sizing: border-box;
+    -moz-box-sizing: border-box;
+    box-sizing: border-box;
+    text-align: center;
+    width: 100%;
+  }
 }
 
 /**
@@ -435,7 +283,7 @@ li.tabs__tab a {
   color: #333;
   margin-left: 0.8125em;
   margin-right: 0.8125em;
-  padding: 0 0 40px 0;
+  padding: 20px 0 40px 0;
   position: relative;
 }
 @media screen and (min-width:28.125em) { /* 450px */
@@ -1025,7 +873,7 @@ body.in-maintenance #page {
   padding-top: 2em;
   width: 90%;
 }
-body.in-maintenance .branding__inner {
+body.in-maintenance #branding h1 {
   max-width: 770px;
   margin: 0 auto;
   float: none;
@@ -1083,6 +931,15 @@ body.in-maintenance #logo {
   color: green;
 }
 
+/* Shortcut theming */
+.add-or-remove-shortcuts a:focus span.text,
+.add-or-remove-shortcuts a:hover span.text {
+  color: #fff;
+  background-color: #5f605b;
+  padding: 0 6px;
+  border-radius: 5px;
+}
+
 /* Field UI */
 
 #field-display-overview input.field-plugin-settings-edit {
diff --git a/core/themes/seven/templates/maintenance-page.html.twig b/core/themes/seven/templates/maintenance-page.html.twig
index b962317..9fb5522 100644
--- a/core/themes/seven/templates/maintenance-page.html.twig
+++ b/core/themes/seven/templates/maintenance-page.html.twig
@@ -24,9 +24,7 @@
   {{ page_top }}
 
   <header id="branding">
-    <div class="branding__inner">
-      {% if title %}<h1 class="page-title">{{ title }}</h1>{% endif %}
-    </div>
+    {% if title %}<h1 class="page-title">{{ title }}</h1>{% endif %}
   </header>
 
   <div id="page">
diff --git a/core/themes/seven/templates/page.html.twig b/core/themes/seven/templates/page.html.twig
index 77dde87..5a50431 100644
--- a/core/themes/seven/templates/page.html.twig
+++ b/core/themes/seven/templates/page.html.twig
@@ -66,16 +66,15 @@
  */
 #}
   <header id="branding" class="clearfix">
-    <div class="branding__inner">
-      {{ title_prefix }}
-      {% if title %}
-        <h1 class="page-title">{{ title }}</h1>
-      {% endif %}
-      {{ title_suffix }}
-      {% if primary_local_tasks %}
-        {{ primary_local_tasks }}
-      {% endif %}
-    </div>
+    {{ breadcrumb }}
+    {{ title_prefix }}
+    {% if title %}
+      <h1 class="page-title">{{ title }}</h1>
+    {% endif %}
+    {{ title_suffix }}
+    {% if primary_local_tasks %}
+      {{ primary_local_tasks }}
+    {% endif %}
   </header>
 
   <div id="page">
@@ -83,8 +82,6 @@
       <div class="tabs-secondary clearfix" role="navigation">{{ secondary_local_tasks }}</div>
     {% endif %}
 
-    {{ breadcrumb }}
-
     <main id="content" class="clearfix" role="main">
       <div class="visually-hidden"><a id="main-content"></a></div>
       {% if messages %}
diff --git a/core/update.php b/core/update.php
index 6491afc..2534f6c 100644
--- a/core/update.php
+++ b/core/update.php
@@ -71,7 +71,7 @@ function update_helpful_links() {
     'title' => t('Front page'),
     'href' => '<front>',
   );
-  if (user_access('access administration pages')) {
+  if (\Drupal::currentUser()->hasPermission('access administration pages')) {
     $links['admin-pages'] = array(
       'title' => t('Administration pages'),
       'href' => 'admin',
@@ -102,7 +102,7 @@ function update_results_page() {
 
   update_task_list();
   // Report end result.
-  if (\Drupal::moduleHandler()->moduleExists('dblog') && user_access('access site reports')) {
+  if (\Drupal::moduleHandler()->moduleExists('dblog') && \Drupal::currentUser()->hasPermission('access site reports')) {
     $log_message = ' All errors have been <a href="' . base_path() . '?q=admin/reports/dblog">logged</a>.';
   }
   else {
@@ -257,7 +257,7 @@ function update_access_allowed() {
     $module_handler->setModuleList($module_filenames);
     $module_handler->reload();
     \Drupal::service('kernel')->updateModules($module_filenames, $module_filenames);
-    return user_access('administer software updates');
+    return $user->hasPermission('administer software updates');
   }
   catch (\Exception $e) {
     return ($user->id() == 1);