tokenStorage = $tokenStorage; $this->authenticationManager = $authenticationManager; $this->accessTokenService = $accessTokenService; } /** * @param GetResponseEvent $event * * @return type */ public function handle(GetResponseEvent $event) { $request = $event->getRequest(); if ($request->headers->has("php-auth-user") && $request->headers->has("php-auth-pw")) { $username = $request->headers->get("php-auth-user"); $password = $request->headers->get("php-auth-pw"); } else { return; } $token = $this->accessTokenService->getToken($username, $password); $auth_info = $this->accessTokenService->getUserInfo($username, $password); $user = new CustomOAuthUser($username); $user->setRoles($auth_info['roles']); $user->setTenancies($auth_info['tenancies']); $user->setTenancyCurrent($auth_info['tenancyCurrent']); $token = new UsernamePasswordToken($user, null, "api", $user->getRoles()); try { $authToken = $this->authenticationManager->authenticate($token); $this->tokenStorage->setToken($authToken); return; } catch (AuthenticationException $failed) { // ... you might log something here // To deny the authentication clear the token. This will redirect to the login page. // Make sure to only clear your token, not those of other authentication listeners. $token = $this->tokenStorage->getToken(); if ($token instanceof UsernamePasswordToken && $this->providerKey === $token->getProviderKey()) { $this->tokenStorage->setToken(null); } return; } // By default deny authorization $response = new Response(); $response->setStatusCode(Response::HTTP_FORBIDDEN); $event->setResponse($response); } }