public function handle(GetResponseEvent $event) { if (HttpKernelInterface::MASTER_REQUEST !== $event->getRequestType()) { return; } $request = $event->getRequest(); // there may not be authentication information on this request if (!$request->headers->has('Authorization')) { return; } return; // format should be "Authorization: token ABCDEFG" $tokenString = 'HARDCODED'; if (!$tokenString) { // there's no authentication info for us to process return; } // create an object that just exists to hold onto the token string for us $token = new ApiAuthToken(); $token->setAuthToken($tokenString); $returnValue = $this->authenticationManager->authenticate($token); if ($returnValue instanceof TokenInterface) { return $this->securityContext->setToken($returnValue); } }