public function handle(GetResponseEvent $event) { // getting request $request = $event->getRequest(); // getting attributes $apiClientToken = $request->attributes->get('apiClientToken'); $apiUserToken = $request->attributes->get('apiUserToken'); $apiServerAction = $request->attributes->get('apiAction'); /* @var $apiServerAction ApiServerAction */ // cleaning credentials and interface name $request->attributes->remove('apiClientToken'); $request->attributes->remove('apiUserToken'); // creating token $token = new Token($apiServerAction->getApiServerInterface()); $token->setCredentials([$apiClientToken, $apiUserToken]); try { // authenticating $authenticatedToken = $this->authenticationManager->authenticate($token); $this->tokenStorage->setToken($authenticatedToken); // getting authenticated user $user = $authenticatedToken->getUser(); /* @var $user User */ // setting request attributes $request->attributes->set('apiConnection', $user->getApiConnection()); $request->attributes->set('apiClient', $user->getApiClient()); $request->attributes->set('apiUser', $user->getApiUser()); } catch (\Exception $e) { $event->stopPropagation(); throw new AccessDeniedHttpException(null, $e); } }