phpsymfonysymfony5

How to get firewall name from Request in Symfony 5?

The question is simple. I am implmenting AccessDeniedListener and I get an ExceptionEvent object. From this I can get request. I want to apply certain logic ONLY if I am inside one of my firewalls defined in security.yaml.

How can I get the Firewall name from ExceptionEvent or Request instances?

EDIT: I have found this code "works"

$firewall_context_name = $event->getRequest()->attributes->get('_firewall_context');

However Im not very happy about it. There should be a FirewallContext or FirewallConfig objects retrieveable somehow, no? Thanks

class AccessDeniedListener implements EventSubscriberInterface
{
    public static function getSubscribedEvents(): array
    {
        return [
            // the priority must be greater than the Security HTTP
            // ExceptionListener, to make sure it's called before
            // the default exception listener
            KernelEvents::EXCEPTION => ['onKernelException', 2],
        ];
    }
    
    public function onKernelException(ExceptionEvent $event): void
    {
        $exception = $event->getThrowable();
        if (!$exception instanceof AccessDeniedException) {
            return;
        }
        
        $request = $event->getRequest();

        // HOW TO GET FIREWALL NAME HERE???

security.yaml

   firewalls:
        dev:
            pattern: ^/(_(profiler|wdt)|css|images|js)/
            security: false

        api:
            pattern: ^/api/
            security: false
        main:
            custom_authenticators:
                - App\Security\LoginFormAuthenticator
            logout:
                path: app_logout
            lazy: true
            provider: app_user_provider
Solution

  • As stated in the docs you linked:

    This object can be accessed through the getFirewallConfig(Request $request) method of the Symfony\Bundle\SecurityBundle\Security\FirewallMap class

    This class cannot be injected directly, so you'll have to configure your dependency in services.yaml using the service alias security.firewall.map (or create a service alias if you plan to use it somewhere else).

    services:
  # ...
  App\Listener\AccessDeniedListener:
    arguments:
      $firewallMap: '@security.firewall.map'

    Now modify your listener to receive this parameter:

    class AccessDeniedListener implements EventSubscriberInterface
{
    private $firewallMap;

    public function __construct(FirewallMapInterface $firewallMap)
    {
        $this->firewallMap = $firewallMap;
    }

    // Ommited getSubscribedEvents
    
    public function onKernelException(ExceptionEvent $event): void
    {
        $request = $event->getRequest();

        $firewallConfig = $this->firewallMap->getFirewallConfig($request);

        if (null === $firewallConfig) {
            return;
        }
        $firewallName = $firewallConfig->getName();
     }
}