I ended up doing 2 things:
- Overriding the tokens setter & getter for the property
user
- Using a Doctrine
LifecycleEvent listener
First extend the token classes (for example with a Trait)
namespace AppBundle\Entity;
use AppBundle\Security\User;
use Symfony\Component\Security\Core\User\UserInterface;
trait AppTokenTrait
{
/**
* @ORM\Column(type="string")
* @var string
*/
protected $username;
public function setUser(UserInterface $user)
{
if (!$user instanceof User) {
throw new \InvalidArgumentException(
sprintf("User must be an instance of %s", User::class)
);
}
$this->username = $user->getUsername();
$this->user = $user;
}
public function getUser()
{
if (!$this->user) {
throw new \RuntimeException(
"Unable to get user - user was not loaded by postLoad"
);
}
return $this->user;
}
/**
* @return string
*/
public function getUsername()
{
return $this->username;
}
}
In the 3 token classes (And don't forget to update the database schema):
//...
use AppTokenTrait;
//...
Create the listener
namespace AppBundle\Services;
use AppBundle\Entity\AccessToken;
use AppBundle\Entity\AuthCode;
use AppBundle\Entity\RefreshToken;
use AppBundle\Security\UserProvider;
use Doctrine\ORM\Event\LifecycleEventArgs;
class AppTokenListener
{
/**
* @var UserProvider
*/
protected $userProvider;
public function __construct(UserProvider $userProvider)
{
$this->userProvider = $userProvider;
}
public function postLoad(LifecycleEventArgs $event)
{
$object = $event->getObject();
if (
$object instanceof AccessToken or
$object instanceof AuthCode or
$object instanceof RefreshToken
) {
$user = $this->userProvider->loadUserByUsername($object->getUsername());
$object->setUser($user);
}
}
}
Register it as a service
app.token.listener:
class: AppBundle\Services\AppTokenListener
tags:
- { name: doctrine.event_listener, event: postLoad }
The user object should now always be attached to the tokens
