php - scheb/two_factor_bundle: how to use exclude_pattern for authenticated route? -

i'm using scheb's two factor bundle in symfony3 project , i'd handle exclude_pattern parameter differently does, don't know how.

normally, exclude_pattern used exclude unauthenticated route two-factor authentication, debug pages or static content:

# config/config.yml  scheb_two_factor:     ...     exclude_pattern: ^/(_(profiler|wdt)|css|images|js)/ 

its behavior being implemented this:

/* vendor/scheb/two-factor-bundle/security/twofactor/eventlistener/requestlistener.php */  public function oncorerequest(getresponseevent $event) {     $request = $event->getrequest();      // exclude path     if ($this->excludepattern !== null && preg_match('#'.$this->excludepattern.'#', $request->getpathinfo())) {         return;     }      ...  } 

i'd handle exclude_pattern authenticated routes, can skip two-factor authentication when call them. authenticated mean within access_control section under security.yml, this:

# app/config/security.yml security:     ...     access_control:         - { path: ^/test, role: role_user } 

right now, if add authenticated route under exclude_pattern, accessdeniedexception, because bundle requires access_decision_manager parameter set strategy: unanimous.

the purpose long tell , english not native language, if need know can try explain.

i tagged question both symfony3 , symfony2 because i'm using symfony 3.0 i'm pretty sure it's identical in symfony 2.8.

i found solution overriding voter class bundle:

// appbundle/security/twofactor/voter.php  namespace appbundle\security\twofactor; use scheb\twofactorbundle\security\twofactor\session\sessionflagmanager; use symfony\component\security\core\authentication\token\tokeninterface;  class voter extends \scheb\twofactorbundle\security\twofactor\voter {       /**      * @var string      */     protected $excludepattern;      /**      * voter constructor.      * @param sessionflagmanager $sessionflagmanager      * @param array $providers      * @param $excludepattern      */     public function __construct(sessionflagmanager $sessionflagmanager, array $providers, $excludepattern)     {          parent::__construct($sessionflagmanager, $providers);         $this->excludepattern = $excludepattern;     }      /**      * @param tokeninterface $token      * @param mixed          $object      * @param array          $attributes      *      * @return mixed result      */     public function vote(tokeninterface $token, $object, array $attributes)     {          if ($this->excludepattern !== null && preg_match('#'.$this->excludepattern.'#', $object->getpathinfo()))         {             return true;         }          parent::vote($token, $object, $attributes);     }  } 

---

# app/config/services.yml  services:     ...     scheb_two_factor.security_voter:     class: 'appbundle\security\twofactor\voter'     arguments:         - '@scheb_two_factor.session_flag_manager'         - ~         - '%scheb_two_factor.exclude_pattern%' 

this way, whenever getresponseevent triggered, right voter invoked votes true if exclude_pattern matches path.