$username =
$request->attributes->
get('_switch_user_username'
);
$request->attributes->
remove('_switch_user_username'
);
if (null ===
$this->tokenStorage->
getToken()) { throw new AuthenticationCredentialsNotFoundException('Could not find original Token object.'
);
} if (self::EXIT_VALUE ===
$username) { $this->tokenStorage->
setToken($this->
attemptExitUser($request));
} else { try { $this->tokenStorage->
setToken($this->
attemptSwitchUser($request,
$username));
} catch (AuthenticationException
$e) { // Generate 403 in any conditions to prevent user enumeration vulnerabilities
throw new AccessDeniedException('Switch User failed: '.
$e->
getMessage(),
$e);
} } if (!
$this->stateless
) { $request->query->
remove($this->usernameParameter
);
$request->server->
set('QUERY_STRING',
http_build_query($request->query->
all(), '', '&'
));
$response =
new RedirectResponse($this->urlGenerator &&
$this->targetRoute ?
$this->urlGenerator->
generate($this->targetRoute
) :
$request->
getUri(), 302
);