Getting Auth0 user information on non-firewall Symfony pages

I am using Auth0's Symfony library to allow users to log in with their social network providers. It works really well.

Using this firewall configuration, a user who visits /private is successfully taken through the login flow and I can then use $this->getUser() to see their details.

security:

    password_hashers:

        Symfony\Component\Security\Core\User\PasswordAuthenticatedUserInterface: 'auto'

    providers:

        users_in_memory: { memory: null }

        auth0_provider:

            id: Auth0\Symfony\Security\UserProvider

    firewalls:

        private:

            pattern: ^/private$

            context: user

            stateless: false

            provider: auth0_provider

            custom_authenticators:

                - auth0.authenticator

        main:

            lazy: true

            provider: users_in_memory

I want some unauthenticated pages to show user information. For example, if the user is logged in then /home should say "Hello $username". If not, it should say "Log in here".

The answer was annoyingly simple - but not documented by Symfony or Auth0.

Change the main firewall to not be lazy:

        main:

            lazy: false

            provider: users_in_memory

That then places all the Auth0 information into the $_SESSION global variable. You can retrieve the user's details with:

if ( isset( $_SESSION["_sf2_attributes"]["auth0_session"]["user"] ) ) {

    $user = $_SESSION["_sf2_attributes"]["auth0_session"]["user"];

    $username   = $user["nickname"];

    $avatar     = $user["picture"];

}

I'm sure there's a more official way to do this, but this quick and dirty hack seems to work pretty well.