ModuleRouteListener won't Trigger MvcAuthEvents

[disasterdrop]

Hi,

i have updated Apigility today and run in to this behaviour:

The oauth2 authentication rules did not work and everything was outside of authentication and served without checking if user has right Authorization header set.

What i found was that, whe i change this code in module/Application/Module.php

$moduleRouteListener = new ModuleRouteListener();
$moduleRouteListener->attach($eventManager);

to

$mvcAuthEvent = new MvcAuthEvent($e, $serviceManager->get('authentication'), $serviceManager->get('authorization'));
$moduleRouteListener = new MvcRouteListener($mvcAuthEvent, $eventManager, $serviceManager->get('authentication'));
$moduleRouteListener->attach($eventManager);

everything is working again.
Was it intended to change it manually, so that you could use your own AuthListener or was it removed for ZF3 purpose?

I'm curious why nobody else was running into this...
And if it's not a bug, is it a valid approach to use the MvcAuthEvent like this?

[Iraecio]

same problem here i updated 23/07

how u use $serviceManager

[disasterdrop]

@Iraecio
You can access the Service Manager over the MvcEvent with:
$serviceManager = $e->getApplication()->getServiceManager();

[weierophinney]

This repository has been closed and moved to laminas-api-tools/api-tools-skeleton; a new issue has been opened at laminas-api-tools/api-tools-skeleton#10.