diff --git a/.travis.yml b/.travis.yml
index f2c6d3b2a..c6e8c76b6 100644
--- a/.travis.yml
+++ b/.travis.yml
@@ -26,9 +26,11 @@ matrix:
     - php: 7.0
       env: SYMFONY_VERSION=2.8.*
     - php: 7.0
-      env: SYMFONY_VERSION=3.0.*
+      env: SYMFONY_VERSION=3.3.*
     - php: 7.0
       env: FOSUSERBUNDLE_VERSION=2.0.*
+    - php: 7.1
+      env: STABILITY=beta
     - php: 7.1
       env: TARGET=csfixer_dry_run
   allow_failures:
@@ -39,6 +41,7 @@ before_install:
   - echo "memory_limit=2G" >> ~/.phpenv/versions/$(phpenv version-name)/etc/conf.d/travis.ini;
 
 before_script:
+  - if [ "$STABILITY" = "beta" ]; then perl -pi -e 's/^}$/,"minimum-stability":"beta"}/' composer.json; fi;
   - if [ "$SYMFONY_VERSION" != "" ]; then composer require "symfony/symfony:${SYMFONY_VERSION}" --dev --no-update; fi;
   - if [ "$FOSUSERBUNDLE_VERSION" != "" ]; then composer require "friendsofsymfony/user-bundle:${FOSUSERBUNDLE_VERSION}" --dev --no-update; fi;
   - if [ "$COMPOSER_FLAGS" != "" ]; then composer update --prefer-dist --no-interaction --no-scripts $COMPOSER_FLAGS; fi;
diff --git a/DependencyInjection/Configuration.php b/DependencyInjection/Configuration.php
index 648900045..f9f49167b 100644
--- a/DependencyInjection/Configuration.php
+++ b/DependencyInjection/Configuration.php
@@ -153,7 +153,7 @@ public function getConfigTreeBuilder()
             ->children()
                 ->arrayNode('firewall_names')
                     ->isRequired()
-                    ->cannotBeEmpty()
+                    ->requiresAtLeastOneElement()
                     ->prototype('scalar')->end()
                 ->end()
                 ->scalarNode('target_path_parameter')->defaultNull()->end()
diff --git a/DependencyInjection/HWIOAuthExtension.php b/DependencyInjection/HWIOAuthExtension.php
index 4d3ede93b..e00717310 100644
--- a/DependencyInjection/HWIOAuthExtension.php
+++ b/DependencyInjection/HWIOAuthExtension.php
@@ -15,6 +15,8 @@
 use Symfony\Component\Config\Definition\Exception\InvalidConfigurationException;
 use Symfony\Component\Config\Definition\Processor;
 use Symfony\Component\Config\FileLocator;
+use Symfony\Component\DependencyInjection\Alias;
+use Symfony\Component\DependencyInjection\ChildDefinition;
 use Symfony\Component\DependencyInjection\ContainerBuilder;
 use Symfony\Component\DependencyInjection\DefinitionDecorator;
 use Symfony\Component\DependencyInjection\Loader\XmlFileLoader;
@@ -88,7 +90,7 @@ public function load(array $configs, ContainerBuilder $container)
 
         $this->createConnectIntegration($container, $config);
 
-        $container->setAlias('hwi_oauth.user_checker', 'security.user_checker');
+        $container->setAlias('hwi_oauth.user_checker', new Alias('security.user_checker', true));
     }
 
     /**
@@ -104,10 +106,12 @@ public function load(array $configs, ContainerBuilder $container)
      */
     public function createResourceOwnerService(ContainerBuilder $container, $name, array $options)
     {
+        $definitionClassname = $this->getDefinitionClassname();
+
         // alias services
         if (isset($options['service'])) {
             // set the appropriate name for aliased services, compiler pass depends on it
-            $container->setAlias('hwi_oauth.resource_owner.'.$name, $options['service']);
+            $container->setAlias('hwi_oauth.resource_owner.'.$name, new Alias($options['service'], true));
 
             return;
         }
@@ -121,11 +125,11 @@ public function createResourceOwnerService(ContainerBuilder $container, $name, a
                 throw new InvalidConfigurationException(sprintf('Class "%s" must implement interface "HWI\Bundle\OAuthBundle\OAuth\ResourceOwnerInterface".', $options['class']));
             }
 
-            $definition = new DefinitionDecorator('hwi_oauth.abstract_resource_owner.'.$type);
+            $definition = new $definitionClassname('hwi_oauth.abstract_resource_owner.'.$type);
             $definition->setClass($options['class']);
             unset($options['class']);
         } else {
-            $definition = new DefinitionDecorator('hwi_oauth.abstract_resource_owner.'.Configuration::getResourceOwnerType($type));
+            $definition = new $definitionClassname('hwi_oauth.abstract_resource_owner.'.Configuration::getResourceOwnerType($type));
             $definition->setClass("%hwi_oauth.resource_owner.$type.class%");
         }
 
@@ -154,31 +158,33 @@ public function getAlias()
      */
     private function createConnectIntegration(ContainerBuilder $container, array $config)
     {
+        $definitionClassname = $this->getDefinitionClassname();
+
         if (isset($config['connect'])) {
             $container->setParameter('hwi_oauth.connect', true);
 
             if (isset($config['fosub'])) {
                 $container->setParameter('hwi_oauth.fosub_enabled', true);
 
-                $definition = $container->setDefinition('hwi_oauth.user.provider.fosub_bridge', new DefinitionDecorator('hwi_oauth.user.provider.fosub_bridge.def'));
+                $definition = $container->setDefinition('hwi_oauth.user.provider.fosub_bridge', new $definitionClassname('hwi_oauth.user.provider.fosub_bridge.def'));
                 $definition->addArgument($config['fosub']['properties']);
 
                 // setup fosub bridge services
-                $container->setAlias('hwi_oauth.account.connector', 'hwi_oauth.user.provider.fosub_bridge');
+                $container->setAlias('hwi_oauth.account.connector', new Alias('hwi_oauth.user.provider.fosub_bridge', true));
 
-                $definition = $container->setDefinition('hwi_oauth.registration.form.handler.fosub_bridge', new DefinitionDecorator('hwi_oauth.registration.form.handler.fosub_bridge.def'));
+                $definition = $container->setDefinition('hwi_oauth.registration.form.handler.fosub_bridge', new $definitionClassname('hwi_oauth.registration.form.handler.fosub_bridge.def'));
                 $definition->addArgument($config['fosub']['username_iterations']);
 
-                $container->setAlias('hwi_oauth.registration.form.handler', 'hwi_oauth.registration.form.handler.fosub_bridge');
+                $container->setAlias('hwi_oauth.registration.form.handler', new Alias('hwi_oauth.registration.form.handler.fosub_bridge', true));
 
                 // enable compatibility with FOSUserBundle 1.3.x and 2.x
                 if (interface_exists('FOS\UserBundle\Form\Factory\FactoryInterface')) {
-                    $container->setAlias('hwi_oauth.registration.form.factory', 'fos_user.registration.form.factory');
+                    $container->setAlias('hwi_oauth.registration.form.factory', new Alias('fos_user.registration.form.factory', true));
                 } else {
                     // FOSUser 1.3 BC. To be removed.
                     $definition->setScope('request');
 
-                    $container->setAlias('hwi_oauth.registration.form', 'fos_user.registration.form');
+                    $container->setAlias('hwi_oauth.registration.form', new Alias('fos_user.registration.form', true));
                 }
             } else {
                 $container->setParameter('hwi_oauth.fosub_enabled', false);
@@ -191,7 +197,7 @@ private function createConnectIntegration(ContainerBuilder $container, array $co
                     continue;
                 }
 
-                $container->setAlias('hwi_oauth.'.str_replace('_', '.', $key), $serviceId);
+                $container->setAlias('hwi_oauth.'.str_replace('_', '.', $key), new Alias($serviceId, true));
             }
         } else {
             $container->setParameter('hwi_oauth.fosub_enabled', false);
@@ -220,7 +226,15 @@ protected function createHttplugClient(ContainerBuilder $container, array $confi
             );
         }
 
-        $container->setAlias('hwi_oauth.http.client', $config['http']['client']);
-        $container->setAlias('hwi_oauth.http.message_factory', $config['http']['message_factory']);
+        $container->setAlias('hwi_oauth.http.client', new Alias($config['http']['client'], true));
+        $container->setAlias('hwi_oauth.http.message_factory', new Alias($config['http']['message_factory'], true));
+    }
+
+    /**
+     * @return string
+     */
+    private function getDefinitionClassname()
+    {
+        return class_exists(ChildDefinition::class) ? ChildDefinition::class : DefinitionDecorator::class;
     }
 }
diff --git a/DependencyInjection/Security/Factory/OAuthFactory.php b/DependencyInjection/Security/Factory/OAuthFactory.php
index 2adbd16b2..43d7b308b 100644
--- a/DependencyInjection/Security/Factory/OAuthFactory.php
+++ b/DependencyInjection/Security/Factory/OAuthFactory.php
@@ -13,6 +13,7 @@
 
 use Symfony\Bundle\SecurityBundle\DependencyInjection\Security\Factory\AbstractFactory;
 use Symfony\Component\Config\Definition\Builder\NodeDefinition;
+use Symfony\Component\DependencyInjection\ChildDefinition;
 use Symfony\Component\DependencyInjection\ContainerBuilder;
 use Symfony\Component\DependencyInjection\DefinitionDecorator;
 use Symfony\Component\DependencyInjection\Parameter;
@@ -67,6 +68,8 @@ public function getPosition()
      */
     protected function createResourceOwnerMap(ContainerBuilder $container, $id, array $config)
     {
+        $definitionClassname = $this->getDefinitionClassname();
+
         $resourceOwnersMap = array();
         foreach ($config['resource_owners'] as $name => $checkPath) {
             $resourceOwnersMap[$name] = $checkPath;
@@ -74,7 +77,7 @@ protected function createResourceOwnerMap(ContainerBuilder $container, $id, arra
         $container->setParameter('hwi_oauth.resource_ownermap.configured.'.$id, $resourceOwnersMap);
 
         $container
-            ->setDefinition($this->getResourceOwnerMapReference($id), new DefinitionDecorator('hwi_oauth.abstract_resource_ownermap'))
+            ->setDefinition($this->getResourceOwnerMapReference($id), new $definitionClassname('hwi_oauth.abstract_resource_ownermap'))
             ->replaceArgument(2, new Parameter('hwi_oauth.resource_ownermap.configured.'.$id))
         ;
     }
@@ -96,12 +99,13 @@ protected function getResourceOwnerMapReference($id)
      */
     protected function createAuthProvider(ContainerBuilder $container, $id, $config, $userProviderId)
     {
+        $definitionClassname = $this->getDefinitionClassname();
         $providerId = 'hwi_oauth.authentication.provider.oauth.'.$id;
 
         $this->createResourceOwnerMap($container, $id, $config);
 
         $container
-            ->setDefinition($providerId, new DefinitionDecorator('hwi_oauth.authentication.provider.oauth'))
+            ->setDefinition($providerId, new $definitionClassname('hwi_oauth.authentication.provider.oauth'))
             ->addArgument($this->createOAuthAwareUserProvider($container, $id, $config['oauth_user_provider']))
             ->addArgument($this->getResourceOwnerMapReference($id))
             ->addArgument(new Reference('hwi_oauth.user_checker'))
@@ -113,18 +117,19 @@ protected function createAuthProvider(ContainerBuilder $container, $id, $config,
 
     protected function createOAuthAwareUserProvider(ContainerBuilder $container, $id, $config)
     {
+        $definitionClassname = $this->getDefinitionClassname();
         $serviceId = 'hwi_oauth.user.provider.entity.'.$id;
 
         // todo: move this to factories?
         switch (key($config)) {
             case 'oauth':
                 $container
-                    ->setDefinition($serviceId, new DefinitionDecorator('hwi_oauth.user.provider'))
+                    ->setDefinition($serviceId, new $definitionClassname('hwi_oauth.user.provider'))
                 ;
                 break;
             case 'orm':
                 $container
-                    ->setDefinition($serviceId, new DefinitionDecorator('hwi_oauth.user.provider.entity'))
+                    ->setDefinition($serviceId, new $definitionClassname('hwi_oauth.user.provider.entity'))
                     ->addArgument($config['orm']['class'])
                     ->addArgument($config['orm']['properties'])
                     ->addArgument($config['orm']['manager_name'])
@@ -147,7 +152,7 @@ protected function createEntryPoint($container, $id, $config, $defaultEntryPoint
         $entryPointId = 'hwi_oauth.authentication.entry_point.oauth.'.$id;
 
         $container
-            ->setDefinition($entryPointId, new DefinitionDecorator('hwi_oauth.authentication.entry_point.oauth'))
+            ->setDefinition($entryPointId, new $definitionClassname('hwi_oauth.authentication.entry_point.oauth'))
             ->addArgument($config['login_path'])
             ->addArgument($config['use_forward'])
         ;
@@ -253,4 +258,12 @@ private function addResourceOwnersConfiguration(NodeDefinition $node)
             ->end()
         ;
     }
+
+    /**
+     * @return string
+     */
+    private function getDefinitionClassname()
+    {
+        return class_exists(ChildDefinition::class) ? ChildDefinition::class : DefinitionDecorator::class;
+    }
 }
diff --git a/Resources/config/http_client.xml b/Resources/config/http_client.xml
index 334fb0539..6077b8013 100644
--- a/Resources/config/http_client.xml
+++ b/Resources/config/http_client.xml
@@ -5,7 +5,7 @@
            xsi:schemaLocation="http://symfony.com/schema/dic/services http://symfony.com/schema/dic/services/services-1.0.xsd">
 
     <services>
-        <service id="hwi_oauth.http_client" class="Http\Client\Common\HttpMethodsClient">
+        <service id="hwi_oauth.http_client" class="Http\Client\Common\HttpMethodsClient" public="true">
             <argument type="service" id="hwi_oauth.http.client"/>
             <argument type="service" id="hwi_oauth.http.message_factory"/>
         </service>
diff --git a/Resources/config/oauth.xml b/Resources/config/oauth.xml
index 1362700b1..afe263dbb 100644
--- a/Resources/config/oauth.xml
+++ b/Resources/config/oauth.xml
@@ -123,7 +123,7 @@
             <argument type="service" id="session" />
         </service>
 
-        <service id="hwi_oauth.security.oauth_utils" class="%hwi_oauth.security.oauth_utils.class%">
+        <service id="hwi_oauth.security.oauth_utils" class="%hwi_oauth.security.oauth_utils.class%" public="true">
             <argument type="service" id="security.http_utils" />
             <argument type="service" id="security.authorization_checker" />
             <argument>%hwi_oauth.connect%</argument>
diff --git a/Tests/OAuth/ResourceOwner/BufferAppResourceOwnerTest.php b/Tests/OAuth/ResourceOwner/BufferAppResourceOwnerTest.php
index 7f6f52d0a..41c03d822 100644
--- a/Tests/OAuth/ResourceOwner/BufferAppResourceOwnerTest.php
+++ b/Tests/OAuth/ResourceOwner/BufferAppResourceOwnerTest.php
@@ -41,8 +41,8 @@ public function testGetUserInformation()
         $this->assertEquals('4f0c0a06512f7ef214000000', $userResponse->getUsername());
         $this->assertEquals('4f0c0a06512f7ef214000000', $userResponse->getNickname());
         $this->assertEquals('4f0c0a06512f7ef214000000', $userResponse->getRealName());
-        $this->assertEquals(null, $userResponse->getEmail());
-        $this->assertEquals(null, $userResponse->getProfilePicture());
+        $this->assertNull($userResponse->getEmail());
+        $this->assertNull($userResponse->getProfilePicture());
         $this->assertEquals('token', $userResponse->getAccessToken());
         $this->assertNull($userResponse->getRefreshToken());
         $this->assertNull($userResponse->getExpiresIn());
diff --git a/composer.json b/composer.json
index 0246e530f..1051d4844 100644
--- a/composer.json
+++ b/composer.json
@@ -93,12 +93,12 @@
 
     "require": {
         "php":                            "^5.6|^7.0",
-        "symfony/framework-bundle":       "^2.7|^3.0|^4.0",
-        "symfony/security-bundle":        "^2.7|^3.0|^4.0",
-        "symfony/options-resolver":       "^2.7|^3.0|^4.0",
-        "symfony/form":                   "^2.7|^3.0|^4.0",
-        "symfony/yaml":                   "^2.7|^3.0|^4.0",
-        "symfony/templating":             "^2.7|^3.0|^4.0",
+        "symfony/framework-bundle":       "^2.8|^3.0|^4.0",
+        "symfony/security-bundle":        "^2.8|^3.0|^4.0",
+        "symfony/options-resolver":       "^2.8|^3.0|^4.0",
+        "symfony/form":                   "^2.8|^3.0|^4.0",
+        "symfony/yaml":                   "^2.8|^3.0|^4.0",
+        "symfony/templating":             "^2.8|^3.0|^4.0",
 
         "psr/http-message":               "^1.0",
         "php-http/client-implementation": "^1.0",
@@ -110,11 +110,11 @@
 
     "require-dev": {
         "doctrine/orm":                 "^2.3",
-        "symfony/property-access":      "^2.7|^3.0|^4.0",
-        "symfony/validator":            "^2.7|^3.0|^4.0",
-        "symfony/twig-bundle":          "^2.7|^3.0|^4.0",
-        "symfony/stopwatch":            "^2.7|^3.0|^4.0",
-        "symfony/phpunit-bridge":       "^2.7|^3.0|^4.0",
+        "symfony/property-access":      "^2.8|^3.0|^4.0",
+        "symfony/validator":            "^2.8|^3.0|^4.0",
+        "symfony/twig-bundle":          "^2.8|^3.0|^4.0",
+        "symfony/stopwatch":            "^2.8|^3.0|^4.0",
+        "symfony/phpunit-bridge":       "^2.8|^3.0|^4.0",
         "friendsofsymfony/user-bundle": "^1.3|^2.0",
         "php-http/httplug-bundle":      "^1.7",
         "php-http/guzzle6-adapter":     "^1.1",