From 2cf7d6300ba243633eec7f5c420b8495c2f1ed60 Mon Sep 17 00:00:00 2001 From: Mark Ogilvie Date: Mon, 20 Feb 2023 15:09:59 +0000 Subject: [PATCH] Refactor for flex. Add multiple connection definitions --- CHANGELOG.md | 3 +++ README.md | 37 ++++++++++++--------------- src/Encryptors/EncryptorInterface.php | 5 ++-- src/SpecShaperEncryptBundle.php | 3 +++ 4 files changed, 26 insertions(+), 22 deletions(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index daf4e18..0257726 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -2,6 +2,9 @@ ## 3.0.2 (2022-11-xx) Update Add attribute support for #[Encrypted] attributes instead of @Encrypted annotations. +Add option to catch doctrine events from multiple connections. +Add encrypt and decrypt CLI commands. +Refactor for symfony flex and Symfony 6 recommended third party bundle structure ## 3.0.1 (2022-03-13) Symfony 6 and PHP 8 Major backward compatibility breaking change to Symfony 6 and PHP 8. diff --git a/README.md b/README.md index 56e85d3..65ae83a 100644 --- a/README.md +++ b/README.md @@ -5,7 +5,7 @@ A bundle to handle encoding and decoding of parameters using OpenSSL and Doctrin Features include: - V3 is Symfony 5.4|6 PHP 8 - V2 is Symfony 5. -- v1 is Symfony 3.4 and not active any more. +- v1 is Symfony 3.4 and not active anymore. - Uses OpenSSL - Uses Lifecycle events @@ -87,39 +87,36 @@ $ bin/console encrypt:genkey Copy the key into your .env file. ``` ###> encrypt-bundle ### -ENCRYPT_KEY= +ENCRYPT_KEY= change_me! ###< encrypt-bundle ### ``` -And resolve in your parameters file. +And resolve in your packages yaml file. ```yaml -// app/config/parameters.yml - ... - encrypt_key: '%env(resolve:ENCRYPT_KEY)%' +# app/config/packages/spec_shaper_encrypt.yaml +spec_shaper_encrypt: + encrypt_key: '%env(ENCRYPT_KEY)%' + is_disabled: false # Turn this to true to disable the encryption. + connections: # Optional, define the connection name(s) for the subscriber to listen to. + - 'default' + - 'tenant' + subscriber_class: App\Subscriber\MyCustomSubscriber # Optional to override the bundle Doctrine event subscriber. + encryptor_class: App\Encryptors\MyCustomEncryptor # Optional to override the bundle OpenSslEncryptor. + annotation_classes: # Optional to override the default annotation/Attribute object. + - App\Annotation\MyAttribute ``` -A config file entry is not required, however there are some options that -can be configured to extend the bundle. - -```yaml -# The encryptor service created by the factory according to the passed method and using the encrypt_key -SpecShaper\EncryptBundle\Encryptors\EncryptorInterface: - factory: ['@SpecShaper\EncryptBundle\Encryptors\EncryptorFactory','createService'] - arguments: - $encryptKey: '%spec_shaper_encrypt.encrypt_key%' - $encryptorClass: '%spec_shaper_encrypt.encryptor_class%' #optional -``` You can disable encryption by setting the 'is_disabled' option to true. Decryption still continues if any values contain the \ suffix. -You can pass the class name of your own encyptor service using the optional encryptorClass option. - You can extend the EncryptBundle default Subscriber and override its methods. Use the 'subscriber_class' option to point the bundle at your custom subscriber. If you want to define your own annotation/attribute, then this can be used to trigger encryption by adding the annotation class name to the 'annotation_classes' option array. +You can pass the class name of your own encyptor service using the optional encryptorClass option. + ### Alternative EncryptKeyEvent The EncryptKey can be set via a dispatched event listener, which overrides any .env or param.yml defined key. Create a listener for the EncryptKeyEvents::LOAD_KEY event and set your encryption key at that point. @@ -161,7 +158,7 @@ will be discontinued in the next major update. * * @Encrypted * Note that the above Encrypted property is a legacy annotation, and while - * it still is supported, it will be deprecated in favour of Attributes . + * it still is supported, it will be deprecated in favour of Attributes. * * @ORM\Column(type="string", nullable=true) */ diff --git a/src/Encryptors/EncryptorInterface.php b/src/Encryptors/EncryptorInterface.php index e09dc92..f5eb8ae 100644 --- a/src/Encryptors/EncryptorInterface.php +++ b/src/Encryptors/EncryptorInterface.php @@ -8,12 +8,13 @@ interface EncryptorInterface { public function setSecretKey(string $key): void; + /** * Must accept data and return encrypted data. * - * @param string $data Unencrypted string + * @param string|null $data Unencrypted string * - * @return string Encrypted string + * @return string|null Encrypted string */ public function encrypt(?string $data): ?string; diff --git a/src/SpecShaperEncryptBundle.php b/src/SpecShaperEncryptBundle.php index 7a2eeec..4d2e99f 100644 --- a/src/SpecShaperEncryptBundle.php +++ b/src/SpecShaperEncryptBundle.php @@ -5,6 +5,7 @@ namespace SpecShaper\EncryptBundle; use SpecShaper\EncryptBundle\Annotations\Encrypted; +use SpecShaper\EncryptBundle\Encryptors\OpenSslEncryptor; use SpecShaper\EncryptBundle\Subscribers\DoctrineEncryptSubscriber; use SpecShaper\EncryptBundle\Subscribers\EncryptEventSubscriber; use Symfony\Component\Config\Definition\Configurator\DefinitionConfigurator; @@ -28,6 +29,7 @@ public function configure(DefinitionConfigurator $definition): void ->scalarNode('encrypt_key')->end() ->scalarNode('method')->defaultValue('OpenSSL')->end() ->scalarNode('subscriber_class')->defaultValue(DoctrineEncryptSubscriber::class)->end() + ->scalarNode('encryptor_class')->defaultValue(OpenSslEncryptor::class)->end() ->scalarNode('is_disabled')->defaultValue(false)->end() ->arrayNode('connections') ->treatNullLike([]) @@ -60,6 +62,7 @@ public function loadExtension(array $config, ContainerConfigurator $container, C $container->parameters()->set($this->extensionAlias.'.encrypt_key', $encryptKey); $container->parameters()->set($this->extensionAlias.'.method', $config['method']); $container->parameters()->set($this->extensionAlias.'.subscriber_class', $config['subscriber_class']); + $container->parameters()->set($this->extensionAlias.'.encryptor_class', $config['encryptor_class']); $container->parameters()->set($this->extensionAlias.'.annotation_classes', $config['annotation_classes']); $container->parameters()->set($this->extensionAlias.'.is_disabled', $config['is_disabled']);