dragonbe/connect-sdk-php

The 1Password Connect PHP SDK provides your PHP applications access to the 1Password Connect API hosted on your infrastructure and leverage the power of 1Password Secrets Automation

dev-main 2022-06-29 09:43 UTC

This package is auto-updated.

Last update: 2024-04-29 05:05:26 UTC


README

The 1Password Connect PHP SDK provides your PHP applications access to the 1Password Connect API hosted on your infrastructure and leverage the power of 1Password Secrets Automation

The library can be used by PHP applications, tools, and other automations to access and manage items in 1Password Vaults.

Installation

You can install the SDK using composer

composer require dragonbe/connect-sdk-php

Usage

To use the 1Password Connect SDK for PHP, there are two components necessary:

  1. The 1Password Connect SDK for PHP (this library)
  2. The 1Password Connect Server

Besides these components, you need to configure 1Password (admin level) to allow "Secrets Automation". This process is fully documented by 1Password, so please visit 1Password Secrets Automation Workflow documentation first. Without the 1Password Connect Server, this library will not work.

The rest of this documentation makes the assumption you have the 1Password Connect Server already configured and is listening to port 8080 on localhost. With cURL it is possible to verify this.

curl \                   
  -H "Accept: application/json" \
  -H "Authorization: Bearer $OP_API_TOKEN" \
  http://127.0.0.1:8080/v1/vaults

If you receive a successful response with data from your vaults, you have successfully set up your 1Password Connect Server. If not, review the documentation to find out if you skipped a step.

[
  {
    "id": "xxxxxxxxxxxxxxxxxxxxxxxxxx",
    "name": "Shared Secrets",
    "content_version": 3,
    "description": "Shared secrets for APIs, online services, and more",
    "attribute_version": 1,
    "items": 2,
    "type": "USER_CREATED",
    "created_at": "2021-05-01T15:20:46Z",
    "updated_at": "2022-06-22T14:33:39Z"
  }
]

The rest of this documentation will focus on the usage of the 1Password Connect SDK for PHP.

1Password Connect SDK for PHP

Environment Variables

In this current version I'm not using environment variables.

Configuration Settings

For the configuration of the 1Password Connect SDK for PHP I use a PHP config file local.php in the directory /config. This file is ignored by source control, so it does not accidentally make it into the repository exposing the secret access token.

<?php
declare(strict_types=1);

return [
    '1password' => [
        'access_token' => '*******', // The access token you received from 1Password configuration
    ],
];

PROTIP: Make sure that this file is read-only, and only accessible for the user account that will run this SDK.

Creating an API client

For the API client (this library) we need to use this configuration file. The bare minimum you should code is the following:

<?php
declare(strict_types=1);

use OnePassword\Connect\OnePasswordConnectFactory;

require_once __DIR__ . '/../vendor/autoload.php';
$config = require_once __DIR__ . '/config/local.php';

$opc = OnePasswordConnectFactory::create($config['1password']['access_token']);

Retrieving Vaults

Retrieving a list of vaults who have been assigned to this access token, requires a few more lines.

// List a list of vaults
$vaults = $opc->listVaults();
foreach ($vaults as $vault) {
    echo 'Vault: ' . $vault->getName() . ' (' . $vault->getId() . ')' .PHP_EOL;
}

This will return something like the following output:

Vault: Shared Secrets (xxxxxxxxxxxxxxxxxxxxxxxxxx)
Shared Secrets contains 2 item(s)

To retrieve items in those vaults, a few more lines are needed:

$items = $opc->listItems('xxxxxxxxxxxxxxxxxxxxxxxxxx');
foreach ($items as $item) {
    echo 'Item title: ' . $item->getTitle() . PHP_EOL;
}

This will return you the following output:

Item title: Azure Test Access Token: PHP SDK Example v1.0.0
Item title: Azure API Manager

Interacting with Items

Custom HTTPClient

Logging with psr/log

The 1Password Connect PHP client uses the psr/log library to log runtime information.

Development

This project is a work in progress and has been put a side for a while because of other priorities in life. Updates will appear if you watch this repository for updates.

Running Tests

To execute the unit tests, you can use composer test and it will fire up all PHPUnit tests.

About 1Password

1Password is the world’s most-loved password manager. By combining industry-leading security and award-winning design, the company provides private, secure, and user-friendly password management to businesses and consumers globally. More than 60,000 business customers trust 1Password as their enterprise password manager.

Security

1Password requests you practice responsible disclosure if you discover a vulnerability. Please submit discoveries via BugCrowd.

For information about security practices, please visit our Security homepage.