matiux / broadway-sensitive-serializer-bundle
Bundle for serializer implementation with support for data sensitization
Installs: 127
Dependents: 0
Suggesters: 0
Security: 0
Stars: 0
Watchers: 1
Forks: 0
Open Issues: 0
Type:symfony-bundle
Requires
- php: ^7.4|^8
- broadway/broadway-bundle: ^0.5 | ^0.6
- matiux/broadway-sensitive-serializer: ^0.3.0
- symfony/console: ^5.4 | ^6.0
- symfony/polyfill-php81: ^1.0
Requires (Dev)
- friendsofphp/php-cs-fixer: ^3.1
- matiux/php-project-autopilot: dev-master
- matthiasnoback/symfony-dependency-injection-test: ^4.3
- mockery/mockery: ^1.4
- phpunit/phpunit: ^9.5
- psalm/plugin-mockery: ^0.9.0
- psalm/plugin-phpunit: ^0.16.1
- psalm/plugin-symfony: ^3.1
- roave/security-advisories: dev-latest
- symfony/framework-bundle: ^5.3 | ^6.0
- symfony/var-dumper: ^5.3 | ^6.0
- symfony/yaml: ^5.4 | ^6.0
- vimeo/psalm: ^4.10
Suggests
- broadway-sensitive-serializer-dbal: Broadway sensitive serializer dbal implementation using doctrine/dbal
- broadway/event-store-dbal: Event store implementation using doctrine/dbal
README
This bundle is the wrapper for the Broadway Sensitive Serializer library. You can find more info on the base library here.
Setup for development
git clone https://github.com/matiux/broadway-sensitive-serializer-bundle.git && cd broadway-sensitive-serializer-bundle cp docker/docker-compose.override.dist.yml docker/docker-compose.override.yml rm -rf .git/hooks && ln -s ../scripts/git-hooks .git/hooks
Install dependencies to run test or execute examples
make build-php ARG="--no-cache" make upd make composer ARG="install"
Run test
make build-php ARG="--no-cache"
make upd
make phpunit
Whole Strategy configuration
broadway_sensitive_serializer: aggregate_master_key: 'm4$t3rS3kr3tk31' # Master key to encrypt the keys of aggregates. Get it from an external service or environment variable key_generator: open-ssl # For now is the only one generator implemented # To use the DBAL implementation, install matiux/broadway-sensitive-serializer-dbal package with composer aggregate_keys: broadway_sensitive_serializer.aggregate_keys.dbal #aggregate_keys: broadway_sensitive_serializer.aggregate_keys.in_memory # Default implementation, of little use outside of testing data_manager: name: AES256 # For now, it is the only encryption strategy implemented key: null # Encryption key to sensitize data. If null you will need to pass the key at runtime. This is the convenient way, check out the examples and wiki on main library iv: null # Initialization vector. If null it will be generated internally and iv_encoding must be set to true. This is the convenient way, check out the examples and wiki on main library iv_encoding: true # Encrypt the iv and is appends to encrypted value. It makes sense to set it to true if the iv option is set to null. This is the convenient way, check out the examples and wiki on main library #--- Alternatively ----- #data_manager: # name: AES256 # parameters: # AES256: # key: null # iv: null # iv_encoding: true strategy: name: whole aggregate_key_auto_creation: true # Enable AggregateKey model auto creation. This is the convenient way, check out the examples and wiki on main library value_serializer: json # Strategy to serialize payload's values. Default json excluded_id_key: id # The key of the aggregate id which should not be encrypted excluded_keys: # List of keys to be excluded from encryption - occurred_at events: # List of events supported by the strategy - SensitiveUser\User\Domain\Event\AddressAdded - SensitiveUser\User\Domain\Event\UserRegistered #--- Alternatively ----- #strategy: # name: whole # parameters: # whole: # aggregate_key_auto_creation: true # value_serializer: json # excluded_id_key: id # excluded_keys: # - occurred_at # events: # - SensitiveUser\User\Domain\Event\AddressAdded # - SensitiveUser\User\Domain\Event\UserRegistered
Partial Strategy configuration
broadway_sensitive_serializer: aggregate_master_key: 'm4$t3rS3kr3tk31' # Master key to encrypt the keys of aggregates. Get it from an external service or environment variable key_generator: open-ssl # For now is the only one generator implemented # To use the DBAL implementation, install matiux/broadway-sensitive-serializer-dbal package with composer aggregate_keys: broadway_sensitive_serializer.aggregate_keys.dbal #aggregate_keys: broadway_sensitive_serializer.aggregate_keys.in_memory # Default implementation, of little use outside of testing data_manager: name: AES256 # For now, it is the only encryption strategy implemented key: null # Encryption key to sensitize data. If null you will need to pass the key at runtime. This is the convenient way, check out the examples and wiki on main library iv: null # Initialization vector. If null it will be generated internally and iv_encoding must be set to true. This is the convenient way, check out the examples and wiki on main library iv_encoding: true # Encrypt the iv and is appends to encrypted value. It makes sense to set it to true if the iv option is set to null. This is the convenient way, check out the examples and wiki on main library #--- Alternatively ----- #data_manager: # name: AES256 # parameters: # AES256: # key: null # iv: null # iv_encoding: true strategy: name: partial aggregate_key_auto_creation: true # Enable AggregateKey model auto creation. This is the convenient way, check out the examples and wiki on main library value_serializer: json # Strategy to serialize payload's values. Default json events: # List of events supported by the strategy - SensitiveUser\User\Domain\Event\AddressAdded: - address # List of keys to sensitize - SensitiveUser\User\Domain\Event\UserRegistered: - name - surname #--- Alternatively ----- #strategy: # name: partial # parameters: # partial: # aggregate_key_auto_creation: true # value_serializer: json # events: # - SensitiveUser\User\Domain\Event\AddressAdded: # - address # - SensitiveUser\User\Domain\Event\UserRegistered: # - name # - surname
Custom Strategy configuration
broadway_sensitive_serializer: aggregate_master_key: 'm4$t3rS3kr3tk31' # Master key to encrypt the keys of aggregates. Get it from an external service or environment variable key_generator: open-ssl # For now is the only one generator implemented # To use the DBAL implementation, install matiux/broadway-sensitive-serializer-dbal package with composer aggregate_keys: broadway_sensitive_serializer.aggregate_keys.dbal #aggregate_keys: broadway_sensitive_serializer.aggregate_keys.in_memory # Default implementation, of little use outside of testing data_manager: name: AES256 # For now, it is the only encryption strategy implemented key: null # Encryption key to sensitize data. If null you will need to pass the key at runtime. This is the convenient way, check out the examples and wiki on main library iv: null # Initialization vector. If null it will be generated internally and iv_encoding must be set to true. This is the convenient way, check out the examples and wiki on main library iv_encoding: true # Encrypt the iv and is appends to encrypted value. It makes sense to set it to true if the iv option is set to null. This is the convenient way, check out the examples and wiki on main library #--- Alternatively ----- #data_manager: # name: AES256 # parameters: # AES256: # key: null # iv: null # iv_encoding: true strategy: name: custom aggregate_key_auto_creation: true # Enable AggregateKey model auto creation. This is the convenient way, check out the examples and wiki on main library value_serializer: json # Strategy to serialize payload's values. Default json #--- Alternatively ----- #strategy: # name: custom # parameters: # custom: # aggregate_key_auto_creation: true # value_serializer: json