tozny / e3db
PHP client library for Tozny's End-to-End Encrypted Database.
Requires
- php: >=7.0
- guzzlehttp/guzzle: ^6.3
- paragonie/sodium_compat: ^1.0
- sainsburys/guzzle-oauth2-plugin: ^3.0
Requires (Dev)
- phpunit/phpunit: ^6.2
- satooshi/php-coveralls: ^1.0
- vlucas/phpdotenv: ^2.4
This package is not auto-updated.
Last update: 2024-12-22 03:05:44 UTC
README
Introduction
TozStore (formerly E3DB) is a storage platform with powerful sharing and consent management features. Read more on our web site.
TozStore provides a familiar JSON-based NoSQL-style API for reading, writing, and querying data stored securely in the cloud.
Installation
Composer
To install with composer add the following to your composer.json
file:
"require": {
"tozny/e3db": "1.2.0"
}
Then run php composer.phar install
Registering a client
Register an account with Tozny to get started. From the Admin Console you can create clients directly (and grab their credentials from the console) or create registration tokens to dynamically create clients with Tozny\E3DB\Client::register()
. Clients registered from within the console will automatically back their credentials up to your account. Clients created dynamically via the SDK can optionally back their credentials up to your account.
For a more complete walkthrough, see /examples/registration.php
.
Without Credential Backup
$token = '...'; $client_name = '...'; list($public_key, $private_key) = \Tozny\E3DB\Client::generate_keypair(); $client_info = \Tozny\E3DB\Client::register($token, $client_name, $public_key);
The object returned from the server contains the client's UUID, API key, and API secret (as well as echos back the public key passed during registration). It's your responsibility to store this information locally as it will not be recoverable without credential backup.
With Credential Backup
$token = '...'; $client_name = '...'; list($public_key, $private_key) = \Tozny\E3DB\Client::generate_keypair(); $client_info = \Tozny\E3DB\Client::register($token, $client_name, $public_key, $private_key, true);
The private key must be passed to the registration handler when backing up credentials as it is used to cryptographically sign the encrypted backup file stored on the server. The private key never leaves the system, and the stored credentials will only be accessible to the newly-registered client itself or the account with which it is registered.
Loading configuration and creating a client
Configuration is managed at runtime by instantiating a Tozny\E3DB\Config
object with your client's credentials.
/** * Assuming your credentials are stored as defined constants in the * application, pass them each into the configuration constructor as * follows: */ $config = new \Tozny\E3DB\Config( CLIENT_ID, API_KEY_ID, API_SECRET, PUBLIC_KEY, PRIVATE_KEY, API_URL ); /** * Pass the configuration to the default coonection handler, which * uses Guzzle for requests. If you need a different library for * requests, subclass `\Tozny\E3DB\Connection` and pass an instance * of your custom implementation to the client instead. */ $connection = new \Tozny\E3DB\Connection\GuzzleConnection($config); /** * Pass both the configuration and connection handler when building * a new client instance. */ $client = new \Tozny\E3DB\Client($config, $connection);
Usage
Writing a record
To write new records to the database, call the Tozny\E3DB\Client::write
method with a string describing the type of data to be written, along with an associative array containing the fields of the record. Tozny\E3DB\Client::write
returns the newly created record.
$record = $client->write('contact', [ 'first_name' => 'Jon', 'last_name' => 'Snow', 'phone' => '555-555-1212', ]); echo sprintf("Wrote record %s\n", $record->meta->record_id);
Querying records
E3DB supports many options for querying records based on the fields stored in record metadata. Refer to the API documentation for the complete set of options that can be passed to Tozny\E3DB\Client::query
.
For example, to list all records of type contact
and print a simple report containing names and phone numbers:
$data = true; $raw = false; $writer = null; $record = null; $type = 'contact'; $records = $client->query($data, $raw, $writer, $record, $type); foreach($records as $record) { $fullname = $record->data['first_name'] . ' ' . $record->data['last_name']; echo sprintf("%-40s %s\n", $fullname, $record->data['phone']); }
In this example, the Tozny\E3DB\Client::query
method returns an iterator that contains each record that matches the query.
More examples
See the simple example code for runnable detailed examples.
Development
Before running tests, create a registration token through your Tozny account.
Store the registration token in a .env
file at the project root (see .env.example
for the example file layout). The integration tests will use this token to dynamically create test clients.
After checking out the repo, install dependencies using composer install
then run PHPUnit with ./vendor/bin/phpunit
to execute all of the integration tests.
Documentation
General TozStore documentation is on our developer site.
Contributing
Bug reports and pull requests are welcome on GitHub at https://github.com/tozny/e3db-php.