tozny/e3db

PHP client library for Tozny's End-to-End Encrypted Database.

1.2.0 2019-02-15 17:05 UTC

This package is not auto-updated.

Last update: 2024-12-22 03:05:44 UTC


README

PHP 7.0+ Build Status Coverage Status Packagist

Introduction

TozStore (formerly E3DB) is a storage platform with powerful sharing and consent management features. Read more on our web site.

TozStore provides a familiar JSON-based NoSQL-style API for reading, writing, and querying data stored securely in the cloud.

Installation

Composer

To install with composer add the following to your composer.json file:

"require": {
    "tozny/e3db": "1.2.0"
}

Then run php composer.phar install

Registering a client

Register an account with Tozny to get started. From the Admin Console you can create clients directly (and grab their credentials from the console) or create registration tokens to dynamically create clients with Tozny\E3DB\Client::register(). Clients registered from within the console will automatically back their credentials up to your account. Clients created dynamically via the SDK can optionally back their credentials up to your account.

For a more complete walkthrough, see /examples/registration.php.

Without Credential Backup

$token = '...';
$client_name = '...';

list($public_key, $private_key) = \Tozny\E3DB\Client::generate_keypair();
$client_info = \Tozny\E3DB\Client::register($token, $client_name, $public_key);

The object returned from the server contains the client's UUID, API key, and API secret (as well as echos back the public key passed during registration). It's your responsibility to store this information locally as it will not be recoverable without credential backup.

With Credential Backup

$token = '...';
$client_name = '...';

list($public_key, $private_key) = \Tozny\E3DB\Client::generate_keypair();
$client_info = \Tozny\E3DB\Client::register($token, $client_name, $public_key, $private_key, true);

The private key must be passed to the registration handler when backing up credentials as it is used to cryptographically sign the encrypted backup file stored on the server. The private key never leaves the system, and the stored credentials will only be accessible to the newly-registered client itself or the account with which it is registered.

Loading configuration and creating a client

Configuration is managed at runtime by instantiating a Tozny\E3DB\Config object with your client's credentials.

/**
 * Assuming your credentials are stored as defined constants in the
 * application, pass them each into the configuration constructor as
 * follows:
 */
$config = new \Tozny\E3DB\Config(
  CLIENT_ID,
  API_KEY_ID,
  API_SECRET,
  PUBLIC_KEY,
  PRIVATE_KEY,
  API_URL
);

/**
 * Pass the configuration to the default coonection handler, which
 * uses Guzzle for requests. If you need a different library for
 * requests, subclass `\Tozny\E3DB\Connection` and pass an instance
 * of your custom implementation to the client instead.
 */
$connection = new \Tozny\E3DB\Connection\GuzzleConnection($config);

/**
 * Pass both the configuration and connection handler when building
 * a new client instance.
 */
$client = new \Tozny\E3DB\Client($config, $connection);

Usage

Writing a record

To write new records to the database, call the Tozny\E3DB\Client::write method with a string describing the type of data to be written, along with an associative array containing the fields of the record. Tozny\E3DB\Client::write returns the newly created record.

$record = $client->write('contact', [
  'first_name' => 'Jon',
  'last_name'  => 'Snow',
  'phone'      => '555-555-1212',
]);

echo sprintf("Wrote record %s\n", $record->meta->record_id);

Querying records

E3DB supports many options for querying records based on the fields stored in record metadata. Refer to the API documentation for the complete set of options that can be passed to Tozny\E3DB\Client::query.

For example, to list all records of type contact and print a simple report containing names and phone numbers:

$data = true;
$raw = false;
$writer = null;
$record = null;
$type = 'contact';

$records = $client->query($data, $raw, $writer, $record, $type);
foreach($records as $record) {
  $fullname = $record->data['first_name'] . ' ' . $record->data['last_name'];
  echo sprintf("%-40s %s\n", $fullname, $record->data['phone']);
}

In this example, the Tozny\E3DB\Client::query method returns an iterator that contains each record that matches the query.

More examples

See the simple example code for runnable detailed examples.

Development

Before running tests, create a registration token through your Tozny account.

Store the registration token in a .env file at the project root (see .env.example for the example file layout). The integration tests will use this token to dynamically create test clients.

After checking out the repo, install dependencies using composer install then run PHPUnit with ./vendor/bin/phpunit to execute all of the integration tests.

Documentation

General TozStore documentation is on our developer site.

Contributing

Bug reports and pull requests are welcome on GitHub at https://github.com/tozny/e3db-php.