matiux/broadway-sensitive-serializer-bundle

支持数据敏感化的序列化实现捆绑包

维护者

详细信息

github.com/matiux/broadway-sensitive-serializer-bundle

源代码

问题

安装: 125

依赖项: 0

建议者: 0

安全性: 0

星标: 0

关注者: 1

分支: 0

公开问题: 0

类型:symfony-bundle

v1.0.1 2022-09-20 22:01 UTC

Requires

Requires (Dev)

Suggests

  • broadway-sensitive-serializer-dbal: Broadway sensitive serializer dbal implementation using doctrine/dbal
  • broadway/event-store-dbal: Event store implementation using doctrine/dbal

MIT 41a44c65abcc6a34d381c55e5e2ff9e9a374e3df

  • Matteo Galacci <m.galacci.woop@gmail.com>

symfonybundleserializerdddcqrsdomain-driven designevent sourcingsensitizationgdpr

This package is auto-updated.

Last update: 2024-09-21 02:15:06 UTC

README

check dependencies test codecov type coverage psalm level security analysis status coding standards status

此捆绑包是 Broadway 敏感序列化库 的包装器。您可以在此处找到有关基本库的更多信息。

开发配置

git clone https://github.com/matiux/broadway-sensitive-serializer-bundle.git && cd broadway-sensitive-serializer-bundle
cp docker/docker-compose.override.dist.yml docker/docker-compose.override.yml
rm -rf .git/hooks && ln -s ../scripts/git-hooks .git/hooks

安装依赖项以运行测试或执行示例

make build-php ARG="--no-cache"
make upd
make composer ARG="install"

运行测试

make build-php ARG="--no-cache"
make upd
make phpunit

整体策略配置

阅读文档

broadway_sensitive_serializer:
  aggregate_master_key: 'm4$t3rS3kr3tk31' # Master key to encrypt the keys of aggregates. Get it from an external service or environment variable
  key_generator: open-ssl # For now is the only one generator implemented
  # To use the DBAL  implementation, install matiux/broadway-sensitive-serializer-dbal package with composer
  aggregate_keys: broadway_sensitive_serializer.aggregate_keys.dbal
  #aggregate_keys: broadway_sensitive_serializer.aggregate_keys.in_memory # Default implementation, of little use outside of testing
  data_manager:
    name: AES256 # For now, it is the only encryption strategy implemented
    key: null # Encryption key to sensitize data. If null you will need to pass the key at runtime. This is the convenient way, check out the examples and wiki on main library
    iv: null # Initialization vector. If null it will be generated internally and iv_encoding must be set to true. This is the convenient way, check out the examples and wiki on main library
    iv_encoding: true # Encrypt the iv and is appends to encrypted value. It makes sense to set it to true if the iv option is set to null. This is the convenient way, check out the examples and wiki on main library
    #--- Alternatively -----
    #data_manager:
    #  name: AES256
    #  parameters:
    #    AES256:
    #      key: null
    #      iv: null
    #      iv_encoding: true
  strategy:
    name: whole
    aggregate_key_auto_creation: true # Enable AggregateKey model auto creation. This is the convenient way, check out the examples and wiki on main library
    value_serializer: json # Strategy to serialize payload's values. Default json
    excluded_id_key: id # The key of the aggregate id which should not be encrypted
    excluded_keys: # List of keys to be excluded from encryption
      - occurred_at
    events: # List of events supported by the strategy
      - SensitiveUser\User\Domain\Event\AddressAdded
      - SensitiveUser\User\Domain\Event\UserRegistered
  #--- Alternatively -----
  #strategy:
  #  name: whole
  #  parameters:
  #    whole:
  #      aggregate_key_auto_creation: true
  #      value_serializer: json
  #      excluded_id_key: id
  #      excluded_keys:
  #        - occurred_at
  #      events:
  #        - SensitiveUser\User\Domain\Event\AddressAdded
  #        - SensitiveUser\User\Domain\Event\UserRegistered

部分策略配置

阅读文档

broadway_sensitive_serializer:
  aggregate_master_key: 'm4$t3rS3kr3tk31' # Master key to encrypt the keys of aggregates. Get it from an external service or environment variable
  key_generator: open-ssl # For now is the only one generator implemented
  # To use the DBAL  implementation, install matiux/broadway-sensitive-serializer-dbal package with composer
  aggregate_keys: broadway_sensitive_serializer.aggregate_keys.dbal
  #aggregate_keys: broadway_sensitive_serializer.aggregate_keys.in_memory # Default implementation, of little use outside of testing
  data_manager:
    name: AES256 # For now, it is the only encryption strategy implemented
    key: null # Encryption key to sensitize data. If null you will need to pass the key at runtime. This is the convenient way, check out the examples and wiki on main library
    iv: null # Initialization vector. If null it will be generated internally and iv_encoding must be set to true. This is the convenient way, check out the examples and wiki on main library
    iv_encoding: true # Encrypt the iv and is appends to encrypted value. It makes sense to set it to true if the iv option is set to null. This is the convenient way, check out the examples and wiki on main library
    #--- Alternatively -----
    #data_manager:
    #  name: AES256
    #  parameters:
    #    AES256:
    #      key: null
    #      iv: null
    #      iv_encoding: true
  strategy:
    name: partial
    aggregate_key_auto_creation: true # Enable AggregateKey model auto creation. This is the convenient way, check out the examples and wiki on main library
    value_serializer: json # Strategy to serialize payload's values. Default json
    events: # List of events supported by the strategy
      - SensitiveUser\User\Domain\Event\AddressAdded:
        - address # List of keys to sensitize
      - SensitiveUser\User\Domain\Event\UserRegistered:
        - name
        - surname
  #--- Alternatively -----
  #strategy:
  #  name: partial
  #  parameters:
  #    partial:
  #      aggregate_key_auto_creation: true
  #      value_serializer: json
  #      events:
  #        - SensitiveUser\User\Domain\Event\AddressAdded:
  #           - address
  #        - SensitiveUser\User\Domain\Event\UserRegistered:
  #           - name
  #           - surname

自定义策略配置

阅读文档

broadway_sensitive_serializer:
  aggregate_master_key: 'm4$t3rS3kr3tk31' # Master key to encrypt the keys of aggregates. Get it from an external service or environment variable
  key_generator: open-ssl # For now is the only one generator implemented
  # To use the DBAL  implementation, install matiux/broadway-sensitive-serializer-dbal package with composer
  aggregate_keys: broadway_sensitive_serializer.aggregate_keys.dbal
  #aggregate_keys: broadway_sensitive_serializer.aggregate_keys.in_memory # Default implementation, of little use outside of testing
  data_manager:
    name: AES256 # For now, it is the only encryption strategy implemented
    key: null # Encryption key to sensitize data. If null you will need to pass the key at runtime. This is the convenient way, check out the examples and wiki on main library
    iv: null # Initialization vector. If null it will be generated internally and iv_encoding must be set to true. This is the convenient way, check out the examples and wiki on main library
    iv_encoding: true # Encrypt the iv and is appends to encrypted value. It makes sense to set it to true if the iv option is set to null. This is the convenient way, check out the examples and wiki on main library
    #--- Alternatively -----
    #data_manager:
    #  name: AES256
    #  parameters:
    #    AES256:
    #      key: null
    #      iv: null
    #      iv_encoding: true
  strategy:
    name: custom
    aggregate_key_auto_creation: true # Enable AggregateKey model auto creation. This is the convenient way, check out the examples and wiki on main library
    value_serializer: json # Strategy to serialize payload's values. Default json
  #--- Alternatively -----
  #strategy:
  #  name: custom
  #  parameters:
  #    custom:
  #      aggregate_key_auto_creation: true
  #      value_serializer: json