New class: SecurityData
Some secrets could be stored in a configuration file or in environment variables.
This allows to be compliant with http://12factor.net/config
How to use this class?
You can so define in the web server:
fastcgi_param CREDENTIAL_SECRET_ONE secret1value
fastcgi_param CREDENTIAL_SECRET_TWO secret2value
fastcgi_param CREDENTIAL_SECRET_THREE secret3value
Or you can instead:
fastcgi_param CREDENTIAL_PATH_DATASOURCES_SECURITYDATA /path/to/json/file;
This file must be a JSON object, each key the secret name:
{
"secret.one": "secret1value", "secret.two": "secret2value", "secret.three": "secret3value"
}
CREDENTIAL_ prefix and path.datasources.securitydata are customizable,
as they are class the constants ENV_PREFIX and SECRET_FILE.
Methods offered:
- getSecret recovers a secret;
- getSecretFromFile recovers a secret only from file;
- getSecretFromEnvironment recovers a secret only from env.
Helper methods offered:
- getSecretFromObject recovers a file from a PHP object;
- getSecretFilePath gets the path of the file containing secrets;
- getEnvironmentVariableName returns the name of the environment variable from the secret key.