diff --git a/composer.json b/composer.json index 0d8c2ca14..5ba197ea2 100644 --- a/composer.json +++ b/composer.json @@ -27,6 +27,9 @@ ], "Ecotone\\Amqp\\": "packages/Amqp/src", "Ecotone\\AnnotationFinder\\": "packages/Ecotone/src/AnnotationFinder/", + "Ecotone\\DataProtection\\": [ + "packages/DataProtection/src" + ], "Ecotone\\Dbal\\": [ "packages/Ecotone/src/Dbal/", "packages/Dbal/src" @@ -75,6 +78,9 @@ "Test\\Ecotone\\Amqp\\": [ "packages/Amqp/tests" ], + "Test\\Ecotone\\DataProtection\\": [ + "packages/DataProtection/tests" + ], "Test\\Ecotone\\Dbal\\": [ "packages/Dbal/tests" ], @@ -113,6 +119,7 @@ "php": "^8.2", "doctrine/dbal": "^3.9|^4.0", "doctrine/persistence": "^2.5|^3.4", + "defuse/php-encryption": "^2.4", "enqueue/amqp-lib": "^0.10.25", "enqueue/redis": "^0.10.9", "enqueue/sqs": "^0.10.15", diff --git a/docker-compose.yml b/docker-compose.yml index 52a5fe760..237f2e6b6 100644 --- a/docker-compose.yml +++ b/docker-compose.yml @@ -1,5 +1,3 @@ -version: "3.8" - services: app: image: simplycodedsoftware/php:8.4.7 diff --git a/packages/Amqp/src/AmqpBackedMessageChannelBuilder.php b/packages/Amqp/src/AmqpBackedMessageChannelBuilder.php index 6fafaf28d..ec7a392e7 100644 --- a/packages/Amqp/src/AmqpBackedMessageChannelBuilder.php +++ b/packages/Amqp/src/AmqpBackedMessageChannelBuilder.php @@ -59,14 +59,14 @@ private function getAmqpOutboundChannelAdapter(): AmqpOutboundChannelAdapterBuil */ public function withPublisherAcknowledgments(bool $enabled): self { - $this->getAmqpOutboundChannelAdapter()->withPublisherConfirms($enabled); + $this->outboundChannelAdapter->withPublisherConfirms($enabled); return $this; } public function withPublisherConfirms(bool $enabled): self { - $this->getAmqpOutboundChannelAdapter()->withPublisherConfirms($enabled); + $this->outboundChannelAdapter->withPublisherConfirms($enabled); return $this; } diff --git a/packages/DataProtection/.gitattributes b/packages/DataProtection/.gitattributes new file mode 100644 index 000000000..5699823c5 --- /dev/null +++ b/packages/DataProtection/.gitattributes @@ -0,0 +1,7 @@ +tests/ export-ignore +.coveralls.yml export-ignore +.gitattributes export-ignore +.gitignore export-ignore +behat.yaml export-ignore +phpstan.neon export-ignore +phpunit.xml export-ignore \ No newline at end of file diff --git a/packages/DataProtection/.github/FUNDING.yml b/packages/DataProtection/.github/FUNDING.yml new file mode 100644 index 000000000..c7eaae65e --- /dev/null +++ b/packages/DataProtection/.github/FUNDING.yml @@ -0,0 +1,12 @@ +# These are supported funding model platforms + +github: [dgafka] +patreon: # Replace with a single Open Collective username +open_collective: # Replace with a single Open Collective username +ko_fi: # Replace with a single Ko-fi username +tidelift: # Replace with a single Tidelift platform-name/package-name e.g., npm/babel +community_bridge: # Replace with a single Community Bridge project-name e.g., cloud-foundry +liberapay: # Replace with a single Liberapay username +issuehunt: # Replace with a single IssueHunt username +otechie: # Replace with a single Otechie username +custom: # Replace with up to 4 custom sponsorship URLs e.g., ['link1', 'link2'] diff --git a/packages/DataProtection/.github/ISSUE_TEMPLATE/bug_report.md b/packages/DataProtection/.github/ISSUE_TEMPLATE/bug_report.md new file mode 100644 index 000000000..2fc86f2cf --- /dev/null +++ b/packages/DataProtection/.github/ISSUE_TEMPLATE/bug_report.md @@ -0,0 +1,10 @@ +--- +name: This is Read-Only repository +about: Report at ecotoneframework/ecotone-dev +title: '' +labels: '' +assignees: '' + +--- + +Report issue at [ecotone-dev](ecotoneframework/ecotone-dev) \ No newline at end of file diff --git a/packages/DataProtection/.gitignore b/packages/DataProtection/.gitignore new file mode 100644 index 000000000..18c159d80 --- /dev/null +++ b/packages/DataProtection/.gitignore @@ -0,0 +1,9 @@ +.idea/ +vendor/ +bin/ +tests/coverage +!tests/coverage/.gitkeep +file +.phpunit.result.cache +composer.lock +phpunit.xml diff --git a/packages/DataProtection/LICENSE b/packages/DataProtection/LICENSE new file mode 100644 index 000000000..82205508a --- /dev/null +++ b/packages/DataProtection/LICENSE @@ -0,0 +1,21 @@ +Copyright (c) 2025 Dariusz Gafka + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR +IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, +FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE +AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER +LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, +OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN +THE SOFTWARE. + +**Scope of the License** + +Apache-2.0 Licence applies to non Enterprise Functionalities of the Ecotone Framework. +Functionalities of the Ecotone Framework referred to as Enterprise functionalities, are not covered under the Apache-2.0 license. These functionalities are provided under a separate Enterprise License. +For details on the Enterprise License, please refer to the [LICENSE-ENTERPRISE](./LICENSE-ENTERPRISE) file. \ No newline at end of file diff --git a/packages/DataProtection/LICENSE-ENTERPRISE b/packages/DataProtection/LICENSE-ENTERPRISE new file mode 100644 index 000000000..fad1a5a8d --- /dev/null +++ b/packages/DataProtection/LICENSE-ENTERPRISE @@ -0,0 +1,3 @@ +Copyright (c) 2025 Dariusz Gafka + +Licence is available at [ecotone.tech/documents/ecotone_enterprise_licence.pdf](https://ecotone.tech/documents/ecotone_enterprise_licence.pdf) \ No newline at end of file diff --git a/packages/DataProtection/README.md b/packages/DataProtection/README.md new file mode 100644 index 000000000..a46452a91 --- /dev/null +++ b/packages/DataProtection/README.md @@ -0,0 +1,63 @@ +# This is Read Only Repository +To contribute make use of [Ecotone-Dev repository](https://github.com/ecotoneframework/ecotone-dev). + +

+ +

+ +![Github Actions](https://github.com/ecotoneFramework/ecotone-dev/actions/workflows/split-testing.yml/badge.svg) +[![Latest Stable Version](https://poser.pugx.org/ecotone/ecotone/v/stable)](https://packagist.org/packages/ecotone/ecotone) +[![License](https://poser.pugx.org/ecotone/ecotone/license)](https://packagist.org/packages/ecotone/ecotone) +[![Total Downloads](https://img.shields.io/packagist/dt/ecotone/ecotone)](https://packagist.org/packages/ecotone/ecotone) +[![PHP Version Require](https://img.shields.io/packagist/dependency-v/ecotone/ecotone/php.svg)](https://packagist.org/packages/ecotone/ecotone) + +The roots of Object Oriented Programming (OOP) were mainly about communication using Messages and logic encapsulation. +`Ecotone` aims to return to the origins of OOP, by providing tools which allows us to fully move the focus from Objects to Flows, from Data storage to Application Design, from Technicalities to Business logic. +Ecotone does that by making Messages first class-citizen in our Applications. + +Thanks to being Message-Driven at the foundation level, Ecotone provides architecture which is resilient and scalable by default, making it possible for Developers to focus on business problems instead of technical concerns. +Together with declarative configuration and higher level building blocks, it makes the system design explicit, easy to follow and change no matter of Developers experience. + +Visit main page [ecotone.tech](https://ecotone.tech) to learn more. + +> Ecotone can be used with [Symfony](https://docs.ecotone.tech/modules/symfony-ddd-cqrs-event-sourcing) and [Laravel](https://docs.ecotone.tech/modules/laravel-ddd-cqrs-event-sourcing) frameworks, or any other framework using [Ecotone Lite](https://docs.ecotone.tech/install-php-service-bus#install-ecotone-lite-no-framework). +> +## Getting started + +The quickstart [page](https://docs.ecotone.tech/quick-start) of the +[reference guide](https://docs.ecotone.tech) provides a starting point for using Ecotone. +Read more on the [Ecotone's Blog](https://blog.ecotone.tech). + +## AI-Friendly Documentation + +Ecotone provides AI-optimized documentation for use with AI assistants and code editors: + +- **MCP Server**: `https://docs.ecotone.tech/~gitbook/mcp` - [Install in VSCode](vscode:mcp/install?%7B%22name%22%3A%22Ecotone%22%2C%22url%22%3A%22https%3A%2F%2Fdocs.ecotone.tech%2F~gitbook%2Fmcp%22%7D) +- **LLMs.txt**: [ecotone.tech/llms.txt](https://ecotone.tech/llms.txt) +- **Context7**: Available via [@upstash/context7-mcp](https://github.com/upstash/context7) + +Learn more: [AI Integration Guide](https://docs.ecotone.tech/other/ai-integration) + +## Feature requests and issue reporting + +Use [issue tracking system](https://github.com/ecotoneframework/ecotone-dev/issues) for new feature request and bugs. +Please verify that it's not already reported by someone else. + +## Contact + +If you want to talk or ask questions about Ecotone + +- [**Twitter**](https://twitter.com/EcotonePHP) +- **support@simplycodedsoftware.com** +- [**Community Channel**](https://discord.gg/GwM2BSuXeg) + +## Support Ecotone + +If you want to help building and improving Ecotone consider becoming a sponsor: + +- [Sponsor Ecotone](https://github.com/sponsors/dgafka) +- [Contribute to Ecotone](https://github.com/ecotoneframework/ecotone-dev). + +## Tags + +PHP, DDD, CQRS, Event Sourcing, Symfony, Laravel, Service Bus, Event Driven Architecture, SOA, Events, Commands diff --git a/packages/DataProtection/composer.json b/packages/DataProtection/composer.json new file mode 100644 index 000000000..3eaf70f64 --- /dev/null +++ b/packages/DataProtection/composer.json @@ -0,0 +1,81 @@ +{ + "name": "ecotone/data-protection", + "license": [ + "Apache-2.0", + "proprietary" + ], + "homepage": "https://docs.ecotone.tech/", + "forum": "https://discord.gg/GwM2BSuXeg", + "type": "library", + "minimum-stability": "dev", + "prefer-stable": true, + "authors": [ + { + "name": "Dariusz Gafka", + "email": "support@simplycodedsoftware.com" + } + ], + "keywords": ["ecotone", "Encryption", "OpenSSL", "Data Protection", "Data Obfuscation"], + "description": "Extends Ecotone with Data Protection features allowing to obfuscate messages with sensitive data.", + "autoload": { + "psr-4": { + "Ecotone\\DataProtection\\": "src" + } + }, + "autoload-dev": { + "psr-4": { + "Test\\Ecotone\\DataProtection\\": [ + "tests" + ] + } + }, + "require": { + "ext-openssl": "*", + "ecotone/ecotone": "~1.298.0", + "ecotone/jms-converter": "~1.298.0", + "defuse/php-encryption": "^2.4" + }, + "require-dev": { + "phpunit/phpunit": "^9.5|^10.5|^11.0", + "phpstan/phpstan": "^1.8", + "psr/container": "^2.0", + "wikimedia/composer-merge-plugin": "^2.1" + }, + "scripts": { + "tests:phpstan": "vendor/bin/phpstan", + "tests:phpunit": "vendor/bin/phpunit --no-coverage --testdox", + "tests:ci": [ + "@tests:phpstan", + "@tests:phpunit" + ] + }, + "extra": { + "branch-alias": { + "dev-main": "1.298.0-dev" + }, + "ecotone": { + "repository": "data-protection" + }, + "merge-plugin": { + "include": [ + "../local_packages.json" + ] + }, + "license-info": { + "Apache-2.0": { + "name": "Apache License 2.0", + "url": "https://github.com/ecotoneframework/ecotone-dev/blob/main/LICENSE", + "description": "Allows to use non Enterprise features of Ecotone. For more information please write to support@simplycodedsoftware.com" + }, + "proprietary": { + "name": "Enterprise License", + "description": "Allows to use Enterprise features of Ecotone. For more information please write to support@simplycodedsoftware.com" + } + } + }, + "config": { + "allow-plugins": { + "wikimedia/composer-merge-plugin": true + } + } +} diff --git a/packages/DataProtection/phpstan.neon b/packages/DataProtection/phpstan.neon new file mode 100644 index 000000000..672e0fa1f --- /dev/null +++ b/packages/DataProtection/phpstan.neon @@ -0,0 +1,4 @@ +parameters: + level: 1 + paths: + - src \ No newline at end of file diff --git a/packages/DataProtection/phpunit.xml.dist b/packages/DataProtection/phpunit.xml.dist new file mode 100644 index 000000000..fc3ebe4f7 --- /dev/null +++ b/packages/DataProtection/phpunit.xml.dist @@ -0,0 +1,20 @@ + + + + + ./src + + + + + + + + tests + + + diff --git a/packages/DataProtection/src/Attribute/Sensitive.php b/packages/DataProtection/src/Attribute/Sensitive.php new file mode 100644 index 000000000..93c0596de --- /dev/null +++ b/packages/DataProtection/src/Attribute/Sensitive.php @@ -0,0 +1,13 @@ +encryptionKey; + } +} diff --git a/packages/DataProtection/src/Attribute/WithSensitiveHeader.php b/packages/DataProtection/src/Attribute/WithSensitiveHeader.php new file mode 100644 index 000000000..a1807edd9 --- /dev/null +++ b/packages/DataProtection/src/Attribute/WithSensitiveHeader.php @@ -0,0 +1,16 @@ +channelName; + } + + public function obfuscatorConfig(): ObfuscatorConfig + { + return new ObfuscatorConfig($this->encryptionKey, $this->isPayloadSensitive, $this->sensitiveHeaders); + } + + public function withSensitivePayload(bool $isPayloadSensitive): self + { + $config = clone $this; + $config->isPayloadSensitive = $isPayloadSensitive; + + return $config; + } + + public function withSensitiveHeader(string $sensitiveHeader): self + { + $config = clone $this; + $config->sensitiveHeaders[] = $sensitiveHeader; + + return $config; + } +} diff --git a/packages/DataProtection/src/Configuration/DataProtectionConfiguration.php b/packages/DataProtection/src/Configuration/DataProtectionConfiguration.php new file mode 100644 index 000000000..4b0c8286c --- /dev/null +++ b/packages/DataProtection/src/Configuration/DataProtectionConfiguration.php @@ -0,0 +1,48 @@ + $keys + */ + private function __construct(private array $keys, private string $defaultKey) + { + } + + public static function create(string $name, Key $key): self + { + return new self(keys: [$name => $key], defaultKey: $name); + } + + public function withKey(string $name, Key $key, bool $asDefault = false): self + { + Assert::keyNotExists($this->keys, $name, sprintf('Encryption key name `%s` already exists', $name)); + + $config = clone $this; + $config->keys[$name] = $key; + + if ($asDefault) { + $config->defaultKey = $name; + } + + return $config; + } + + public function keyName(?string $name): string + { + return array_key_exists($name, $this->keys) ? $name : $this->defaultKey; + } + + public function keys(): array + { + return $this->keys; + } +} diff --git a/packages/DataProtection/src/Configuration/DataProtectionModule.php b/packages/DataProtection/src/Configuration/DataProtectionModule.php new file mode 100644 index 000000000..32ed18673 --- /dev/null +++ b/packages/DataProtection/src/Configuration/DataProtectionModule.php @@ -0,0 +1,214 @@ + $obfuscatorConfigs + */ + public function __construct(private array $obfuscatorConfigs) + { + } + + public static function create(AnnotationFinder $annotationRegistrationService, InterfaceToCallRegistry $interfaceToCallRegistry): static + { + $obfuscatorConfigs = self::resolveObfuscatorConfigsFromAnnotatedClasses($annotationRegistrationService->findAnnotatedClasses(Sensitive::class), [], $interfaceToCallRegistry); + $obfuscatorConfigs = self::resolveObfuscatorConfigsFromAnnotatedMethods($annotationRegistrationService->findAnnotatedMethods(CommandHandler::class), $obfuscatorConfigs, $interfaceToCallRegistry); + $obfuscatorConfigs = self::resolveObfuscatorConfigsFromAnnotatedMethods($annotationRegistrationService->findAnnotatedMethods(EventHandler::class), $obfuscatorConfigs, $interfaceToCallRegistry); + + return new self($obfuscatorConfigs); + } + + public function prepare(Configuration $messagingConfiguration, array $extensionObjects, ModuleReferenceSearchService $moduleReferenceSearchService, InterfaceToCallRegistry $interfaceToCallRegistry): void + { + if (! ExtensionObjectResolver::contains(DataProtectionConfiguration::class, $extensionObjects)) { + return; + } + + $this->verifyLicense($messagingConfiguration, $extensionObjects); + + Assert::isTrue(ExtensionObjectResolver::contains(JMSConverterConfiguration::class, $extensionObjects), sprintf('%s package require %s package to be enabled. Did you forget to define %s?', ModulePackageList::DATA_PROTECTION_PACKAGE, ModulePackageList::JMS_CONVERTER_PACKAGE, JMSConverterConfiguration::class)); + + $dataProtectionConfiguration = ExtensionObjectResolver::resolveUnique(DataProtectionConfiguration::class, $extensionObjects, new stdClass()); + $channelProtectionConfigurations = ExtensionObjectResolver::resolve(ChannelProtectionConfiguration::class, $extensionObjects); + + foreach ($dataProtectionConfiguration->keys() as $encryptionKeyName => $key) { + $messagingConfiguration->registerServiceDefinition( + id: sprintf('ecotone.encryption.key.%s', $encryptionKeyName), + definition: new Definition( + Key::class, + [$key->saveToAsciiSafeString()], + 'loadFromAsciiSafeString' + ) + ); + } + + $channelObfuscatorReferences = $messageObfuscatorReferences = []; + foreach ($channelProtectionConfigurations as $channelProtectionConfiguration) { + Assert::isTrue($messagingConfiguration->isPollableChannel($channelProtectionConfiguration->channelName()), sprintf('`%s` channel must be pollable channel to use Data Protection.', $channelProtectionConfiguration->channelName())); + + $obfuscatorConfig = $channelProtectionConfiguration->obfuscatorConfig(); + $messagingConfiguration->registerServiceDefinition( + id: $id = sprintf('ecotone.encryption.obfuscator.%s', $channelProtectionConfiguration->channelName()), + definition: new Definition( + Obfuscator::class, + [ + Reference::to(sprintf('ecotone.encryption.key.%s', $obfuscatorConfig->encryptionKeyName($dataProtectionConfiguration))), + $obfuscatorConfig->isPayloadSensitive, + $obfuscatorConfig->sensitiveHeaders, + ], + ) + ); + + $channelObfuscatorReferences[$channelProtectionConfiguration->channelName()] = Reference::to($id); + } + + foreach ($this->obfuscatorConfigs as $messageClass => $obfuscatorConfig) { + $messagingConfiguration->registerServiceDefinition( + id: $id = sprintf('ecotone.encryption.obfuscator.%s', $messageClass), + definition: new Definition( + Obfuscator::class, + [ + Reference::to(sprintf('ecotone.encryption.key.%s', $obfuscatorConfig->encryptionKeyName($dataProtectionConfiguration))), + $obfuscatorConfig->isPayloadSensitive, + $obfuscatorConfig->sensitiveHeaders, + ], + ) + ); + $messageObfuscatorReferences[$messageClass] = Reference::to($id); + } + + foreach (ExtensionObjectResolver::resolve(MessageChannelWithSerializationBuilder::class, $extensionObjects) as $pollableMessageChannel) { + if (! $pollableMessageChannel->isPollable()) { + continue; + } + + $messagingConfiguration->registerChannelInterceptor( + new OutboundEncryptionChannelBuilder( + relatedChannel: $pollableMessageChannel->getMessageChannelName(), + channelObfuscatorReference: $channelObfuscatorReferences[$pollableMessageChannel->getMessageChannelName()] ?? null, + messageObfuscatorReferences: $messageObfuscatorReferences, + ) + ); + $messagingConfiguration->registerChannelInterceptor( + new OutboundDecryptionChannelBuilder( + relatedChannel: $pollableMessageChannel->getMessageChannelName(), + channelObfuscatorReference: $channelObfuscatorReferences[$pollableMessageChannel->getMessageChannelName()] ?? null, + messageObfuscatorReferences: $messageObfuscatorReferences, + ) + ); + } + } + + public function canHandle($extensionObject): bool + { + return + $extensionObject instanceof DataProtectionConfiguration + || $extensionObject instanceof ChannelProtectionConfiguration + || $extensionObject instanceof JMSConverterConfiguration + || ($extensionObject instanceof MessageChannelWithSerializationBuilder && $extensionObject->isPollable()) + ; + } + + public function getModulePackageName(): string + { + return ModulePackageList::DATA_PROTECTION_PACKAGE; + } + + private static function resolveObfuscatorConfigsFromAnnotatedClasses(array $sensitiveMessages, array $obfuscatorConfigs, InterfaceToCallRegistry $interfaceToCallRegistry): array + { + foreach ($sensitiveMessages as $message) { + $classDefinition = $interfaceToCallRegistry->getClassDefinitionFor(Type::create($message)); + $encryptionKey = $classDefinition->findSingleClassAnnotation(Type::create(WithEncryptionKey::class))?->encryptionKey(); + $sensitiveHeaders = array_map(static fn (WithSensitiveHeader $annotation) => $annotation->header, $classDefinition->getClassAnnotations(Type::create(WithSensitiveHeader::class)) ?? []); + + $obfuscatorConfigs[$message] = new ObfuscatorConfig(encryptionKey: $encryptionKey, isPayloadSensitive: true, sensitiveHeaders: $sensitiveHeaders); + } + + return $obfuscatorConfigs; + } + + private static function resolveObfuscatorConfigsFromAnnotatedMethods(array $annotatedMethods, array $obfuscatorConfigs, InterfaceToCallRegistry $interfaceToCallRegistry): array + { + /** @var AnnotatedMethod $method */ + foreach ($annotatedMethods as $method) { + $methodDefinition = $interfaceToCallRegistry->getFor($method->getClassName(), $method->getMethodName()); + $payload = $methodDefinition->getFirstParameter(); + + if ( + $payload->hasAnnotation(Header::class) + || $payload->hasAnnotation(Headers::class) + || $payload->hasAnnotation(Reference::class) + || array_key_exists($payload->getTypeHint(), $obfuscatorConfigs) + ) { + continue; + } + + $isPayloadSensitive = $payload->hasAnnotation(Sensitive::class) || $methodDefinition->hasAnnotation(Sensitive::class); + if (! $isPayloadSensitive) { + continue; + } + + $encryptionKey = $payload->findSingleAnnotation(Type::create(WithEncryptionKey::class))?->encryptionKey(); + if ($encryptionKey === null) { + $encryptionKey = $methodDefinition->findSingleMethodAnnotation(Type::create(WithEncryptionKey::class))?->encryptionKey(); + } + $sensitiveHeaders = array_map(static fn (WithSensitiveHeader $annotation) => $annotation->header, $methodDefinition->getMethodAnnotationsOf(Type::create(WithSensitiveHeader::class)) ?? []); + + foreach ($methodDefinition->getInterfaceParameters() as $parameter) { + if ($parameter->hasAnnotation(Header::class) && $parameter->hasAnnotation(Sensitive::class)) { + $sensitiveHeaders[] = $parameter->getName(); + } + } + + $obfuscatorConfigs[$payload->getTypeHint()] = new ObfuscatorConfig($encryptionKey, $isPayloadSensitive, $sensitiveHeaders); + } + + return $obfuscatorConfigs; + } + + private function verifyLicense(Configuration $messagingConfiguration, array $extensionObjects): void + { + if ($messagingConfiguration->isRunningForEnterpriseLicence()) { + return; + } + + throw LicensingException::create('Data Protection module is available only with Ecotone Enterprise Licence.'); + } +} diff --git a/packages/DataProtection/src/Configuration/ObfuscatorConfig.php b/packages/DataProtection/src/Configuration/ObfuscatorConfig.php new file mode 100644 index 000000000..5a12848dd --- /dev/null +++ b/packages/DataProtection/src/Configuration/ObfuscatorConfig.php @@ -0,0 +1,27 @@ + $sensitiveHeaders + */ + public function __construct( + public ?string $encryptionKey, + public bool $isPayloadSensitive, + public array $sensitiveHeaders, + ) { + Assert::allStrings($this->sensitiveHeaders, 'Sensitive Headers should be array of strings'); + } + + public function encryptionKeyName(DataProtectionConfiguration $dataProtectionConfiguration): string + { + return $dataProtectionConfiguration->keyName($this->encryptionKey); + } +} diff --git a/packages/DataProtection/src/Obfuscator/Obfuscator.php b/packages/DataProtection/src/Obfuscator/Obfuscator.php new file mode 100644 index 000000000..123938d08 --- /dev/null +++ b/packages/DataProtection/src/Obfuscator/Obfuscator.php @@ -0,0 +1,64 @@ +sensitiveHeaders, 'Sensitive headers should be array of strings'); + } + + public function encrypt(Message $message): Message + { + $payload = $message->getPayload(); + + if ($this->isPayloadSensitive) { + $payload = base64_encode(Crypto::encrypt($payload, $this->encryptionKey)); + } + + $headers = $message->getHeaders()->headers(); + foreach ($this->sensitiveHeaders as $sensitiveHeader) { + if (array_key_exists($sensitiveHeader, $headers)) { + $headers[$sensitiveHeader] = base64_encode(Crypto::encrypt($headers[$sensitiveHeader], $this->encryptionKey)); + } + } + + return MessageBuilder::withPayload($payload) + ->setMultipleHeaders($headers) + ->build() + ; + } + + public function decrypt(Message $message): Message + { + $payload = $message->getPayload(); + if ($this->isPayloadSensitive) { + $payload = Crypto::decrypt(base64_decode($payload), $this->encryptionKey); + } + + $headers = $message->getHeaders()->headers(); + foreach ($this->sensitiveHeaders as $sensitiveHeader) { + if (array_key_exists($sensitiveHeader, $headers)) { + $headers[$sensitiveHeader] = Crypto::decrypt(base64_decode($headers[$sensitiveHeader]), $this->encryptionKey); + } + } + + return MessageBuilder::withPayload($payload) + ->setMultipleHeaders($headers) + ->build() + ; + } +} diff --git a/packages/DataProtection/src/OutboundDecryptionChannelBuilder.php b/packages/DataProtection/src/OutboundDecryptionChannelBuilder.php new file mode 100644 index 000000000..e828db934 --- /dev/null +++ b/packages/DataProtection/src/OutboundDecryptionChannelBuilder.php @@ -0,0 +1,44 @@ +relatedChannel; + } + + public function getPrecedence(): int + { + return PrecedenceChannelInterceptor::MESSAGE_SERIALIZATION + 1; + } + + public function compile(MessagingContainerBuilder $builder): Definition + { + return new Definition( + OutboundDecryptionChannelInterceptor::class, + [ + $this->channelObfuscatorReference, + $this->messageObfuscatorReferences, + ] + ); + } +} diff --git a/packages/DataProtection/src/OutboundDecryptionChannelInterceptor.php b/packages/DataProtection/src/OutboundDecryptionChannelInterceptor.php new file mode 100644 index 000000000..de526e65b --- /dev/null +++ b/packages/DataProtection/src/OutboundDecryptionChannelInterceptor.php @@ -0,0 +1,55 @@ + $messageObfuscators + */ + public function __construct( + private readonly ?Obfuscator $channelObfuscator, + private readonly array $messageObfuscators, + ) { + Assert::allInstanceOfType($this->messageObfuscators, Obfuscator::class); + } + + public function postReceive(Message $message, MessageChannel $messageChannel): ?Message + { + if (! $message->getHeaders()->getContentType()?->isCompatibleWith(MediaType::createApplicationJson())) { + return $message; + } + + if ($messageObfuscator = $this->findMessageObfuscator($message)) { + return $messageObfuscator->decrypt($message); + } + + if ($this->channelObfuscator) { + return $this->channelObfuscator->decrypt($message); + } + + return $message; + } + + private function findMessageObfuscator(Message $message): ?Obfuscator + { + if (! $message->getHeaders()->containsKey(MessageHeaders::TYPE_ID)) { + return null; + } + + $type = $message->getHeaders()->get(MessageHeaders::TYPE_ID); + + return $this->messageObfuscators[$type] ?? null; + } +} diff --git a/packages/DataProtection/src/OutboundEncryptionChannelBuilder.php b/packages/DataProtection/src/OutboundEncryptionChannelBuilder.php new file mode 100644 index 000000000..d7217e623 --- /dev/null +++ b/packages/DataProtection/src/OutboundEncryptionChannelBuilder.php @@ -0,0 +1,43 @@ +relatedChannel; + } + + public function getPrecedence(): int + { + return PrecedenceChannelInterceptor::MESSAGE_SERIALIZATION - 1; + } + + public function compile(MessagingContainerBuilder $builder): Definition + { + return new Definition( + OutboundEncryptionChannelInterceptor::class, + [ + $this->channelObfuscatorReference, + $this->messageObfuscatorReferences, + ] + ); + } +} diff --git a/packages/DataProtection/src/OutboundEncryptionChannelInterceptor.php b/packages/DataProtection/src/OutboundEncryptionChannelInterceptor.php new file mode 100644 index 000000000..22b8e6d1e --- /dev/null +++ b/packages/DataProtection/src/OutboundEncryptionChannelInterceptor.php @@ -0,0 +1,55 @@ + $messageObfuscators + */ + public function __construct( + private readonly ?Obfuscator $channelObfuscator, + private readonly array $messageObfuscators, + ) { + Assert::allInstanceOfType($this->messageObfuscators, Obfuscator::class); + } + + public function preSend(Message $message, MessageChannel $messageChannel): ?Message + { + if (! $message->getHeaders()->getContentType()?->isCompatibleWith(MediaType::createApplicationJson())) { + return $message; + } + + if ($messageObfuscator = $this->findMessageObfuscator($message)) { + return $messageObfuscator->encrypt($message); + } + + if ($this->channelObfuscator) { + return $this->channelObfuscator->encrypt($message); + } + + return $message; + } + + private function findMessageObfuscator(Message $message): ?Obfuscator + { + if (! $message->getHeaders()->containsKey(MessageHeaders::TYPE_ID)) { + return null; + } + + $type = $message->getHeaders()->get(MessageHeaders::TYPE_ID); + + return $this->messageObfuscators[$type] ?? null; + } +} diff --git a/packages/DataProtection/tests/Fixture/AnnotatedMessage.php b/packages/DataProtection/tests/Fixture/AnnotatedMessage.php new file mode 100644 index 000000000..6dc0962b4 --- /dev/null +++ b/packages/DataProtection/tests/Fixture/AnnotatedMessage.php @@ -0,0 +1,16 @@ +receivedMessage = $message; + $this->receivedHeaders = $headers; + } + + public function receivedMessage(): ?object + { + return $this->receivedMessage; + } + + public function receivedHeaders(): array + { + return $this->receivedHeaders; + } +} diff --git a/packages/DataProtection/tests/Fixture/ObfuscateChannel/TestCommandHandler.php b/packages/DataProtection/tests/Fixture/ObfuscateChannel/TestCommandHandler.php new file mode 100644 index 000000000..adaaedd39 --- /dev/null +++ b/packages/DataProtection/tests/Fixture/ObfuscateChannel/TestCommandHandler.php @@ -0,0 +1,31 @@ +withReceived($message, $headers); + } + + #[CommandHandler(routingKey: 'command', endpointId: 'test.ObfuscateChannel.commandHandler.withoutPayload')] + public function withoutPayload( + #[Headers] array $headers, + #[Reference] MessageReceiver $messageReceiver, + ): void { + $messageReceiver->withReceived(null, $headers); + } +} diff --git a/packages/DataProtection/tests/Fixture/ObfuscateChannel/TestEventHandler.php b/packages/DataProtection/tests/Fixture/ObfuscateChannel/TestEventHandler.php new file mode 100644 index 000000000..6c735c240 --- /dev/null +++ b/packages/DataProtection/tests/Fixture/ObfuscateChannel/TestEventHandler.php @@ -0,0 +1,31 @@ +withReceived($message, $headers); + } + + #[EventHandler(listenTo: 'event', endpointId: 'test.ObfuscateChannel.eventHandler.withoutPayload')] + public function handleRoutingKey( + #[Headers] array $headers, + #[Reference] MessageReceiver $messageReceiver, + ): void { + $messageReceiver->withReceived(null, $headers); + } +} diff --git a/packages/DataProtection/tests/Fixture/ObfuscateEndpoints/CommandHandlerCalledWithRoutingKey.php b/packages/DataProtection/tests/Fixture/ObfuscateEndpoints/CommandHandlerCalledWithRoutingKey.php new file mode 100644 index 000000000..5dbc61b3a --- /dev/null +++ b/packages/DataProtection/tests/Fixture/ObfuscateEndpoints/CommandHandlerCalledWithRoutingKey.php @@ -0,0 +1,25 @@ +withReceived(null, $headers); + } +} diff --git a/packages/DataProtection/tests/Fixture/ObfuscateEndpoints/CommandHandlerWithAnnotatedEndpoint.php b/packages/DataProtection/tests/Fixture/ObfuscateEndpoints/CommandHandlerWithAnnotatedEndpoint.php new file mode 100644 index 000000000..e22ad7429 --- /dev/null +++ b/packages/DataProtection/tests/Fixture/ObfuscateEndpoints/CommandHandlerWithAnnotatedEndpoint.php @@ -0,0 +1,29 @@ +withReceived($message, $headers); + } +} diff --git a/packages/DataProtection/tests/Fixture/ObfuscateEndpoints/CommandHandlerWithAnnotatedEndpointWithAlreadyAnnotatedMessage.php b/packages/DataProtection/tests/Fixture/ObfuscateEndpoints/CommandHandlerWithAnnotatedEndpointWithAlreadyAnnotatedMessage.php new file mode 100644 index 000000000..e09c759d6 --- /dev/null +++ b/packages/DataProtection/tests/Fixture/ObfuscateEndpoints/CommandHandlerWithAnnotatedEndpointWithAlreadyAnnotatedMessage.php @@ -0,0 +1,31 @@ +withReceived($message, $headers); + } +} diff --git a/packages/DataProtection/tests/Fixture/ObfuscateEndpoints/CommandHandlerWithAnnotatedEndpointWithSecondaryEncryptionKey.php b/packages/DataProtection/tests/Fixture/ObfuscateEndpoints/CommandHandlerWithAnnotatedEndpointWithSecondaryEncryptionKey.php new file mode 100644 index 000000000..f382eff34 --- /dev/null +++ b/packages/DataProtection/tests/Fixture/ObfuscateEndpoints/CommandHandlerWithAnnotatedEndpointWithSecondaryEncryptionKey.php @@ -0,0 +1,30 @@ +withReceived($message, $headers); + } +} diff --git a/packages/DataProtection/tests/Fixture/ObfuscateEndpoints/CommandHandlerWithAnnotatedMethodWithoutPayload.php b/packages/DataProtection/tests/Fixture/ObfuscateEndpoints/CommandHandlerWithAnnotatedMethodWithoutPayload.php new file mode 100644 index 000000000..e43565a06 --- /dev/null +++ b/packages/DataProtection/tests/Fixture/ObfuscateEndpoints/CommandHandlerWithAnnotatedMethodWithoutPayload.php @@ -0,0 +1,27 @@ +withReceived(null, $headers); + } +} diff --git a/packages/DataProtection/tests/Fixture/ObfuscateEndpoints/CommandHandlerWithAnnotatedPayload.php b/packages/DataProtection/tests/Fixture/ObfuscateEndpoints/CommandHandlerWithAnnotatedPayload.php new file mode 100644 index 000000000..d3e9f4660 --- /dev/null +++ b/packages/DataProtection/tests/Fixture/ObfuscateEndpoints/CommandHandlerWithAnnotatedPayload.php @@ -0,0 +1,28 @@ +withReceived($message, $headers); + } +} diff --git a/packages/DataProtection/tests/Fixture/ObfuscateEndpoints/CommandHandlerWithAnnotatedPayloadAndHeader.php b/packages/DataProtection/tests/Fixture/ObfuscateEndpoints/CommandHandlerWithAnnotatedPayloadAndHeader.php new file mode 100644 index 000000000..5e10b496e --- /dev/null +++ b/packages/DataProtection/tests/Fixture/ObfuscateEndpoints/CommandHandlerWithAnnotatedPayloadAndHeader.php @@ -0,0 +1,28 @@ +withReceived($message, ['foo' => $foo, 'bar' => $bar]); + } +} diff --git a/packages/DataProtection/tests/Fixture/ObfuscateEndpoints/CommandHandlerWithAnnotatedPayloadWithSecondaryEncryptionKey.php b/packages/DataProtection/tests/Fixture/ObfuscateEndpoints/CommandHandlerWithAnnotatedPayloadWithSecondaryEncryptionKey.php new file mode 100644 index 000000000..7727af39c --- /dev/null +++ b/packages/DataProtection/tests/Fixture/ObfuscateEndpoints/CommandHandlerWithAnnotatedPayloadWithSecondaryEncryptionKey.php @@ -0,0 +1,29 @@ +withReceived($message, $headers); + } +} diff --git a/packages/DataProtection/tests/Fixture/ObfuscateEndpoints/EventHandlerCalledWithRoutingKey.php b/packages/DataProtection/tests/Fixture/ObfuscateEndpoints/EventHandlerCalledWithRoutingKey.php new file mode 100644 index 000000000..84291a1e3 --- /dev/null +++ b/packages/DataProtection/tests/Fixture/ObfuscateEndpoints/EventHandlerCalledWithRoutingKey.php @@ -0,0 +1,25 @@ +withReceived(null, $headers); + } +} diff --git a/packages/DataProtection/tests/Fixture/ObfuscateEndpoints/EventHandlerWithAnnotatedEndpoint.php b/packages/DataProtection/tests/Fixture/ObfuscateEndpoints/EventHandlerWithAnnotatedEndpoint.php new file mode 100644 index 000000000..a994e5df0 --- /dev/null +++ b/packages/DataProtection/tests/Fixture/ObfuscateEndpoints/EventHandlerWithAnnotatedEndpoint.php @@ -0,0 +1,29 @@ +withReceived($message, $headers); + } +} diff --git a/packages/DataProtection/tests/Fixture/ObfuscateEndpoints/EventHandlerWithAnnotatedEndpointWithAlreadyAnnotatedMessage.php b/packages/DataProtection/tests/Fixture/ObfuscateEndpoints/EventHandlerWithAnnotatedEndpointWithAlreadyAnnotatedMessage.php new file mode 100644 index 000000000..f0ef48803 --- /dev/null +++ b/packages/DataProtection/tests/Fixture/ObfuscateEndpoints/EventHandlerWithAnnotatedEndpointWithAlreadyAnnotatedMessage.php @@ -0,0 +1,31 @@ +withReceived($message, $headers); + } +} diff --git a/packages/DataProtection/tests/Fixture/ObfuscateEndpoints/EventHandlerWithAnnotatedEndpointWithSecondaryEncryptionKey.php b/packages/DataProtection/tests/Fixture/ObfuscateEndpoints/EventHandlerWithAnnotatedEndpointWithSecondaryEncryptionKey.php new file mode 100644 index 000000000..daa20b722 --- /dev/null +++ b/packages/DataProtection/tests/Fixture/ObfuscateEndpoints/EventHandlerWithAnnotatedEndpointWithSecondaryEncryptionKey.php @@ -0,0 +1,30 @@ +withReceived($message, $headers); + } +} diff --git a/packages/DataProtection/tests/Fixture/ObfuscateEndpoints/EventHandlerWithAnnotatedMethodWithoutPayload.php b/packages/DataProtection/tests/Fixture/ObfuscateEndpoints/EventHandlerWithAnnotatedMethodWithoutPayload.php new file mode 100644 index 000000000..58a213433 --- /dev/null +++ b/packages/DataProtection/tests/Fixture/ObfuscateEndpoints/EventHandlerWithAnnotatedMethodWithoutPayload.php @@ -0,0 +1,27 @@ +withReceived(null, $headers); + } +} diff --git a/packages/DataProtection/tests/Fixture/ObfuscateEndpoints/EventHandlerWithAnnotatedPayload.php b/packages/DataProtection/tests/Fixture/ObfuscateEndpoints/EventHandlerWithAnnotatedPayload.php new file mode 100644 index 000000000..f6feabe91 --- /dev/null +++ b/packages/DataProtection/tests/Fixture/ObfuscateEndpoints/EventHandlerWithAnnotatedPayload.php @@ -0,0 +1,28 @@ +withReceived($message, $headers); + } +} diff --git a/packages/DataProtection/tests/Fixture/ObfuscateEndpoints/EventHandlerWithAnnotatedPayloadAndHeader.php b/packages/DataProtection/tests/Fixture/ObfuscateEndpoints/EventHandlerWithAnnotatedPayloadAndHeader.php new file mode 100644 index 000000000..ab1b8120d --- /dev/null +++ b/packages/DataProtection/tests/Fixture/ObfuscateEndpoints/EventHandlerWithAnnotatedPayloadAndHeader.php @@ -0,0 +1,29 @@ +withReceived($message, ['foo' => $foo, 'bar' => $bar]); + } +} diff --git a/packages/DataProtection/tests/Fixture/ObfuscateEndpoints/EventHandlerWithAnnotatedPayloadWithSecondaryEncryptionKey.php b/packages/DataProtection/tests/Fixture/ObfuscateEndpoints/EventHandlerWithAnnotatedPayloadWithSecondaryEncryptionKey.php new file mode 100644 index 000000000..aace17a23 --- /dev/null +++ b/packages/DataProtection/tests/Fixture/ObfuscateEndpoints/EventHandlerWithAnnotatedPayloadWithSecondaryEncryptionKey.php @@ -0,0 +1,29 @@ +withReceived($message, $headers); + } +} diff --git a/packages/DataProtection/tests/Fixture/ObfuscateMessages/TestCommandHandler.php b/packages/DataProtection/tests/Fixture/ObfuscateMessages/TestCommandHandler.php new file mode 100644 index 000000000..872ce0870 --- /dev/null +++ b/packages/DataProtection/tests/Fixture/ObfuscateMessages/TestCommandHandler.php @@ -0,0 +1,44 @@ +withReceived($message, $headers); + } + + #[CommandHandler(endpointId: 'test.obfuscateAnnotatedMessages.commandHandler.AnnotatedMessageWithSecondaryEncryptionKey')] + public function handleAnnotatedMessageWithSecondaryEncryptionKey( + #[Payload] AnnotatedMessageWithSecondaryEncryptionKey $message, + #[Headers] array $headers, + #[Reference] MessageReceiver $messageReceiver, + ): void { + $messageReceiver->withReceived($message, $headers); + } + + #[CommandHandler(endpointId: 'test.obfuscateAnnotatedMessages.commandHandler.AnnotatedMessageWithSensitiveHeaders')] + public function handleAnnotatedMessageWithSensitiveHeaders( + #[Payload] AnnotatedMessageWithSensitiveHeaders $message, + #[Headers] array $headers, + #[Reference] MessageReceiver $messageReceiver, + ): void { + $messageReceiver->withReceived($message, $headers); + } +} diff --git a/packages/DataProtection/tests/Fixture/ObfuscateMessages/TestEventHandler.php b/packages/DataProtection/tests/Fixture/ObfuscateMessages/TestEventHandler.php new file mode 100644 index 000000000..4fbca01e0 --- /dev/null +++ b/packages/DataProtection/tests/Fixture/ObfuscateMessages/TestEventHandler.php @@ -0,0 +1,44 @@ +withReceived($message, $headers); + } + + #[EventHandler(endpointId: 'test.obfuscateAnnotatedMessages.eventHandler.AnnotatedMessageWithSecondaryEncryptionKey')] + public function handleAnnotatedMessageWithSecondaryEncryptionKey( + #[Payload] AnnotatedMessageWithSecondaryEncryptionKey $message, + #[Headers] array $headers, + #[Reference] MessageReceiver $messageReceiver, + ): void { + $messageReceiver->withReceived($message, $headers); + } + + #[EventHandler(endpointId: 'test.obfuscateAnnotatedMessages.eventHandler.AnnotatedMessageWithSensitiveHeaders')] + public function handleAnnotatedMessageWithSensitiveHeaders( + #[Payload] AnnotatedMessageWithSensitiveHeaders $message, + #[Headers] array $headers, + #[Reference] MessageReceiver $messageReceiver, + ): void { + $messageReceiver->withReceived($message, $headers); + } +} diff --git a/packages/DataProtection/tests/Fixture/SomeMessage.php b/packages/DataProtection/tests/Fixture/SomeMessage.php new file mode 100644 index 000000000..1cb35bf87 --- /dev/null +++ b/packages/DataProtection/tests/Fixture/SomeMessage.php @@ -0,0 +1,13 @@ +primaryKey = Key::createNewRandomKey(); + $this->secondaryKey = Key::createNewRandomKey(); + } + + public function test_obfuscate_command_handler_channel_with_default_encryption_key(): void + { + $channelProtectionConfiguration = ChannelProtectionConfiguration::create('test') + ->withSensitiveHeader('foo') + ->withSensitiveHeader('bar') + ->withSensitiveHeader('fos') + ; + + $ecotone = $this->bootstrapEcotone($channelProtectionConfiguration, $channel = TestQueueChannel::create('test'), $messageReceiver = new MessageReceiver()); + + $ecotone->sendCommand( + $messageSent = new SomeMessage( + class: new TestClass('value', TestEnum::FIRST), + enum: TestEnum::FIRST, + argument: 'value', + ), + metadata: $metadataSent = [ + 'foo' => 'secret-value', + 'bar' => 'even-more-secret-value', + 'baz' => 'non-sensitive-value', + ] + ); + + $ecotone + ->sendCommand($messageSent, metadata: $metadataSent) + ->run('test', ExecutionPollingMetadata::createWithTestingSetup()) + ; + + $receivedHeaders = $messageReceiver->receivedHeaders(); + self::assertEquals($messageSent, $messageReceiver->receivedMessage()); + self::assertEquals($metadataSent['foo'], $receivedHeaders['foo']); + self::assertEquals($metadataSent['bar'], $receivedHeaders['bar']); + self::assertEquals($metadataSent['baz'], $receivedHeaders['baz']); + + $channelMessage = $channel->getLastSentMessage(); + $messagePayload = Crypto::decrypt(base64_decode($channelMessage->getPayload()), $this->primaryKey); + $messageHeaders = $channelMessage->getHeaders(); + + self::assertEquals('{"class":{"argument":"value","enum":"first"},"enum":"first","argument":"value"}', $messagePayload); + self::assertEquals($metadataSent['foo'], Crypto::decrypt(base64_decode($messageHeaders->get('foo')), $this->primaryKey)); + self::assertEquals($metadataSent['bar'], Crypto::decrypt(base64_decode($messageHeaders->get('bar')), $this->primaryKey)); + self::assertEquals($metadataSent['baz'], $messageHeaders->get('baz')); + } + + public function test_obfuscate_command_handler_channel_with_default_encryption_key_and_no_sensitive_payload(): void + { + $channelProtectionConfiguration = ChannelProtectionConfiguration::create('test') + ->withSensitivePayload(false) + ->withSensitiveHeader('foo') + ->withSensitiveHeader('bar') + ->withSensitiveHeader('fos') + ; + + $ecotone = $this->bootstrapEcotone($channelProtectionConfiguration, $channel = TestQueueChannel::create('test'), $messageReceiver = new MessageReceiver()); + + $ecotone->sendCommand( + $messageSent = new SomeMessage( + class: new TestClass('value', TestEnum::FIRST), + enum: TestEnum::FIRST, + argument: 'value', + ), + metadata: $metadataSent = [ + 'foo' => 'secret-value', + 'bar' => 'even-more-secret-value', + 'baz' => 'non-sensitive-value', + ] + ); + + $ecotone + ->sendCommand($messageSent, metadata: $metadataSent) + ->run('test', ExecutionPollingMetadata::createWithTestingSetup()) + ; + + $receivedHeaders = $messageReceiver->receivedHeaders(); + self::assertEquals($messageSent, $messageReceiver->receivedMessage()); + self::assertEquals($metadataSent['foo'], $receivedHeaders['foo']); + self::assertEquals($metadataSent['bar'], $receivedHeaders['bar']); + self::assertEquals($metadataSent['baz'], $receivedHeaders['baz']); + + $channelMessage = $channel->getLastSentMessage(); + $messageHeaders = $channelMessage->getHeaders(); + + self::assertEquals('{"class":{"argument":"value","enum":"first"},"enum":"first","argument":"value"}', $channelMessage->getPayload()); + self::assertEquals($metadataSent['foo'], Crypto::decrypt(base64_decode($messageHeaders->get('foo')), $this->primaryKey)); + self::assertEquals($metadataSent['bar'], Crypto::decrypt(base64_decode($messageHeaders->get('bar')), $this->primaryKey)); + self::assertEquals($metadataSent['baz'], $messageHeaders->get('baz')); + } + + public function test_obfuscate_command_handler_channel_with_non_default_key(): void + { + $channelProtectionConfiguration = ChannelProtectionConfiguration::create('test', 'secondary') + ->withSensitiveHeader('foo') + ->withSensitiveHeader('bar') + ->withSensitiveHeader('fos') + ; + + $ecotone = $this->bootstrapEcotone($channelProtectionConfiguration, $channel = TestQueueChannel::create('test'), $messageReceiver = new MessageReceiver()); + + $ecotone->sendCommand( + $messageSent = new SomeMessage( + class: new TestClass('value', TestEnum::FIRST), + enum: TestEnum::FIRST, + argument: 'value', + ), + metadata: $metadataSent = [ + 'foo' => 'secret-value', + 'bar' => 'even-more-secret-value', + 'baz' => 'non-sensitive-value', + ] + ); + + $ecotone + ->sendCommand($messageSent, metadata: $metadataSent) + ->run('test', ExecutionPollingMetadata::createWithTestingSetup()) + ; + + $receivedHeaders = $messageReceiver->receivedHeaders(); + self::assertEquals($messageSent, $messageReceiver->receivedMessage()); + self::assertEquals($metadataSent['foo'], $receivedHeaders['foo']); + self::assertEquals($metadataSent['bar'], $receivedHeaders['bar']); + self::assertEquals($metadataSent['baz'], $receivedHeaders['baz']); + + $channelMessage = $channel->getLastSentMessage(); + $messagePayload = Crypto::decrypt(base64_decode($channelMessage->getPayload()), $this->secondaryKey); + $messageHeaders = $channelMessage->getHeaders(); + + self::assertEquals('{"class":{"argument":"value","enum":"first"},"enum":"first","argument":"value"}', $messagePayload); + self::assertEquals($metadataSent['foo'], Crypto::decrypt(base64_decode($messageHeaders->get('foo')), $this->secondaryKey)); + self::assertEquals($metadataSent['bar'], Crypto::decrypt(base64_decode($messageHeaders->get('bar')), $this->secondaryKey)); + self::assertEquals($metadataSent['baz'], $messageHeaders->get('baz')); + } + + public function test_obfuscate_command_handler_channel_called_with_routing_key(): void + { + $channelProtectionConfiguration = ChannelProtectionConfiguration::create('test') + ->withSensitiveHeader('foo') + ->withSensitiveHeader('bar') + ->withSensitiveHeader('fos') + ; + + $ecotone = $this->bootstrapEcotone($channelProtectionConfiguration, $channel = TestQueueChannel::create('test'), $messageReceiver = new MessageReceiver()); + + $ecotone + ->sendCommandWithRoutingKey( + routingKey: 'command', + metadata: $metadataSent = [ + 'foo' => 'secret-value', + 'bar' => 'even-more-secret-value', + 'baz' => 'non-sensitive-value', + ] + ) + ->run('test', ExecutionPollingMetadata::createWithTestingSetup()) + ; + + $receivedHeaders = $messageReceiver->receivedHeaders(); + self::assertEquals($metadataSent['foo'], $receivedHeaders['foo']); + self::assertEquals($metadataSent['bar'], $receivedHeaders['bar']); + self::assertEquals($metadataSent['baz'], $receivedHeaders['baz']); + + $channelMessage = $channel->getLastSentMessage(); + $messagePayload = Crypto::decrypt(base64_decode($channelMessage->getPayload()), $this->primaryKey); + $messageHeaders = $channelMessage->getHeaders(); + + self::assertEquals('[]', $messagePayload); + self::assertEquals($metadataSent['foo'], Crypto::decrypt(base64_decode($messageHeaders->get('foo')), $this->primaryKey)); + self::assertEquals($metadataSent['bar'], Crypto::decrypt(base64_decode($messageHeaders->get('bar')), $this->primaryKey)); + self::assertEquals($metadataSent['baz'], $messageHeaders->get('baz')); + } + + public function test_obfuscate_command_handler_channel_called_with_routing_key_and_no_sensitive_payload(): void + { + $channelProtectionConfiguration = ChannelProtectionConfiguration::create('test') + ->withSensitivePayload(false) + ->withSensitiveHeader('foo') + ->withSensitiveHeader('bar') + ->withSensitiveHeader('fos') + ; + + $ecotone = $this->bootstrapEcotone($channelProtectionConfiguration, $channel = TestQueueChannel::create('test'), $messageReceiver = new MessageReceiver()); + + $ecotone + ->sendCommandWithRoutingKey( + routingKey: 'command', + metadata: $metadataSent = [ + 'foo' => 'secret-value', + 'bar' => 'even-more-secret-value', + 'baz' => 'non-sensitive-value', + ] + ) + ->run('test', ExecutionPollingMetadata::createWithTestingSetup()) + ; + + $receivedHeaders = $messageReceiver->receivedHeaders(); + self::assertEquals($metadataSent['foo'], $receivedHeaders['foo']); + self::assertEquals($metadataSent['bar'], $receivedHeaders['bar']); + self::assertEquals($metadataSent['baz'], $receivedHeaders['baz']); + + $channelMessage = $channel->getLastSentMessage(); + $messageHeaders = $channelMessage->getHeaders(); + + self::assertEquals('[]', $channelMessage->getPayload()); + self::assertEquals($metadataSent['foo'], Crypto::decrypt(base64_decode($messageHeaders->get('foo')), $this->primaryKey)); + self::assertEquals($metadataSent['bar'], Crypto::decrypt(base64_decode($messageHeaders->get('bar')), $this->primaryKey)); + self::assertEquals($metadataSent['baz'], $messageHeaders->get('baz')); + } + + public function test_obfuscate_event_handler_channel_with_default_encryption_key(): void + { + $channelProtectionConfiguration = ChannelProtectionConfiguration::create('test') + ->withSensitiveHeader('foo') + ->withSensitiveHeader('bar') + ->withSensitiveHeader('fos') + ; + + $ecotone = $this->bootstrapEcotone($channelProtectionConfiguration, $channel = TestQueueChannel::create('test'), $messageReceiver = new MessageReceiver()); + + $ecotone + ->publishEvent( + $messageSent = new SomeMessage( + class: new TestClass('value', TestEnum::FIRST), + enum: TestEnum::FIRST, + argument: 'value', + ), + metadata: $metadataSent = [ + 'foo' => 'secret-value', + 'bar' => 'even-more-secret-value', + 'baz' => 'non-sensitive-value', + ] + ) + ->run('test', ExecutionPollingMetadata::createWithTestingSetup()) + ; + + $receivedHeaders = $messageReceiver->receivedHeaders(); + self::assertEquals($messageSent, $messageReceiver->receivedMessage()); + self::assertEquals($metadataSent['foo'], $receivedHeaders['foo']); + self::assertEquals($metadataSent['bar'], $receivedHeaders['bar']); + self::assertEquals($metadataSent['baz'], $receivedHeaders['baz']); + + $channelMessage = $channel->getLastSentMessage(); + $messagePayload = Crypto::decrypt(base64_decode($channelMessage->getPayload()), $this->primaryKey); + $messageHeaders = $channelMessage->getHeaders(); + + self::assertEquals('{"class":{"argument":"value","enum":"first"},"enum":"first","argument":"value"}', $messagePayload); + self::assertEquals($metadataSent['foo'], Crypto::decrypt(base64_decode($messageHeaders->get('foo')), $this->primaryKey)); + self::assertEquals($metadataSent['bar'], Crypto::decrypt(base64_decode($messageHeaders->get('bar')), $this->primaryKey)); + self::assertEquals($metadataSent['baz'], $messageHeaders->get('baz')); + } + + public function test_obfuscate_event_handler_channel_with_non_default_key(): void + { + $channelProtectionConfiguration = ChannelProtectionConfiguration::create('test', 'secondary') + ->withSensitiveHeader('foo') + ->withSensitiveHeader('bar') + ->withSensitiveHeader('fos') + ; + + $ecotone = $this->bootstrapEcotone($channelProtectionConfiguration, $channel = TestQueueChannel::create('test'), $messageReceiver = new MessageReceiver()); + + $ecotone + ->publishEvent( + $messageSent = new SomeMessage( + class: new TestClass('value', TestEnum::FIRST), + enum: TestEnum::FIRST, + argument: 'value', + ), + metadata: $metadataSent = [ + 'foo' => 'secret-value', + 'bar' => 'even-more-secret-value', + 'baz' => 'non-sensitive-value', + ] + ) + ->run('test', ExecutionPollingMetadata::createWithTestingSetup()) + ; + + $receivedHeaders = $messageReceiver->receivedHeaders(); + self::assertEquals($messageSent, $messageReceiver->receivedMessage()); + self::assertEquals($metadataSent['foo'], $receivedHeaders['foo']); + self::assertEquals($metadataSent['bar'], $receivedHeaders['bar']); + self::assertEquals($metadataSent['baz'], $receivedHeaders['baz']); + + $channelMessage = $channel->getLastSentMessage(); + $messagePayload = Crypto::decrypt(base64_decode($channelMessage->getPayload()), $this->secondaryKey); + $messageHeaders = $channelMessage->getHeaders(); + + self::assertEquals('{"class":{"argument":"value","enum":"first"},"enum":"first","argument":"value"}', $messagePayload); + self::assertEquals($metadataSent['foo'], Crypto::decrypt(base64_decode($messageHeaders->get('foo')), $this->secondaryKey)); + self::assertEquals($metadataSent['bar'], Crypto::decrypt(base64_decode($messageHeaders->get('bar')), $this->secondaryKey)); + self::assertEquals($metadataSent['baz'], $messageHeaders->get('baz')); + } + + public function test_obfuscate_event_handler_channel_called_with_routing_key(): void + { + $channelProtectionConfiguration = ChannelProtectionConfiguration::create('test') + ->withSensitiveHeader('foo') + ->withSensitiveHeader('bar') + ->withSensitiveHeader('fos') + ; + + $ecotone = $this->bootstrapEcotone($channelProtectionConfiguration, $channel = TestQueueChannel::create('test'), $messageReceiver = new MessageReceiver()); + + $ecotone + ->publishEventWithRoutingKey( + routingKey: 'event', + metadata: $metadataSent = [ + 'foo' => 'secret-value', + 'bar' => 'even-more-secret-value', + 'baz' => 'non-sensitive-value', + ] + ) + ->run('test', ExecutionPollingMetadata::createWithTestingSetup()) + ; + + $receivedHeaders = $messageReceiver->receivedHeaders(); + self::assertEquals($metadataSent['foo'], $receivedHeaders['foo']); + self::assertEquals($metadataSent['bar'], $receivedHeaders['bar']); + self::assertEquals($metadataSent['baz'], $receivedHeaders['baz']); + + $channelMessage = $channel->getLastSentMessage(); + $messagePayload = Crypto::decrypt(base64_decode($channelMessage->getPayload()), $this->primaryKey); + $messageHeaders = $channelMessage->getHeaders(); + + self::assertEquals('[]', $messagePayload); + self::assertEquals($metadataSent['foo'], Crypto::decrypt(base64_decode($messageHeaders->get('foo')), $this->primaryKey)); + self::assertEquals($metadataSent['bar'], Crypto::decrypt(base64_decode($messageHeaders->get('bar')), $this->primaryKey)); + self::assertEquals($metadataSent['baz'], $messageHeaders->get('baz')); + } + + public function test_obfuscate_non_pollable_channel(): void + { + $this->expectExceptionObject(InvalidArgumentException::create("`test` channel must be pollable channel to use Data Protection.")); + + $channelProtectionConfiguration = ChannelProtectionConfiguration::create('test'); + + EcotoneLite::bootstrapFlowTesting( + configuration: ServiceConfiguration::createWithDefaults() + ->withLicenceKey(LicenceTesting::VALID_LICENCE) + ->withSkippedModulePackageNames(ModulePackageList::allPackagesExcept([ModulePackageList::DATA_PROTECTION_PACKAGE])) + ->withNamespaces(['Test\Ecotone\DataProtection\Fixture\NonPollable']) + ->withExtensionObjects( + [ + $channelProtectionConfiguration, + DataProtectionConfiguration::create('primary', $this->primaryKey) + ->withKey('secondary', $this->secondaryKey), + SimpleMessageChannelBuilder::create('test', new DirectChannel('test')), + JMSConverterConfiguration::createWithDefaults()->withDefaultEnumSupport(true), + ] + ) + ) + ; + } + + private function bootstrapEcotone(ChannelProtectionConfiguration $channelProtectionConfiguration, MessageChannel $messageChannel, MessageReceiver $receivedMessage): FlowTestSupport + { + return EcotoneLite::bootstrapFlowTesting( + containerOrAvailableServices: [ + $receivedMessage, + new TestCommandHandler(), + new TestEventHandler(), + ], + configuration: ServiceConfiguration::createWithDefaults() + ->withLicenceKey(LicenceTesting::VALID_LICENCE) + ->withSkippedModulePackageNames(ModulePackageList::allPackagesExcept([ModulePackageList::AMQP_PACKAGE, ModulePackageList::ASYNCHRONOUS_PACKAGE, ModulePackageList::DATA_PROTECTION_PACKAGE, ModulePackageList::JMS_CONVERTER_PACKAGE])) + ->withNamespaces(['Test\Ecotone\DataProtection\Fixture\ObfuscateChannel']) + ->withExtensionObjects([ + $channelProtectionConfiguration, + DataProtectionConfiguration::create('primary', $this->primaryKey) + ->withKey('secondary', $this->secondaryKey), + SimpleMessageChannelBuilder::create('test', $messageChannel), + JMSConverterConfiguration::createWithDefaults()->withDefaultEnumSupport(true), + ]) + ); + } +} diff --git a/packages/DataProtection/tests/Integration/ObfuscateEndpointsTest.php b/packages/DataProtection/tests/Integration/ObfuscateEndpointsTest.php new file mode 100644 index 000000000..97c0ed4eb --- /dev/null +++ b/packages/DataProtection/tests/Integration/ObfuscateEndpointsTest.php @@ -0,0 +1,754 @@ +primaryKey = Key::createNewRandomKey(); + $this->secondaryKey = Key::createNewRandomKey(); + } + + public function test_command_handler_with_annotated_endpoint(): void + { + $ecotone = $this->bootstrapEcotone( + classesToResolve: [ + CommandHandlerWithAnnotatedEndpoint::class, + ], + container: [ + $messageReceiver = new MessageReceiver(), + new CommandHandlerWithAnnotatedEndpoint(), + ], + messageChannel: $channel = TestQueueChannel::create('test'), + ); + + $ecotone + ->sendCommand( + $messageSent = new SomeMessage( + class: new TestClass('value', TestEnum::FIRST), + enum: TestEnum::FIRST, + argument: 'value', + ), + metadata: $metadataSent = [ + 'foo' => 'secret-value', + 'bar' => 'even-more-secret-value', + 'baz' => 'non-sensitive-value', + ] + ) + ->run('test', ExecutionPollingMetadata::createWithTestingSetup()) + ; + + $receivedHeaders = $messageReceiver->receivedHeaders(); + self::assertEquals($messageSent, $messageReceiver->receivedMessage()); + self::assertEquals($metadataSent['foo'], $receivedHeaders['foo']); + self::assertEquals($metadataSent['bar'], $receivedHeaders['bar']); + self::assertEquals($metadataSent['baz'], $receivedHeaders['baz']); + + $channelMessage = $channel->getLastSentMessage(); + $messagePayload = Crypto::decrypt(base64_decode($channelMessage->getPayload()), $this->primaryKey); + $messageHeaders = $channelMessage->getHeaders(); + + self::assertEquals('{"class":{"argument":"value","enum":"first"},"enum":"first","argument":"value"}', $messagePayload); + self::assertEquals($metadataSent['foo'], Crypto::decrypt(base64_decode($messageHeaders->get('foo')), $this->primaryKey)); + self::assertEquals($metadataSent['bar'], Crypto::decrypt(base64_decode($messageHeaders->get('bar')), $this->primaryKey)); + self::assertEquals($metadataSent['baz'], $messageHeaders->get('baz')); + } + + public function test_command_handler_with_annotated_endpoint_with_already_annotated_message(): void + { + $ecotone = $this->bootstrapEcotone( + classesToResolve: [ + AnnotatedMessage::class, + CommandHandlerWithAnnotatedEndpointWithAlreadyAnnotatedMessage::class, + ], + container: [ + $messageReceiver = new MessageReceiver(), + new CommandHandlerWithAnnotatedEndpointWithAlreadyAnnotatedMessage(), + ], + messageChannel: $channel = TestQueueChannel::create('test'), + ); + + $ecotone + ->sendCommand( + $messageSent = new AnnotatedMessage( + class: new TestClass('value', TestEnum::FIRST), + enum: TestEnum::FIRST, + argument: 'value', + ), + metadata: $metadataSent = [ + 'foo' => 'secret-value', + 'bar' => 'even-more-secret-value', + 'baz' => 'non-sensitive-value', + ] + ) + ->run('test', ExecutionPollingMetadata::createWithTestingSetup()) + ; + + $receivedHeaders = $messageReceiver->receivedHeaders(); + self::assertEquals($messageSent, $messageReceiver->receivedMessage()); + self::assertEquals($metadataSent['foo'], $receivedHeaders['foo']); + self::assertEquals($metadataSent['bar'], $receivedHeaders['bar']); + self::assertEquals($metadataSent['baz'], $receivedHeaders['baz']); + + $channelMessage = $channel->getLastSentMessage(); + $messagePayload = Crypto::decrypt(base64_decode($channelMessage->getPayload()), $this->primaryKey); + $messageHeaders = $channelMessage->getHeaders(); + + self::assertEquals('{"class":{"argument":"value","enum":"first"},"enum":"first","argument":"value"}', $messagePayload); + self::assertEquals($metadataSent['foo'], $messageHeaders->get('foo')); + self::assertEquals($metadataSent['bar'], $messageHeaders->get('bar')); + self::assertEquals($metadataSent['baz'], $messageHeaders->get('baz')); + } + + public function test_command_handler_with_annotated_endpoint_and_secondary_encryption_key(): void + { + $ecotone = $this->bootstrapEcotone( + classesToResolve: [ + CommandHandlerWithAnnotatedEndpointWithSecondaryEncryptionKey::class, + ], + container: [ + $messageReceiver = new MessageReceiver(), + new CommandHandlerWithAnnotatedEndpointWithSecondaryEncryptionKey(), + ], + messageChannel: $channel = TestQueueChannel::create('test'), + ); + + $ecotone + ->sendCommand( + $messageSent = new SomeMessage( + class: new TestClass('value', TestEnum::FIRST), + enum: TestEnum::FIRST, + argument: 'value', + ), + metadata: $metadataSent = [ + 'foo' => 'secret-value', + 'bar' => 'even-more-secret-value', + 'baz' => 'non-sensitive-value', + ] + ) + ->run('test', ExecutionPollingMetadata::createWithTestingSetup()) + ; + + $receivedHeaders = $messageReceiver->receivedHeaders(); + self::assertEquals($messageSent, $messageReceiver->receivedMessage()); + self::assertEquals($metadataSent['foo'], $receivedHeaders['foo']); + self::assertEquals($metadataSent['bar'], $receivedHeaders['bar']); + self::assertEquals($metadataSent['baz'], $receivedHeaders['baz']); + + $channelMessage = $channel->getLastSentMessage(); + $messagePayload = Crypto::decrypt(base64_decode($channelMessage->getPayload()), $this->secondaryKey); + $messageHeaders = $channelMessage->getHeaders(); + + self::assertEquals('{"class":{"argument":"value","enum":"first"},"enum":"first","argument":"value"}', $messagePayload); + self::assertEquals($metadataSent['foo'], Crypto::decrypt(base64_decode($messageHeaders->get('foo')), $this->secondaryKey)); + self::assertEquals($metadataSent['bar'], Crypto::decrypt(base64_decode($messageHeaders->get('bar')), $this->secondaryKey)); + self::assertEquals($metadataSent['baz'], $messageHeaders->get('baz')); + } + + public function test_command_handler_called_with_routing_key(): void + { + $ecotone = $this->bootstrapEcotone( + classesToResolve: [ + CommandHandlerCalledWithRoutingKey::class, + ], + container: [ + $messageReceiver = new MessageReceiver(), + new CommandHandlerCalledWithRoutingKey(), + ], + messageChannel: $channel = TestQueueChannel::create('test'), + ); + + $ecotone + ->sendCommandWithRoutingKey( + routingKey: 'command', + metadata: $metadataSent = [ + 'foo' => 'secret-value', + 'bar' => 'even-more-secret-value', + 'baz' => 'non-sensitive-value', + ] + ) + ->run('test', ExecutionPollingMetadata::createWithTestingSetup()) + ; + + $receivedHeaders = $messageReceiver->receivedHeaders(); + self::assertEquals($metadataSent['foo'], $receivedHeaders['foo']); + self::assertEquals($metadataSent['bar'], $receivedHeaders['bar']); + self::assertEquals($metadataSent['baz'], $receivedHeaders['baz']); + + $channelMessage = $channel->getLastSentMessage(); + $messageHeaders = $channelMessage->getHeaders(); + + self::assertEquals('[]', $channelMessage->getPayload()); + self::assertEquals($metadataSent['foo'], $messageHeaders->get('foo')); + self::assertEquals($metadataSent['bar'], $messageHeaders->get('bar')); + self::assertEquals($metadataSent['baz'], $messageHeaders->get('baz')); + } + + public function test_command_handler_called_with_routing_key_will_use_channel_obfuscator(): void + { + $ecotone = $this->bootstrapEcotone( + classesToResolve: [ + CommandHandlerCalledWithRoutingKey::class, + ], + container: [ + $messageReceiver = new MessageReceiver(), + new CommandHandlerCalledWithRoutingKey(), + ], + messageChannel: $channel = TestQueueChannel::create('test'), + extensionObjects: [ + ChannelProtectionConfiguration::create('test')->withSensitiveHeader('foo')->withSensitiveHeader('bar'), + ] + ); + + $ecotone + ->sendCommandWithRoutingKey( + routingKey: 'command', + metadata: $metadataSent = [ + 'foo' => 'secret-value', + 'bar' => 'even-more-secret-value', + 'baz' => 'non-sensitive-value', + ] + ) + ->run('test', ExecutionPollingMetadata::createWithTestingSetup()) + ; + + $receivedHeaders = $messageReceiver->receivedHeaders(); + self::assertEquals($metadataSent['foo'], $receivedHeaders['foo']); + self::assertEquals($metadataSent['bar'], $receivedHeaders['bar']); + self::assertEquals($metadataSent['baz'], $receivedHeaders['baz']); + + $channelMessage = $channel->getLastSentMessage(); + $messagePayload = Crypto::decrypt(base64_decode($channelMessage->getPayload()), $this->primaryKey); + $messageHeaders = $channelMessage->getHeaders(); + + self::assertEquals('[]', $messagePayload); + self::assertEquals($metadataSent['foo'], Crypto::decrypt(base64_decode($messageHeaders->get('foo')), $this->primaryKey)); + self::assertEquals($metadataSent['bar'], Crypto::decrypt(base64_decode($messageHeaders->get('bar')), $this->primaryKey)); + self::assertEquals($metadataSent['baz'], $messageHeaders->get('baz')); + } + + public function test_command_handler_with_annotated_method_without_payload_will_use_channel_obfuscator(): void + { + $ecotone = $this->bootstrapEcotone( + classesToResolve: [ + CommandHandlerWithAnnotatedMethodWithoutPayload::class, + ], + container: [ + $messageReceiver = new MessageReceiver(), + new CommandHandlerWithAnnotatedMethodWithoutPayload(), + ], + messageChannel: $channel = TestQueueChannel::create('test'), + extensionObjects: [ + ChannelProtectionConfiguration::create('test')->withSensitiveHeader('foo')->withSensitiveHeader('bar'), + ] + ); + + $ecotone + ->sendCommandWithRoutingKey( + routingKey: 'command', + metadata: $metadataSent = [ + 'foo' => 'secret-value', + 'bar' => 'even-more-secret-value', + 'baz' => 'non-sensitive-value', + ] + ) + ->run('test', ExecutionPollingMetadata::createWithTestingSetup()) + ; + + $receivedHeaders = $messageReceiver->receivedHeaders(); + self::assertEquals($metadataSent['foo'], $receivedHeaders['foo']); + self::assertEquals($metadataSent['bar'], $receivedHeaders['bar']); + self::assertEquals($metadataSent['baz'], $receivedHeaders['baz']); + + $channelMessage = $channel->getLastSentMessage(); + $messagePayload = Crypto::decrypt(base64_decode($channelMessage->getPayload()), $this->primaryKey); + $messageHeaders = $channelMessage->getHeaders(); + + self::assertEquals('[]', $messagePayload); + self::assertEquals($metadataSent['foo'], Crypto::decrypt(base64_decode($messageHeaders->get('foo')), $this->primaryKey)); + self::assertEquals($metadataSent['bar'], Crypto::decrypt(base64_decode($messageHeaders->get('bar')), $this->primaryKey)); + self::assertEquals($metadataSent['baz'], $messageHeaders->get('baz')); + } + + public function test_command_handler_with_annotated_method_with_annotated_payload_and_header(): void + { + $ecotone = $this->bootstrapEcotone( + classesToResolve: [ + CommandHandlerWithAnnotatedPayloadAndHeader::class, + ], + container: [ + $messageReceiver = new MessageReceiver(), + new CommandHandlerWithAnnotatedPayloadAndHeader(), + ], + messageChannel: $channel = TestQueueChannel::create('test'), + ); + + $ecotone + ->sendCommand( + $messageSent = new SomeMessage( + class: new TestClass('value', TestEnum::FIRST), + enum: TestEnum::FIRST, + argument: 'value', + ), + metadata: $metadataSent = [ + 'foo' => 'secret-value', + 'bar' => 'even-more-secret-value', + ] + ) + ->run('test', ExecutionPollingMetadata::createWithTestingSetup()) + ; + + $receivedHeaders = $messageReceiver->receivedHeaders(); + self::assertEquals($messageSent, $messageReceiver->receivedMessage()); + self::assertEquals($metadataSent['foo'], $receivedHeaders['foo']); + self::assertEquals($metadataSent['bar'], $receivedHeaders['bar']); + + $channelMessage = $channel->getLastSentMessage(); + $messagePayload = Crypto::decrypt(base64_decode($channelMessage->getPayload()), $this->primaryKey); + $messageHeaders = $channelMessage->getHeaders(); + + self::assertEquals('{"class":{"argument":"value","enum":"first"},"enum":"first","argument":"value"}', $messagePayload); + self::assertEquals($metadataSent['foo'], Crypto::decrypt(base64_decode($messageHeaders->get('foo')), $this->primaryKey)); + self::assertEquals($metadataSent['bar'], Crypto::decrypt(base64_decode($messageHeaders->get('bar')), $this->primaryKey)); + } + + public function test_command_handler_with_annotated_method_without_payload(): void + { + $ecotone = $this->bootstrapEcotone( + classesToResolve: [ + CommandHandlerWithAnnotatedMethodWithoutPayload::class, + ], + container: [ + $messageReceiver = new MessageReceiver(), + new CommandHandlerWithAnnotatedMethodWithoutPayload(), + ], + messageChannel: $channel = TestQueueChannel::create('test'), + ); + + $ecotone + ->sendCommandWithRoutingKey( + routingKey: 'command', + metadata: $metadataSent = [ + 'foo' => 'secret-value', + 'bar' => 'even-more-secret-value', + 'baz' => 'non-sensitive-value', + ] + ) + ->run('test', ExecutionPollingMetadata::createWithTestingSetup()) + ; + + $receivedHeaders = $messageReceiver->receivedHeaders(); + self::assertEquals($metadataSent['foo'], $receivedHeaders['foo']); + self::assertEquals($metadataSent['bar'], $receivedHeaders['bar']); + self::assertEquals($metadataSent['baz'], $receivedHeaders['baz']); + + $channelMessage = $channel->getLastSentMessage(); + $messageHeaders = $channelMessage->getHeaders(); + + self::assertEquals('[]', $channelMessage->getPayload()); + self::assertEquals($metadataSent['foo'], $messageHeaders->get('foo')); + self::assertEquals($metadataSent['bar'], $messageHeaders->get('bar')); + self::assertEquals($metadataSent['baz'], $messageHeaders->get('baz')); + } + + public function test_event_handler_with_annotated_endpoint(): void + { + $ecotone = $this->bootstrapEcotone( + classesToResolve: [ + EventHandlerWithAnnotatedEndpoint::class, + ], + container: [ + $messageReceiver = new MessageReceiver(), + new EventHandlerWithAnnotatedEndpoint(), + ], + messageChannel: $channel = TestQueueChannel::create('test'), + ); + + $ecotone + ->publishEvent( + $messageSent = new SomeMessage( + class: new TestClass('value', TestEnum::FIRST), + enum: TestEnum::FIRST, + argument: 'value', + ), + metadata: $metadataSent = [ + 'foo' => 'secret-value', + 'bar' => 'even-more-secret-value', + 'baz' => 'non-sensitive-value', + ] + ) + ->run('test', ExecutionPollingMetadata::createWithTestingSetup()) + ; + + $receivedHeaders = $messageReceiver->receivedHeaders(); + self::assertEquals($messageSent, $messageReceiver->receivedMessage()); + self::assertEquals($metadataSent['foo'], $receivedHeaders['foo']); + self::assertEquals($metadataSent['bar'], $receivedHeaders['bar']); + self::assertEquals($metadataSent['baz'], $receivedHeaders['baz']); + + $channelMessage = $channel->getLastSentMessage(); + $messagePayload = Crypto::decrypt(base64_decode($channelMessage->getPayload()), $this->primaryKey); + $messageHeaders = $channelMessage->getHeaders(); + + self::assertEquals('{"class":{"argument":"value","enum":"first"},"enum":"first","argument":"value"}', $messagePayload); + self::assertEquals($metadataSent['foo'], Crypto::decrypt(base64_decode($messageHeaders->get('foo')), $this->primaryKey)); + self::assertEquals($metadataSent['bar'], Crypto::decrypt(base64_decode($messageHeaders->get('bar')), $this->primaryKey)); + self::assertEquals($metadataSent['baz'], $messageHeaders->get('baz')); + } + + public function test_event_handler_with_annotated_endpoint_with_already_annotated_message(): void + { + $ecotone = $this->bootstrapEcotone( + classesToResolve: [ + AnnotatedMessage::class, + EventHandlerWithAnnotatedEndpointWithAlreadyAnnotatedMessage::class, + ], + container: [ + $messageReceiver = new MessageReceiver(), + new EventHandlerWithAnnotatedEndpointWithAlreadyAnnotatedMessage(), + ], + messageChannel: $channel = TestQueueChannel::create('test'), + ); + + $ecotone + ->publishEvent( + $messageSent = new AnnotatedMessage( + class: new TestClass('value', TestEnum::FIRST), + enum: TestEnum::FIRST, + argument: 'value', + ), + metadata: $metadataSent = [ + 'foo' => 'secret-value', + 'bar' => 'even-more-secret-value', + 'baz' => 'non-sensitive-value', + ] + ) + ->run('test', ExecutionPollingMetadata::createWithTestingSetup()) + ; + + $receivedHeaders = $messageReceiver->receivedHeaders(); + self::assertEquals($messageSent, $messageReceiver->receivedMessage()); + self::assertEquals($metadataSent['foo'], $receivedHeaders['foo']); + self::assertEquals($metadataSent['bar'], $receivedHeaders['bar']); + self::assertEquals($metadataSent['baz'], $receivedHeaders['baz']); + + $channelMessage = $channel->getLastSentMessage(); + $messagePayload = Crypto::decrypt(base64_decode($channelMessage->getPayload()), $this->primaryKey); + $messageHeaders = $channelMessage->getHeaders(); + + self::assertEquals('{"class":{"argument":"value","enum":"first"},"enum":"first","argument":"value"}', $messagePayload); + self::assertEquals($metadataSent['foo'], $messageHeaders->get('foo')); + self::assertEquals($metadataSent['bar'], $messageHeaders->get('bar')); + self::assertEquals($metadataSent['baz'], $messageHeaders->get('baz')); + } + + public function test_event_handler_with_annotated_endpoint_and_secondary_encryption_key(): void + { + $ecotone = $this->bootstrapEcotone( + classesToResolve: [ + EventHandlerWithAnnotatedEndpointWithSecondaryEncryptionKey::class, + ], + container: [ + $messageReceiver = new MessageReceiver(), + new EventHandlerWithAnnotatedEndpointWithSecondaryEncryptionKey(), + ], + messageChannel: $channel = TestQueueChannel::create('test'), + ); + + $ecotone + ->publishEvent( + $messageSent = new SomeMessage( + class: new TestClass('value', TestEnum::FIRST), + enum: TestEnum::FIRST, + argument: 'value', + ), + metadata: $metadataSent = [ + 'foo' => 'secret-value', + 'bar' => 'even-more-secret-value', + 'baz' => 'non-sensitive-value', + ] + ) + ->run('test', ExecutionPollingMetadata::createWithTestingSetup()) + ; + + $receivedHeaders = $messageReceiver->receivedHeaders(); + self::assertEquals($messageSent, $messageReceiver->receivedMessage()); + self::assertEquals($metadataSent['foo'], $receivedHeaders['foo']); + self::assertEquals($metadataSent['bar'], $receivedHeaders['bar']); + self::assertEquals($metadataSent['baz'], $receivedHeaders['baz']); + + $channelMessage = $channel->getLastSentMessage(); + $messagePayload = Crypto::decrypt(base64_decode($channelMessage->getPayload()), $this->secondaryKey); + $messageHeaders = $channelMessage->getHeaders(); + + self::assertEquals('{"class":{"argument":"value","enum":"first"},"enum":"first","argument":"value"}', $messagePayload); + self::assertEquals($metadataSent['foo'], Crypto::decrypt(base64_decode($messageHeaders->get('foo')), $this->secondaryKey)); + self::assertEquals($metadataSent['bar'], Crypto::decrypt(base64_decode($messageHeaders->get('bar')), $this->secondaryKey)); + self::assertEquals($metadataSent['baz'], $messageHeaders->get('baz')); + } + + public function test_event_handler_called_with_routing_key(): void + { + $ecotone = $this->bootstrapEcotone( + classesToResolve: [ + EventHandlerCalledWithRoutingKey::class, + ], + container: [ + $messageReceiver = new MessageReceiver(), + new EventHandlerCalledWithRoutingKey(), + ], + messageChannel: $channel = TestQueueChannel::create('test'), + ); + + $ecotone + ->publishEventWithRoutingKey( + routingKey: 'event', + metadata: $metadataSent = [ + 'foo' => 'secret-value', + 'bar' => 'even-more-secret-value', + 'baz' => 'non-sensitive-value', + ] + ) + ->run('test', ExecutionPollingMetadata::createWithTestingSetup()) + ; + + $receivedHeaders = $messageReceiver->receivedHeaders(); + self::assertEquals($metadataSent['foo'], $receivedHeaders['foo']); + self::assertEquals($metadataSent['bar'], $receivedHeaders['bar']); + self::assertEquals($metadataSent['baz'], $receivedHeaders['baz']); + + $channelMessage = $channel->getLastSentMessage(); + $messageHeaders = $channelMessage->getHeaders(); + + self::assertEquals('[]', $channelMessage->getPayload()); + self::assertEquals($metadataSent['foo'], $messageHeaders->get('foo')); + self::assertEquals($metadataSent['bar'], $messageHeaders->get('bar')); + self::assertEquals($metadataSent['baz'], $messageHeaders->get('baz')); + } + + public function test_event_handler_called_with_routing_key_will_use_channel_obfuscator(): void + { + $ecotone = $this->bootstrapEcotone( + classesToResolve: [ + EventHandlerCalledWithRoutingKey::class, + ], + container: [ + $messageReceiver = new MessageReceiver(), + new EventHandlerCalledWithRoutingKey(), + ], + messageChannel: $channel = TestQueueChannel::create('test'), + extensionObjects: [ + ChannelProtectionConfiguration::create('test')->withSensitiveHeader('foo')->withSensitiveHeader('bar'), + ] + ); + + $ecotone + ->publishEventWithRoutingKey( + routingKey: 'event', + metadata: $metadataSent = [ + 'foo' => 'secret-value', + 'bar' => 'even-more-secret-value', + 'baz' => 'non-sensitive-value', + ] + ) + ->run('test', ExecutionPollingMetadata::createWithTestingSetup()) + ; + + $receivedHeaders = $messageReceiver->receivedHeaders(); + self::assertEquals($metadataSent['foo'], $receivedHeaders['foo']); + self::assertEquals($metadataSent['bar'], $receivedHeaders['bar']); + self::assertEquals($metadataSent['baz'], $receivedHeaders['baz']); + + $channelMessage = $channel->getLastSentMessage(); + $messagePayload = Crypto::decrypt(base64_decode($channelMessage->getPayload()), $this->primaryKey); + $messageHeaders = $channelMessage->getHeaders(); + + self::assertEquals('[]', $messagePayload); + self::assertEquals($metadataSent['foo'], Crypto::decrypt(base64_decode($messageHeaders->get('foo')), $this->primaryKey)); + self::assertEquals($metadataSent['bar'], Crypto::decrypt(base64_decode($messageHeaders->get('bar')), $this->primaryKey)); + self::assertEquals($metadataSent['baz'], $messageHeaders->get('baz')); + } + + public function test_event_handler_with_annotated_method_without_payload_will_use_channel_obfuscator(): void + { + $ecotone = $this->bootstrapEcotone( + classesToResolve: [ + EventHandlerWithAnnotatedMethodWithoutPayload::class, + ], + container: [ + $messageReceiver = new MessageReceiver(), + new EventHandlerWithAnnotatedMethodWithoutPayload(), + ], + messageChannel: $channel = TestQueueChannel::create('test'), + extensionObjects: [ + ChannelProtectionConfiguration::create('test')->withSensitiveHeader('foo')->withSensitiveHeader('bar'), + ] + ); + + $ecotone + ->publishEventWithRoutingKey( + routingKey: 'event', + metadata: $metadataSent = [ + 'foo' => 'secret-value', + 'bar' => 'even-more-secret-value', + 'baz' => 'non-sensitive-value', + ] + ) + ->run('test', ExecutionPollingMetadata::createWithTestingSetup()) + ; + + $receivedHeaders = $messageReceiver->receivedHeaders(); + self::assertEquals($metadataSent['foo'], $receivedHeaders['foo']); + self::assertEquals($metadataSent['bar'], $receivedHeaders['bar']); + self::assertEquals($metadataSent['baz'], $receivedHeaders['baz']); + + $channelMessage = $channel->getLastSentMessage(); + $messagePayload = Crypto::decrypt(base64_decode($channelMessage->getPayload()), $this->primaryKey); + $messageHeaders = $channelMessage->getHeaders(); + + self::assertEquals('[]', $messagePayload); + self::assertEquals($metadataSent['foo'], Crypto::decrypt(base64_decode($messageHeaders->get('foo')), $this->primaryKey)); + self::assertEquals($metadataSent['bar'], Crypto::decrypt(base64_decode($messageHeaders->get('bar')), $this->primaryKey)); + self::assertEquals($metadataSent['baz'], $messageHeaders->get('baz')); + } + + public function test_event_handler_with_annotated_method_with_annotated__payload_and_header(): void + { + $ecotone = $this->bootstrapEcotone( + classesToResolve: [ + EventHandlerWithAnnotatedPayloadAndHeader::class, + ], + container: [ + $messageReceiver = new MessageReceiver(), + new EventHandlerWithAnnotatedPayloadAndHeader(), + ], + messageChannel: $channel = TestQueueChannel::create('test'), + ); + + $ecotone + ->publishEvent( + $messageSent = new SomeMessage( + class: new TestClass('value', TestEnum::FIRST), + enum: TestEnum::FIRST, + argument: 'value', + ), + metadata: $metadataSent = [ + 'foo' => 'secret-value', + 'bar' => 'even-more-secret-value', + ] + ) + ->run('test', ExecutionPollingMetadata::createWithTestingSetup()) + ; + + $receivedHeaders = $messageReceiver->receivedHeaders(); + self::assertEquals($messageSent, $messageReceiver->receivedMessage()); + self::assertEquals($metadataSent['foo'], $receivedHeaders['foo']); + self::assertEquals($metadataSent['bar'], $receivedHeaders['bar']); + + $channelMessage = $channel->getLastSentMessage(); + $messagePayload = Crypto::decrypt(base64_decode($channelMessage->getPayload()), $this->secondaryKey); + $messageHeaders = $channelMessage->getHeaders(); + + self::assertEquals('{"class":{"argument":"value","enum":"first"},"enum":"first","argument":"value"}', $messagePayload); + self::assertEquals($metadataSent['foo'], Crypto::decrypt(base64_decode($messageHeaders->get('foo')), $this->secondaryKey)); + self::assertEquals($metadataSent['bar'], Crypto::decrypt(base64_decode($messageHeaders->get('bar')), $this->secondaryKey)); + } + + public function test_event_handler_with_annotated_method_without_payload(): void + { + $ecotone = $this->bootstrapEcotone( + classesToResolve: [ + EventHandlerWithAnnotatedMethodWithoutPayload::class, + ], + container: [ + $messageReceiver = new MessageReceiver(), + new EventHandlerWithAnnotatedMethodWithoutPayload(), + ], + messageChannel: $channel = TestQueueChannel::create('test'), + ); + + $ecotone + ->publishEventWithRoutingKey( + routingKey: 'event', + metadata: $metadataSent = [ + 'foo' => 'secret-value', + 'bar' => 'even-more-secret-value', + 'baz' => 'non-sensitive-value', + ] + ) + ->run('test', ExecutionPollingMetadata::createWithTestingSetup()) + ; + + $receivedHeaders = $messageReceiver->receivedHeaders(); + self::assertEquals($metadataSent['foo'], $receivedHeaders['foo']); + self::assertEquals($metadataSent['bar'], $receivedHeaders['bar']); + self::assertEquals($metadataSent['baz'], $receivedHeaders['baz']); + + $channelMessage = $channel->getLastSentMessage(); + $messageHeaders = $channelMessage->getHeaders(); + + self::assertEquals('[]', $channelMessage->getPayload()); + self::assertEquals($metadataSent['foo'], $messageHeaders->get('foo')); + self::assertEquals($metadataSent['bar'], $messageHeaders->get('bar')); + self::assertEquals($metadataSent['baz'], $messageHeaders->get('baz')); + } + + private function bootstrapEcotone(array $classesToResolve, array $container, MessageChannel $messageChannel, array $extensionObjects = []): FlowTestSupport + { + return EcotoneLite::bootstrapFlowTesting( + classesToResolve: $classesToResolve, + containerOrAvailableServices: $container, + configuration: ServiceConfiguration::createWithDefaults() + ->withLicenceKey(LicenceTesting::VALID_LICENCE) + ->withSkippedModulePackageNames(ModulePackageList::allPackagesExcept([ModulePackageList::AMQP_PACKAGE, ModulePackageList::ASYNCHRONOUS_PACKAGE, ModulePackageList::DATA_PROTECTION_PACKAGE, ModulePackageList::JMS_CONVERTER_PACKAGE])) + ->withExtensionObjects( + array_merge([ + DataProtectionConfiguration::create('primary', $this->primaryKey) + ->withKey('secondary', $this->secondaryKey), + SimpleMessageChannelBuilder::create('test', $messageChannel), + JMSConverterConfiguration::createWithDefaults()->withDefaultEnumSupport(true), + ], $extensionObjects) + ) + ); + } +} diff --git a/packages/DataProtection/tests/Integration/ObfuscateMessagesTest.php b/packages/DataProtection/tests/Integration/ObfuscateMessagesTest.php new file mode 100644 index 000000000..0c66c3ab1 --- /dev/null +++ b/packages/DataProtection/tests/Integration/ObfuscateMessagesTest.php @@ -0,0 +1,351 @@ +primaryKey = Key::createNewRandomKey(); + $this->secondaryKey = Key::createNewRandomKey(); + } + + public function test_command_handler_with_obfuscate_annotated_message(): void + { + $ecotone = $this->bootstrapEcotone( + classesToResolve: [ + AnnotatedMessage::class, + TestCommandHandler::class, + ], + container: [ + new TestCommandHandler(), + $messageReceiver = new MessageReceiver(), + ], + messageChannel: $channel = TestQueueChannel::create('test') + ); + + $ecotone + ->sendCommand( + $messageSent = new AnnotatedMessage( + class: new TestClass('value', TestEnum::FIRST), + enum: TestEnum::FIRST, + argument: 'value', + ), + metadata: $metadataSent = [ + 'foo' => 'secret-value', + 'bar' => 'even-more-secret-value', + 'baz' => 'non-sensitive-value', + ] + ) + ->run('test', ExecutionPollingMetadata::createWithTestingSetup()) + ; + + $receivedHeaders = $messageReceiver->receivedHeaders(); + self::assertEquals($messageSent, $messageReceiver->receivedMessage()); + self::assertEquals($metadataSent['foo'], $receivedHeaders['foo']); + self::assertEquals($metadataSent['bar'], $receivedHeaders['bar']); + self::assertEquals($metadataSent['baz'], $receivedHeaders['baz']); + + $channelMessage = $channel->getLastSentMessage(); + $messagePayload = Crypto::decrypt(base64_decode($channelMessage->getPayload()), $this->primaryKey); + $messageHeaders = $channelMessage->getHeaders(); + + self::assertEquals('{"class":{"argument":"value","enum":"first"},"enum":"first","argument":"value"}', $messagePayload); + self::assertEquals($metadataSent['foo'], $messageHeaders->get('foo')); + self::assertEquals($metadataSent['bar'], $messageHeaders->get('bar')); + self::assertEquals($metadataSent['baz'], $messageHeaders->get('baz')); + } + + public function test_obfuscate_command_handler_message_with_non_default_key(): void + { + $ecotone = $this->bootstrapEcotone( + classesToResolve: [ + AnnotatedMessageWithSecondaryEncryptionKey::class, + TestCommandHandler::class, + ], + container: [ + new TestCommandHandler(), + $messageReceiver = new MessageReceiver(), + ], + messageChannel: $channel = TestQueueChannel::create('test'), + extensionObjects: [ + ChannelProtectionConfiguration::create('test', encryptionKey: 'primary'), + ] + ); + + $ecotone + ->sendCommand( + $messageSent = new AnnotatedMessageWithSecondaryEncryptionKey( + class: new TestClass('value', TestEnum::FIRST), + enum: TestEnum::FIRST, + argument: 'value', + ), + metadata: $metadataSent = [ + 'foo' => 'secret-value', + 'bar' => 'even-more-secret-value', + 'baz' => 'non-sensitive-value', + ] + ) + ->run('test', ExecutionPollingMetadata::createWithTestingSetup()) + ; + + $receivedHeaders = $messageReceiver->receivedHeaders(); + self::assertEquals($messageSent, $messageReceiver->receivedMessage()); + self::assertEquals($metadataSent['foo'], $receivedHeaders['foo']); + self::assertEquals($metadataSent['bar'], $receivedHeaders['bar']); + self::assertEquals($metadataSent['baz'], $receivedHeaders['baz']); + + $channelMessage = $channel->getLastSentMessage(); + $messagePayload = Crypto::decrypt(base64_decode($channelMessage->getPayload()), $this->secondaryKey); + $messageHeaders = $channelMessage->getHeaders(); + + self::assertEquals('{"class":{"argument":"value","enum":"first"},"enum":"first","argument":"value"}', $messagePayload); + self::assertEquals($metadataSent['foo'], $messageHeaders->get('foo')); + self::assertEquals($metadataSent['bar'], $messageHeaders->get('bar')); + self::assertEquals($metadataSent['baz'], $messageHeaders->get('baz')); + } + + public function test_obfuscate_command_handler_message_with_sensitive_headers(): void + { + $ecotone = $this->bootstrapEcotone( + classesToResolve: [ + AnnotatedMessageWithSensitiveHeaders::class, + TestCommandHandler::class, + ], + container: [ + new TestCommandHandler(), + $messageReceiver = new MessageReceiver(), + ], + messageChannel: $channel = TestQueueChannel::create('test') + ); + + $ecotone + ->sendCommand( + $messageSent = new AnnotatedMessageWithSensitiveHeaders( + class: new TestClass('value', TestEnum::FIRST), + enum: TestEnum::FIRST, + argument: 'value', + ), + metadata: $metadataSent = [ + 'foo' => 'secret-value', + 'bar' => 'even-more-secret-value', + 'baz' => 'non-sensitive-value', + ] + ) + ->run('test', ExecutionPollingMetadata::createWithTestingSetup()) + ; + + $receivedHeaders = $messageReceiver->receivedHeaders(); + self::assertEquals($messageSent, $messageReceiver->receivedMessage()); + self::assertEquals($metadataSent['foo'], $receivedHeaders['foo']); + self::assertEquals($metadataSent['bar'], $receivedHeaders['bar']); + self::assertEquals($metadataSent['baz'], $receivedHeaders['baz']); + self::assertArrayNotHasKey('fos', $receivedHeaders); + + $channelMessage = $channel->getLastSentMessage(); + $messagePayload = Crypto::decrypt(base64_decode($channelMessage->getPayload()), $this->primaryKey); + $messageHeaders = $channelMessage->getHeaders(); + + self::assertEquals('{"class":{"argument":"value","enum":"first"},"enum":"first","argument":"value"}', $messagePayload); + self::assertEquals($metadataSent['foo'], Crypto::decrypt(base64_decode($messageHeaders->get('foo')), $this->primaryKey)); + self::assertEquals($metadataSent['bar'], Crypto::decrypt(base64_decode($messageHeaders->get('bar')), $this->primaryKey)); + self::assertEquals($metadataSent['baz'], $messageHeaders->get('baz')); + self::assertFalse($messageHeaders->containsKey('fos')); + } + + public function test_obfuscate_event_handler_with_annotated_message(): void + { + $ecotone = $this->bootstrapEcotone( + classesToResolve: [ + AnnotatedMessage::class, + TestEventHandler::class, + ], + container: [ + new TestEventHandler(), + $messageReceiver = new MessageReceiver(), + ], + messageChannel: $channel = TestQueueChannel::create('test') + ); + + $ecotone + ->publishEvent( + $messageSent = new AnnotatedMessage( + class: new TestClass('value', TestEnum::FIRST), + enum: TestEnum::FIRST, + argument: 'value', + ), + metadata: $metadataSent = [ + 'foo' => 'secret-value', + 'bar' => 'even-more-secret-value', + 'baz' => 'non-sensitive-value', + ] + ) + ->run('test', ExecutionPollingMetadata::createWithTestingSetup()) + ; + + $receivedHeaders = $messageReceiver->receivedHeaders(); + self::assertEquals($messageSent, $messageReceiver->receivedMessage()); + self::assertEquals($metadataSent['foo'], $receivedHeaders['foo']); + self::assertEquals($metadataSent['bar'], $receivedHeaders['bar']); + self::assertEquals($metadataSent['baz'], $receivedHeaders['baz']); + + $channelMessage = $channel->getLastSentMessage(); + $messagePayload = Crypto::decrypt(base64_decode($channelMessage->getPayload()), $this->primaryKey); + $messageHeaders = $channelMessage->getHeaders(); + + self::assertEquals('{"class":{"argument":"value","enum":"first"},"enum":"first","argument":"value"}', $messagePayload); + self::assertEquals($metadataSent['foo'], $messageHeaders->get('foo')); + self::assertEquals($metadataSent['bar'], $messageHeaders->get('bar')); + self::assertEquals($metadataSent['baz'], $messageHeaders->get('baz')); + } + + public function test_obfuscate_event_handler_message_with_non_default_key(): void + { + $ecotone = $this->bootstrapEcotone( + classesToResolve: [ + AnnotatedMessageWithSecondaryEncryptionKey::class, + TestEventHandler::class, + ], + container: [ + new TestEventHandler(), + $messageReceiver = new MessageReceiver(), + ], + messageChannel: $channel = TestQueueChannel::create('test'), + extensionObjects: [ + ChannelProtectionConfiguration::create('test', encryptionKey: 'primary'), + ] + ); + + $ecotone + ->publishEvent( + $messageSent = new AnnotatedMessageWithSecondaryEncryptionKey( + class: new TestClass('value', TestEnum::FIRST), + enum: TestEnum::FIRST, + argument: 'value', + ), + metadata: $metadataSent = [ + 'foo' => 'secret-value', + 'bar' => 'even-more-secret-value', + 'baz' => 'non-sensitive-value', + ] + ) + ->run('test', ExecutionPollingMetadata::createWithTestingSetup()) + ; + + $receivedHeaders = $messageReceiver->receivedHeaders(); + self::assertEquals($messageSent, $messageReceiver->receivedMessage()); + self::assertEquals($metadataSent['foo'], $receivedHeaders['foo']); + self::assertEquals($metadataSent['bar'], $receivedHeaders['bar']); + self::assertEquals($metadataSent['baz'], $receivedHeaders['baz']); + + $channelMessage = $channel->getLastSentMessage(); + $messagePayload = Crypto::decrypt(base64_decode($channelMessage->getPayload()), $this->secondaryKey); + $messageHeaders = $channelMessage->getHeaders(); + + self::assertEquals('{"class":{"argument":"value","enum":"first"},"enum":"first","argument":"value"}', $messagePayload); + self::assertEquals($metadataSent['foo'], $messageHeaders->get('foo')); + self::assertEquals($metadataSent['bar'], $messageHeaders->get('bar')); + self::assertEquals($metadataSent['baz'], $messageHeaders->get('baz')); + } + + public function test_obfuscate_event_handler_message_with_sensitive_headers(): void + { + $ecotone = $this->bootstrapEcotone( + classesToResolve: [ + AnnotatedMessageWithSensitiveHeaders::class, + TestEventHandler::class, + ], + container: [ + new TestEventHandler(), + $messageReceiver = new MessageReceiver(), + ], + messageChannel: $channel = TestQueueChannel::create('test') + ); + + $ecotone + ->publishEvent( + $messageSent = new AnnotatedMessageWithSensitiveHeaders( + class: new TestClass('value', TestEnum::FIRST), + enum: TestEnum::FIRST, + argument: 'value', + ), + metadata: $metadataSent = [ + 'foo' => 'secret-value', + 'bar' => 'even-more-secret-value', + 'baz' => 'non-sensitive-value', + ] + ) + ->run('test', ExecutionPollingMetadata::createWithTestingSetup()) + ; + + $receivedHeaders = $messageReceiver->receivedHeaders(); + self::assertEquals($messageSent, $messageReceiver->receivedMessage()); + self::assertEquals($metadataSent['foo'], $receivedHeaders['foo']); + self::assertEquals($metadataSent['bar'], $receivedHeaders['bar']); + self::assertEquals($metadataSent['baz'], $receivedHeaders['baz']); + self::assertArrayNotHasKey('fos', $receivedHeaders); + + $channelMessage = $channel->getLastSentMessage(); + $messagePayload = Crypto::decrypt(base64_decode($channelMessage->getPayload()), $this->primaryKey); + $messageHeaders = $channelMessage->getHeaders(); + + self::assertEquals('{"class":{"argument":"value","enum":"first"},"enum":"first","argument":"value"}', $messagePayload); + self::assertEquals($metadataSent['foo'], Crypto::decrypt(base64_decode($messageHeaders->get('foo')), $this->primaryKey)); + self::assertEquals($metadataSent['bar'], Crypto::decrypt(base64_decode($messageHeaders->get('bar')), $this->primaryKey)); + self::assertEquals($metadataSent['baz'], $messageHeaders->get('baz')); + self::assertFalse($messageHeaders->containsKey('fos')); + } + + private function bootstrapEcotone(array $classesToResolve, array $container, MessageChannel $messageChannel, array $extensionObjects = []): FlowTestSupport + { + return EcotoneLite::bootstrapFlowTesting( + classesToResolve: $classesToResolve, + containerOrAvailableServices: $container, + configuration: ServiceConfiguration::createWithDefaults() + ->withLicenceKey(LicenceTesting::VALID_LICENCE) + ->withSkippedModulePackageNames(ModulePackageList::allPackagesExcept([ModulePackageList::AMQP_PACKAGE, ModulePackageList::ASYNCHRONOUS_PACKAGE, ModulePackageList::DATA_PROTECTION_PACKAGE, ModulePackageList::JMS_CONVERTER_PACKAGE])) + ->withNamespaces(['Test\Ecotone\DataProtection\Fixture\ObfuscateAnnotatedMessages']) + ->withExtensionObjects( + array_merge( + [ + DataProtectionConfiguration::create('primary', $this->primaryKey) + ->withKey('secondary', $this->secondaryKey), + SimpleMessageChannelBuilder::create('test', $messageChannel), + JMSConverterConfiguration::createWithDefaults()->withDefaultEnumSupport(true), + ], + $extensionObjects, + ) + ) + ); + } +} diff --git a/packages/DataProtection/tests/Integration/RequirementsCheckTest.php b/packages/DataProtection/tests/Integration/RequirementsCheckTest.php new file mode 100644 index 000000000..f6132c9e4 --- /dev/null +++ b/packages/DataProtection/tests/Integration/RequirementsCheckTest.php @@ -0,0 +1,32 @@ +expectException(LicensingException::class); + + EcotoneLite::bootstrapFlowTesting( + configuration: ServiceConfiguration::createWithDefaults() + ->withSkippedModulePackageNames(ModulePackageList::allPackagesExcept([ModulePackageList::DATA_PROTECTION_PACKAGE])) + ->withExtensionObjects([ + DataProtectionConfiguration::create('primary', Key::createNewRandomKey()), + ]) + ); + } +} diff --git a/packages/DataProtection/tests/TestQueueChannel.php b/packages/DataProtection/tests/TestQueueChannel.php new file mode 100644 index 000000000..49d505a8e --- /dev/null +++ b/packages/DataProtection/tests/TestQueueChannel.php @@ -0,0 +1,44 @@ +lastSentMessage = $message; + + parent::send($message); + } + + public function receive(): ?Message + { + return parent::receive(); + } + + public function getLastSentMessage(): ?Message + { + return $this->lastSentMessage; + } +} diff --git a/packages/Ecotone/src/Messaging/Channel/PollableChannel/Serialization/OutboundSerializationChannelInterceptor.php b/packages/Ecotone/src/Messaging/Channel/PollableChannel/Serialization/OutboundSerializationChannelInterceptor.php index 51ee82584..c863f084c 100644 --- a/packages/Ecotone/src/Messaging/Channel/PollableChannel/Serialization/OutboundSerializationChannelInterceptor.php +++ b/packages/Ecotone/src/Messaging/Channel/PollableChannel/Serialization/OutboundSerializationChannelInterceptor.php @@ -16,7 +16,7 @@ /** * licence Apache-2.0 */ -final class OutboundSerializationChannelInterceptor extends AbstractChannelInterceptor implements ChannelInterceptor +final class OutboundSerializationChannelInterceptor extends AbstractChannelInterceptor { public function __construct( private OutboundMessageConverter $outboundMessageConverter, @@ -27,13 +27,13 @@ public function __construct( /** * @inheritDoc */ - public function preSend(Message $messageToConvert, MessageChannel $messageChannel): ?Message + public function preSend(Message $message, MessageChannel $messageChannel): ?Message { - if ($messageToConvert instanceof ErrorMessage) { - return $messageToConvert; + if ($message instanceof ErrorMessage) { + return $message; } - $outboundMessage = $this->outboundMessageConverter->prepare($messageToConvert, $this->conversionService); + $outboundMessage = $this->outboundMessageConverter->prepare($message, $this->conversionService); $preparedMessage = MessageBuilder::withPayload($outboundMessage->getPayload()) ->setMultipleHeaders($outboundMessage->getHeaders()); diff --git a/packages/Ecotone/src/Messaging/Channel/PollableChannelInterceptorAdapter.php b/packages/Ecotone/src/Messaging/Channel/PollableChannelInterceptorAdapter.php index 0220c4fbf..a987e5e74 100644 --- a/packages/Ecotone/src/Messaging/Channel/PollableChannelInterceptorAdapter.php +++ b/packages/Ecotone/src/Messaging/Channel/PollableChannelInterceptorAdapter.php @@ -89,7 +89,7 @@ private function receiveFor(?PollingMetadata $pollingMetadata): ?Message } foreach ($this->sortedChannelInterceptors as $channelInterceptor) { - $channelInterceptor->postReceive($message, $this->messageChannel); + $message = $channelInterceptor->postReceive($message, $this->messageChannel); } return $message; diff --git a/packages/Ecotone/src/Messaging/Config/Configuration.php b/packages/Ecotone/src/Messaging/Config/Configuration.php index ea68f6210..c9a2fd4c9 100644 --- a/packages/Ecotone/src/Messaging/Config/Configuration.php +++ b/packages/Ecotone/src/Messaging/Config/Configuration.php @@ -166,4 +166,12 @@ public function withExternalContainer(?ContainerInterface $externalContainer): C * @return array Map of referenceId => errorMessage */ public function getRequiredReferencesForValidation(): array; + + /** + * Checks if the channel is pollable. + * + * @param string $channelName + * @return bool + */ + public function isPollableChannel(string $channelName): bool; } diff --git a/packages/Ecotone/src/Messaging/Config/MessagingSystemConfiguration.php b/packages/Ecotone/src/Messaging/Config/MessagingSystemConfiguration.php index 4b106d994..76997c756 100644 --- a/packages/Ecotone/src/Messaging/Config/MessagingSystemConfiguration.php +++ b/packages/Ecotone/src/Messaging/Config/MessagingSystemConfiguration.php @@ -1129,4 +1129,9 @@ public function isChannelDefinedFor(MessageHandlerBuilderWithOutputChannel|Messa return false; } + + public function isPollableChannel(string $channelName): bool + { + return $this->channelBuilders[$channelName]?->isPollable(); + } } diff --git a/packages/Ecotone/src/Messaging/Config/ModuleClassList.php b/packages/Ecotone/src/Messaging/Config/ModuleClassList.php index 846295781..58c55f1fd 100644 --- a/packages/Ecotone/src/Messaging/Config/ModuleClassList.php +++ b/packages/Ecotone/src/Messaging/Config/ModuleClassList.php @@ -8,6 +8,7 @@ use Ecotone\Amqp\Configuration\RabbitConsumerModule; use Ecotone\Amqp\Publisher\AmqpMessagePublisherModule; use Ecotone\Amqp\Transaction\AmqpTransactionModule; +use Ecotone\DataProtection\Configuration\DataProtectionModule; use Ecotone\Dbal\Configuration\DbalConnectionModule; use Ecotone\Dbal\Configuration\DbalPublisherModule; use Ecotone\Dbal\Database\DatabaseSetupModule; @@ -204,4 +205,8 @@ class ModuleClassList public const KAFKA_MODULES = [ KafkaModule::class, ]; + + const DATA_PROTECTION_MODULES = [ + DataProtectionModule::class, + ]; } diff --git a/packages/Ecotone/src/Messaging/Config/ModulePackageList.php b/packages/Ecotone/src/Messaging/Config/ModulePackageList.php index 51adc667b..32b8e2e1d 100644 --- a/packages/Ecotone/src/Messaging/Config/ModulePackageList.php +++ b/packages/Ecotone/src/Messaging/Config/ModulePackageList.php @@ -15,6 +15,7 @@ final class ModulePackageList */ public const ASYNCHRONOUS_PACKAGE = 'asynchronous'; public const AMQP_PACKAGE = 'amqp'; + public const DATA_PROTECTION_PACKAGE = 'dataProtection'; public const DBAL_PACKAGE = 'dbal'; public const REDIS_PACKAGE = 'redis'; public const SQS_PACKAGE = 'sqs'; @@ -42,6 +43,7 @@ public static function getModuleClassesForPackage(string $packageName): array ModulePackageList::TEST_PACKAGE => ModuleClassList::TEST_MODULES, ModulePackageList::LARAVEL_PACKAGE => ModuleClassList::LARAVEL_MODULES, ModulePackageList::SYMFONY_PACKAGE => ModuleClassList::SYMFONY_MODULES, + ModulePackageList::DATA_PROTECTION_PACKAGE => ModuleClassList::DATA_PROTECTION_MODULES, default => throw ConfigurationException::create(sprintf('Given unknown package name %s. Available packages name are: %s', $packageName, implode(',', self::allPackages()))) }; } @@ -64,6 +66,7 @@ public static function allPackages(): array self::TRACING_PACKAGE, self::LARAVEL_PACKAGE, self::SYMFONY_PACKAGE, + self::DATA_PROTECTION_PACKAGE, ]; } diff --git a/packages/Ecotone/src/Messaging/Conversion/AutoCollectionConversionService.php b/packages/Ecotone/src/Messaging/Conversion/AutoCollectionConversionService.php index 46b4f4964..0e38f7404 100644 --- a/packages/Ecotone/src/Messaging/Conversion/AutoCollectionConversionService.php +++ b/packages/Ecotone/src/Messaging/Conversion/AutoCollectionConversionService.php @@ -63,7 +63,6 @@ public function convert($source, Type $sourcePHPType, MediaType $sourceMediaType public function canConvert(Type $sourceType, MediaType $sourceMediaType, Type $targetType, MediaType $targetMediaType): bool { if ($this->getConverter($sourceType, $sourceMediaType, $targetType, $targetMediaType)) { - ; return true; } if ($sourceType->isIterable() && $sourceType instanceof Type\GenericType diff --git a/packages/Ecotone/src/Messaging/Conversion/SerializedToObject/DeserializingConverter.php b/packages/Ecotone/src/Messaging/Conversion/SerializedToObject/DeserializingConverter.php index b0ed7d5d9..4a7e60674 100644 --- a/packages/Ecotone/src/Messaging/Conversion/SerializedToObject/DeserializingConverter.php +++ b/packages/Ecotone/src/Messaging/Conversion/SerializedToObject/DeserializingConverter.php @@ -20,9 +20,6 @@ */ class DeserializingConverter implements Converter { - /** - * @inheritDoc - */ public function convert($source, Type $sourceType, MediaType $sourceMediaType, Type $targetType, MediaType $targetMediaType, ?ConversionService $conversionService = null) { $phpVar = unserialize(stripslashes($source)); @@ -36,9 +33,6 @@ public function convert($source, Type $sourceType, MediaType $sourceMediaType, T return $phpVar; } - /** - * @inheritDoc - */ public function matches(Type $sourceType, MediaType $sourceMediaType, Type $targetType, MediaType $targetMediaType): bool { return $sourceMediaType->isCompatibleWithParsed(MediaType::APPLICATION_X_PHP_SERIALIZED) diff --git a/packages/Ecotone/src/Messaging/Handler/ClassDefinition.php b/packages/Ecotone/src/Messaging/Handler/ClassDefinition.php index 927a9e413..9c75584a6 100644 --- a/packages/Ecotone/src/Messaging/Handler/ClassDefinition.php +++ b/packages/Ecotone/src/Messaging/Handler/ClassDefinition.php @@ -151,13 +151,12 @@ public function getPropertiesWithAnnotation(Type $annotationClass): array /** * @return object[] */ - public function getClassAnnotations(): array + public function getClassAnnotations(?ObjectType $annotationType = null): array { - return $this->classAnnotations; - } + if ($annotationType === null) { + return $this->classAnnotations; + } - public function getSingleClassAnnotation(ObjectType $annotationType): object - { $foundAnnotations = []; foreach ($this->classAnnotations as $classAnnotation) { if ($annotationType->accepts($classAnnotation)) { @@ -165,6 +164,13 @@ public function getSingleClassAnnotation(ObjectType $annotationType): object } } + return $foundAnnotations; + } + + public function getSingleClassAnnotation(ObjectType $annotationType): object + { + $foundAnnotations = $this->getClassAnnotations($annotationType); + if (count($foundAnnotations) < 1) { throw InvalidArgumentException::create("Attribute {$annotationType} was not found for {$this}"); } @@ -175,6 +181,13 @@ public function getSingleClassAnnotation(ObjectType $annotationType): object return $foundAnnotations[0]; } + public function findSingleClassAnnotation(ObjectType $annotationType): ?object + { + $foundAnnotations = $this->getClassAnnotations($annotationType); + + return $foundAnnotations[0] ?? null; + } + public function isAnnotation(): bool { return $this->isAnnotation; diff --git a/packages/Ecotone/src/Messaging/Handler/InterfaceParameter.php b/packages/Ecotone/src/Messaging/Handler/InterfaceParameter.php index 6897f7b14..f57820781 100644 --- a/packages/Ecotone/src/Messaging/Handler/InterfaceParameter.php +++ b/packages/Ecotone/src/Messaging/Handler/InterfaceParameter.php @@ -147,6 +147,17 @@ public function getAnnotationsOfType(string $type): array return $foundAnnotations; } + public function findSingleAnnotation(Type $annotationType): ?object + { + foreach ($this->annotations as $annotation) { + if ($annotationType->accepts($annotation)) { + return $annotation; + } + } + return null; + + } + /** * @return mixed|null */ diff --git a/packages/Ecotone/src/Messaging/Handler/InterfaceToCall.php b/packages/Ecotone/src/Messaging/Handler/InterfaceToCall.php index d2cb7013d..d4ccac7e4 100644 --- a/packages/Ecotone/src/Messaging/Handler/InterfaceToCall.php +++ b/packages/Ecotone/src/Messaging/Handler/InterfaceToCall.php @@ -138,6 +138,35 @@ public function hasAnnotation(ObjectType|string $className): bool return $this->hasMethodAnnotation($className) || $this->hasClassAnnotation($className); } + /** + * @return class-string|null + */ + public function findSingleAnnotation(Type $className): ?object + { + $annotation = $this->findSingleMethodAnnotation($className); + + if ($annotation === null) { + $annotation = $this->findSingleClassAnnotation($className); + } + + return $annotation; + } + + public function getSingleAnnotation(Type $className): object + { + $annotation = $this->findSingleMethodAnnotation($className); + + if ($annotation === null) { + $annotation = $this->findSingleClassAnnotation($className); + } + + if ($annotation !== null) { + return $annotation; + } + + throw InvalidArgumentException::create("Trying to retrieve not existing annotation {$className} for {$this}"); + } + /** * @return object[] */ @@ -161,11 +190,9 @@ public function getAnnotationsByImportanceOrder(ObjectType|string $className): a public function getSingleClassAnnotationOf(ObjectType|string $className): object { - $classNameType = ObjectType::from($className); - foreach ($this->getClassAnnotations() as $classAnnotation) { - if ($classNameType->accepts($classAnnotation)) { - return $classAnnotation; - } + $classAnnotation = $this->findSingleClassAnnotation($className); + if ($classAnnotation !== null) { + return $classAnnotation; } throw InvalidArgumentException::create("Trying to retrieve not existing class annotation {$className} for {$this}"); @@ -192,14 +219,31 @@ public function getClassAnnotationOf(ObjectType|string $className): array */ public function getSingleMethodAnnotationOf(ObjectType|string $className): object { - $classNameType = ObjectType::from($className); - foreach ($this->methodAnnotations as $methodAnnotation) { - if ($classNameType->accepts($methodAnnotation)) { - return $methodAnnotation; - } + $foundAnnotations = $this->getMethodAnnotationsOf($className); + + if (count($foundAnnotations) < 1) { + throw InvalidArgumentException::create("Attribute {$className} was not found for {$this}"); + } + + if (count($foundAnnotations) > 1) { + throw InvalidArgumentException::create("Looking for single attribute {$className}, however found more than one"); } - throw InvalidArgumentException::create("Trying to retrieve not existing method annotation {$className} for {$this}"); + return $foundAnnotations[0]; + } + + public function findSingleMethodAnnotation(ObjectType|string $className): ?object + { + $foundAnnotations = $this->getMethodAnnotationsOf($className); + + return $foundAnnotations[0] ?? null; + } + + public function findSingleClassAnnotation(ObjectType|string $className): ?object + { + $foundAnnotations = $this->getClassAnnotationOf($className); + + return $foundAnnotations[0] ?? null; } /** diff --git a/packages/Ecotone/tests/Messaging/Unit/Channel/ChannelInterceptorTest.php b/packages/Ecotone/tests/Messaging/Unit/Channel/ChannelInterceptorTest.php index bf15c13d7..fe8056bfc 100644 --- a/packages/Ecotone/tests/Messaging/Unit/Channel/ChannelInterceptorTest.php +++ b/packages/Ecotone/tests/Messaging/Unit/Channel/ChannelInterceptorTest.php @@ -108,13 +108,18 @@ public function test_intercepting_receiving_message_with_success() $queueChannel = QueueChannel::create(); $queueChannel->send($message); - $channelInterceptor = new TestChannelInterceptor(null, true, false, null); + $channelInterceptor = new TestChannelInterceptor( + returnMessageOnPreSend: null, + returnValueOnPreReceive: true, + returnValueOnAfterSendCompletion: false, + returnMessageOnPostReceive: $expectedReceivedMessage = MessageBuilder::withPayload('some2')->build() + ); $pollableChannel = new PollableChannelInterceptorAdapter( $queueChannel, [$channelInterceptor] ); - $pollableChannel->receive(); + $receivedMessage = $pollableChannel->receive(); $this->assertTrue($channelInterceptor->wasPreReceiveCalled()); $this->assertTrue($channelInterceptor->wasPostReceiveCalled()); @@ -122,6 +127,7 @@ public function test_intercepting_receiving_message_with_success() $this->assertSame($message, $channelInterceptor->getCapturedMessage()); $this->assertSame($queueChannel, $channelInterceptor->getCapturedChannel()); $this->assertNull($channelInterceptor->getCapturedException()); + $this->assertEquals($expectedReceivedMessage, $receivedMessage); } public function test_stopping_message_receiving() diff --git a/packages/local_packages.json b/packages/local_packages.json index b97dbf8d1..bf61019b7 100644 --- a/packages/local_packages.json +++ b/packages/local_packages.json @@ -12,6 +12,10 @@ "type": "path", "url": "Dbal" }, + { + "type": "path", + "url": "DataProtection" + }, { "type": "path", "url": "Enqueue" diff --git a/phpunit.xml.dist b/phpunit.xml.dist index 1cd9dded0..dc3995aa4 100644 --- a/phpunit.xml.dist +++ b/phpunit.xml.dist @@ -11,6 +11,7 @@ packages/Ecotone/src + packages/DataProtection/src packages/Dbal/src packages/PdoEventSourcing/src packages/JmsConverter/src @@ -39,6 +40,9 @@ packages/Ecotone/tests + + packages/DataProtection/tests + packages/Dbal/tests