Ecosyste.ms: Awesome
An open API service indexing awesome lists of open source software.
https://github.com/ranaivomahaleo/tranoutilsbundle
Add json httpstatus support, CORS headers support and .env file reader support to Symfony application.
https://github.com/ranaivomahaleo/tranoutilsbundle
cors cors-request environment-variables httpstatus jsonapi php symfony symfony-bundle
Last synced: about 1 month ago
JSON representation
Add json httpstatus support, CORS headers support and .env file reader support to Symfony application.
- Host: GitHub
- URL: https://github.com/ranaivomahaleo/tranoutilsbundle
- Owner: ranaivomahaleo
- License: mit
- Created: 2020-02-21T00:12:08.000Z (almost 5 years ago)
- Default Branch: master
- Last Pushed: 2024-06-12T08:10:44.000Z (6 months ago)
- Last Synced: 2024-10-27T09:50:49.708Z (about 2 months ago)
- Topics: cors, cors-request, environment-variables, httpstatus, jsonapi, php, symfony, symfony-bundle
- Language: PHP
- Homepage:
- Size: 22.5 KB
- Stars: 0
- Watchers: 1
- Forks: 0
- Open Issues: 0
-
Metadata Files:
- Readme: README.md
- License: LICENSE
Awesome Lists containing this project
README
# TranoUtilsBundle
The TranoUtilsBundle contains utilities for the following purposes:
- Extended Response with configurable headers using .env file variables
- Json responses setter for REST API with configurable CORS headers using .env file variables
- Simple syntax http query service
- Environment variable reader## Installation
Install with composer usingcomposer require trano/tranoutilsbundle
## Extended Response with configurable headers
The Response headers can be set using the following instruction:
```php
use Trano\UtilsBundle\Util\ExtendedResponse;$extendedreponse = new ExtendedResponse();
$response = new Response('test');
$responseWithHeaders = $extendedreponse->encapsulateHeaders($response);
```The headers values can be set using the following environment variables:
```dotenv
HEADER_STRICT_TRANSPORT_SECURITY=""
HEADER_CACHE_CONTROL=""
HEADER_PRAGMA=""
HEADER_REFERRER_POLICY=""
HEADER_X_CONTENT_TYPE_OPTIONS=""
HEADER_CONTENT_SECURITY_POLICY=""
HEADER_X_FRAME_OPTIONS=""
HEADER_X_XXS_PROTECTION=""
```By default, the following secured header (https://owasp.org/) values are send back to the client when the corresponding environment variable is not set:
```
Strict-Transport-Security: max-age=31536000
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Referrer-Policy: no-referrer
X-Content-Type-Options: nosniff
Content-Security-Policy: default-src 'self'
X-Frame-Options: deny
X-XXS-Protection: 1; mode=block
```The map between environment variables and the security headers are
| Environment variable | Header | Default value |
| --- | --- | --- |
| HEADER_STRICT_TRANSPORT_SECURITY | Strict-Transport-Security | max-age=31536000 |
| HEADER_CACHE_CONTROL | Cache-Control | no-cache, no-store, must-revalidate |
| HEADER_PRAGMA | Pragma | no-cache |
| HEADER_REFERRER_POLICY | Referrer-Policy | no-referrer |
| HEADER_X_CONTENT_TYPE_OPTIONS | X-Content-Type-Options | nosniff |
| HEADER_CONTENT_SECURITY_POLICY | Content-Security-Policy | default-src 'self' |
| HEADER_X_FRAME_OPTIONS | X-Frame-Options | deny |
| HEADER_X_XXS_PROTECTION | X-XXS-Protection | 1; mode=block |## JsonResponse with configurable CORS headers and security headers
### JsonResponse with default security headers
Use the following code to return a JsonResponse, code 200, with the default security headers:
```php
use Trano\UtilsBundle\Util\ApiJsonResponse;$apijsonreponse = new ApiJsonResponse();
return $apijsonreponse->_200Ok('this is an ok results');
```The result of the above instructions is (notice the adition of the `status`, `message` and `results` keys)
```json
{
"status": 200,
"message": "",
"results": "this is an ok results"
}
```By default, the following secured header values (https://owasp.org/) are send back to the client:
```
Strict-Transport-Security: max-age=31536000
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Referrer-Policy: no-referrer
X-Content-Type-Options: nosniff
Content-Security-Policy: default-src 'self'
X-Frame-Options: deny
X-XXS-Protection: 1; mode=block
```
The above headers can be updated using the following environment variables
```dotenv
HEADER_STRICT_TRANSPORT_SECURITY=""
HEADER_CACHE_CONTROL=""
HEADER_PRAGMA=""
HEADER_REFERRER_POLICY=""
HEADER_X_CONTENT_TYPE_OPTIONS=""
HEADER_CONTENT_SECURITY_POLICY=""
HEADER_X_FRAME_OPTIONS=""
HEADER_X_XXS_PROTECTION=""
```To update the CORS headers (```Access-Control.*```), use the following environment variables.
```dotenv
ALLOWED_ORIGIN="*"
ALLOWED_METHODS="GET,POST"
ALLOWED_HEADERS="Authorization, Content-Type"
```
The map between environment variables and the headers are| Environment variable | Header |
| --- | --- |
| ALLOWED_ORIGIN | Access-Control-Allow-Origin |
| ALLOWED_METHODS | Access-Control-Allow-Methods |
| ALLOWED_HEADERS | Access-Control-Allow-Headers |### Custom JsonResponse
By default, `ApiJsonResponse` returns a json with `status`, `message` and `results` keys. To change this behaviour with a custom json data structure, set
```dotenv
JSON_RESPONSE_TYPE=custom
```Thus, the following php code
```php
use Trano\UtilsBundle\Util\ApiJsonResponse;$apijsonreponse = new ApiJsonResponse();
return $apijsonreponse->_200Ok(["data" => 'this is an ok custom results']);
```
returns```json
{
"data": "this is an ok custom results"
}
```## Usage of simple Http request
The ```$httprequest``` service is an instance of ```Trano\UtilsBundle\Util\HttpRequest```
### GET query with basic Auth
To return an associative array response using GET, use the following instruction. The get instruction should be at the end.
```php
$http_array_response = $this->httprequest
->addHeader('Accept', '*/*')
->addHeader('Content-Type', 'application/json')
->setBasicAuth('username', 'password')
->get('https://www.example.com/getservice');
```### POST query with array data and basic Auth
To return an associative array response using POST, use the instructions below.
The $data variable is sent by default using ```application/x-www-form-urlencoded``` type.
If ```https://www.example.com/postservice``` is a Symfony controller route, ```$data['data1']``` variable
would be get using ```$request->request->get('data1');``` instruction.The post instruction should be at the end.
``
```php
$data = [
'data1' => 'data1',
'data2' => 'data2',
];
$http_array_response = $this->httprequest
->setBasicAuth('username', 'password')
->setBodyArray($data)
->post('https://www.example.com/postservice');
```Notice that due to the functionalities of the symfony http request, both GET and POST simple queries
are synchronous (those queries wait for the response).## Usage of Environment variable reader
Let us consider that we have the following environment variable file .env
```
DATABASE_URL='mysql://aaa:bbb...'
```To read this environment variable, use the $env service, an instance of ```Trano\UtilsBundle\Util\Env```
as follows```php
$database_url = $this->env->getEnv('DATABASE_URL');
````## Example with a Symfony controller
Let us consider the environment variable at .env file
```
ALLOWED_ORIGIN="*"
ALLOWED_METHODS="GET,POST,PUT,DELETE"
ALLOWED_HEADERS="Authorization, Content-Type"
```Important: If the ALLOWED_* are not set in .env file, the corresponsing
Access-Control-Allow-* headers will not be set.To use the environment reader (```Trano\UtilsBundle\Util\Env```)
and the Json response (```Trano\UtilsBundle\Util\ApiJsonResponse```) in a controller, use the following script```php
namespace App\Controller;use Symfony\Bundle\FrameworkBundle\Controller\AbstractController;
use Symfony\Component\Routing\Annotation\Route;
use Symfony\Component\HttpFoundation\Request;
use Trano\UtilsBundle\Util\ApiJsonResponse;
use Trano\UtilsBundle\Util\Env;class HomeController extends AbstractController
{
/**
* @var ApiJsonResponse
*/
private $apijsonresponse;/**
* @var Env
*/
private $env;/**
* ControllerTrait constructor.
* @param ApiJsonResponse $apijsonresponse
* @param Env $env
*/
public function __construct(ApiJsonResponse $apijsonresponse, Env $env)
{
$this->apijsonresponse = $apijsonresponse;
$this->env = $env;
}/**
* @Route("/", methods={"GET"})
*/
public function index(Request $request)
{
// Computes DATABASE_URL from .env file
// If DATABASE_URL does not exists in .env file, it returns '' string.
$database_url = $this->env->getEnv('DATABASE_URL');
// Return Json response with the http status 200.
return $this->apijsonresponse->_200Ok('this is an ok results');
} // index
}
```
The route / above reads DATABASE_URL variable environment and returns the following json data.{
"status": 200,
"message": "",
"results": "this is an ok results"
}
License
-------
This bundle is under the MIT license. See the complete license [in the bundle](LICENSE).
About us
--------
TranoUtilsBundle is an initiative of [atety][1].
[1]: https://www.atety.com