Ecosyste.ms: Awesome
An open API service indexing awesome lists of open source software.
https://github.com/xp-forge/credentials
Credentials
https://github.com/xp-forge/credentials
hashicorp-vault keepass-database password-store php7 php8 secrets xp-framework
Last synced: 27 days ago
JSON representation
Credentials
- Host: GitHub
- URL: https://github.com/xp-forge/credentials
- Owner: xp-forge
- Created: 2016-08-14T23:37:59.000Z (over 8 years ago)
- Default Branch: master
- Last Pushed: 2024-03-24T10:29:01.000Z (10 months ago)
- Last Synced: 2024-04-24T15:19:02.692Z (9 months ago)
- Topics: hashicorp-vault, keepass-database, password-store, php7, php8, secrets, xp-framework
- Language: PHP
- Homepage:
- Size: 101 KB
- Stars: 0
- Watchers: 3
- Forks: 1
- Open Issues: 1
-
Metadata Files:
- Readme: README.md
- Changelog: ChangeLog.md
Awesome Lists containing this project
README
Credentials
=====
[](https://github.com/xp-forge/credentials/actions)
[](https://github.com/xp-framework/core)
[](https://github.com/xp-framework/core/blob/master/LICENCE.md)
[](http://php.net/)
[](http://php.net/)
[](https://packagist.org/packages/xp-forge/credentials)
Credentials storage
Backends
--------
This API supports the following backends:
* [Files](https://github.com/xp-forge/credentials#files)
* [Environment variables](https://github.com/xp-forge/credentials#environment-variables)
* [Hashicorp's Vault](https://github.com/xp-forge/credentials#hashicorps-vault)
* [KeePass databases](https://github.com/xp-forge/credentials#keepass-databases)
* [Docker Secrets](https://github.com/xp-forge/credentials#docker-secrets)
### Files
Via the `FromFile` class. Files are expected to have the following format:
```
rest_password=abcdefg
ldap_password=qwertzu
```
### Environment variables
Via the `FromEnvironment` class. Credential names map to environment variables by uppercasing them and replacing forward slashes by two underscores:
```php
use security\credentials\{Credentials, FromEnvironment};
$credentials= new Credentials(new FromEnvironment());
$secret= $credentials->named('ldap_password'); // Reads $ENV{LDAP_PASSWORD} => util.Secret
```
### Hashicorp's Vault
Via the `FromVault` class. Credentials are read from the backend mounted at `/secret`.
```php
use security\credentials\{Credentials, FromVault};
// Set token to NULL to use VAULT_TOKEN from environment
$token= new Secret('72698676-4988-94a4-...');
$credentials= new Credentials(new FromVault('http://127.0.0.1:8200', $token));
$secret= $credentials->named('ldap_password'); // Reads ldap_password key from /secret
$credentials= new Credentials(new FromVault('http://127.0.0.1:8200', $token, 'vendor/name'));
$secret= $credentials->named('mysql'); // Reads mysql key from /secret/vendor/name
```
### KeePass databases
Via the `KeePass` class.
```php
use security\credentials\{Credentials, FromKeePass};
use util\Secret;
$secret= new Secret('key');
$credentials= new Credentials(new FromKeePass('database.kdbx', $secret));
$secret= $credentials->named('ldap_password'); // Reads top-level entry ldap_password
$credentials= new Credentials(new FromKeePass('database.kdbx', $secret, 'vendor/name'));
$secret= $credentials->named('mysql'); // Reads mysql entry in vendor/name subfolder
```
### Docker secrets
See https://docs.docker.com/engine/swarm/secrets/. Uses Docker's default locations on both Windows and Un\*x systems if constructed without argument.
```php
use security\credentials\{Credentials, FromDockerSecrets};
use util\Secret;
$credentials= new Credentials(new FromDockerSecrets());
$secret= $credentials->named('ldap_password'); // Reads top-level entry ldap_password
```
See also
--------
https://github.com/xp-framework/rfc/issues/316