Adding encryption decorator#107
Conversation
All components use the double pipe (php-cache#75)
Update dependencies
Nyholm
left a comment
There was a problem hiding this comment.
Awesome. I like this! I just had some minor comments
|
|
||
| ### Use | ||
|
|
||
| Read the [documentation on usage](http://www.php-cache.com/en/latest/tagging/). |
|
|
||
| ### Implement | ||
|
|
||
| Read the [documentation on implementation](http://www.php-cache.com/en/latest/implementing-cache-pools/tagging/). |
| to tag related items, and then clear the cached data for that tag only. It is a part of the PHP Cache organisation. To read about | ||
| features like tagging and hierarchy support please read the shared documentation at [www.php-cache.com](http://www.php-cache.com). | ||
|
|
||
| *Note: Performance will be best with a driver such as memcached or redis, which automatically purges stale records.* |
|
|
||
| This repository has traits and interfaces that makes a PSR-6 cache implementation encrypted. Using tags allow you | ||
| to tag related items, and then clear the cached data for that tag only. It is a part of the PHP Cache organisation. To read about | ||
| features like tagging and hierarchy support please read the shared documentation at [www.php-cache.com](http://www.php-cache.com). |
There was a problem hiding this comment.
These rows should be updated/removed.
|
@Nyholm any idea why i cant get testSaveDeferredWhenChangingValues to pass? |
|
Ill see. |
|
The Since you encrypt the value you break the test. It is the test that is flawed though. I'll fix it. |
|
Maybe i can find a workaround |
Nyholm
left a comment
There was a problem hiding this comment.
The issue with the deferred save has to do with the cloning. When we get an item from the deferred queue we clone it to make sure it wont be changed. https://github.com/php-cache/cache/blob/0.3/src/Adapter/Common/AbstractCachePool.php#L88
The issue is that we have a CacheItem with reference A and we put a EncryptedItemDecorator with reference B on the deferred queue. When we later call Pool::get we clone the EncryptedItemDecorator to a new place in memory and it gets reference C. Though, EncryptedItemDecorator (C) has still a reference to CacheItem (A).
The EncryptedItemDecorator should implement __clone() to propagate the clone function down to the CacheItem. Something like:
class EncryptedItemDecorator {
// ...
public function __clone() {
$this->cacheItem = clone $this->cacheItem;
}
}| "symfony/options-resolver": "^2.7 || ^3.0" | ||
| }, | ||
| "require-dev": { | ||
| "defuse/php-encryption": "^2.0", |
There was a problem hiding this comment.
Is this the best encryption package for us?
There was a problem hiding this comment.
Is the best i know, you know a other one?
There was a problem hiding this comment.
I have no idea. =)
I trust that you have done some research to find a popular and robust package. And also one that you like.
There was a problem hiding this comment.
If you like you can read https://paragonie.com/blog/2016/05/defuse-security-s-php-encryption-library-version-2-0-0-released and if @paragonie-scott recommend it, so it musst be really secure :D
There was a problem hiding this comment.
Aside from libsodium, you'll be hard-pressed to do better. @defuse really knocked it out of the park. :)
| * with this source code in the file LICENSE. | ||
| */ | ||
|
|
||
| namespace Cache\Encryption; |
There was a problem hiding this comment.
You should rename the folder to "Encryption". Right now all files are in a folder named "Encrypted"
| use Cache\Taggable\TaggableItemInterface; | ||
| use Defuse\Crypto\Crypto; | ||
| use Defuse\Crypto\Key; | ||
| use Psr\Cache\CacheItemInterface; |
There was a problem hiding this comment.
You miss
use Psr\Cache\CacheItemPoolInterface;|
I think we can ignore them for now but this sure is an issue.. let's fix that before making our first tag. |
Current coverage is 83.56% (diff: 89.61%)@@ master #107 diff @@
==========================================
Files 22 24 +2
Lines 1006 1083 +77
Methods 218 241 +23
Messages 0 0
Branches 0 0
==========================================
+ Hits 836 905 +69
- Misses 170 178 +8
Partials 0 0
|
| class EncryptedItemDecorator implements CacheItemInterface, HasExpirationDateInterface, TaggableItemInterface | ||
| { | ||
| /** | ||
| * @type CacheItemInterface |
There was a problem hiding this comment.
IIRC these should all be var. I think type was removed from that spec
There was a problem hiding this comment.
we can fix it with styleci, we use it in all packages @type
| } | ||
| ], | ||
| "require": { | ||
| "php": "^5.5 || ^7.0", |
There was a problem hiding this comment.
i think ^5.5|^7.0 is the "right" way to do this now?
Also, should we continue supporting 5.5? @Nyholm
There was a problem hiding this comment.
Lets support 5.5 if we have no reason to drop it.
The current syntax (at least the one in the docs) are dubble pipe.
| "psr/cache": "^1.0" | ||
| }, | ||
| "require-dev": { | ||
| "phpunit/phpunit": "^4.0 || ^5.1", |
There was a problem hiding this comment.
it should be double pipes https://getcomposer.org/doc/articles/versions.md
| <?xml version="1.0" encoding="UTF-8"?> | ||
|
|
||
| <phpunit backupGlobals="false" | ||
| backupStaticAttributes="false" |
There was a problem hiding this comment.
we use the same format in all phpunits
|
Really like this! |
|
So the last thing to do is add documentation |
|
test are all green, only need to add docs for it |
Description
Adding a encryption decorator for psr6
TODO