Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

PHP SDK implementation #316

Merged
merged 17 commits into from
Dec 1, 2023
Merged

PHP SDK implementation #316

Show file tree
Hide file tree
Changes from 7 commits
Commits
Show all changes
17 commits
Select commit Hold shift + click to select a range
6957fa0
rough implementation of php
milost77 Oct 30, 2023
25c6da1
cleaup
milost77 Oct 30, 2023
ca871d9
begin adjustments
milost77 Oct 30, 2023
24076b3
working cruds
milost77 Oct 31, 2023
651a2d3
adding workflow (#1)
milost77 Oct 31, 2023
1d71700
Merge branch 'bitwarden:master' into master
milost77 Oct 31, 2023
9a12907
readme
milost77 Nov 1, 2023
3d09abf
workflow update (#4)
milost77 Nov 15, 2023
5e4e2e7
update upon pr
milost77 Nov 20, 2023
16d856e
rename authorize to access token login
milost77 Nov 21, 2023
bd0433b
updated readme
milost77 Nov 26, 2023
d9fbaa7
add bitwarden settings
milost77 Nov 27, 2023
2b5ae7c
refactor bitwarden settings class
milost77 Nov 28, 2023
fee3691
auth dont return response
milost77 Nov 28, 2023
179ead0
remove device_type settings param
milost77 Nov 28, 2023
6e34383
Fix prettier
dani-garcia Nov 30, 2023
6889146
Merge branch 'master' into master
dani-garcia Nov 30, 2023
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
73 changes: 73 additions & 0 deletions .github/workflows/publish-php.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,73 @@
name: Publish PHP SDK

on:
pull_request:
branches:
- master

jobs:
setup_php:
name: Setup PHP
runs-on: ubuntu-22.04

build_rust:
uses: ./.github/workflows/build-rust-cross-platform.yml

steps:
- name: Checkout Repository
uses: actions/checkout@c85c95e3d7251135ab7dc9ce3241c5835cc595a9 # v3.5.3

- name: Setup PHP with PECL extension
uses: shivammathur/setup-php@7fdd3ece872ec7ec4c098ae5ab7637d5e0a96067 # 2.26.0
with:
php-version: '8.0'
tools: composer
extensions: ext-ffi

- name: Composer check
run: |
composer install
composer validate
working-directory: languages/php/

- name: Download x86_64-apple-darwin files
uses: actions/download-artifact@9bc31d5ccc31df68ecc42ccf4149144866c47d8a # v3.0.2
with:
name: libbitwarden_c_files-x86_64-apple-darwin
path: temp/macos-x64

- name: Download aarch64-apple-darwin files
uses: actions/download-artifact@9bc31d5ccc31df68ecc42ccf4149144866c47d8a # v3.0.2
with:
name: libbitwarden_c_files-aarch64-apple-darwin
path: temp/macos-arm64

- name: Download x86_64-unknown-linux-gnu files
uses: actions/download-artifact@9bc31d5ccc31df68ecc42ccf4149144866c47d8a # v3.0.2
with:
name: libbitwarden_c_files-x86_64-unknown-linux-gnu
path: temp/ubuntu-x64

- name: Download x86_64-pc-windows-msvc files
uses: actions/download-artifact@9bc31d5ccc31df68ecc42ccf4149144866c47d8a # v3.0.2
with:
name: libbitwarden_c_files-x86_64-pc-windows-msvc
path: temp/windows-x64

- name: Copy lib files
run: |
mkdir -p languages/php/src/lib/macos-arm64
mkdir -p languages/php/src/lib/ubuntu-x64
mkdir -p languages/php/src/lib/macos-x64
mkdir -p languages/php/src/lib/windows-x64

platforms=("macos-arm64" "ubuntu-x64" "macos-x64" "windows-x64")
files=("libbitwarden_c.dylib" "libbitwarden_c.so" "libbitwarden_c.dylib" "bitwarden_c.dll")

for ((i=0; i<${#platforms[@]}; i++)); do
cp "temp/${platforms[$i]}/${files[$i]}" "languages/php/src/lib/${platforms[$i]}/${files[$i]}"
done
shell: bash
dani-garcia marked this conversation as resolved.
Show resolved Hide resolved

- name: Publish version
run: curl -XPOST -H'content-type:application/json' 'https://packagist.org/api/update-package?username=malirobot&apiToken=${{secrets.PACKAGIST_KEY}}' -d'{"repository":{"url":"https://packagist.org/packages/bitwarden/sdk"}}'
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@mimartin12 Should this be updated with some Bitwarden managed credentials, or do we leave that for after the merge?

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

What we can do is that I can add someone from Bitwarden as a collaborator on packagist, then the access to the key won't be a problem (it is used in action secrets). The other scenario is to make a completely new package, the only potential problem, one that I haven't thought about before, is that the name of the package is reserved to "bitwarden/sdk", so it would need to be named differently.

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I think we can add someone from bitwarden as maintainer and they can afterwards take ownership and remove the old account. That would preserve the package name.

Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

What @Hinton is suggesting sounds like a good way to go about it, especially since you will want to preserve the package name. I am not familiar with Packagist, but it looks like their API tokens are scoped to the user account. That means ${{secrets.PACKAGIST_KEY}} will need to be updated when you do the switch.
image

3 changes: 3 additions & 0 deletions .gitignore
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -35,6 +35,9 @@ crates/bitwarden-napi/sdk-napi.*.node
# Complied TypeScript client
crates/bitwarden-napi/dist

# PHP
languages/php/vendor
Hinton marked this conversation as resolved.
Show resolved Hide resolved

# Uniffi
languages/swift/BitwardenFFI.xcframework
languages/swift/tmp
Expand Down
2 changes: 2 additions & 0 deletions languages/php/.gitignore
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,2 @@
.DS_Store
vendor
65 changes: 65 additions & 0 deletions languages/php/README.md
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,65 @@
# Bitwarden Secrets Manager SDK wrapper for PHP

PHP bindings for interacting with the [Bitwarden Secrets Manager]. This is a beta release and might be missing some functionality.
Supported are CRUD operations on project and secret entities.

## Installation

Requirements:
- PHP >= 8.0
- Composer
- Bitwarden C libraries which you can generate using BitwardenSDK and following instructions in its readme (requires Rust). https://github.com/bitwarden/sdk
If you are not using the standalone version of this library, file will be placed in `target/debug` folder if you are using from BitwardenSDK repository.
- Access token for the Bitwarden account


## Usage

To interact with the client first you need to obtain the access token from Bitwarden.
Client will be initialized with the default client settings if they are not provided
via env variables.

```php
$this->clientSettings->apiUrl = getenv('API_URL') ?: 'https://api.bitwarden.com';
$this->clientSettings->identityUrl = getenv('IDENTITY_URL') ?: 'https://identity.bitwarden.com';
$this->clientSettings->userAgent = getenv('USER_AGENT') ?: 'SDK';
$this->clientSettings->deviceType = getenv('DEVICE_TYPE') ?: 'SDK';
```

Authorization can be performed using access token like so:
```php
$access_token = '<you access token here>';
$bitwarden_sdk = new \Bitwarden\Sdk\BitwardenSDK();
$result = $bitwarden_sdk->authorize($access_token);
```

After successful authorization you can interact with client to manage your projects and secrets.
```php
// get project
$res = $bitwarden_sdk->projectsClient->get("00056058-cc70-4cd2-baea-b0810134a729");
// list projects
$res = $bitwarden_sdk->projectsClient->list('5688da1f-cc25-41d7-bb9f-b0740144ef1d');
// create project
$res = $bitwarden_sdk->projectsClient->create('php project', '5688da1f-cc25-41d7-bb9f-b0740144ef1d');
// update project
$res = $bitwarden_sdk->projectsClient->put('920fe206-ab3b-429d-a4b7-b0ac00e17acf', 'php project awesome', '5688da1f-cc25-41d7-bb9f-b0740144ef1d');
// delete project
$res = $bitwarden_sdk->projectsClient->delete(['920fe206-ab3b-429d-a4b7-b0ac00e17acf']);
```

Similarly, you interact with secrets:
```php
// get secret
$res = $bitwarden_sdk->secretsClient->get("75d3a7ff-30ed-433a-91aa-b099016e4833");
// list secrets
$res = $bitwarden_sdk->secretsClient->list("5688da1f-cc25-41d7-bb9f-b0740144ef1d");
// create secret
$res = $bitwarden_sdk->secretsClient->create("New Key", "hello world", "5688da1f-cc25-41d7-bb9f-b0740144ef1d", ["b23818dd-827b-4a22-b97a-b07e010ae9d4"], "123");
// update secret
$res = $bitwarden_sdk->secretsClient->update("901d102d-af7d-46a1-99f5-b0a6017e2f07", "hello world 2", "hello", "5688da1f-cc25-41d7-bb9f-b0740144ef1d", ["b23818dd-827b-4a22-b97a-b07e010ae9d4"], "123");
// delete secret
$res = $bitwarden_sdk->secretsClient->delete(["380b5c30-d8fc-472d-a514-b0ac00f17071"]);
```


[Bitwarden Secrets Manager]: https://bitwarden.com/products/secrets-manager/
22 changes: 22 additions & 0 deletions languages/php/composer.json
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,22 @@
{
"name": "bitwarden/sdk",
"description": "PHP bindings for interacting with the Bitwarden Secrets Manager. This is a beta release and might be missing some functionality.",
"type": "library",
"keywords": ["bitwarden","sdk","password-manager"],
"homepage": "https://github.com/bitwarden/sdk",
"require": {
"php": "^8.0",
"swaggest/json-schema": "^0.12.42",
"ext-ffi": "*"
},
"autoload": {
"psr-4": {
"Bitwarden\\Sdk\\": "src/"
}
},
"authors": [
{
"name": "Bitwarden Inc."
}
]
}
Loading