PHP Encryption\EncryptorInterface類代碼示例

 public function __construct(ClientInterface $client, OpenpayExceptionMapper $exceptionMapper, OpenpayFeeValidator $validator, OpenpayTransactionMapper $transactionMapper, EncryptorInterface $encryptor, ScopeConfigInterface $config)
 {
     $paymentOpenpayConfig = $config->getValue('payment/openpay');
     $paymentOpenpayConfig['merchantId'] = $encryptor->decrypt($paymentOpenpayConfig['merchantId']);
     $paymentOpenpayConfig['apiKey'] = $encryptor->decrypt($paymentOpenpayConfig['apiKey']);
     $paymentOpenpayConfig['publicKey'] = $encryptor->decrypt($paymentOpenpayConfig['publicKey']);
     parent::__construct($client, $exceptionMapper, $validator, $transactionMapper, $paymentOpenpayConfig);
 }

 /**
  * {@inheritdoc}
  */
 public function install(SchemaSetupInterface $setup, ModuleContextInterface $context)
 {
     /** @var State[] $stateIndexers */
     $stateIndexers = [];
     $states = $this->statesFactory->create();
     foreach ($states->getItems() as $state) {
         /** @var State $state */
         $stateIndexers[$state->getIndexerId()] = $state;
     }
     foreach ($this->config->getIndexers() as $indexerId => $indexerConfig) {
         $expectedHashConfig = $this->encryptor->hash($this->encoder->encode($indexerConfig), Encryptor::HASH_VERSION_MD5);
         if (isset($stateIndexers[$indexerId])) {
             if ($stateIndexers[$indexerId]->getHashConfig() != $expectedHashConfig) {
                 $stateIndexers[$indexerId]->setStatus(StateInterface::STATUS_INVALID);
                 $stateIndexers[$indexerId]->setHashConfig($expectedHashConfig);
                 $stateIndexers[$indexerId]->save();
             }
         } else {
             /** @var State $state */
             $state = $this->stateFactory->create();
             $state->loadByIndexer($indexerId);
             $state->setHashConfig($expectedHashConfig);
             $state->setStatus(StateInterface::STATUS_INVALID);
             $state->save();
         }
     }
 }

 /**
  * Generate vault payment public hash
  *
  * @param PaymentTokenInterface $paymentToken
  * @return string
  */
 protected function generatePublicHash(PaymentTokenInterface $paymentToken)
 {
     $hashKey = $paymentToken->getGatewayToken();
     if ($paymentToken->getCustomerId()) {
         $hashKey = $paymentToken->getCustomerId();
     }
     $hashKey .= $paymentToken->getPaymentMethodCode() . $paymentToken->getType() . $paymentToken->getTokenDetails();
     return $this->encryptor->getHash($hashKey);
 }

 /**
  * {@inheritdoc}
  */
 public function get($storeId = null)
 {
     /** @var CredentialsInterface $credentials */
     $credentials = $this->credentialsFactory->create();
     $configValues = $this->scopeConfig->getValue(self::PAYMENT_OPENPAY_PATH, \Magento\Store\Model\ScopeInterface::SCOPE_STORE, $storeId);
     $merchantId = $this->encryptor->decrypt($configValues['merchantId']);
     $publicKey = $this->encryptor->decrypt($configValues['publicKey']);
     $credentials->setMerchantId($merchantId)->setPublicKey($publicKey)->setIsSandboxMode($configValues['sandbox']);
     return $credentials;
 }

 /**
  * Upgrade customer password hash when customer has logged in
  *
  * @param \Magento\Framework\Event\Observer $observer
  * @return void
  */
 public function execute(\Magento\Framework\Event\Observer $observer)
 {
     $password = $observer->getEvent()->getData('password');
     /** @var \Magento\Customer\Model\Customer $model */
     $model = $observer->getEvent()->getData('model');
     $customer = $this->customerRepository->getById($model->getId());
     $customerSecure = $this->customerRegistry->retrieveSecureData($model->getId());
     if (!$this->encryptor->validateHashVersion($customerSecure->getPasswordHash(), true)) {
         $customerSecure->setPasswordHash($this->encryptor->getHash($password, true));
         $this->customerRepository->save($customer);
     }
 }

 public function testExecuteNonRandomAndWithCryptKey()
 {
     $expectedMessage = 'The encryption key has been changed.';
     $key = 1;
     $newKey = 'RSASHA9000VERYSECURESUPERMANKEY';
     $this->requestMock->expects($this->at(0))->method('getPost')->with($this->equalTo('generate_random'))->willReturn(0);
     $this->requestMock->expects($this->at(1))->method('getPost')->with($this->equalTo('crypt_key'))->willReturn($key);
     $this->encryptMock->expects($this->once())->method('validateKey');
     $this->changeMock->expects($this->once())->method('changeEncryptionKey')->willReturn($newKey);
     $this->managerMock->expects($this->once())->method('addSuccessMessage')->with($expectedMessage);
     $this->cacheMock->expects($this->once())->method('clean');
     $this->responseMock->expects($this->once())->method('setRedirect');
     $this->model->execute();
 }

 /**
  * Save current admin password to prevent its usage when changed in the future.
  *
  * @param EventObserver $observer
  * @return void
  */
 public function execute(EventObserver $observer)
 {
     /* @var $user \Magento\User\Model\User */
     $user = $observer->getEvent()->getObject();
     if ($user->getId()) {
         $password = $user->getCurrentPassword();
         $passwordLifetime = $this->observerConfig->getAdminPasswordLifetime();
         if ($passwordLifetime && $password && !$user->getForceNewPassword()) {
             $passwordHash = $this->encryptor->getHash($password, false);
             $this->userResource->trackPassword($user, $passwordHash, $passwordLifetime);
             $this->messageManager->getMessages()->deleteMessageByIdentifier('magento_user_password_expired');
             $this->authSession->unsPciAdminUserIsPasswordExpired();
         }
     }
 }

 /**
  * Admin locking and password hashing upgrade logic implementation
  *
  * @param EventObserver $observer
  * @return void
  * @throws \Magento\Framework\Exception\LocalizedException
  */
 public function execute(EventObserver $observer)
 {
     $password = $observer->getEvent()->getPassword();
     /** @var User $user */
     $user = $observer->getEvent()->getUser();
     $authResult = $observer->getEvent()->getResult();
     if (!$authResult && $user->getId()) {
         // update locking information regardless whether user locked or not
         $this->_updateLockingInformation($user);
     }
     // check whether user is locked
     $lockExpires = $user->getLockExpires();
     if ($lockExpires) {
         $lockExpires = new \DateTime($lockExpires);
         if ($lockExpires > new \DateTime()) {
             throw new UserLockedException(__('You did not sign in correctly or your account is temporarily disabled.'));
         }
     }
     if (!$authResult) {
         return;
     }
     $this->userResource->unlock($user->getId());
     $latestPassword = $this->userResource->getLatestPassword($user->getId());
     $this->_checkExpiredPassword($latestPassword);
     if (!$this->encryptor->validateHashVersion($user->getPassword(), true)) {
         $user->setPassword($password)->setData('force_new_password', true)->save();
     }
 }

 public function testAdminAuthenticate()
 {
     $password = "myP@sw0rd";
     $uid = 123;
     $authResult = true;
     $lockExpires = false;
     $userPassword = ['expires' => 1];
     /** @var Observer|\PHPUnit_Framework_MockObject_MockObject $eventObserverMock */
     $eventObserverMock = $this->getMockBuilder('Magento\\Framework\\Event\\Observer')->disableOriginalConstructor()->setMethods([])->getMock();
     /** @var Event|\PHPUnit_Framework_MockObject_MockObject */
     $eventMock = $this->getMockBuilder('Magento\\Framework\\Event')->disableOriginalConstructor()->setMethods(['getPassword', 'getUser', 'getResult'])->getMock();
     /** @var ModelUser|\PHPUnit_Framework_MockObject_MockObject $userMock */
     $userMock = $this->getMockBuilder('Magento\\User\\Model\\User')->disableOriginalConstructor()->setMethods(['getId', 'getLockExpires', 'getPassword', 'save'])->getMock();
     $eventObserverMock->expects($this->atLeastOnce())->method('getEvent')->willReturn($eventMock);
     $eventMock->expects($this->once())->method('getPassword')->willReturn($password);
     $eventMock->expects($this->once())->method('getUser')->willReturn($userMock);
     $eventMock->expects($this->once())->method('getResult')->willReturn($authResult);
     $userMock->expects($this->atLeastOnce())->method('getId')->willReturn($uid);
     $userMock->expects($this->once())->method('getLockExpires')->willReturn($lockExpires);
     $this->userMock->expects($this->once())->method('unlock');
     $this->userMock->expects($this->once())->method('getLatestPassword')->willReturn($userPassword);
     $this->configInterfaceMock->expects($this->atLeastOnce())->method('getValue')->willReturn(1);
     /** @var Collection|\PHPUnit_Framework_MockObject_MockObject $collectionMock */
     $collectionMock = $this->getMockBuilder('Magento\\Framework\\Message\\Collection')->disableOriginalConstructor()->setMethods([])->getMock();
     $this->managerInterfaceMock->expects($this->once())->method('getMessages')->willReturn($collectionMock);
     $collectionMock->expects($this->once())->method('getLastAddedMessage')->willReturn($this->messageInterfaceMock);
     $this->messageInterfaceMock->expects($this->once())->method('setIdentifier')->willReturnSelf();
     $this->authSessionMock->expects($this->once())->method('setPciAdminUserIsPasswordExpired');
     $this->encryptorMock->expects($this->once())->method('validateHashVersion')->willReturn(false);
     $this->model->execute($eventObserverMock);
 }

 /**
  * {@inheritdoc}
  */
 public function authenticate($username, $password)
 {
     try {
         switch ($this->advancedLoginConfigProvider->getLoginMode()) {
             case LoginMode::LOGIN_TYPE_ONLY_ATTRIBUTE:
                 $customer = $this->loginViaCustomerAttributeOnly($username);
                 break;
             case LoginMode::LOGIN_TYPE_BOTH:
                 $customer = $this->loginViaCustomerAttributeOrEmail($username);
                 break;
             default:
                 $customer = $this->loginViaEmailOnly($username);
                 break;
         }
     } catch (NoSuchEntityException $e) {
         throw new InvalidEmailOrPasswordException(__('Invalid login or password.'));
     }
     $this->checkPasswordStrength($password);
     $hash = $this->customerRegistry->retrieveSecureData($customer->getId())->getPasswordHash();
     if (!$this->encryptor->validateHash($password, $hash)) {
         throw new InvalidEmailOrPasswordException(__('Invalid login or password.'));
     }
     if ($customer->getConfirmation() && $this->isConfirmationRequired($customer)) {
         throw new EmailNotConfirmedException(__('This account is not confirmed.'));
     }
     $customerModel = $this->customerFactory->create()->updateData($customer);
     $this->eventManager->dispatch('customer_customer_authenticated', ['model' => $customerModel, 'password' => $password]);
     $this->eventManager->dispatch('customer_data_object_login', ['customer' => $customer]);
     return $customer;
 }

 /**
  * Create physical certificate file based on DB data
  *
  * @param string $file
  * @return void
  */
 protected function _createCertFile($file)
 {
     if ($this->varDirectory->isDirectory(self::BASEPATH_PAYPAL_CERT)) {
         $this->_removeOutdatedCertFile();
     }
     $this->varDirectory->writeFile($file, $this->encryptor->decrypt($this->getContent()));
 }

 /**
  * Generate secret key for controller and action based on form key
  *
  * @param string $routeName
  * @param string $controller Controller name
  * @param string $action Action name
  * @return string
  */
 public function getSecretKey($routeName = null, $controller = null, $action = null)
 {
     $salt = $this->formKey->getFormKey();
     $request = $this->_getRequest();
     if (!$routeName) {
         if ($request->getBeforeForwardInfo('route_name') !== null) {
             $routeName = $request->getBeforeForwardInfo('route_name');
         } else {
             $routeName = $request->getRouteName();
         }
     }
     if (!$controller) {
         if ($request->getBeforeForwardInfo('controller_name') !== null) {
             $controller = $request->getBeforeForwardInfo('controller_name');
         } else {
             $controller = $request->getControllerName();
         }
     }
     if (!$action) {
         if ($request->getBeforeForwardInfo('action_name') !== null) {
             $action = $request->getBeforeForwardInfo('action_name');
         } else {
             $action = $request->getActionName();
         }
     }
     $secret = $routeName . $controller . $action . $salt;
     return $this->_encryptor->getHash($secret);
 }

 public function testDecrypt()
 {
     $data = 'data';
     $encryptedData = 'd1a2t3a4';
     $this->encryptorInterfaceMock->expects($this->once())->method('decrypt')->with($encryptedData)->will($this->returnValue($data));
     $this->assertEquals($data, $this->info->decrypt($encryptedData));
 }

 /**
  * Run test for saveTokenWithPaymentLink method
  */
 public function testSaveTokenWithPaymentLinkWithDuplicateTokenNotVisible()
 {
     /** @var OrderPaymentInterface|\PHPUnit_Framework_MockObject_MockObject $paymentMock */
     $paymentMock = $this->getMock(OrderPaymentInterface::class);
     /** @var PaymentTokenInterface|\PHPUnit_Framework_MockObject_MockObject $tokenMock */
     $tokenMock = $this->getMock(PaymentTokenInterface::class);
     /** @var PaymentTokenInterface|\PHPUnit_Framework_MockObject_MockObject $duplicateToken */
     $duplicateToken = $this->getMock(PaymentTokenInterface::class);
     $entityId = 1;
     $newEntityId = 1;
     $paymentId = 1;
     $customerId = 1;
     $gatewayToken = 'xs4vf3';
     $publicHash = 'existing-token';
     $duplicateTokenData = ['entity_id' => $entityId];
     $newHash = 'new-token2';
     $tokenMock->expects(static::atLeastOnce())->method('getPublicHash')->willReturn($publicHash);
     $tokenMock->expects(static::atLeastOnce())->method('getCustomerId')->willReturn($customerId);
     $this->paymentTokenResourceModelMock->expects(self::once())->method('getByPublicHash')->with($publicHash, $customerId)->willReturn($duplicateTokenData);
     $this->paymentTokenFactoryMock->expects(self::once())->method('create')->with(['data' => $duplicateTokenData])->willReturn($duplicateToken);
     $tokenMock->expects(static::atLeastOnce())->method('getIsVisible')->willReturn(false);
     $tokenMock->expects(static::atLeastOnce())->method('getCustomerId')->willReturn($customerId);
     $tokenMock->expects(static::atLeastOnce())->method('getGatewayToken')->willReturn($gatewayToken);
     $this->encryptorMock->expects(static::once())->method('getHash')->with($publicHash . $gatewayToken)->willReturn($newHash);
     $tokenMock->expects(static::once())->method('setPublicHash')->with($newHash);
     $this->paymentTokenRepositoryMock->expects(self::once())->method('save')->with($tokenMock);
     $tokenMock->expects(static::atLeastOnce())->method('getEntityId')->willReturn($newEntityId);
     $paymentMock->expects(self::atLeastOnce())->method('getEntityId')->willReturn($paymentId);
     $this->paymentTokenResourceModelMock->expects(static::once())->method('addLinkToOrderPayment')->with($newEntityId, $paymentId);
     $this->paymentTokenManagement->saveTokenWithPaymentLink($tokenMock, $paymentMock);
 }

 public function testVerifyIdentityNoAssignedRoles()
 {
     $password = 'password';
     $this->_encryptorMock->expects($this->once())->method('validateHash')->with($password, $this->_model->getPassword())->will($this->returnValue(true));
     $this->_model->setIsActive(true);
     $this->_resourceMock->expects($this->once())->method('hasAssigned2Role')->will($this->returnValue(false));
     $this->setExpectedException('Magento\\Framework\\Exception\\AuthenticationException', 'Access denied.');
     $this->_model->verifyIdentity($password);
 }