|
4 | 4 |
|
5 | 5 | use LogicException; |
6 | 6 | use MongoDB\Client; |
| 7 | +use MongoDB\Driver\ClientEncryption; |
7 | 8 | use MongoDB\Driver\ServerApi; |
8 | 9 | use MongoDB\Model\BSONArray; |
9 | 10 | use MongoDB\Tests\FunctionalTestCase; |
| 11 | +use MongoDB\Tests\SpecTests\ClientSideEncryptionSpecTest; |
| 12 | +use PHPUnit\Framework\Assert; |
10 | 13 | use stdClass; |
11 | 14 |
|
12 | 15 | use function array_key_exists; |
13 | 16 | use function array_map; |
14 | 17 | use function current; |
15 | 18 | use function explode; |
| 19 | +use function getenv; |
16 | 20 | use function key; |
17 | 21 | use function PHPUnit\Framework\assertArrayHasKey; |
18 | 22 | use function PHPUnit\Framework\assertCount; |
|
24 | 28 | use function PHPUnit\Framework\assertNotEmpty; |
25 | 29 | use function PHPUnit\Framework\assertNotSame; |
26 | 30 | use function PHPUnit\Framework\assertSame; |
| 31 | +use function sprintf; |
27 | 32 |
|
28 | 33 | /** |
29 | 34 | * Execution context for spec tests. |
@@ -108,6 +113,10 @@ public function createEntities(array $entities): void |
108 | 113 | $this->createClient($id, $def); |
109 | 114 | break; |
110 | 115 |
|
| 116 | + case 'clientEncryption': |
| 117 | + $this->createClientEncryption($id, $def); |
| 118 | + break; |
| 119 | + |
111 | 120 | case 'database': |
112 | 121 | $this->createDatabase($id, $def); |
113 | 122 | break; |
@@ -316,6 +325,72 @@ private function createClient(string $id, stdClass $o): void |
316 | 325 | $this->entityMap->set($id, FunctionalTestCase::createTestClient($uri, $uriOptions, $driverOptions)); |
317 | 326 | } |
318 | 327 |
|
| 328 | + private function createClientEncryption(string $id, stdClass $o): void |
| 329 | + { |
| 330 | + Util::assertHasOnlyKeys($o, [ |
| 331 | + 'id', |
| 332 | + 'clientEncryptionOpts', |
| 333 | + ]); |
| 334 | + |
| 335 | + $clientEncryptionOpts = []; |
| 336 | + |
| 337 | + if (isset($o->clientEncryptionOpts)) { |
| 338 | + assertIsObject($o->clientEncryptionOpts); |
| 339 | + $clientEncryptionOpts = (array) $o->clientEncryptionOpts; |
| 340 | + } |
| 341 | + |
| 342 | + if (isset($clientEncryptionOpts['keyVaultClient'])) { |
| 343 | + assertIsString($clientEncryptionOpts['keyVaultClient']); |
| 344 | + $clientEncryptionOpts['keyVaultClient'] = $this->entityMap->getClient($clientEncryptionOpts['keyVaultClient'])->getManager(); |
| 345 | + } |
| 346 | + |
| 347 | + if (isset($clientEncryptionOpts['kmsProviders'])) { |
| 348 | + assertIsObject($clientEncryptionOpts['kmsProviders']); |
| 349 | + |
| 350 | + if (isset($clientEncryptionOpts['kmsProviders']->aws->accessKeyId->{'$$placeholder'})) { |
| 351 | + $clientEncryptionOpts['kmsProviders']->aws->accessKeyId = static::getEnv('AWS_ACCESS_KEY_ID'); |
| 352 | + } |
| 353 | + |
| 354 | + if (isset($clientEncryptionOpts['kmsProviders']->aws->secretAccessKey->{'$$placeholder'})) { |
| 355 | + $clientEncryptionOpts['kmsProviders']->aws->secretAccessKey = static::getEnv('AWS_SECRET_ACCESS_KEY'); |
| 356 | + } |
| 357 | + |
| 358 | + if (isset($clientEncryptionOpts['kmsProviders']->azure->clientId->{'$$placeholder'})) { |
| 359 | + $clientEncryptionOpts['kmsProviders']->azure->clientId = static::getEnv('AZURE_CLIENT_ID'); |
| 360 | + } |
| 361 | + |
| 362 | + if (isset($clientEncryptionOpts['kmsProviders']->azure->clientSecret->{'$$placeholder'})) { |
| 363 | + $clientEncryptionOpts['kmsProviders']->azure->clientSecret = static::getEnv('AZURE_CLIENT_SECRET'); |
| 364 | + } |
| 365 | + |
| 366 | + if (isset($clientEncryptionOpts['kmsProviders']->azure->tenantId->{'$$placeholder'})) { |
| 367 | + $clientEncryptionOpts['kmsProviders']->azure->tenantId = static::getEnv('AZURE_TENANT_ID'); |
| 368 | + } |
| 369 | + |
| 370 | + if (isset($clientEncryptionOpts['kmsProviders']->gcp->email->{'$$placeholder'})) { |
| 371 | + $clientEncryptionOpts['kmsProviders']->gcp->email = static::getEnv('GCP_EMAIL'); |
| 372 | + } |
| 373 | + |
| 374 | + if (isset($clientEncryptionOpts['kmsProviders']->gcp->privateKey->{'$$placeholder'})) { |
| 375 | + $clientEncryptionOpts['kmsProviders']->gcp->privateKey = static::getEnv('GCP_PRIVATE_KEY'); |
| 376 | + } |
| 377 | + |
| 378 | + if (isset($clientEncryptionOpts['kmsProviders']->kmip->endpoint->{'$$placeholder'})) { |
| 379 | + $clientEncryptionOpts['kmsProviders']->kmip->endpoint = static::getEnv('KMIP_ENDPOINT'); |
| 380 | + } |
| 381 | + |
| 382 | + if (isset($clientEncryptionOpts['kmsProviders']->kmip->endpoint->{'$$placeholder'})) { |
| 383 | + $clientEncryptionOpts['kmsProviders']->kmip->endpoint = static::getEnv('KMIP_ENDPOINT'); |
| 384 | + } |
| 385 | + |
| 386 | + if (isset($clientEncryptionOpts['kmsProviders']->local->key->{'$$placeholder'})) { |
| 387 | + $clientEncryptionOpts['kmsProviders']->local->key = ClientSideEncryptionSpecTest::LOCAL_MASTERKEY; |
| 388 | + } |
| 389 | + } |
| 390 | + |
| 391 | + $this->entityMap->set($id, new ClientEncryption($clientEncryptionOpts)); |
| 392 | + } |
| 393 | + |
319 | 394 | private function createEntityCollector(string $clientId, stdClass $o): void |
320 | 395 | { |
321 | 396 | Util::assertHasOnlyKeys($o, ['id', 'events']); |
@@ -411,6 +486,17 @@ private function createBucket(string $id, stdClass $o): void |
411 | 486 | $this->entityMap->set($id, $database->selectGridFSBucket($options), $databaseId); |
412 | 487 | } |
413 | 488 |
|
| 489 | + private static function getEnv(string $name): string |
| 490 | + { |
| 491 | + $value = getenv($name); |
| 492 | + |
| 493 | + if ($value === false) { |
| 494 | + Assert::markTestSkipped(sprintf('Environment variable "%s" is not defined', $name)); |
| 495 | + } |
| 496 | + |
| 497 | + return $value; |
| 498 | + } |
| 499 | + |
414 | 500 | private static function prepareCollectionOrDatabaseOptions(array $options): array |
415 | 501 | { |
416 | 502 | Util::assertHasOnlyKeys($options, ['readConcern', 'readPreference', 'writeConcern']); |
|
0 commit comments