11# OS2Web key
22
3- Keys for OS2Web.
3+ Key types and providers for OS2Web built on the [ Key module ] ( https://www.drupal.org/project/key ) .
44
55## Installation
66
@@ -13,21 +13,93 @@ drush pm:install os2web_key
1313
1414### Certificate
1515
16- ` @todo `
16+ This key type handles [ PKCS 12] ( https://en.wikipedia.org/wiki/PKCS_12 ) or [ Privacy-Enhanced Mail
17+ (PEM)] ( https://en.wikipedia.org/wiki/Privacy-Enhanced_Mail ) certificate with an optional password (passphrase).
1718
18- ### OpenID Connect
19+ Use in a form:
1920
20- ` @todo `
21+ ``` php
22+ $form['key'] => [
23+ '#type' => 'key_select',
24+ '#key_filters' => [
25+ 'type' => 'os2web_key_certificate',
26+ ],
27+ ];
28+ ```
29+
30+ The [ ` CertificateHelper ` ] ( https://github.com/OS2web/os2web_key/blob/main/src/CertificateHelper.php ) can be used to get
31+ the actual certificates (parts):
32+
33+ ``` php
34+ <?php
35+
36+ use Drupal\os2web_key\CertificateHelper;
37+ use Drupal\key\KeyRepositoryInterface;
38+
39+ // Use dependency injection for this.
40+ /** @var KeyRepositoryInterface $repository */
41+ $repository = \Drupal::service('key.repository');
42+ /** @var CertificateHelper $helper */
43+ $helper = \Drupal::service(CertificateHelper::class);
44+
45+ // Use `drush key:list` to list your keys.
46+ $key = $repository->getKey('my_key');
47+
48+ // Get the actual passwordless certificates.
49+ $certificates = $helper->getCertificates($key);
50+ ```
51+
52+ ** Note** : The parsed certificates have no password.
53+
54+ ### OpenID Connect (OIDC)
55+
56+ Example use in a form:
57+
58+ ``` php
59+ $form['key'] => [
60+ '#type' => 'key_select',
61+ '#key_filters' => [
62+ 'type' => 'os2web_key_oidc,
63+ ],
64+ ];
65+ ```
66+
67+ Get the OIDC config:
68+
69+ ``` php
70+ <?php
71+
72+ use Drupal\key\KeyRepositoryInterface;
73+ use Drupal\os2web_key\Plugin\KeyType\OidcKeyType;
74+
75+ // Use dependency injection for this.
76+ /** @var KeyRepositoryInterface $repository */
77+ $repository = \Drupal::service('key.repository');
78+
79+ $key = $repository->getKey('openid_connect_ad');
80+ $values = json_decode($key->getKeyValue(), TRUE, 512, JSON_THROW_ON_ERROR);
81+ $discoveryUrl = $values[OidcKeyType::DISCOVERY_URL];
82+ $clientId = $values[OidcKeyType::CLIENT_ID];
83+ $clientSecret = $values[OidcKeyType::CLIENT_SECRET];
84+ ```
85+
86+ See [ the Key Developer Guide] ( https://www.drupal.org/docs/contributed-modules/key/developer-guide ) for details and more
87+ examples.
88+
89+ ## Providers
90+
91+ ### ` @todo ` Azure Key Vault
92+
93+ < https://azure.microsoft.com/en-us/products/key-vault >
2194
22- ## Example
95+ ### ` @todo ` Infisical
2396
24- ` @todo `
97+ < https://infisical.com/ >
2598
2699## Coding standards
27100
28- Our coding are checked by GitHub Actions (cf.
29- [ .github/workflows/pr.yml] ( .github/workflows/pr.yml ) ). Use the commands below to
30- run the checks locally.
101+ Our coding are checked by GitHub Actions (cf. [ .github/workflows/pr.yml] ( .github/workflows/pr.yml ) ). Use the commands
102+ below to run the checks locally.
31103
32104### PHP
33105
0 commit comments