Encrypt gateway configs stored in database
Last updated
Last updated
To encrypt (and later decrypt) sensitive configuration details (like payment provider credentials) we have to do four things:
Make sure model implements CryptedInterface
. The GatewayConfig
class already does it.
Generate a cypher key and store it
Configure our dynamic gateways
Create a Form Type Extension
First, we have to install an encryption library defuse/php-encryption
:
Once the library is installed, you should generate a cypher key:
It will output something like this:
For storing your cypher key, the best way is to use a environment variable. If your are using , you can store your cypher key like this:
Then, you should configure your dynamic gateways:
For that, you have two solutions:
update your PaypalGatewayConfigType
form type
Payum is an MIT-licensed open source project with its ongoing development made possible entirely by the support of community and our customers. If you'd like to join them, please consider:
If you are using , you can stop here because everything is done automatically.
You should tell to Symfony how to encrypt/decrypt your gateway configuration when you use your PaypalGatewayConfigType
form type (previously done in ).
create a that will modify your PaypalGatewayConfigType
form type
The second solution is better, because if you have a form type for a second gateway (for example ), you won't have to duplicate your logic in your StripeGatewayConfigType
form type.
We will create a CryptedGatewayConfigTypeExtension
form type extension in the namespace Acme\PaymentBundle\Form\Extension
. Be sure to follow to register your form type extension as a service.