juststeveking / masking-engine
A data masking engine for PHP.
Fund package maintenance!
juststeveking
Requires
- php: ^8.3
Requires (Dev)
- laravel/pint: ^1.18
- orchestra/testbench: ^9.5
- pestphp/pest: ^3.5
- phpstan/phpstan: ^1.12
- phpstan/phpstan-strict-rules: ^1.6
- roave/security-advisories: dev-latest
README
A PHP masking engine, that allows you to quickly and easily mask data based on configured formats.
Installation
You can install this package using composer
composer require juststeveking/masking-engine
Configuration
You can publish the configuration for this package using the php artisan vendor:publish --tag=masking-config
This will publish the default config to config/masking.php
, and will look like the following by default:
use JustSteveKing\Masking\Matchers\StringMatcher; return [ 'values' => [ 'password' => StringMatcher::class, ], ];
Usage
Let's walk through the usage. We have a values array, that hold how we want to mask data in our application.
You will see that we are using a StringMatcher
here, what this can do is obfuscate any string to a series of *
.
For example test
will turn into ****
. By default, this package comes with a selection of maskers/matchers that you can use - but you are also free to create your own.
StringMatcher
- will match or mask a standard string.CreditCard
- will match or mask a credit card number from1234-1234-1234-1234
to****-****-****-1234
.Date
- will match or mask a date from09/09/1988
to09/09/****
.Email
- will match or mask an email address fromjuststevemcd@gmail.com
to************@gmail.com
.PostalCode
- will match or mask a UK postal code fromB33 8TH
toB33 ***
.SocialSecurity
- will match or mask a Social Security Number from123-45-6789
to***-**-6789
.
Please note, these classes will not validate that the data is correct - for example it will not validate it is a correct credit card number or social security number.
The Masking Engine uses Regex to define a pattern both mask or match the input passed in. All Matching classes needs to either implement the MasksInput
interface, or extend the StringMatcher
class itself.
Let's look at the Email
matcher as an example:
final class Email extends StringMatcher { protected string $pattern = '/^[a-zA-Z0-9._-]+@[a-zA-Z0-9.-]+\.[a-zA-Z]{2,4}$/'; public function mask(): string { return (string) preg_replace_callback( pattern: '/([^@]+)/', callback: static fn(array $matches): string => str_repeat( string: '*', times: mb_strlen($matches[0]), ), subject: $this->input, limit: 1, ); } }
We define a pattern as a property for the class, which is a simple Regex to make sure that the input is formatted correctly. The masking method, will do a preg replace callback to take certain parts from the input and mask a specific part of the input.
In theory, you don't have to use Regex at all. You could implement something really simple such as:
use JustSteveKing\Masking\Matchers\StringMatcher; final class Dummy extends StringMatcher { public function mask(): string { return '<DUMMY VALUE>'; } }
The only important part of the class, is that the mask
method will return a string.
Testing
This package comes will a full test suite, as well as static analysis checks:
composer test
or
composer stan
Contributing
Feel free to use this package as suits your needs, if you would like to contribute please make sure that you are following the coding standards in place for this library, and test coverage is kept to a high standard.
Security
If you find any security related issues with this package, please feel free to reach out to me directly.