README

English | 中文

A Symfony bundle for encrypting and decrypting JsonRPC requests and responses, ensuring sensitive data security during transmission.

Features

• AES-256-CBC symmetric encryption for data transmission
• Automatic decryption for incoming requests, automatic encryption for outgoing responses
• Multi-AppID and multi-secret management
• Compatible with standard JsonRPC workflow
• Flexible event subscriber mechanism

Installation

• Requires PHP 8.1+
• Requires Symfony 6.0+
• Install via Composer:

composer require tourze/json-rpc-encrypt-bundle

• Requires tourze/jsonrpc-caller-bundle for AppID/secret management

Quick Start

1. Register the bundle in your Symfony application:

return [
    // ...
    Tourze\JsonRPCEncryptBundle\JsonRPCEncryptBundle::class => ['all' => true],
];

1. Configure ApiCallerRepository to provide appId and appSecret.

2. Client requests must add Encrypt-AppID header and encrypt the payload using the corresponding appSecret with AES-256-CBC:

POST /jsonrpc HTTP/1.1
Encrypt-AppID: your-app-id
Content-Type: application/json

<encrypted payload>

1. The server will automatically decrypt the request body and encrypt the response body.

Documentation

• See DataEncryption.puml or the generated flowchart for the encryption process.
• Custom encryption logic is supported by extending the Encryptor service.
• For advanced usage and configuration, see the source code and inline comments.

Contributing

• Issues and PRs are welcome
• Follow PSR coding standards
• Please ensure new features are fully tested

License

• MIT License
• Copyright © Tourze Team

Changelog

See [CHANGELOG.md] (if available)