PHP code example of juniorfontenele / laravel-vault-server

1. Go to this page and download the library: Download juniorfontenele/laravel-vault-server library. Choose the download type require.

2. Extract the ZIP file and open the index.php.

3. Add this code to the index.php.
    
        
<?php
require_once('vendor/autoload.php');

/* Start to develop here. Best regards https://php-download.com/ */

    

juniorfontenele / laravel-vault-server example snippets


use JuniorFontenele\LaravelVaultServer\Facades\VaultAuth;

// Authenticate client with JWT token
$key = VaultAuth::attempt($token); // Returns: Key instance

// Check if client is authenticated
$isAuthenticated = VaultAuth::check(); // Returns: bool

// Check if client has specific scope
$canRead = VaultAuth::can('keys:read'); // Returns: bool

// Authorize client for specific scope (throws exception if not authorized)
VaultAuth::authorize('keys:read'); // Returns: void

// Get authenticated client
$client = VaultAuth::client(); // Returns: Client|null

// Get authentication key
$key = VaultAuth::key(); // Returns: Key|null

// Logout client
VaultAuth::logout(); // Returns: void

use JuniorFontenele\LaravelVaultServer\Facades\VaultClientManager;
use JuniorFontenele\LaravelVaultServer\Enums\Scope;

// Create a new client
$newClient = VaultClientManager::createClient(
    name: 'My Application',
    allowedScopes: [Scope::KEYS_READ->value, Scope::KEYS_ROTATE->value],
    description: 'Application description'
);
// Returns: NewClient { client: {id: "cl_123", name: "My Application"}, plaintext_provision_token: "tok_abc" }

// Provision an existing client
$provisionedClient = VaultClientManager::provisionClient($clientId, $provisionToken);
// Returns: Client instance

// Delete a client
VaultClientManager::deleteClient($clientId);
// Returns: void

// Cleanup inactive clients
$deletedClients = VaultClientManager::cleanupInactiveClients();
// Returns: int (number of deleted clients)

use JuniorFontenele\LaravelVaultServer\Facades\VaultHash;

// Store a password hash with salt + pepper
VaultHash::store($userId, $password);

// Verify a password against stored hash
$isValid = VaultHash::verify($userId, $password);
// Returns: bool

// Delete a stored password hash
VaultHash::delete($userId);

use JuniorFontenele\LaravelVaultServer\Facades\VaultKey;

// Create a new key pair
$newKey = VaultKey::create(
    clientId: $clientId,
    keySize: 2048,
    expiresIn: 365 // days
);
// Returns: NewKey { key: {id: "key_123", public_key: "-----BEGIN PUBLIC KEY-----...", algorithm: "RS256"}, private_key: "-----BEGIN PRIVATE KEY-----..." }

// Get a key by ID
$key = VaultKey::getById($keyId);
// Returns: Key instance

// Revoke a key
VaultKey::revoke($keyId);

// Cleanup expired keys
$expiredKeys = VaultKey::cleanupExpiredKeys();
// Returns: collection of expired keys

// Cleanup revoked keys
$revokedKeys = VaultKey::cleanupRevokedKeys();
// Returns: collection of revoked keys

use JuniorFontenele\LaravelVaultServer\Events\Client\ClientCreated;

class ClientCreatedListener
{
    public function handle(ClientCreated $event): void
    {
        // Log the client creation
        Log::info('New vault client created', [
            'client_id' => $event->client->id,
            'client_name' => $event->client->name,
        ]);
        
        // Send notification
        // Perform additional actions
    }
}

// Basic JWT authentication
Route::middleware('vault.jwt')->group(function () {
    // Protected routes here
});

// JWT authentication with scope validation
Route::middleware(['vault.jwt:keys:read'])->group(function () {
    // Routes requiring 'keys:read' scope
});
bash
php artisan vault-server:install
bash
php artisan vendor:publish --tag=vault-config