data/dolibarr.bankimport
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
dolibarr.bankimport/vendor/nemiah/php-fints/lib/Fhp/Options/SanitizingLogger.php
data 014a943f78 feat: HKEKA-Implementierung, PDF-Bugfixes, Sortierung, Umsatz-Umbenennung 
- HKEKA v3/v4/v5 Segmente fuer phpFinTS implementiert (VR Bank unterstuetzt kein HKEKP)
- GetElectronicStatement Action mit Base64-Erkennung und Quittungscode
- PDF-Deduplizierung per MD5 (Bank sendet identische Saldenmitteilungen)
- Saldenmitteilungen ohne Auszugsnummer werden uebersprungen
- Datums-Validierung: 30.02. (Bank-Konvention) wird auf 28.02. korrigiert
- Numerische Sortierung fuer statement_number (CAST statt String-Sort)
- Jahr-Filter: statement_year=0 ausgeschlossen
- Menue/Button: "Kontoauszuege" -> "Umsaetze" (statements.php zeigt MT940, nicht PDFs)
- Redirect nach FinTS-Abruf auf aktuelles Jahr statt year=0

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
2026-03-06 07:10:59 +01:00

103 lines
4.3 KiB
PHP
Executable file
Raw Blame History

<?php
namespace Fhp\Options;
use Fhp\Model\Account;
use Fhp\Model\SEPAAccount;
use Fhp\Syntax\Serializer;
use Psr\Log\LoggerInterface;
/**
* A logger that forwards to another PSR logger, but attempts to remove confidential information
* like usernames, passwords/PINs and so on.
*
* Note: This is internally used by {@link FinTs::setLogger()}, so application could usually does not need to
* instantiate this class manually.
*/
class SanitizingLogger extends \Psr\Log\AbstractLogger
{
/** @var LoggerInterface */
private $logger;
/** @var string[] */
private $needles;
/**
* @param LoggerInterface $logger The inner logger, to which the SanitizingLogger forwards its output.
* @param array $sensitiveMaterial An array of various objects typically used with the phpFinTS library that contain
* some sensitive information. This array may also contain plain strings, which are themselves interpreted as
* sensitive.
*/
public function __construct(LoggerInterface $logger, array $sensitiveMaterial)
{
$this->logger = $logger;
$this->needles = static::computeNeedles($sensitiveMaterial);
}
/**
* @param array $sensitiveMaterial See the constructor.
*/
public function addSensitiveMaterial(array $sensitiveMaterial)
{
$this->needles = array_merge($this->needles, static::computeNeedles($sensitiveMaterial));
}
public function log($level, $message, array $context = []): void
{
$message .= count($context) === 0 ? '' : ' ' . implode(', ', $context);
$this->logger->log($level, static::sanitizeForLogging($message, $this->needles));
}
/**
* @param array $sensitiveMaterial An array of various objects typically used with the phpFinTS library that contain
* some sensitive information. This array may also contain plain strings, which are themselves interpreted as
* sensitive.
* @return string[] An array of search-replacement "needles" that should be replaced in log messages.
*/
public static function computeNeedles(array $sensitiveMaterial): array
{
$needles = [];
foreach ($sensitiveMaterial as $item) {
if (is_string($item)) {
$needles[] = $item;
} elseif ($item instanceof Credentials) {
$needles[] = $item->getBenutzerkennung();
$needles[] = $item->getPin();
} elseif ($item instanceof FinTsOptions) {
$needles[] = $item->productName;
} elseif ($item instanceof Account) {
$needles[] = $item->getIban();
$needles[] = $item->getAccountNumber();
$needles[] = $item->getAccountOwnerName();
$needles[] = $item->getCustomerId();
} elseif ($item instanceof SEPAAccount) {
$needles[] = $item->getIban();
$needles[] = $item->getAccountNumber();
} elseif ($item !== null) {
throw new \InvalidArgumentException('Unsupported type of sensitive material ' . gettype($item));
}
}
$needles = array_filter($needles); // Filter out empty entries.
$escapedNeedles = array_map(function (string $needle) {
// The wire format is ISO-8859-1, so that's what will be logged and that's what to look for when replacing.
return mb_convert_encoding(Serializer::escape($needle), 'ISO-8859-1', 'UTF-8');
}, $needles);
return array_merge($needles, $escapedNeedles);
}
/**
* Removes sensitive values from the given string, while preserving its overall length, so that wrappers like FinTS
* messages or Bin containers, which declare the length of their contents, remain parsable.
* @param string $str Some string.
* @param string[] $needles The sensitive values to be replaced, usually from {@link computeNeedles()}.
* @return string The same string, but with sensitive values removed.
*/
public static function sanitizeForLogging(string $str, array $needles): string
{
$replacements = array_map(function ($needle) {
$len = strlen($needle);
$prefix = 'PRIVATE';
return substr($prefix, 0, $len) . str_repeat('_', max(0, $len - strlen($prefix)));
}, $needles);
return str_replace($needles, $replacements, $str);
}
}
Reference in a new issue View git blame Copy permalink