Enforce forget identity event method in projectors

src/Surfnet/Stepup/Projector/Projector.php

@@ -0,0 +1,31 @@
+<?php
+
+/**
+ * Copyright 2024 SURFnet B.V.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+namespace Surfnet\Stepup\Projector;
+
+use Broadway\EventHandling\EventListener;
+use Broadway\ReadModel\Projector as BroadwayProjector;
+use Surfnet\Stepup\Identity\Event\IdentityForgottenEvent;
+
+/**
+ * @SuppressWarnings(PHPMD.NumberOfChildren) we simply have a lot of projectors
+ */
+abstract class Projector extends BroadwayProjector implements EventListener
+{
+    abstract protected function applyIdentityForgottenEvent(IdentityForgottenEvent $event): void;
+}

src/Surfnet/StepupMiddleware/ApiBundle/Configuration/Projector/AllowedSecondFactorListProjector.php

@@ -18,7 +18,8 @@
 
 namespace Surfnet\StepupMiddleware\ApiBundle\Configuration\Projector;
 
-use Broadway\ReadModel\Projector;
+use Surfnet\Stepup\Identity\Event\IdentityForgottenEvent;
+use Surfnet\Stepup\Projector\Projector;
 use Surfnet\Stepup\Configuration\Event\AllowedSecondFactorListUpdatedEvent;
 use Surfnet\StepupMiddleware\ApiBundle\Configuration\Entity\AllowedSecondFactor;
 use Surfnet\StepupMiddleware\ApiBundle\Configuration\Repository\AllowedSecondFactorRepository;
@@ -40,4 +41,9 @@ public function applyAllowedSecondFactorListUpdatedEvent(AllowedSecondFactorList
             $this->allowedSecondFactorRepository->save($allowedSecondFactor);
         }
     }
+
+    protected function applyIdentityForgottenEvent(IdentityForgottenEvent $event): void
+    {
+        // do nothing, no sensitive data in this projection
+    }
 }

src/Surfnet/StepupMiddleware/ApiBundle/Configuration/Projector/ConfiguredInstitutionProjector.php

@@ -18,7 +18,8 @@
 
 namespace Surfnet\StepupMiddleware\ApiBundle\Configuration\Projector;
 
-use Broadway\ReadModel\Projector;
+use Surfnet\Stepup\Identity\Event\IdentityForgottenEvent;
+use Surfnet\Stepup\Projector\Projector;
 use Surfnet\Stepup\Configuration\Event\InstitutionConfigurationRemovedEvent;
 use Surfnet\Stepup\Configuration\Event\NewInstitutionConfigurationCreatedEvent;
 use Surfnet\StepupMiddleware\ApiBundle\Configuration\Entity\ConfiguredInstitution;
@@ -40,4 +41,9 @@ public function applyInstitutionConfigurationRemovedEvent(InstitutionConfigurati
     {
         $this->configuredInstitutionRepository->removeConfigurationFor($event->institution);
     }
+
+    protected function applyIdentityForgottenEvent(IdentityForgottenEvent $event): void
+    {
+        // do nothing, no sensitive data in this projection
+    }
 }

src/Surfnet/StepupMiddleware/ApiBundle/Configuration/Projector/InstitutionAuthorizationProjector.php

@@ -18,7 +18,8 @@
 
 namespace Surfnet\StepupMiddleware\ApiBundle\Configuration\Projector;
 
-use Broadway\ReadModel\Projector;
+use Surfnet\Stepup\Identity\Event\IdentityForgottenEvent;
+use Surfnet\Stepup\Projector\Projector;
 use Surfnet\Stepup\Configuration\Event\InstitutionConfigurationRemovedEvent;
 use Surfnet\Stepup\Configuration\Event\NewInstitutionConfigurationCreatedEvent;
 use Surfnet\Stepup\Configuration\Event\SelectRaaOptionChangedEvent;
@@ -72,4 +73,9 @@ public function applyInstitutionConfigurationRemovedEvent(InstitutionConfigurati
             $event->institution,
         );
     }
+
+    protected function applyIdentityForgottenEvent(IdentityForgottenEvent $event): void
+    {
+        // do nothing, no sensitive data in this projection
+    }
 }

src/Surfnet/StepupMiddleware/ApiBundle/Configuration/Projector/InstitutionConfigurationOptionsProjector.php

@@ -18,7 +18,8 @@
 
 namespace Surfnet\StepupMiddleware\ApiBundle\Configuration\Projector;
 
-use Broadway\ReadModel\Projector;
+use Surfnet\Stepup\Identity\Event\IdentityForgottenEvent;
+use Surfnet\Stepup\Projector\Projector;
 use Surfnet\Stepup\Configuration\Event\InstitutionConfigurationRemovedEvent;
 use Surfnet\Stepup\Configuration\Event\NewInstitutionConfigurationCreatedEvent;
 use Surfnet\Stepup\Configuration\Event\NumberOfTokensPerIdentityOptionChangedEvent;
@@ -32,6 +33,9 @@
 use Surfnet\StepupMiddleware\ApiBundle\Configuration\Repository\AllowedSecondFactorRepository;
 use Surfnet\StepupMiddleware\ApiBundle\Configuration\Repository\InstitutionConfigurationOptionsRepository;
 
+/**
+ * @SuppressWarnings(PHPMD.CouplingBetweenObjects)
+ */
 final class InstitutionConfigurationOptionsProjector extends Projector
 {
     public function __construct(
@@ -131,4 +135,9 @@ public function applyInstitutionConfigurationRemovedEvent(InstitutionConfigurati
         $this->institutionConfigurationOptionsRepository->removeConfigurationOptionsFor($event->institution);
         $this->allowedSecondFactorRepository->clearAllowedSecondFactorListFor($event->institution);
     }
+
+    protected function applyIdentityForgottenEvent(IdentityForgottenEvent $event): void
+    {
+        // do nothing, no sensitive data in this projection
+    }
 }

src/Surfnet/StepupMiddleware/ApiBundle/Configuration/Projector/RaLocationProjector.php

@@ -18,7 +18,8 @@
 
 namespace Surfnet\StepupMiddleware\ApiBundle\Configuration\Projector;
 
-use Broadway\ReadModel\Projector;
+use Surfnet\Stepup\Identity\Event\IdentityForgottenEvent;
+use Surfnet\Stepup\Projector\Projector;
 use Surfnet\Stepup\Configuration\Event\InstitutionConfigurationRemovedEvent;
 use Surfnet\Stepup\Configuration\Event\RaLocationAddedEvent;
 use Surfnet\Stepup\Configuration\Event\RaLocationContactInformationChangedEvent;
@@ -100,4 +101,9 @@ private function fetchRaLocationById(RaLocationId $raLocationId): RaLocation
 
         return $raLocation;
     }
+
+    protected function applyIdentityForgottenEvent(IdentityForgottenEvent $event): void
+    {
+        // do nothing, no sensitive data in this projection
+    }
 }

src/Surfnet/StepupMiddleware/ApiBundle/Identity/Projector/AuditLogProjector.php

@@ -19,7 +19,6 @@
 namespace Surfnet\StepupMiddleware\ApiBundle\Identity\Projector;
 
 use Broadway\Domain\DomainMessage;
-use Broadway\EventHandling\EventListener;
 use DateTime as CoreDateTime;
 use Ramsey\Uuid\Uuid;
 use Surfnet\Stepup\DateTime\DateTime;
@@ -33,6 +32,7 @@
 use Surfnet\Stepup\Identity\Value\RecoveryTokenIdentifierFactory;
 use Surfnet\Stepup\Identity\Value\RecoveryTokenType;
 use Surfnet\Stepup\Identity\Value\VettingType;
+use Surfnet\Stepup\Projector\Projector;
 use Surfnet\StepupMiddleware\ApiBundle\Exception\RuntimeException;
 use Surfnet\StepupMiddleware\ApiBundle\Identity\Entity\AuditLogEntry;
 use Surfnet\StepupMiddleware\ApiBundle\Identity\Entity\Identity;
@@ -42,7 +42,7 @@
 /**
  * @SuppressWarnings(PHPMD.CouplingBetweenObjects)
  */
-class AuditLogProjector implements EventListener
+class AuditLogProjector extends Projector
 {
     public function __construct(
         private readonly AuditLogRepository $auditLogRepository,
@@ -138,7 +138,7 @@ private function applyAuditableEvent(AuditableEvent $event, DomainMessage $domai
         $this->auditLogRepository->save($entry);
     }
 
-    private function applyIdentityForgottenEvent(IdentityForgottenEvent $event): void
+    protected function applyIdentityForgottenEvent(IdentityForgottenEvent $event): void
     {
         $entries = $this->auditLogRepository->findByIdentityId($event->identityId);
         foreach ($entries as $auditLogEntry) {

src/Surfnet/StepupMiddleware/ApiBundle/Identity/Projector/IdentityProjector.php

@@ -18,7 +18,7 @@
 
 namespace Surfnet\StepupMiddleware\ApiBundle\Identity\Projector;
 
-use Broadway\ReadModel\Projector;
+use Surfnet\Stepup\Projector\Projector;
 use Surfnet\Stepup\Identity\Event\IdentityCreatedEvent;
 use Surfnet\Stepup\Identity\Event\IdentityEmailChangedEvent;
 use Surfnet\Stepup\Identity\Event\IdentityForgottenEvent;

src/Surfnet/StepupMiddleware/ApiBundle/Identity/Projector/IdentitySelfAssertedTokenOptionsProjector.php

@@ -18,7 +18,8 @@
 
 namespace Surfnet\StepupMiddleware\ApiBundle\Identity\Projector;
 
-use Broadway\ReadModel\Projector;
+use Surfnet\Stepup\Identity\Event\IdentityForgottenEvent;
+use Surfnet\Stepup\Projector\Projector;
 use Surfnet\Stepup\Identity\Event\IdentityCreatedEvent;
 use Surfnet\Stepup\Identity\Event\SecondFactorVettedEvent;
 use Surfnet\Stepup\Identity\Event\SecondFactorVettedWithoutTokenProofOfPossession;
@@ -81,4 +82,9 @@ private function determinePossessionOfToken(VettingType $vettingType, IdentityId
         $identitySelfAssertedTokenOptions->possessedToken = true;
         $this->repository->save($identitySelfAssertedTokenOptions);
     }
+
+    protected function applyIdentityForgottenEvent(IdentityForgottenEvent $event): void
+    {
+        // do nothing, no sensitive data in this projection
+    }
 }

src/Surfnet/StepupMiddleware/ApiBundle/Identity/Projector/InstitutionListingProjector.php

@@ -18,7 +18,8 @@
 
 namespace Surfnet\StepupMiddleware\ApiBundle\Identity\Projector;
 
-use Broadway\ReadModel\Projector;
+use Surfnet\Stepup\Identity\Event\IdentityForgottenEvent;
+use Surfnet\Stepup\Projector\Projector;
 use Surfnet\Stepup\Identity\Event\IdentityCreatedEvent;
 use Surfnet\StepupMiddleware\ApiBundle\Identity\Repository\InstitutionListingRepository;
 
@@ -36,4 +37,9 @@ public function applyIdentityCreatedEvent(IdentityCreatedEvent $event): void
     {
         $this->institutionListingRepository->addIfNotExists($event->identityInstitution);
     }
+
+    protected function applyIdentityForgottenEvent(IdentityForgottenEvent $event): void
+    {
+        // do nothing, no sensitive data in this projection
+    }
 }

src/Surfnet/StepupMiddleware/ApiBundle/Identity/Projector/RaListingProjector.php

@@ -18,7 +18,7 @@
 
 namespace Surfnet\StepupMiddleware\ApiBundle\Identity\Projector;
 
-use Broadway\ReadModel\Projector;
+use Surfnet\Stepup\Projector\Projector;
 use Surfnet\Stepup\Identity\Event\AppointedAsRaaEvent;
 use Surfnet\Stepup\Identity\Event\AppointedAsRaaForInstitutionEvent;
 use Surfnet\Stepup\Identity\Event\AppointedAsRaEvent;

src/Surfnet/StepupMiddleware/ApiBundle/Identity/Projector/RaSecondFactorProjector.php

@@ -18,7 +18,7 @@
 
 namespace Surfnet\StepupMiddleware\ApiBundle\Identity\Projector;
 
-use Broadway\ReadModel\Projector;
+use Surfnet\Stepup\Projector\Projector;
 use Surfnet\Stepup\Identity\Event\CompliedWithUnverifiedSecondFactorRevocationEvent;
 use Surfnet\Stepup\Identity\Event\CompliedWithVerifiedSecondFactorRevocationEvent;
 use Surfnet\Stepup\Identity\Event\CompliedWithVettedSecondFactorRevocationEvent;

src/Surfnet/StepupMiddleware/ApiBundle/Identity/Projector/RecoveryTokenProjector.php

@@ -18,7 +18,7 @@
 
 namespace Surfnet\StepupMiddleware\ApiBundle\Identity\Projector;
 
-use Broadway\ReadModel\Projector;
+use Surfnet\Stepup\Projector\Projector;
 use Surfnet\Stepup\Identity\Event\CompliedWithRecoveryCodeRevocationEvent;
 use Surfnet\Stepup\Identity\Event\IdentityForgottenEvent;
 use Surfnet\Stepup\Identity\Event\PhoneRecoveryTokenPossessionProvenEvent;

src/Surfnet/StepupMiddleware/ApiBundle/Identity/Projector/SecondFactorProjector.php

@@ -18,7 +18,7 @@
 
 namespace Surfnet\StepupMiddleware\ApiBundle\Identity\Projector;
 
-use Broadway\ReadModel\Projector;
+use Surfnet\Stepup\Projector\Projector;
 use Surfnet\Stepup\Identity\Event\CompliedWithUnverifiedSecondFactorRevocationEvent;
 use Surfnet\Stepup\Identity\Event\CompliedWithVerifiedSecondFactorRevocationEvent;
 use Surfnet\Stepup\Identity\Event\CompliedWithVettedSecondFactorRevocationEvent;

src/Surfnet/StepupMiddleware/ApiBundle/Identity/Projector/SecondFactorRevocationProjector.php

@@ -19,7 +19,8 @@
 namespace Surfnet\StepupMiddleware\ApiBundle\Identity\Projector;
 
 use Broadway\Domain\DomainMessage;
-use Broadway\ReadModel\Projector;
+use Surfnet\Stepup\Identity\Event\IdentityForgottenEvent;
+use Surfnet\Stepup\Projector\Projector;
 use DateTime as CoreDateTime;
 use Ramsey\Uuid\Uuid;
 use Surfnet\Stepup\DateTime\DateTime;
@@ -61,4 +62,9 @@ protected function applyCompliedWithVettedSecondFactorRevocationEvent(
 
         $this->repository->save($revocation);
     }
+
+    protected function applyIdentityForgottenEvent(IdentityForgottenEvent $event): void
+    {
+        // do nothing, no sensitive data in this projection
+    }
 }

src/Surfnet/StepupMiddleware/ApiBundle/Identity/Projector/SraaProjector.php

@@ -18,7 +18,8 @@
 
 namespace Surfnet\StepupMiddleware\ApiBundle\Identity\Projector;
 
-use Broadway\ReadModel\Projector;
+use Surfnet\Stepup\Identity\Event\IdentityForgottenEvent;
+use Surfnet\Stepup\Projector\Projector;
 use Surfnet\Stepup\Configuration\Event\SraaUpdatedEvent;
 use Surfnet\Stepup\Identity\Value\NameId;
 use Surfnet\StepupMiddleware\ApiBundle\Identity\Entity\Sraa;
@@ -41,4 +42,9 @@ public function applySraaUpdatedEvent(SraaUpdatedEvent $event): void
 
         $this->sraaRepository->saveAll($sraaList);
     }
+
+    protected function applyIdentityForgottenEvent(IdentityForgottenEvent $event): void
+    {
+        // do nothing, no sensitive data in this projection
+    }
 }

src/Surfnet/StepupMiddleware/ApiBundle/Identity/Projector/VettingTypeHintProjector.php

@@ -18,7 +18,8 @@
 
 namespace Surfnet\StepupMiddleware\ApiBundle\Identity\Projector;
 
-use Broadway\ReadModel\Projector;
+use Surfnet\Stepup\Identity\Event\IdentityForgottenEvent;
+use Surfnet\Stepup\Projector\Projector;
 use Surfnet\Stepup\Identity\Event\VettingTypeHintsSavedEvent;
 use Surfnet\StepupMiddleware\ApiBundle\Identity\Entity\VettingTypeHint;
 use Surfnet\StepupMiddleware\ApiBundle\Identity\Repository\VettingTypeHintRepository;
@@ -45,4 +46,9 @@ public function applyVettingTypeHintsSavedEvent(VettingTypeHintsSavedEvent $even
         $entity->hints = $event->hints;
         $this->vettingTypeHintRepository->save($entity);
     }
+
+    protected function applyIdentityForgottenEvent(IdentityForgottenEvent $event): void
+    {
+        // do nothing, no sensitive data in this projection
+    }
 }

src/Surfnet/StepupMiddleware/ApiBundle/Identity/Projector/WhitelistProjector.php

@@ -18,7 +18,8 @@
 
 namespace Surfnet\StepupMiddleware\ApiBundle\Identity\Projector;
 
-use Broadway\ReadModel\Projector;
+use Surfnet\Stepup\Identity\Event\IdentityForgottenEvent;
+use Surfnet\Stepup\Projector\Projector;
 use Surfnet\Stepup\Identity\Event\InstitutionsAddedToWhitelistEvent;
 use Surfnet\Stepup\Identity\Event\InstitutionsRemovedFromWhitelistEvent;
 use Surfnet\Stepup\Identity\Event\WhitelistCreatedEvent;
@@ -75,4 +76,9 @@ protected function applyInstitutionsRemovedFromWhitelistEvent(InstitutionsRemove
 
         $this->whitelistEntryRepository->remove($whitelistEntries);
     }
+
+    protected function applyIdentityForgottenEvent(IdentityForgottenEvent $event): void
+    {
+        // do nothing, no sensitive data in this projection
+    }
 }

src/Surfnet/StepupMiddleware/GatewayBundle/Projector/InstitutionConfigurationProjector.php

@@ -20,7 +20,8 @@
 
 namespace Surfnet\StepupMiddleware\GatewayBundle\Projector;
 
-use Broadway\ReadModel\Projector;
+use Surfnet\Stepup\Identity\Event\IdentityForgottenEvent;
+use Surfnet\Stepup\Projector\Projector;
 use Surfnet\Stepup\Configuration\Event\InstitutionConfigurationRemovedEvent;
 use Surfnet\Stepup\Configuration\Event\NewInstitutionConfigurationCreatedEvent;
 use Surfnet\Stepup\Configuration\Event\SsoOn2faOptionChangedEvent;
@@ -64,4 +65,9 @@ public function applyInstitutionConfigurationRemovedEvent(InstitutionConfigurati
     {
         $this->repository->removeFor((string)$event->institution);
     }
+
+    protected function applyIdentityForgottenEvent(IdentityForgottenEvent $event): void
+    {
+        // do nothing, no sensitive data in this projection
+    }
 }

src/Surfnet/StepupMiddleware/GatewayBundle/Projector/SamlEntityProjector.php

@@ -18,7 +18,8 @@
 
 namespace Surfnet\StepupMiddleware\GatewayBundle\Projector;
 
-use Broadway\ReadModel\Projector;
+use Surfnet\Stepup\Identity\Event\IdentityForgottenEvent;
+use Surfnet\Stepup\Projector\Projector;
 use Surfnet\Stepup\Configuration\Event\IdentityProvidersUpdatedEvent;
 use Surfnet\Stepup\Configuration\Event\ServiceProvidersUpdatedEvent;
 use Surfnet\StepupMiddleware\GatewayBundle\Entity\SamlEntity;
@@ -56,4 +57,9 @@ public function applyIdentityProvidersUpdatedEvent(IdentityProvidersUpdatedEvent
 
         $this->samlEntityRepository->replaceAllIdps($spConfigurations);
     }
+
+    protected function applyIdentityForgottenEvent(IdentityForgottenEvent $event): void
+    {
+        // do nothing, no sensitive data in this projection
+    }
 }

src/Surfnet/StepupMiddleware/GatewayBundle/Projector/SecondFactorProjector.php

@@ -18,7 +18,7 @@
 
 namespace Surfnet\StepupMiddleware\GatewayBundle\Projector;
 
-use Broadway\ReadModel\Projector;
+use Surfnet\Stepup\Projector\Projector;
 use Surfnet\Stepup\Identity\Event\CompliedWithVettedSecondFactorRevocationEvent;
 use Surfnet\Stepup\Identity\Event\IdentityForgottenEvent;
 use Surfnet\Stepup\Identity\Event\LocalePreferenceExpressedEvent;