michael/michaelschiemer
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

chore: complete update

Browse Source
This commit is contained in:
Michael Schiemer
2025-07-17 16:24:20 +02:00
parent 899227b0a4
commit 64a7051137
1300 changed files with 85570 additions and 2756 deletions
Download Patch File Download Diff File Expand all files Collapse all files

56
src/Framework/Exception/SecurityEvent/AuthenticationAccountLockedEvent.php Normal file
View File

@@ -0,0 +1,56 @@
<?php
declare(strict_types=1);
namespace App\Framework\Exception\SecurityEvent;
use App\Framework\Exception\SecurityLogLevel;
/**
* Account-Sperrung Event
*/
final readonly class AuthenticationAccountLockedEvent implements SecurityEventInterface
{
public function __construct(
public string $userId,
public int $attempts
) {}
public function getEventIdentifier(): string
{
return "authn_account_locked:{$this->userId},{$this->attempts}";
}
public function getDescription(): string
{
return "User {$this->userId} account locked after {$this->attempts} failed attempts";
}
public function getLogLevel(): SecurityLogLevel
{
return SecurityLogLevel::WARN;
}
public function getCategory(): string
{
return 'authentication';
}
public function requiresAlert(): bool
{
// Account-Sperrungen sind immer alert-würdig
return true;
}
public function toArray(): array
{
return [
'userId' => $this->userId,
'attempts' => $this->attempts,
'event_identifier' => $this->getEventIdentifier(),
'category' => $this->getCategory(),
'log_level' => $this->getLogLevel()->value,
'requires_alert' => $this->requiresAlert()
];
}
}

56
src/Framework/Exception/SecurityEvent/AuthenticationLoginFailedEvent.php Normal file
View File

@@ -0,0 +1,56 @@
<?php
declare(strict_types=1);
namespace App\Framework\Exception\SecurityEvent;
use App\Framework\Exception\SecurityLogLevel;
/**
* Login-Fehler Event
*/
final readonly class AuthenticationLoginFailedEvent implements SecurityEventInterface
{
public function __construct(
public string $userId,
public string $reason = 'invalid_credentials'
) {}
public function getEventIdentifier(): string
{
return "authn_login_fail:{$this->userId}";
}
public function getDescription(): string
{
return "User {$this->userId} login failure";
}
public function getLogLevel(): SecurityLogLevel
{
return SecurityLogLevel::WARN;
}
public function getCategory(): string
{
return 'authentication';
}
public function requiresAlert(): bool
{
// Login-Fehler sind nicht kritisch genug für sofortige Alerts
return false;
}
public function toArray(): array
{
return [
'userId' => $this->userId,
'reason' => $this->reason,
'event_identifier' => $this->getEventIdentifier(),
'category' => $this->getCategory(),
'log_level' => $this->getLogLevel()->value,
'requires_alert' => $this->requiresAlert()
];
}
}

56
src/Framework/Exception/SecurityEvent/AuthenticationLoginSuccessAfterFailEvent.php Normal file
View File

@@ -0,0 +1,56 @@
<?php
declare(strict_types=1);
namespace App\Framework\Exception\SecurityEvent;
use App\Framework\Exception\SecurityLogLevel;
/**
* Login-Erfolg nach Fehlversuchen Event
*/
final readonly class AuthenticationLoginSuccessAfterFailEvent implements SecurityEventInterface
{
public function __construct(
public string $userId,
public int $retries
) {}
public function getEventIdentifier(): string
{
return "authn_login_successafterfail:{$this->userId},{$this->retries}";
}
public function getDescription(): string
{
return "User {$this->userId} login successfully after {$this->retries} failures";
}
public function getLogLevel(): SecurityLogLevel
{
return SecurityLogLevel::WARN;
}
public function getCategory(): string
{
return 'authentication';
}
public function requiresAlert(): bool
{
// Alert wenn viele Fehlversuche vorausgingen
return $this->retries >= 5;
}
public function toArray(): array
{
return [
'userId' => $this->userId,
'retries' => $this->retries,
'event_identifier' => $this->getEventIdentifier(),
'category' => $this->getCategory(),
'log_level' => $this->getLogLevel()->value,
'requires_alert' => $this->requiresAlert()
];
}
}

53
src/Framework/Exception/SecurityEvent/AuthenticationLoginSuccessEvent.php Normal file
View File

@@ -0,0 +1,53 @@
<?php
declare(strict_types=1);
namespace App\Framework\Exception\SecurityEvent;
use App\Framework\Exception\SecurityLogLevel;
/**
* Login-Erfolg Event
*/
final readonly class AuthenticationLoginSuccessEvent implements SecurityEventInterface
{
public function __construct(
public string $userId
) {}
public function getEventIdentifier(): string
{
return "authn_login_success:{$this->userId}";
}
public function getDescription(): string
{
return "User {$this->userId} login successfully";
}
public function getLogLevel(): SecurityLogLevel
{
return SecurityLogLevel::INFO;
}
public function getCategory(): string
{
return 'authentication';
}
public function requiresAlert(): bool
{
return false;
}
public function toArray(): array
{
return [
'userId' => $this->userId,
'event_identifier' => $this->getEventIdentifier(),
'category' => $this->getCategory(),
'log_level' => $this->getLogLevel()->value,
'requires_alert' => $this->requiresAlert()
];
}
}

57
src/Framework/Exception/SecurityEvent/AuthorizationAccessDeniedEvent.php Normal file
View File

@@ -0,0 +1,57 @@
<?php
declare(strict_types=1);
namespace App\Framework\Exception\SecurityEvent;
use App\Framework\Exception\SecurityLogLevel;
/**
* Zugriff verweigert Event
*/
final readonly class AuthorizationAccessDeniedEvent implements SecurityEventInterface
{
public function __construct(
public string $userId,
public string $resource,
public string $action = 'access'
) {}
public function getEventIdentifier(): string
{
return "authz_fail:{$this->userId},{$this->resource}";
}
public function getDescription(): string
{
return "User {$this->userId} authorization failure for {$this->resource}";
}
public function getLogLevel(): SecurityLogLevel
{
return SecurityLogLevel::WARN;
}
public function getCategory(): string
{
return 'authorization';
}
public function requiresAlert(): bool
{
return false;
}
public function toArray(): array
{
return [
'userId' => $this->userId,
'resource' => $this->resource,
'action' => $this->action,
'event_identifier' => $this->getEventIdentifier(),
'category' => $this->getCategory(),
'log_level' => $this->getLogLevel()->value,
'requires_alert' => $this->requiresAlert()
];
}
}

58
src/Framework/Exception/SecurityEvent/AuthorizationAdminActionEvent.php Normal file
View File

@@ -0,0 +1,58 @@
<?php
declare(strict_types=1);
namespace App\Framework\Exception\SecurityEvent;
use App\Framework\Exception\SecurityLogLevel;
/**
* Admin-Aktion Event
*/
final readonly class AuthorizationAdminActionEvent implements SecurityEventInterface
{
public function __construct(
public string $userId,
public string $resource,
public string $action = 'admin_action'
) {}
public function getEventIdentifier(): string
{
return "authz_admin:{$this->userId},{$this->resource}";
}
public function getDescription(): string
{
return "User {$this->userId} administrative action on {$this->resource}";
}
public function getLogLevel(): SecurityLogLevel
{
return SecurityLogLevel::WARN;
}
public function getCategory(): string
{
return 'authorization';
}
public function requiresAlert(): bool
{
// Admin-Aktionen sind immer beobachtungswürdig
return true;
}
public function toArray(): array
{
return [
'userId' => $this->userId,
'resource' => $this->resource,
'action' => $this->action,
'event_identifier' => $this->getEventIdentifier(),
'category' => $this->getCategory(),
'log_level' => $this->getLogLevel()->value,
'requires_alert' => $this->requiresAlert()
];
}
}

57
src/Framework/Exception/SecurityEvent/InputSqlInjectionAttemptEvent.php Normal file
View File

@@ -0,0 +1,57 @@
<?php
declare(strict_types=1);
namespace App\Framework\Exception\SecurityEvent;
use App\Framework\Exception\SecurityException;
use App\Framework\Exception\SecurityLogLevel;
/**
* SQL-Injection-Versuch Event
*/
final readonly class InputSqlInjectionAttemptEvent implements SecurityEventInterface
{
public function __construct(
public string $field,
public string $detectedPattern = 'generic_sql_pattern'
) {}
public function getEventIdentifier(): string
{
return "input_sql_injection:{$this->field}";
}
public function getDescription(): string
{
return "SQL injection attempt detected in field {$this->field}";
}
public function getLogLevel(): SecurityLogLevel
{
return SecurityLogLevel::ERROR;
}
public function getCategory(): string
{
return 'input_validation';
}
public function requiresAlert(): bool
{
// SQL-Injection-Versuche sind immer kritisch
return true;
}
public function toArray(): array
{
return [
'field' => $this->field,
'detectedPattern' => $this->detectedPattern,
'event_identifier' => $this->getEventIdentifier(),
'category' => $this->getCategory(),
'log_level' => $this->getLogLevel()->value,
'requires_alert' => $this->requiresAlert()
];
}
}

55
src/Framework/Exception/SecurityEvent/InputXssAttemptEvent.php Normal file
View File

@@ -0,0 +1,55 @@
<?php
declare(strict_types=1);
namespace App\Framework\Exception\SecurityEvent;
use App\Framework\Exception\SecurityLogLevel;
/**
* XSS-Versuch Event
*/
final readonly class InputXssAttemptEvent implements SecurityEventInterface
{
public function __construct(
public string $field,
public string $detectedPattern = 'generic_xss_pattern'
) {}
public function getEventIdentifier(): string
{
return "input_xss_attempt:{$this->field}";
}
public function getDescription(): string
{
return "XSS attack attempt detected in field {$this->field}";
}
public function getLogLevel(): SecurityLogLevel
{
return SecurityLogLevel::WARN;
}
public function getCategory(): string
{
return 'input_validation';
}
public function requiresAlert(): bool
{
return true;
}
public function toArray(): array
{
return [
'field' => $this->field,
'detectedPattern' => $this->detectedPattern,
'event_identifier' => $this->getEventIdentifier(),
'category' => $this->getCategory(),
'log_level' => $this->getLogLevel()->value,
'requires_alert' => $this->requiresAlert()
];
}
}

43
src/Framework/Exception/SecurityEvent/SecurityEventInterface.php Normal file
View File

@@ -0,0 +1,43 @@
<?php
declare(strict_types=1);
namespace App\Framework\Exception\SecurityEvent;
use App\Framework\Exception\SecurityLogLevel;
/**
* Interface für alle Security-Event Value Objects
*/
interface SecurityEventInterface
{
/**
* Gibt den OWASP-Event-Identifier zurück (z.B. "authn_login_fail:user123")
*/
public function getEventIdentifier(): string;
/**
* Gibt die OWASP-Beschreibung zurück (z.B. "User user123 login failure")
*/
public function getDescription(): string;
/**
* Gibt das Log-Level zurück
*/
public function getLogLevel(): SecurityLogLevel;
/**
* Prüft ob Event kritisch ist und Alerting erfordert
*/
public function requiresAlert(): bool;
/**
* Gibt die Event-Daten als Array zurück
*/
public function toArray(): array;
/**
* Gibt die Event-Kategorie zurück (auth, authz, input, etc.)
*/
public function getCategory(): string;
}

58
src/Framework/Exception/SecurityEvent/SystemExcessiveUseEvent.php Normal file
View File

@@ -0,0 +1,58 @@
<?php
declare(strict_types=1);
namespace App\Framework\Exception\SecurityEvent;
use App\Framework\Exception\SecurityLogLevel;
/**
* Exzessive Nutzung Event
*/
final readonly class SystemExcessiveUseEvent implements SecurityEventInterface
{
public function __construct(
public string $identifier,
public int $limit,
public int $currentUsage
) {}
public function getEventIdentifier(): string
{
return "excessive_use:{$this->identifier},{$this->limit}";
}
public function getDescription(): string
{
return "Excessive usage detected for {$this->identifier} exceeding limit {$this->limit}";
}
public function getLogLevel(): SecurityLogLevel
{
return SecurityLogLevel::WARN;
}
public function getCategory(): string
{
return 'system';
}
public function requiresAlert(): bool
{
// Rate-Limiting-Verletzungen sind immer alert-würdig
return true;
}
public function toArray(): array
{
return [
'identifier' => $this->identifier,
'limit' => $this->limit,
'currentUsage' => $this->currentUsage,
'event_identifier' => $this->getEventIdentifier(),
'category' => $this->getCategory(),
'log_level' => $this->getLogLevel()->value,
'requires_alert' => $this->requiresAlert()
];
}
}