Documentation
¶
Index ¶
- Constants
- func AuditMiddleware(auditLogger *AuditLogger) func(http.Handler) http.Handler
- func ConstantTimeCompare(a, b string) bool
- func IsWebSocketRequest(r *http.Request) bool
- func SanitizeInput(input string) string
- func ValidateSecureHeaders(headers http.Header) []string
- func WithUser(ctx context.Context, user *User) context.Context
- type AlertManager
- type AuditBackend
- type AuditEvent
- type AuditEventLogger
- type AuditFilter
- type AuditLogger
- func (al *AuditLogger) Log(eventType, userID, resource, action, status string, details any)
- func (al *AuditLogger) LogAuth(userID, ipAddress, action, status string, details map[string]any)
- func (al *AuditLogger) LogRequest(r *http.Request, userID string, status int, duration time.Duration)
- func (al *AuditLogger) LogSecurity(eventType, userID, resource, action string, severity string, ...)
- func (al *AuditLogger) Query(filter AuditFilter) ([]*AuditEvent, error)
- func (al *AuditLogger) Stop()
- type Authenticator
- type ClientMessage
- type ClusterManager
- type ClusterStatus
- type Context
- type Handler
- type MCPError
- type MCPPrompt
- type MCPPromptArg
- type MCPRequest
- type MCPResource
- type MCPResponse
- type MCPServer
- type MCPTool
- type Middleware
- type PaginatedResponse
- type Pagination
- type ProbeEngine
- type RESTServer
- type Router
- type StatusComponent
- type StatusPageData
- type Storage
- type User
- type WSClient
- type WSMessage
- type WebSocketServer
- func (s *WebSocketServer) BroadcastAlert(event *core.AlertEvent)
- func (s *WebSocketServer) BroadcastIncident(incident *core.Incident)
- func (s *WebSocketServer) BroadcastJudgment(judgment *core.Judgment)
- func (s *WebSocketServer) BroadcastSoulUpdate(soul *core.Soul)
- func (s *WebSocketServer) BroadcastStats(workspace string, stats interface{})
- func (s *WebSocketServer) BroadcastToWorkspace(workspace string, msg WSMessage)
- func (s *WebSocketServer) GetClientCount() int
- func (s *WebSocketServer) GetStats() map[string]interface{}
- func (s *WebSocketServer) HandleConnection(w http.ResponseWriter, r *http.Request)
- func (s *WebSocketServer) Start()
- func (s *WebSocketServer) Stop()
- func (s *WebSocketServer) SubscribeClient(clientID string, events []string)
- func (s *WebSocketServer) UnsubscribeClient(clientID string, events []string)
Constants ¶
View Source
const ( EventTypeAuthSuccess = "auth_success" EventTypeAuthFailure = "auth_failure" EventTypeAuthLogout = "auth_logout" EventTypeAccessDenied = "access_denied" EventTypeRateLimited = "rate_limited" EventTypeSuspicious = "suspicious_activity" EventTypeInjection = "injection_attempt" EventTypePrivEscalation = "privilege_escalation" EventTypeDataExport = "data_export" EventTypeConfigChange = "config_change" EventTypeSoulCreate = "soul_create" EventTypeSoulUpdate = "soul_update" EventTypeSoulDelete = "soul_delete" )
SecurityEvent types
Variables ¶
This section is empty.
Functions ¶
func AuditMiddleware ¶ added in v0.1.0
func AuditMiddleware(auditLogger *AuditLogger) func(http.Handler) http.Handler
AuditMiddleware creates an HTTP middleware for audit logging
func ConstantTimeCompare ¶ added in v0.1.0
Constant-time comparison to prevent timing attacks
func IsWebSocketRequest ¶ added in v0.1.0
IsWebSocketRequest checks if the request is a WebSocket upgrade
func SanitizeInput ¶ added in v0.1.0
SanitizeInput removes potentially dangerous characters
func ValidateSecureHeaders ¶ added in v0.1.0
ValidateSecureHeaders checks for required security headers in response
Types ¶
type AlertManager ¶
type AlertManager interface {
GetStats() core.AlertManagerStats
ListChannels() []*core.AlertChannel
ListRules() []*core.AlertRule
RegisterChannel(channel *core.AlertChannel) error
RegisterRule(rule *core.AlertRule) error
DeleteChannel(id string) error
DeleteRule(id string) error
AcknowledgeIncident(incidentID, userID string) error
ResolveIncident(incidentID, userID string) error
}
AlertManager interface for alert operations
type AuditBackend ¶ added in v0.1.0
type AuditBackend interface {
Write(event *AuditEvent) error
Query(filter AuditFilter) ([]*AuditEvent, error)
}
AuditBackend defines the interface for audit log storage
type AuditEvent ¶ added in v0.1.0
type AuditEvent struct {
Timestamp time.Time `json:"timestamp"`
EventType string `json:"event_type"`
UserID string `json:"user_id,omitempty"`
IPAddress string `json:"ip_address"`
UserAgent string `json:"user_agent,omitempty"`
Resource string `json:"resource"`
Action string `json:"action"`
Status string `json:"status"`
Details json.RawMessage `json:"details,omitempty"`
RequestID string `json:"request_id"`
}
AuditEvent represents a security audit event
type AuditEventLogger ¶ added in v0.1.0
type AuditEventLogger interface {
Log(eventType, userID, resource, action, status string, details any)
LogRequest(r *http.Request, userID string, status int, duration time.Duration)
LogAuth(userID, ipAddress, action, status string, details map[string]any)
LogSecurity(eventType, userID, resource, action string, severity string, details map[string]any)
}
AuditEventLogger interface for dependency injection
type AuditFilter ¶ added in v0.1.0
type AuditFilter struct {
StartTime time.Time
EndTime time.Time
EventTypes []string
UserID string
Resource string
Action string
Status string
Limit int
}
AuditFilter for querying audit logs
type AuditLogger ¶ added in v0.1.0
type AuditLogger struct {
// contains filtered or unexported fields
}
AuditLogger handles security audit logging
func NewAuditLogger ¶ added in v0.1.0
func NewAuditLogger(logger *slog.Logger, backend AuditBackend) *AuditLogger
NewAuditLogger creates a new audit logger
func (*AuditLogger) Log ¶ added in v0.1.0
func (al *AuditLogger) Log(eventType, userID, resource, action, status string, details any)
Log records an audit event
func (*AuditLogger) LogAuth ¶ added in v0.1.0
func (al *AuditLogger) LogAuth(userID, ipAddress, action, status string, details map[string]any)
LogAuth logs authentication events
func (*AuditLogger) LogRequest ¶ added in v0.1.0
func (al *AuditLogger) LogRequest(r *http.Request, userID string, status int, duration time.Duration)
LogRequest logs an HTTP request
func (*AuditLogger) LogSecurity ¶ added in v0.1.0
func (al *AuditLogger) LogSecurity(eventType, userID, resource, action string, severity string, details map[string]any)
LogSecurity logs security-related events
func (*AuditLogger) Query ¶ added in v0.1.0
func (al *AuditLogger) Query(filter AuditFilter) ([]*AuditEvent, error)
Query retrieves audit events based on filter
func (*AuditLogger) Stop ¶ added in v0.1.0
func (al *AuditLogger) Stop()
Stop gracefully shuts down the audit logger
type Authenticator ¶
type Authenticator interface {
Authenticate(token string) (*User, error)
Login(email, password string) (*User, string, error)
Logout(token string) error
}
Authenticator interface for authentication
type ClientMessage ¶ added in v0.1.0
type ClientMessage struct {
Type string `json:"type"`
Events []string `json:"events,omitempty"`
Workspace string `json:"workspace,omitempty"`
}
ClientMessage is a WebSocket message sent from client to server
type ClusterManager ¶
type ClusterManager interface {
IsLeader() bool
Leader() string
IsClustered() bool
GetStatus() *ClusterStatus
}
ClusterManager interface for cluster operations
type ClusterStatus ¶
type ClusterStatus struct {
IsClustered bool `json:"is_clustered"`
NodeID string `json:"node_id"`
State string `json:"state,omitempty"`
Leader string `json:"leader,omitempty"`
Term uint64 `json:"term,omitempty"`
PeerCount int `json:"peer_count,omitempty"`
}
ClusterStatus holds cluster status info
type Context ¶
type Context struct {
Request *http.Request
Response http.ResponseWriter
Params map[string]string
User *User
Workspace string
StartTime time.Time
}
Context holds request context
type MCPPrompt ¶
type MCPPrompt struct {
Name string `json:"name"`
Description string `json:"description"`
Arguments []MCPPromptArg `json:"arguments"`
Handler func(args map[string]string) (string, error)
}
MCPPrompt represents an MCP prompt
type MCPPromptArg ¶
type MCPPromptArg struct {
Name string `json:"name"`
Description string `json:"description"`
Required bool `json:"required"`
}
MCPPromptArg represents a prompt argument
type MCPRequest ¶
type MCPRequest struct {
JSONRPC string `json:"jsonrpc"`
ID interface{} `json:"id"`
Method string `json:"method"`
Params json.RawMessage `json:"params"`
}
MCPRequest is an incoming MCP request
type MCPResource ¶
type MCPResource struct {
URI string `json:"uri"`
Name string `json:"name"`
Description string `json:"description"`
MIMEType string `json:"mimeType"`
Handler func() (interface{}, error)
}
MCPResource represents an MCP resource
type MCPResponse ¶
type MCPResponse struct {
JSONRPC string `json:"jsonrpc"`
ID interface{} `json:"id"`
Result interface{} `json:"result,omitempty"`
Error *MCPError `json:"error,omitempty"`
}
MCPResponse is an MCP response
type MCPServer ¶
type MCPServer struct {
// contains filtered or unexported fields
}
MCPServer implements the Model Context Protocol for AI integration The scribes commune with the artificial spirits
func NewMCPServer ¶
func NewMCPServer(store Storage, probe ProbeEngine, alert AlertManager, logger *slog.Logger) *MCPServer
NewMCPServer creates a new MCP server
func (*MCPServer) RegisterPrompt ¶
RegisterPrompt allows registration of custom prompts
func (*MCPServer) RegisterResource ¶
func (s *MCPServer) RegisterResource(resource MCPResource)
RegisterResource allows registration of custom resources
func (*MCPServer) RegisterTool ¶
RegisterTool allows registration of custom tools
type MCPTool ¶
type MCPTool struct {
Name string `json:"name"`
Description string `json:"description"`
InputSchema json.RawMessage `json:"inputSchema"`
Handler func(args json.RawMessage) (interface{}, error)
}
MCPTool represents an MCP tool (function)
type PaginatedResponse ¶ added in v0.0.2
type PaginatedResponse struct {
Data interface{} `json:"data"`
Pagination Pagination `json:"pagination"`
}
PaginatedResponse wraps data with pagination metadata
type Pagination ¶ added in v0.0.2
type Pagination struct {
Total int `json:"total"`
Offset int `json:"offset"`
Limit int `json:"limit"`
HasMore bool `json:"has_more"`
NextOffset *int `json:"next_offset,omitempty"`
}
Pagination holds pagination metadata
type ProbeEngine ¶
type ProbeEngine interface {
AssignSouls(souls []*core.Soul)
GetStatus() *core.ProbeStatus
ForceCheck(soulID string) (*core.Judgment, error)
}
ProbeEngine interface for probe operations
type RESTServer ¶
type RESTServer struct {
// contains filtered or unexported fields
}
RESTServer implements the HTTP REST API The scribes record the judgments on papyrus scrolls
func NewRESTServer ¶
func NewRESTServer(config core.ServerConfig, authConfig core.AuthConfig, store Storage, probe ProbeEngine, alert AlertManager, auth Authenticator, cluster ClusterManager, dashboard http.Handler, statusPage http.Handler, mcp *MCPServer, logger *slog.Logger) *RESTServer
NewRESTServer creates a new REST server
func (*RESTServer) OnJudgmentCallback ¶ added in v0.1.0
func (s *RESTServer) OnJudgmentCallback() func(*core.Judgment)
OnJudgmentCallback returns a callback function for broadcasting judgments via WebSocket
type Router ¶
type Router struct {
// contains filtered or unexported fields
}
Router handles HTTP routing
func (*Router) Use ¶
func (r *Router) Use(mw Middleware)
type StatusComponent ¶ added in v0.1.0
type StatusComponent struct {
ID string `json:"id"`
Name string `json:"name"`
Status string `json:"status"`
Type string `json:"type"`
Target string `json:"target"`
Description string `json:"description"`
UpdatedAt time.Time `json:"updated_at"`
LastChecked time.Time `json:"last_checked,omitempty"`
Latency string `json:"latency,omitempty"`
}
StatusComponent represents a single component's status
type StatusPageData ¶ added in v0.1.0
type StatusPageData struct {
Name string `json:"name"`
Description string `json:"description"`
Status string `json:"status"`
UpdatedAt time.Time `json:"updated_at"`
UptimePercentage float64 `json:"uptime_percentage"`
OperationalCount int `json:"operational_count"`
TotalCount int `json:"total_count"`
Components []StatusComponent `json:"components"`
}
StatusPageData represents the public status page response
type Storage ¶
type Storage interface {
GetSoulNoCtx(id string) (*core.Soul, error)
ListSoulsNoCtx(workspace string, offset, limit int) ([]*core.Soul, error)
SaveSoul(ctx context.Context, soul *core.Soul) error
DeleteSoul(ctx context.Context, id string) error
GetJudgmentNoCtx(id string) (*core.Judgment, error)
ListJudgmentsNoCtx(soulID string, start, end time.Time, limit int) ([]*core.Judgment, error)
GetChannelNoCtx(id string) (*core.AlertChannel, error)
ListChannelsNoCtx(workspace string) ([]*core.AlertChannel, error)
SaveChannelNoCtx(channel *core.AlertChannel) error
DeleteChannelNoCtx(id string) error
GetRuleNoCtx(id string) (*core.AlertRule, error)
ListRulesNoCtx(workspace string) ([]*core.AlertRule, error)
SaveRuleNoCtx(rule *core.AlertRule) error
DeleteRuleNoCtx(id string) error
GetWorkspaceNoCtx(id string) (*core.Workspace, error)
ListWorkspacesNoCtx() ([]*core.Workspace, error)
SaveWorkspaceNoCtx(ws *core.Workspace) error
DeleteWorkspaceNoCtx(id string) error
GetStatsNoCtx(workspace string, start, end time.Time) (*core.Stats, error)
GetStatusPageNoCtx(id string) (*core.StatusPage, error)
ListStatusPagesNoCtx() ([]*core.StatusPage, error)
SaveStatusPageNoCtx(page *core.StatusPage) error
DeleteStatusPageNoCtx(id string) error
// Journey methods
GetJourneyNoCtx(id string) (*core.JourneyConfig, error)
ListJourneysNoCtx(workspace string, offset, limit int) ([]*core.JourneyConfig, error)
SaveJourneyNoCtx(journey *core.JourneyConfig) error
DeleteJourneyNoCtx(id string) error
}
Storage interface for data access
type User ¶
type User struct {
ID string `json:"id"`
Email string `json:"email"`
Name string `json:"name"`
Role string `json:"role"`
Workspace string `json:"workspace"`
CreatedAt time.Time `json:"created_at"`
}
User represents an authenticated user
type WSClient ¶
type WSClient struct {
ID string
Conn *websocket.Conn
Workspace string
UserID string
Rooms map[string]bool
// contains filtered or unexported fields
}
WSClient represents a connected WebSocket client
type WSMessage ¶
type WSMessage struct {
Type string `json:"type"`
Timestamp time.Time `json:"timestamp"`
Payload interface{} `json:"payload"`
}
WSMessage is a WebSocket message sent from server to client
type WebSocketServer ¶
type WebSocketServer struct {
// contains filtered or unexported fields
}
WebSocketServer handles real-time WebSocket connections The Oracle's live visions stream to the priests
func NewWebSocketServer ¶
func NewWebSocketServer(logger *slog.Logger) *WebSocketServer
NewWebSocketServer creates a new WebSocket server
func (*WebSocketServer) BroadcastAlert ¶
func (s *WebSocketServer) BroadcastAlert(event *core.AlertEvent)
BroadcastAlert broadcasts an alert to connected clients
func (*WebSocketServer) BroadcastIncident ¶ added in v0.1.0
func (s *WebSocketServer) BroadcastIncident(incident *core.Incident)
BroadcastIncident broadcasts an incident update to connected clients
func (*WebSocketServer) BroadcastJudgment ¶
func (s *WebSocketServer) BroadcastJudgment(judgment *core.Judgment)
BroadcastJudgment broadcasts a judgment to connected clients
func (*WebSocketServer) BroadcastSoulUpdate ¶ added in v0.1.0
func (s *WebSocketServer) BroadcastSoulUpdate(soul *core.Soul)
BroadcastSoulUpdate broadcasts a soul update to connected clients
func (*WebSocketServer) BroadcastStats ¶
func (s *WebSocketServer) BroadcastStats(workspace string, stats interface{})
BroadcastStats broadcasts stats update to connected clients
func (*WebSocketServer) BroadcastToWorkspace ¶ added in v0.1.0
func (s *WebSocketServer) BroadcastToWorkspace(workspace string, msg WSMessage)
BroadcastToWorkspace broadcasts a message to all clients in a workspace
func (*WebSocketServer) GetClientCount ¶ added in v0.1.0
func (s *WebSocketServer) GetClientCount() int
GetClientCount returns the number of connected clients
func (*WebSocketServer) GetStats ¶
func (s *WebSocketServer) GetStats() map[string]interface{}
GetStats returns WebSocket server statistics
func (*WebSocketServer) HandleConnection ¶
func (s *WebSocketServer) HandleConnection(w http.ResponseWriter, r *http.Request)
HandleConnection handles new WebSocket connections
func (*WebSocketServer) SubscribeClient ¶
func (s *WebSocketServer) SubscribeClient(clientID string, events []string)
SubscribeClient subscribes a client to specific events
func (*WebSocketServer) UnsubscribeClient ¶
func (s *WebSocketServer) UnsubscribeClient(clientID string, events []string)
UnsubscribeClient unsubscribes a client
Source Files
Click to show internal directories.
Click to hide internal directories.