Documentation
¶
Overview ¶
Package routes registers all HTTP routes for the API. Routes are organized by domain for maintainability.
Index ¶
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
func ChainFunc ¶
func ChainFunc(handler http.HandlerFunc, middlewares ...Middleware) http.Handler
ChainFunc wraps a handler function with middleware(s). Returns the final handler after applying all middleware in order.
func Register ¶
func Register( router Router, h Handlers, cfg *config.Config, log *logger.Logger, authCfg AuthConfig, tenantRepo tenant.Repository, userService *app.UserService, membershipReader middleware.MembershipReader, )
Register registers all application routes. This keeps route definitions in the infrastructure layer, not in main.
Routes are organized across multiple files by domain:
- auth.go: Authentication (login, register, OAuth)
- tenant.go: Tenant management
- assets.go: Assets, components, asset groups, scope
- scanning.go: Agents, commands, scans, pipelines, tools
- exposure.go: Exposures, threat intel, credentials
- access_control.go: Groups, roles, permissions
- platform.go: Platform agents and jobs
- misc.go: Health, docs, dashboard, audit, SLA, integrations
Types ¶
type AuthConfig ¶
type AuthConfig struct {
Provider config.AuthProvider
LocalValidator *jwt.Generator
OIDCValidator *keycloak.Validator
}
AuthConfig holds authentication configuration for route registration.
type Handlers ¶
type Handlers struct {
Health *handler.HealthHandler
Auth *handler.AuthHandler // OIDC auth info handler
LocalAuth *handler.LocalAuthHandler // Local auth handler (nil if OIDC-only)
OAuth *handler.OAuthHandler // OAuth handler for social login (nil if not configured)
Asset *handler.AssetHandler // nil if not initialized (no database)
Tenant *handler.TenantHandler // nil if not initialized (no database)
User *handler.UserHandler // nil if not initialized (no database)
Component *handler.ComponentHandler // nil if not initialized (no database)
Vulnerability *handler.VulnerabilityHandler // nil if not initialized (no database)
FindingActivity *handler.FindingActivityHandler // nil if not initialized (no database)
// Note: Real-time updates moved to WebSocket (see WebSocket field below)
AITriage *handler.AITriageHandler // Always initialized - handles nil service gracefully
Dashboard *handler.DashboardHandler // nil if not initialized (no database)
Audit *handler.AuditHandler // nil if not initialized (no database)
Branch *handler.BranchHandler // nil if not initialized (no database)
SLA *handler.SLAHandler // nil if not initialized (no database)
Integration *handler.IntegrationHandler // nil if not initialized (no database)
AssetGroup *handler.AssetGroupHandler // nil if not initialized (no database)
Scope *handler.ScopeHandler // nil if not initialized (no database)
AssetType *handler.AssetTypeHandler // nil if not initialized (no database)
AttackSurface *handler.AttackSurfaceHandler // nil if not initialized (no database)
Docs *handler.DocsHandler // API documentation handler
Command *handler.CommandHandler // nil if not initialized (no database)
Ingest *handler.IngestHandler // nil if not initialized (no database) - unified ingestion (CTIS, SARIF, Recon)
RuntimeTelemetry *handler.RuntimeTelemetryHandler // nil if not initialized - EDR/XDR events from endpoint agents
IOC *handler.IOCHandler // nil if not initialized - IOC catalogue (feeds B6 correlator)
Agent *handler.AgentHandler // nil if not initialized (no database)
Pipeline *handler.PipelineHandler // nil if not initialized (no database)
ScanProfile *handler.ScanProfileHandler // nil if not initialized (no database)
Tool *handler.ToolHandler // nil if not initialized (no database)
ToolCategory *handler.ToolCategoryHandler // nil if not initialized (no database)
Capability *handler.CapabilityHandler // nil if not initialized (no database)
Scan *handler.ScanHandler // nil if not initialized (no database)
CI *handler.CIHandler // nil if not initialized (no database) - CI/CD snippet generator
ScanSession *handler.ScanSessionHandler // nil if not initialized (no database)
ScannerTemplate *handler.ScannerTemplateHandler // nil if not initialized (no database)
TemplateSource *handler.TemplateSourceHandler // nil if not initialized (no database)
SecretStore *handler.SecretStoreHandler // nil if not initialized (no database)
Exposure *handler.ExposureHandler // nil if not initialized (no database)
ThreatIntel *handler.ThreatIntelHandler // nil if not initialized (no database)
CredentialImport *handler.CredentialImportHandler // nil if not initialized (no database)
Workflow *handler.WorkflowHandler // nil if not initialized (no database)
Suppression *handler.SuppressionHandler // nil if not initialized (no database)
// CTEM Discovery handlers
AssetService *handler.AssetServiceHandler // nil if not initialized (no database)
AssetStateHistory *handler.AssetStateHistoryHandler // nil if not initialized (no database)
AssetRelationship *handler.AssetRelationshipHandler // nil if not initialized (no database)
RelationshipSuggestion *handler.RelationshipSuggestionHandler // nil if not initialized (no database)
// Access Control handlers
Group *handler.GroupHandler // nil if not initialized (no database)
PermissionSet *handler.PermissionSetHandler // nil if not initialized (no database)
Role *handler.RoleHandler // nil if not initialized (no database)
Permission *handler.PermissionHandler // nil if not initialized (permission sync handler)
AssignmentRule *handler.AssignmentRuleHandler // nil if not initialized (no database)
ScopeRule *handler.ScopeRuleHandler // nil if not initialized (no database)
AssetOwner *handler.AssetOwnerHandler // nil if not initialized (no database)
// Finding Lifecycle (closed-loop: fix_applied → verified → resolved)
FindingActions *handler.FindingActionsHandler // nil if not initialized (no database)
// Jira Bidirectional Sync (link tickets to findings + receive Jira webhooks)
JiraWebhook *handler.JiraWebhookHandler // nil if not initialized (no database)
// Pentest Campaign Management handlers
Pentest *handler.PentestHandler // nil if not initialized (no database)
PentestCampaignRoleQry middleware.CampaignRoleQuerier // Campaign role resolver for RBAC middleware
// File Attachments (shared across pentest, retest, campaign)
Attachment *handler.AttachmentHandler // nil if not initialized
// Compliance Framework Management handlers
Compliance *handler.ComplianceHandler // nil if not initialized (no database)
// Attack Simulation & Control Testing
Simulation *handler.SimulationHandler // nil if not initialized (no database)
// Threat Actor Intelligence
ThreatActor *handler.ThreatActorHandler // nil if not initialized (no database)
// Remediation Campaigns
RemediationCampaign *handler.RemediationCampaignHandler // nil if not initialized
ReportSchedule *handler.ReportScheduleHandler // nil if not initialized
// Business Units
BusinessUnit *handler.BusinessUnitHandler // nil if not initialized
// Business Services (distinct from Business Units — represent business capabilities)
BusinessService *handler.BusinessServiceHandler // nil if not initialized
// CTEM RFC-005 handlers (direct SQL, no DDD repo layer yet)
CompensatingControl *handler.CompensatingControlHandler // nil if not initialized
AttackerProfile *handler.AttackerProfileHandler // nil if not initialized
CTEMCycle *handler.CTEMCycleHandler // nil if not initialized
VerificationChecklist *handler.VerificationChecklistHandler // nil if not initialized
PriorityRule *handler.PriorityRuleHandler // nil if not initialized
// Asset Import (Nessus, K8s, CSV)
AssetImport *handler.AssetImportHandler // nil if not initialized
// Configuration handlers (read-only system config)
FindingSource *handler.FindingSourceHandler // nil if not initialized (no database)
// API Keys & Webhooks
APIKey *handler.APIKeyHandler // nil if not initialized (no database)
Webhook *handler.WebhookHandler // nil if not initialized (no database)
// Notification handlers
Notification *handler.NotificationHandler // nil if not initialized (no database)
Outbox *handler.OutboxHandler // nil if not initialized (no database)
// Bootstrap handler (combines multiple endpoints into one)
Bootstrap *handler.BootstrapHandler // nil if not initialized (no database)
// Admin Auth handler (API key authentication for Admin UI)
AdminAuth *handler.AdminAuthHandler
AdminAuthMiddleware *middleware.AdminAuthMiddleware
// Admin Audit middleware (audit logging for admin operations)
AdminAuditMiddleware *middleware.AuditMiddleware
// Admin Mapping rate limiter (10 req/min for write operations)
AdminMappingRateLimiter *middleware.AdminMappingRateLimiter
// Admin management handlers (CRUD for admin users, audit logs, target mappings)
AdminUser *handler.AdminUserHandler
AdminAudit *handler.AdminAuditHandler
AdminTargetMapping *handler.AdminTargetMappingHandler
AdminDedup *handler.AdminDedupHandler // RFC-001: Asset dedup review
// SSO handler (per-tenant SSO authentication)
SSO *handler.SSOHandler // nil if not initialized
// Platform Stats handler (tenant-scoped platform agent stats)
PlatformStats *handler.PlatformStatsHandler
// WebSocket handler for real-time communication
WebSocket *websocket.Handler
// F-8: Optional single-use WebSocket ticket redeemer. When non-nil,
// the /ws route uses ticket auth instead of the JWT chain.
WSTicketRedeemer middleware.WSTicketRedeemer
}
Handlers holds all HTTP handlers for route registration.
type Middleware ¶
type Middleware = infrahttp.Middleware
Middleware is an alias to the http package's Middleware type.
Source Files
Click to show internal directories.
Click to hide internal directories.