api

package
v0.4.0 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Jun 20, 2025 License: MIT Imports: 33 Imported by: 0

Documentation

Overview

Package api provides the HTTP server for the LLMrecon API

Index

Constants

View Source
const (
	ErrCodeInvalidRequest     = "INVALID_REQUEST"
	ErrCodeUnauthorized       = "UNAUTHORIZED"
	ErrCodeForbidden          = "FORBIDDEN"
	ErrCodeNotFound           = "NOT_FOUND"
	ErrCodeConflict           = "CONFLICT"
	ErrCodeValidation         = "VALIDATION_ERROR"
	ErrCodeInternalError      = "INTERNAL_ERROR"
	ErrCodeServiceUnavailable = "SERVICE_UNAVAILABLE"
	ErrCodeRateLimited        = "RATE_LIMITED"
	ErrCodeTimeout            = "REQUEST_TIMEOUT"
)

Common error codes used across the API

View Source
const APIVersion = "v1"

API Version

View Source
const OpenAPIVersion = "3.0.3"

OpenAPI specification version

Variables

View Source
var (
	ErrInvalidCredentials = errors.New("invalid credentials")
	ErrTokenExpired       = errors.New("token expired")
	ErrTokenInvalid       = errors.New("token invalid")
	ErrAPIKeyNotFound     = errors.New("API key not found")
	ErrAPIKeyExpired      = errors.New("API key expired")
	ErrAPIKeyRevoked      = errors.New("API key revoked")
)

Authentication errors

Functions

func GenerateOpenAPISpec

func GenerateOpenAPISpec() map[string]interface{}

OpenAPISpec generates the OpenAPI specification

func NewRouter

func NewRouter(config *Config) *mux.Router

Router creates and configures the API router

func RunServer

func RunServer(config *Config, services *Services) error

RunServer starts the API server with the given configuration

func ValidateConfig

func ValidateConfig(config *Config) error

ValidateConfig validates API configuration

Types

type APIError

type APIError struct {
	Code    string
	Message string
	Details string
}

APIError represents an API error

func NewAPIError

func NewAPIError(code, message string) *APIError

NewAPIError creates a new API error

func NewAPIErrorWithDetails

func NewAPIErrorWithDetails(code, message, details string) *APIError

NewAPIErrorWithDetails creates a new API error with details

func (*APIError) Error

func (e *APIError) Error() string

type APIKey

type APIKey struct {
	ID          string            `json:"id"`
	Key         string            `json:"key,omitempty"` // Only returned on creation
	KeyHash     string            `json:"-"`             // Never exposed
	Name        string            `json:"name"`
	Description string            `json:"description,omitempty"`
	Scopes      []string          `json:"scopes"`
	RateLimit   int               `json:"rate_limit"` // Requests per minute
	Metadata    map[string]string `json:"metadata,omitempty"`
	ExpiresAt   *time.Time        `json:"expires_at,omitempty"`
	RevokedAt   *time.Time        `json:"revoked_at,omitempty"`
	LastUsedAt  *time.Time        `json:"last_used_at,omitempty"`
	CreatedAt   time.Time         `json:"created_at"`
	UpdatedAt   time.Time         `json:"updated_at"`
}

APIKey represents an API key

type APIKeyFilter

type APIKeyFilter struct {
	Active      *bool
	ExpiredOnly bool
	RevokedOnly bool
}

APIKeyFilter represents API key filter criteria

type AuditLogger

type AuditLogger struct {
	// contains filtered or unexported fields
}

AuditLogger logs security-relevant events

func NewAuditLogger

func NewAuditLogger(logSensitive bool) *AuditLogger

NewAuditLogger creates a new audit logger

type AuthRequest

type AuthRequest struct {
	APIKey string `json:"api_key,omitempty"`
	Token  string `json:"token,omitempty"`
}

AuthRequest represents authentication request

type AuthResponse

type AuthResponse struct {
	Success     bool      `json:"success"`
	Token       string    `json:"token,omitempty"`
	ExpiresAt   time.Time `json:"expires_at,omitempty"`
	Permissions []string  `json:"permissions,omitempty"`
}

AuthResponse represents authentication response

type AuthService

type AuthService interface {
	// JWT operations
	GenerateJWT(userID string, claims map[string]interface{}) (string, error)
	ValidateJWT(token string) (*JWTClaims, error)
	RefreshJWT(token string) (string, error)

	// API key operations
	CreateAPIKey(request CreateAPIKeyRequest) (*APIKey, error)
	GetAPIKey(keyID string) (*APIKey, error)
	ListAPIKeys(filter APIKeyFilter) ([]APIKey, error)
	RevokeAPIKey(keyID string) error
	ValidateAPIKey(key string) (*APIKey, error)

	// User authentication
	Authenticate(username, password string) (*User, error)
	CreateUser(request CreateUserRequest) (*User, error)
	UpdatePassword(userID, oldPassword, newPassword string) error
}

AuthService handles authentication operations

func NewAuthService

func NewAuthService(config *Config) AuthService

NewAuthService creates a new auth service

type AuthServiceImpl

type AuthServiceImpl struct {
	// contains filtered or unexported fields
}

AuthServiceImpl implements AuthService

func (*AuthServiceImpl) Authenticate

func (s *AuthServiceImpl) Authenticate(username, password string) (*User, error)

Authenticate authenticates a user

func (*AuthServiceImpl) CreateAPIKey

func (s *AuthServiceImpl) CreateAPIKey(request CreateAPIKeyRequest) (*APIKey, error)

CreateAPIKey creates a new API key

func (*AuthServiceImpl) CreateUser

func (s *AuthServiceImpl) CreateUser(request CreateUserRequest) (*User, error)

CreateUser creates a new user

func (*AuthServiceImpl) GenerateJWT

func (s *AuthServiceImpl) GenerateJWT(userID string, claims map[string]interface{}) (string, error)

GenerateJWT generates a new JWT token

func (*AuthServiceImpl) GetAPIKey

func (s *AuthServiceImpl) GetAPIKey(keyID string) (*APIKey, error)

GetAPIKey retrieves an API key by ID

func (*AuthServiceImpl) ListAPIKeys

func (s *AuthServiceImpl) ListAPIKeys(filter APIKeyFilter) ([]APIKey, error)

ListAPIKeys lists API keys based on filter

func (*AuthServiceImpl) RefreshJWT

func (s *AuthServiceImpl) RefreshJWT(tokenString string) (string, error)

RefreshJWT refreshes a JWT token

func (*AuthServiceImpl) RevokeAPIKey

func (s *AuthServiceImpl) RevokeAPIKey(keyID string) error

RevokeAPIKey revokes an API key

func (*AuthServiceImpl) UpdatePassword

func (s *AuthServiceImpl) UpdatePassword(userID, oldPassword, newPassword string) error

UpdatePassword updates a user's password

func (*AuthServiceImpl) ValidateAPIKey

func (s *AuthServiceImpl) ValidateAPIKey(key string) (*APIKey, error)

ValidateAPIKey validates an API key

func (*AuthServiceImpl) ValidateJWT

func (s *AuthServiceImpl) ValidateJWT(tokenString string) (*JWTClaims, error)

ValidateJWT validates a JWT token

type BundleInfo

type BundleInfo struct {
	ID          string                 `json:"id"`
	Name        string                 `json:"name"`
	Description string                 `json:"description"`
	Version     string                 `json:"version"`
	Author      string                 `json:"author"`
	Tags        []string               `json:"tags,omitempty"`
	Templates   []string               `json:"templates"`
	Modules     []string               `json:"modules,omitempty"`
	Size        int64                  `json:"size"`
	Checksum    string                 `json:"checksum"`
	CreatedAt   time.Time              `json:"created_at"`
	UpdatedAt   time.Time              `json:"updated_at"`
	Metadata    map[string]interface{} `json:"metadata,omitempty"`
}

BundleInfo represents metadata about a bundle

type BundleOperationResult

type BundleOperationResult struct {
	BundleID  string            `json:"bundle_id,omitempty"`
	Status    string            `json:"status"`
	Message   string            `json:"message,omitempty"`
	Templates []string          `json:"templates,omitempty"`
	Modules   []string          `json:"modules,omitempty"`
	Conflicts []string          `json:"conflicts,omitempty"`
	Errors    []string          `json:"errors,omitempty"`
	Metadata  map[string]string `json:"metadata,omitempty"`
}

BundleOperationResult represents the result of a bundle operation

type BundleService

type BundleService interface {
	ListBundles() ([]BundleInfo, error)
	GetBundle(id string) (*BundleInfo, error)
	ExportBundle(request ExportBundleRequest) (*BundleOperationResult, error)
	ImportBundle(request ImportBundleRequest) (*BundleOperationResult, error)
	DeleteBundle(id string) error
}

BundleService interface for bundle operations

type BundleServiceAdapter

type BundleServiceAdapter struct {
}

BundleServiceAdapter adapts the bundle system to the API service interface

func NewBundleServiceAdapter

func NewBundleServiceAdapter() *BundleServiceAdapter

NewBundleServiceAdapter creates a new bundle service adapter

func (*BundleServiceAdapter) DeleteBundle

func (a *BundleServiceAdapter) DeleteBundle(id string) error

DeleteBundle deletes a bundle

func (*BundleServiceAdapter) ExportBundle

ExportBundle creates a new bundle

func (*BundleServiceAdapter) GetBundle

func (a *BundleServiceAdapter) GetBundle(id string) (*BundleInfo, error)

GetBundle gets a specific bundle by ID

func (*BundleServiceAdapter) ImportBundle

ImportBundle imports a bundle

func (*BundleServiceAdapter) ListBundles

func (a *BundleServiceAdapter) ListBundles() ([]BundleInfo, error)

ListBundles lists available bundles

type ComplianceEvidence

type ComplianceEvidence struct {
	Type        string                 `json:"type"` // "scan", "template", "manual"
	Source      string                 `json:"source"`
	Description string                 `json:"description"`
	Timestamp   time.Time              `json:"timestamp"`
	Data        map[string]interface{} `json:"data,omitempty"`
}

ComplianceEvidence represents evidence supporting a compliance result

type CompliancePeriod

type CompliancePeriod struct {
	StartDate time.Time `json:"start_date"`
	EndDate   time.Time `json:"end_date"`
}

CompliancePeriod represents the time period covered by a compliance report

type ComplianceReport

type ComplianceReport struct {
	ID          string                 `json:"id"`
	Framework   string                 `json:"framework"`
	GeneratedAt time.Time              `json:"generated_at"`
	Period      CompliancePeriod       `json:"period"`
	Summary     ComplianceSummary      `json:"summary"`
	Results     []ComplianceResult     `json:"results"`
	Metadata    map[string]interface{} `json:"metadata,omitempty"`
}

ComplianceReport represents a compliance report

type ComplianceReportRequest

type ComplianceReportRequest struct {
	Framework      string     `json:"framework"` // "owasp", "iso42001", "nist"
	ScanIDs        []string   `json:"scan_ids,omitempty"`
	DateFrom       *time.Time `json:"date_from,omitempty"`
	DateTo         *time.Time `json:"date_to,omitempty"`
	Format         string     `json:"format,omitempty"` // "json", "pdf", "html", "csv"
	IncludePassed  bool       `json:"include_passed,omitempty"`
	IncludeFailed  bool       `json:"include_failed,omitempty"`
	IncludeSkipped bool       `json:"include_skipped,omitempty"`
}

ComplianceReportRequest represents a request to generate a compliance report

type ComplianceResult

type ComplianceResult struct {
	ControlID       string                 `json:"control_id"`
	ControlName     string                 `json:"control_name"`
	Description     string                 `json:"description"`
	Status          string                 `json:"status"` // "compliant", "non-compliant", "not-applicable"
	Evidence        []ComplianceEvidence   `json:"evidence,omitempty"`
	Recommendations []string               `json:"recommendations,omitempty"`
	Metadata        map[string]interface{} `json:"metadata,omitempty"`
}

ComplianceResult represents the compliance status of a specific control

type ComplianceService

type ComplianceService interface {
	GenerateReport(request ComplianceReportRequest) (*ComplianceReport, error)
	CheckCompliance(framework string) (*ComplianceStatus, error)
	GetComplianceHistory(framework string, days int) ([]ComplianceTrend, error)
}

ComplianceService interface for compliance operations

type ComplianceServiceAdapter

type ComplianceServiceAdapter struct {
	// contains filtered or unexported fields
}

ComplianceServiceAdapter adapts the compliance system to the API service interface

func NewComplianceServiceAdapter

func NewComplianceServiceAdapter(templateManager management.TemplateManager) *ComplianceServiceAdapter

NewComplianceServiceAdapter creates a new compliance service adapter

func (*ComplianceServiceAdapter) CheckCompliance

func (a *ComplianceServiceAdapter) CheckCompliance(framework string) (*ComplianceStatus, error)

CheckCompliance checks compliance status

func (*ComplianceServiceAdapter) GenerateReport

GenerateReport generates a compliance report

func (*ComplianceServiceAdapter) GetComplianceHistory

func (a *ComplianceServiceAdapter) GetComplianceHistory(framework string, days int) ([]ComplianceTrend, error)

GetComplianceHistory gets compliance history for a framework

type ComplianceStatus

type ComplianceStatus struct {
	Framework       string                 `json:"framework"`
	OverallScore    float64                `json:"overall_score"`
	RiskLevel       string                 `json:"risk_level"`
	LastAssessment  time.Time              `json:"last_assessment"`
	ControlsSummary ComplianceSummary      `json:"controls_summary"`
	Trends          []ComplianceTrend      `json:"trends,omitempty"`
	Metadata        map[string]interface{} `json:"metadata,omitempty"`
}

ComplianceStatus represents overall compliance status

type ComplianceSummary

type ComplianceSummary struct {
	TotalControls     int     `json:"total_controls"`
	CompliantControls int     `json:"compliant_controls"`
	FailedControls    int     `json:"failed_controls"`
	SkippedControls   int     `json:"skipped_controls"`
	ComplianceScore   float64 `json:"compliance_score"`
	RiskLevel         string  `json:"risk_level"`
}

ComplianceSummary provides high-level compliance information

type ComplianceTrend

type ComplianceTrend struct {
	Date  time.Time `json:"date"`
	Score float64   `json:"score"`
}

ComplianceTrend represents compliance trends over time

type ComponentVersion

type ComponentVersion struct {
	Current         string    `json:"current"`
	Latest          string    `json:"latest,omitempty"`
	UpdateAvailable bool      `json:"update_available"`
	ReleaseDate     time.Time `json:"release_date,omitempty"`
	Changelog       string    `json:"changelog_url,omitempty"`
}

ComponentVersion represents version details for a component

type Config

type Config struct {
	Port                  int
	Host                  string
	APIKeys               []string
	EnableAuth            bool
	EnableRateLimit       bool
	RateLimit             int // requests per minute
	EnableCORS            bool
	AllowedOrigins        []string
	EnableSwaggerUI       bool
	LogLevel              string
	TLSCert               string
	TLSKey                string
	JWTSecret             string
	JWTExpiration         int // hours
	EnableSecurityHeaders bool
	SecurityHeaders       SecurityHeaders
	EnableIPWhitelist     bool
	WhitelistedIPs        []string
	WhitelistedCIDRs      []string
	MaxRequestSize        int64 // bytes
	RequestTimeout        int   // seconds
	EnableCompression     bool
	EnableAuditLogging    bool
	EnableMetrics         bool // enable metrics collection
}

Config holds API server configuration

func DefaultConfig

func DefaultConfig() *Config

DefaultConfig returns default API configuration

type CreateAPIKeyRequest

type CreateAPIKeyRequest struct {
	Name        string            `json:"name" validate:"required"`
	Description string            `json:"description,omitempty"`
	Scopes      []string          `json:"scopes,omitempty"`
	RateLimit   int               `json:"rate_limit,omitempty"`
	ExpiresIn   int               `json:"expires_in,omitempty"` // Days
	Metadata    map[string]string `json:"metadata,omitempty"`
}

CreateAPIKeyRequest represents a request to create an API key

type CreateScanRequest

type CreateScanRequest struct {
	Target     ScanTarget `json:"target"`
	Templates  []string   `json:"templates,omitempty"`
	Categories []string   `json:"categories,omitempty"`
	Config     ScanConfig `json:"config,omitempty"`
}

CreateScanRequest represents a request to create a new scan

type CreateUserRequest

type CreateUserRequest struct {
	Username string            `json:"username" validate:"required"`
	Email    string            `json:"email" validate:"required,email"`
	Password string            `json:"password" validate:"required,min=8"`
	Role     string            `json:"role,omitempty"`
	Metadata map[string]string `json:"metadata,omitempty"`
}

CreateUserRequest represents a request to create a user

type DefaultLogger

type DefaultLogger struct{}

DefaultLogger provides a simple logger implementation

func (*DefaultLogger) Debug

func (l *DefaultLogger) Debug(msg string)

func (*DefaultLogger) Error

func (l *DefaultLogger) Error(msg string, err error)

func (*DefaultLogger) Info

func (l *DefaultLogger) Info(msg string)

func (*DefaultLogger) Warn

func (l *DefaultLogger) Warn(msg string)

type Error

type Error struct {
	Code    string `json:"code"`
	Message string `json:"message"`
	Details string `json:"details,omitempty"`
}

Error represents API error details

type ExportBundleRequest

type ExportBundleRequest struct {
	Name        string   `json:"name"`
	Description string   `json:"description,omitempty"`
	Templates   []string `json:"templates,omitempty"`
	Categories  []string `json:"categories,omitempty"`
	Modules     []string `json:"modules,omitempty"`
	Format      string   `json:"format,omitempty"` // "zip", "tar.gz"
	Compress    bool     `json:"compress,omitempty"`
}

ExportBundleRequest represents a request to export a bundle

type Finding

type Finding struct {
	ID           string                 `json:"id"`
	TemplateID   string                 `json:"template_id"`
	TemplateName string                 `json:"template_name"`
	Category     string                 `json:"category"`
	Severity     string                 `json:"severity"`
	Title        string                 `json:"title"`
	Description  string                 `json:"description"`
	Evidence     map[string]interface{} `json:"evidence,omitempty"`
	Remediation  string                 `json:"remediation,omitempty"`
	References   []string               `json:"references,omitempty"`
	Timestamp    time.Time              `json:"timestamp"`
}

Finding represents a security issue discovered

type IPWhitelist

type IPWhitelist struct {
	// contains filtered or unexported fields
}

IPWhitelist manages IP whitelisting

func NewIPWhitelist

func NewIPWhitelist(ips []string, cidrs []string) *IPWhitelist

NewIPWhitelist creates a new IP whitelist

func (*IPWhitelist) IsAllowed

func (w *IPWhitelist) IsAllowed(ip string) bool

IsAllowed checks if an IP is whitelisted

type ImportBundleRequest

type ImportBundleRequest struct {
	Source        string `json:"source"` // file path or URL
	ValidateOnly  bool   `json:"validate_only,omitempty"`
	Overwrite     bool   `json:"overwrite,omitempty"`
	SkipConflicts bool   `json:"skip_conflicts,omitempty"`
}

ImportBundleRequest represents a request to import a bundle

type InMemoryScanStore

type InMemoryScanStore struct {
	// contains filtered or unexported fields
}

InMemoryScanStore implements ScanStore using in-memory storage

func NewInMemoryScanStore

func NewInMemoryScanStore() *InMemoryScanStore

NewInMemoryScanStore creates a new in-memory scan store

func (*InMemoryScanStore) CleanupOldScans

func (s *InMemoryScanStore) CleanupOldScans(olderThan time.Duration) error

CleanupOldScans removes scans older than the specified duration

func (*InMemoryScanStore) Create

func (s *InMemoryScanStore) Create(scan *Scan) error

Create creates a new scan

func (*InMemoryScanStore) Delete

func (s *InMemoryScanStore) Delete(id string) error

Delete removes a scan

func (*InMemoryScanStore) Get

func (s *InMemoryScanStore) Get(id string) (*Scan, error)

Get retrieves a scan by ID

func (*InMemoryScanStore) List

func (s *InMemoryScanStore) List(filter ScanFilter) ([]Scan, error)

List returns scans matching the filter

func (*InMemoryScanStore) Update

func (s *InMemoryScanStore) Update(scan *Scan) error

Update updates an existing scan

type JWTClaims

type JWTClaims struct {
	UserID   string                 `json:"user_id"`
	Username string                 `json:"username"`
	Role     string                 `json:"role"`
	Extra    map[string]interface{} `json:"extra,omitempty"`
	jwt.RegisteredClaims
}

JWTClaims represents JWT claims

type ListScansRequest

type ListScansRequest struct {
	Status  ScanStatus `json:"status,omitempty"`
	Page    int        `json:"page,omitempty"`
	PerPage int        `json:"per_page,omitempty"`
	SortBy  string     `json:"sort_by,omitempty"`
	OrderBy string     `json:"order_by,omitempty"`
}

ListScansRequest represents scan listing parameters

type ListTemplatesRequest

type ListTemplatesRequest struct {
	Category string   `json:"category,omitempty"`
	Severity string   `json:"severity,omitempty"`
	Tags     []string `json:"tags,omitempty"`
	Search   string   `json:"search,omitempty"`
	Page     int      `json:"page,omitempty"`
	PerPage  int      `json:"per_page,omitempty"`
}

ListTemplatesRequest represents template listing parameters

type Meta

type Meta struct {
	Page       int    `json:"page,omitempty"`
	PerPage    int    `json:"per_page,omitempty"`
	Total      int    `json:"total,omitempty"`
	TotalPages int    `json:"total_pages,omitempty"`
	Version    string `json:"version,omitempty"`
}

Meta contains pagination and other metadata

type MockScanService

type MockScanService struct {
	// contains filtered or unexported fields
}

MockScanService implements a mock scan service for testing

func NewMockScanService

func NewMockScanService() *MockScanService

NewMockScanService creates a new mock scan service

func (*MockScanService) CancelScan

func (m *MockScanService) CancelScan(id string) error

CancelScan cancels a running scan

func (*MockScanService) CreateScan

func (m *MockScanService) CreateScan(request CreateScanRequest) (*Scan, error)

CreateScan creates a new scan

func (*MockScanService) GetScan

func (m *MockScanService) GetScan(id string) (*Scan, error)

GetScan retrieves a scan by ID

func (*MockScanService) GetScanResults

func (m *MockScanService) GetScanResults(id string) (*ScanResults, error)

GetScanResults retrieves scan results

func (*MockScanService) ListScans

func (m *MockScanService) ListScans(filter ScanFilter) ([]Scan, error)

ListScans lists all scans

type Module

type Module struct {
	ID           string       `json:"id"`
	Name         string       `json:"name"`
	Type         string       `json:"type"`
	Version      string       `json:"version"`
	Description  string       `json:"description"`
	Provider     string       `json:"provider"`
	Status       string       `json:"status"`
	Capabilities []string     `json:"capabilities,omitempty"`
	Config       ModuleConfig `json:"config,omitempty"`
	LoadedAt     time.Time    `json:"loaded_at"`
}

Module represents a provider module

type ModuleConfig

type ModuleConfig struct {
	Enabled     bool                   `json:"enabled"`
	Settings    map[string]interface{} `json:"settings,omitempty"`
	Credentials map[string]string      `json:"credentials,omitempty"` // Will be filtered in responses
}

ModuleConfig contains module configuration

type ModuleService

type ModuleService interface {
	ListModules() ([]Module, error)
	GetModule(id string) (*Module, error)
	UpdateModuleConfig(id string, config ModuleConfig) error
	ReloadModule(id string) error
}

ModuleService interface for module operations

type ModuleServiceAdapter

type ModuleServiceAdapter struct {
	// contains filtered or unexported fields
}

ModuleServiceAdapter adapts the provider system to the API service interface

func NewModuleServiceAdapter

func NewModuleServiceAdapter(providerFactory core.ProviderFactory) *ModuleServiceAdapter

NewModuleServiceAdapter creates a new module service adapter

func (*ModuleServiceAdapter) GetModule

func (a *ModuleServiceAdapter) GetModule(id string) (*Module, error)

GetModule gets a specific module by ID

func (*ModuleServiceAdapter) ListModules

func (a *ModuleServiceAdapter) ListModules() ([]Module, error)

ListModules lists available provider modules

func (*ModuleServiceAdapter) ReloadModule

func (a *ModuleServiceAdapter) ReloadModule(id string) error

ReloadModule reloads a module

func (*ModuleServiceAdapter) UpdateModuleConfig

func (a *ModuleServiceAdapter) UpdateModuleConfig(id string, config ModuleConfig) error

UpdateModuleConfig updates module configuration

type RateLimiter

type RateLimiter struct {
	// contains filtered or unexported fields
}

RateLimiter tracks rate limits per API key

func NewRateLimiter

func NewRateLimiter(ratePerMinute int) *RateLimiter

NewRateLimiter creates a new rate limiter

func (*RateLimiter) GetLimiter

func (rl *RateLimiter) GetLimiter(key string) *rate.Limiter

GetLimiter returns a rate limiter for the given key

type Response

type Response struct {
	Success bool        `json:"success"`
	Data    interface{} `json:"data,omitempty"`
	Error   *Error      `json:"error,omitempty"`
	Meta    *Meta       `json:"meta,omitempty"`
}

Standard API Response wrapper

type ResultSummary

type ResultSummary struct {
	TotalTests      int            `json:"total_tests"`
	Passed          int            `json:"passed"`
	Failed          int            `json:"failed"`
	Errors          int            `json:"errors"`
	Skipped         int            `json:"skipped"`
	SeverityCount   map[string]int `json:"severity_count"`
	CategoryCount   map[string]int `json:"category_count"`
	ComplianceScore float64        `json:"compliance_score"`
}

ResultSummary provides high-level scan results

type Route

type Route struct {
	Name        string
	Method      string
	Pattern     string
	Handler     http.HandlerFunc
	RequireAuth bool
}

Route represents an API route definition

func GetRoutes

func GetRoutes() []Route

GetRoutes returns all API routes for documentation

type Scan

type Scan struct {
	ID          string       `json:"id"`
	Status      ScanStatus   `json:"status"`
	Target      ScanTarget   `json:"target"`
	Templates   []string     `json:"templates,omitempty"`
	Categories  []string     `json:"categories,omitempty"`
	Config      ScanConfig   `json:"config"`
	StartedAt   *time.Time   `json:"started_at,omitempty"`
	CompletedAt *time.Time   `json:"completed_at,omitempty"`
	Duration    string       `json:"duration,omitempty"`
	Results     *ScanResults `json:"results,omitempty"`
	CreatedAt   time.Time    `json:"created_at"`
	UpdatedAt   time.Time    `json:"updated_at"`
}

Scan represents a security scan operation

type ScanConfig

type ScanConfig struct {
	Concurrency   int                    `json:"concurrency,omitempty"`
	Timeout       int                    `json:"timeout,omitempty"` // seconds
	MaxRetries    int                    `json:"max_retries,omitempty"`
	RateLimit     int                    `json:"rate_limit,omitempty"` // requests per minute
	CustomOptions map[string]interface{} `json:"custom_options,omitempty"`
}

ScanConfig contains scan configuration options

type ScanError

type ScanError struct {
	TemplateID string    `json:"template_id,omitempty"`
	Error      string    `json:"error"`
	Details    string    `json:"details,omitempty"`
	Timestamp  time.Time `json:"timestamp"`
}

ScanError represents an error during scanning

type ScanFilter

type ScanFilter struct {
	Status    ScanStatus `json:"status,omitempty"`
	Target    string     `json:"target,omitempty"`
	Provider  string     `json:"provider,omitempty"`
	CreatedBy string     `json:"created_by,omitempty"`
	DateFrom  *time.Time `json:"date_from,omitempty"`
	DateTo    *time.Time `json:"date_to,omitempty"`
	Limit     int        `json:"limit,omitempty"`
	Offset    int        `json:"offset,omitempty"`
}

ScanFilter represents filtering criteria for scans

type ScanProgress

type ScanProgress struct {
	TemplateID   string
	TemplateName string
	Status       string
	Message      string
	Timestamp    time.Time
}

ScanProgress represents progress updates during scan execution

type ScanResults

type ScanResults struct {
	Summary      ResultSummary       `json:"summary"`
	Findings     []Finding           `json:"findings"`
	Errors       []ScanError         `json:"errors,omitempty"`
	TemplateRuns []TemplateExecution `json:"template_runs"`
}

ScanResults contains the findings from a scan

type ScanService

type ScanService interface {
	CreateScan(request CreateScanRequest) (*Scan, error)
	GetScan(id string) (*Scan, error)
	ListScans(filter ScanFilter) ([]Scan, error)
	CancelScan(id string) error
	GetScanResults(id string) (*ScanResults, error)
}

ScanService interface for scan operations

type ScanServiceAdapter

type ScanServiceAdapter struct {
}

ScanServiceAdapter adapts the scan system to the API service interface

func (*ScanServiceAdapter) CancelScan

func (a *ScanServiceAdapter) CancelScan(id string) error

CancelScan cancels a scan

func (*ScanServiceAdapter) CreateScan

func (a *ScanServiceAdapter) CreateScan(request CreateScanRequest) (*Scan, error)

CreateScan creates a new scan

func (*ScanServiceAdapter) GetScan

func (a *ScanServiceAdapter) GetScan(id string) (*Scan, error)

GetScan gets a scan by ID

func (*ScanServiceAdapter) GetScanResults

func (a *ScanServiceAdapter) GetScanResults(id string) (*ScanResults, error)

GetScanResults gets scan results

func (*ScanServiceAdapter) ListScans

func (a *ScanServiceAdapter) ListScans(filter ScanFilter) ([]Scan, error)

ListScans lists scans with filtering

type ScanServiceImpl

type ScanServiceImpl struct {
	// contains filtered or unexported fields
}

ScanServiceImpl implements the ScanService interface

func NewScanService

func NewScanService(
	store ScanStore,
	templateManager management.TemplateManager,
	providerFactory provider.Factory,
	detectionEngine detection.Engine,
) *ScanServiceImpl

NewScanService creates a new scan service

func (*ScanServiceImpl) CancelScan

func (s *ScanServiceImpl) CancelScan(id string) error

CancelScan cancels a running scan

func (*ScanServiceImpl) CreateScan

func (s *ScanServiceImpl) CreateScan(request CreateScanRequest) (*Scan, error)

CreateScan creates and starts a new scan

func (*ScanServiceImpl) GetScan

func (s *ScanServiceImpl) GetScan(id string) (*Scan, error)

GetScan retrieves a scan by ID

func (*ScanServiceImpl) GetScanResults

func (s *ScanServiceImpl) GetScanResults(id string) (*ScanResults, error)

GetScanResults retrieves results for a completed scan

func (*ScanServiceImpl) ListScans

func (s *ScanServiceImpl) ListScans(filter ScanFilter) ([]Scan, error)

ListScans lists scans matching the filter

type ScanStatus

type ScanStatus string

ScanStatus represents the current state of a scan

const (
	ScanStatusPending   ScanStatus = "pending"
	ScanStatusRunning   ScanStatus = "running"
	ScanStatusCompleted ScanStatus = "completed"
	ScanStatusFailed    ScanStatus = "failed"
	ScanStatusCancelled ScanStatus = "cancelled"
)

type ScanStore

type ScanStore interface {
	Create(scan *Scan) error
	Get(id string) (*Scan, error)
	Update(scan *Scan) error
	Delete(id string) error
	List(filter ScanFilter) ([]Scan, error)
	CleanupOldScans(olderThan time.Duration) error
}

ScanStore interface for scan storage

type ScanTarget

type ScanTarget struct {
	Type       string                 `json:"type"` // "api", "model", "application"
	Provider   string                 `json:"provider,omitempty"`
	Endpoint   string                 `json:"endpoint,omitempty"`
	Model      string                 `json:"model,omitempty"`
	Parameters map[string]interface{} `json:"parameters,omitempty"`
}

ScanTarget defines what is being scanned

type ScopeValidator

type ScopeValidator struct {
	// contains filtered or unexported fields
}

ScopeValidator validates API key scopes

func NewScopeValidator

func NewScopeValidator() *ScopeValidator

NewScopeValidator creates a new scope validator

type SecurityHeaders

type SecurityHeaders struct {
	ContentSecurityPolicy   string
	XContentTypeOptions     string
	XFrameOptions           string
	XSSProtection           string
	StrictTransportSecurity string
	ReferrerPolicy          string
	PermissionsPolicy       string
}

SecurityHeaders represents security headers configuration

func DefaultSecurityHeaders

func DefaultSecurityHeaders() SecurityHeaders

DefaultSecurityHeaders returns default security headers

type Server

type Server struct {
	// contains filtered or unexported fields
}

Server represents the API server

func NewServer

func NewServer(config *ServerConfig) (*Server, error)

NewServer creates a new API server

func (*Server) Start

func (s *Server) Start() error

Start starts the server

type ServerConfig

type ServerConfig struct {
	// Address is the server address
	Address string
	// UseTLS indicates whether to use TLS
	UseTLS bool
	// CertFile is the path to the certificate file
	CertFile string
	// KeyFile is the path to the key file
	KeyFile string
	// SecurityConfig is the security configuration
	SecurityConfig *security.SecurityConfig
	// PromptProtectionConfig is the configuration for prompt injection protection
	PromptProtectionConfig *prompt.ProtectionConfig
}

ServerConfig represents the configuration for the API server

func DefaultServerConfig

func DefaultServerConfig() *ServerConfig

DefaultServerConfig returns the default server configuration

type ServerImpl

type ServerImpl struct {
	// contains filtered or unexported fields
}

ServerImpl represents the API server implementation

func NewServerImpl

func NewServerImpl(config *Config, services *Services) (*ServerImpl, error)

NewServerImpl creates a new API server implementation

func (*ServerImpl) Start

func (s *ServerImpl) Start() error

Start starts the API server

func (*ServerImpl) Stop

func (s *ServerImpl) Stop(timeout time.Duration) error

Stop gracefully stops the API server

type Services

type Services struct {
	ScanEngine        ScanService
	TemplateManager   TemplateService
	ModuleManager     ModuleService
	UpdateManager     UpdateService
	BundleManager     BundleService
	ComplianceManager ComplianceService
}

Services contains all service dependencies for the API server

func CreateAPIServices

func CreateAPIServices() (*Services, error)

CreateAPIServices creates all API service implementations

type Template

type Template struct {
	ID          string                 `json:"id"`
	Name        string                 `json:"name"`
	Description string                 `json:"description"`
	Category    string                 `json:"category"`
	Severity    string                 `json:"severity"`
	Author      string                 `json:"author,omitempty"`
	Version     string                 `json:"version"`
	Tags        []string               `json:"tags,omitempty"`
	References  []string               `json:"references,omitempty"`
	Metadata    map[string]interface{} `json:"metadata,omitempty"`
	LastUpdated time.Time              `json:"last_updated"`
}

Template represents a security test template

type TemplateExecution

type TemplateExecution struct {
	TemplateID string    `json:"template_id"`
	Status     string    `json:"status"`
	StartTime  time.Time `json:"start_time"`
	EndTime    time.Time `json:"end_time"`
	Duration   string    `json:"duration"`
}

TemplateExecution tracks individual template runs

type TemplateFilter

type TemplateFilter struct {
	Category string   `json:"category,omitempty"`
	Severity string   `json:"severity,omitempty"`
	Tags     []string `json:"tags,omitempty"`
	Search   string   `json:"search,omitempty"`
	Author   string   `json:"author,omitempty"`
	Version  string   `json:"version,omitempty"`
	Limit    int      `json:"limit,omitempty"`
	Offset   int      `json:"offset,omitempty"`
}

TemplateFilter represents filtering criteria for templates

type TemplateService

type TemplateService interface {
	ListTemplates(filter TemplateFilter) ([]Template, error)
	GetTemplate(id string) (*Template, error)
	GetCategories() ([]string, error)
	ValidateTemplate(template *Template) error
}

TemplateService interface for template operations

type TemplateServiceAdapter

type TemplateServiceAdapter struct {
	// contains filtered or unexported fields
}

TemplateServiceAdapter adapts the template manager to the API service interface

func NewTemplateServiceAdapter

func NewTemplateServiceAdapter(manager management.TemplateManager) *TemplateServiceAdapter

NewTemplateServiceAdapter creates a new template service adapter

func (*TemplateServiceAdapter) GetCategories

func (a *TemplateServiceAdapter) GetCategories() ([]string, error)

GetCategories returns all available categories

func (*TemplateServiceAdapter) GetTemplate

func (a *TemplateServiceAdapter) GetTemplate(id string) (*Template, error)

GetTemplate gets a single template by ID

func (*TemplateServiceAdapter) ListTemplates

func (a *TemplateServiceAdapter) ListTemplates(filter TemplateFilter) ([]Template, error)

ListTemplates lists templates with filtering

func (*TemplateServiceAdapter) ValidateTemplate

func (a *TemplateServiceAdapter) ValidateTemplate(template *Template) error

ValidateTemplate validates a template

type UpdateRequest

type UpdateRequest struct {
	Components []string `json:"components,omitempty"` // ["core", "templates", "modules"]
	Force      bool     `json:"force,omitempty"`
	DryRun     bool     `json:"dry_run,omitempty"`
}

UpdateRequest represents an update operation request

type UpdateResponse

type UpdateResponse struct {
	Status   string         `json:"status"`
	Updates  []UpdateResult `json:"updates"`
	Messages []string       `json:"messages,omitempty"`
}

UpdateResponse contains update operation results

type UpdateResult

type UpdateResult struct {
	Component  string `json:"component"`
	OldVersion string `json:"old_version"`
	NewVersion string `json:"new_version"`
	Status     string `json:"status"`
	Message    string `json:"message,omitempty"`
}

UpdateResult represents the result of updating a component

type UpdateService

type UpdateService interface {
	CheckForUpdates() (*VersionInfo, error)
	PerformUpdate(request UpdateRequest) (*UpdateResponse, error)
	GetUpdateHistory() ([]UpdateResult, error)
}

UpdateService interface for update operations

type UpdateServiceAdapter

type UpdateServiceAdapter struct {
	// contains filtered or unexported fields
}

UpdateServiceAdapter adapts the update system to the API service interface

func NewUpdateServiceAdapter

func NewUpdateServiceAdapter() *UpdateServiceAdapter

NewUpdateServiceAdapter creates a new update service adapter

func (*UpdateServiceAdapter) CheckForUpdates

func (a *UpdateServiceAdapter) CheckForUpdates() (*VersionInfo, error)

CheckForUpdates checks for available updates

func (*UpdateServiceAdapter) GetUpdateHistory

func (a *UpdateServiceAdapter) GetUpdateHistory() ([]UpdateResult, error)

GetUpdateHistory gets update history

func (*UpdateServiceAdapter) PerformUpdate

func (a *UpdateServiceAdapter) PerformUpdate(request UpdateRequest) (*UpdateResponse, error)

PerformUpdate performs system updates

type User

type User struct {
	ID           string            `json:"id"`
	Username     string            `json:"username"`
	Email        string            `json:"email"`
	PasswordHash string            `json:"-"` // Never exposed
	Role         string            `json:"role"`
	Active       bool              `json:"active"`
	Metadata     map[string]string `json:"metadata,omitempty"`
	CreatedAt    time.Time         `json:"created_at"`
	UpdatedAt    time.Time         `json:"updated_at"`
}

User represents a user

type VersionInfo

type VersionInfo struct {
	Core      ComponentVersion `json:"core"`
	Templates ComponentVersion `json:"templates"`
	Modules   ComponentVersion `json:"modules"`
	API       ComponentVersion `json:"api"`
}

VersionInfo contains version information

Directories

Path Synopsis
Package scan provides API endpoints for managing red-team scans
Package scan provides API endpoints for managing red-team scans

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL