security

package
v0.0.0-...-e601d7c Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Apr 20, 2026 License: MIT Imports: 14 Imported by: 0

Documentation

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

func GenerateSecureToken 

func GenerateSecureToken(length int) (string, error)

GenerateSecureToken generates a cryptographically secure token

func SecureCompare 

func SecureCompare(a, b string) bool

SecureCompare performs constant-time string comparison

Types

type AuditLogger 

type AuditLogger struct {
	// contains filtered or unexported fields
}

AuditLogger handles security audit logging

func NewAuditLogger 

func NewAuditLogger(logger logger.Logger) *AuditLogger

NewAuditLogger creates a new audit logger

func (*AuditLogger) LogSecurityEvent 

func (al *AuditLogger) LogSecurityEvent(ctx context.Context, eventType string, req *SecurityRequest)

LogSecurityEvent logs a security-related event

type InputValidator 

type InputValidator struct {
	// contains filtered or unexported fields
}

InputValidator validates and sanitizes input

func NewInputValidator 

func NewInputValidator(logger logger.Logger) *InputValidator

NewInputValidator creates a new input validator

func (*InputValidator) FilterContent 

func (iv *InputValidator) FilterContent(ctx context.Context, req *SecurityRequest) error

FilterContent filters potentially harmful content

func (*InputValidator) ValidateInput 

func (iv *InputValidator) ValidateInput(ctx context.Context, req *SecurityRequest) error

ValidateInput validates request input

type RateLimiter 

type RateLimiter struct {
	// contains filtered or unexported fields
}

RateLimiter provides rate limiting functionality

func NewRateLimiter 

func NewRateLimiter(requestsPerMinute int, logger logger.Logger) *RateLimiter

NewRateLimiter creates a new rate limiter

func (*RateLimiter) Allow 

func (rl *RateLimiter) Allow(ctx context.Context, clientIP string) error

Allow checks if a request is allowed for the given client

type SecureFileReader 

type SecureFileReader struct {
}

SecureFileReader provides obfuscated file reading for all file access paths

func NewSecureFileReader 

func NewSecureFileReader() *SecureFileReader

NewSecureFileReader creates a new secure file reader

func (*SecureFileReader) ReadFileSecurely 

func (sfr *SecureFileReader) ReadFileSecurely(filePath string) ([]byte, error)

ReadFileSecurely reads a file and applies credential obfuscation if it contains secrets

type SecurityConfig 

type SecurityConfig struct {
	Level                  SecurityLevel `json:"level"`
	EnableInputValidation  bool          `json:"enable_input_validation"`
	EnableRateLimiting     bool          `json:"enable_rate_limiting"`
	MaxRequestsPerMinute   int           `json:"max_requests_per_minute"`
	EnableIPWhitelist      bool          `json:"enable_ip_whitelist"`
	AllowedIPs             []string      `json:"allowed_ips"`
	EnableAPIKeyAuth       bool          `json:"enable_api_key_auth"`
	RequireHTTPS           bool          `json:"require_https"`
	EnableAuditLogging     bool          `json:"enable_audit_logging"`
	MaxPromptLength        int           `json:"max_prompt_length"`
	MaxFileSize            int64         `json:"max_file_size"`
	BlockSensitivePatterns bool          `json:"block_sensitive_patterns"`
	EnableContentFiltering bool          `json:"enable_content_filtering"`
}

SecurityConfig holds security configuration

func GetSecurityConfig 

func GetSecurityConfig(environment string) SecurityConfig

GetSecurityConfig returns a security configuration based on the environment

type SecurityLevel 

type SecurityLevel string

SecurityLevel defines the security enforcement level 

const (
	SecurityLevelLow        SecurityLevel = "low"
	SecurityLevelMedium     SecurityLevel = "medium"
	SecurityLevelHigh       SecurityLevel = "high"
	SecurityLevelEnterprise SecurityLevel = "enterprise"
)

type SecurityManager 

type SecurityManager struct {
	// contains filtered or unexported fields
}

SecurityManager handles security enforcement

func NewSecurityManager 

func NewSecurityManager(config SecurityConfig, logger logger.Logger) *SecurityManager

NewSecurityManager creates a new security manager

func (*SecurityManager) ValidateRequest 

func (sm *SecurityManager) ValidateRequest(ctx context.Context, req *SecurityRequest) error

ValidateRequest performs comprehensive request validation

type SecurityRequest 

type SecurityRequest struct {
	ClientIP  string            `json:"client_ip"`
	UserAgent string            `json:"user_agent"`
	APIKey    string            `json:"api_key"`
	IsHTTPS   bool              `json:"is_https"`
	Endpoint  string            `json:"endpoint"`
	Method    string            `json:"method"`
	Headers   map[string]string `json:"headers"`
	Body      string            `json:"body"`
	Timestamp time.Time         `json:"timestamp"`
	UserID    string            `json:"user_id"`
}

SecurityRequest represents a request to validate

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.