github.com/akamai/AkamaiOPEN-edgegrid-golang/v2@v2.17.0/pkg/appsec/ip_geo.go (about) 1 package appsec 2 3 import ( 4 "context" 5 "fmt" 6 "net/http" 7 8 validation "github.com/go-ozzo/ozzo-validation/v4" 9 ) 10 11 type ( 12 // The IPGeo interface supports querying which network lists are used in the IP/Geo firewall settings, 13 // as well as updating the method and which network lists are used for IP/Geo firewall blocking. 14 // 15 // https://developer.akamai.com/api/cloud_security/application_security/v1.html#ipgeofirewall 16 IPGeo interface { 17 // https://developer.akamai.com/api/cloud_security/application_security/v1.html#getipgeofirewall 18 GetIPGeo(ctx context.Context, params GetIPGeoRequest) (*GetIPGeoResponse, error) 19 20 // https://developer.akamai.com/api/cloud_security/application_security/v1.html#putipgeofirewall 21 UpdateIPGeo(ctx context.Context, params UpdateIPGeoRequest) (*UpdateIPGeoResponse, error) 22 } 23 24 // GetIPGeoRequest is used to retrieve the network lists used in IP/Geo firewall settings. 25 GetIPGeoRequest struct { 26 ConfigID int `json:"-"` 27 Version int `json:"-"` 28 PolicyID string `json:"-"` 29 } 30 31 // IPGeoNetworkLists is used to specify IP or GEO network lists to be blocked or allowed. 32 IPGeoNetworkLists struct { 33 NetworkList []string `json:"networkList,omitempty"` 34 } 35 36 // IPGeoGeoControls is used to specify GEO network lists to be blocked. 37 IPGeoGeoControls struct { 38 BlockedIPNetworkLists *IPGeoNetworkLists `json:"blockedIPNetworkLists,omitempty"` 39 } 40 41 // IPGeoIPControls is used to specify IP or GEO network lists to be blocked or allowed. 42 IPGeoIPControls struct { 43 AllowedIPNetworkLists *IPGeoNetworkLists `json:"allowedIPNetworkLists,omitempty"` 44 BlockedIPNetworkLists *IPGeoNetworkLists `json:"blockedIPNetworkLists,omitempty"` 45 } 46 47 // UpdateIPGeoRequest is used to update the method and which network lists are used for IP/Geo firewall blocking. 48 UpdateIPGeoRequest struct { 49 ConfigID int `json:"-"` 50 Version int `json:"-"` 51 PolicyID string `json:"-"` 52 Block string `json:"block"` 53 GeoControls *IPGeoGeoControls `json:"geoControls,omitempty"` 54 IPControls *IPGeoIPControls `json:"ipControls,omitempty"` 55 } 56 57 // IPGeoFirewall is used to describe an IP/Geo firewall. 58 IPGeoFirewall struct { 59 Block string `json:"block"` 60 GeoControls *IPGeoGeoControls `json:"geoControls,omitempty"` 61 IPControls *IPGeoIPControls `json:"ipControls,omitempty"` 62 } 63 64 // GetIPGeoResponse is returned from a call to GetIPGeo 65 GetIPGeoResponse IPGeoFirewall 66 67 // UpdateIPGeoResponse is returned from a call to UpdateIPGeo 68 UpdateIPGeoResponse IPGeoFirewall 69 ) 70 71 // Validate validates a GetIPGeoRequest. 72 func (v GetIPGeoRequest) Validate() error { 73 return validation.Errors{ 74 "ConfigID": validation.Validate(v.ConfigID, validation.Required), 75 "Version": validation.Validate(v.Version, validation.Required), 76 "PolicyID": validation.Validate(v.PolicyID, validation.Required), 77 }.Filter() 78 } 79 80 // Validate validates an UpdateIPGeoRequest. 81 func (v UpdateIPGeoRequest) Validate() error { 82 return validation.Errors{ 83 "ConfigID": validation.Validate(v.ConfigID, validation.Required), 84 "Version": validation.Validate(v.Version, validation.Required), 85 "PolicyID": validation.Validate(v.PolicyID, validation.Required), 86 }.Filter() 87 } 88 89 func (p *appsec) GetIPGeo(ctx context.Context, params GetIPGeoRequest) (*GetIPGeoResponse, error) { 90 logger := p.Log(ctx) 91 logger.Debug("GetIPGeo") 92 93 if err := params.Validate(); err != nil { 94 return nil, fmt.Errorf("%w: %s", ErrStructValidation, err.Error()) 95 } 96 97 uri := fmt.Sprintf( 98 "/appsec/v1/configs/%d/versions/%d/security-policies/%s/ip-geo-firewall", 99 params.ConfigID, 100 params.Version, 101 params.PolicyID) 102 103 req, err := http.NewRequestWithContext(ctx, http.MethodGet, uri, nil) 104 if err != nil { 105 return nil, fmt.Errorf("failed to create GetIPGeo request: %w", err) 106 } 107 108 var result GetIPGeoResponse 109 resp, err := p.Exec(req, &result) 110 if err != nil { 111 return nil, fmt.Errorf("get IPGeo request failed: %w", err) 112 } 113 if resp.StatusCode != http.StatusOK { 114 return nil, p.Error(resp) 115 } 116 117 return &result, nil 118 } 119 120 func (p *appsec) UpdateIPGeo(ctx context.Context, params UpdateIPGeoRequest) (*UpdateIPGeoResponse, error) { 121 logger := p.Log(ctx) 122 logger.Debug("UpdateIPGeo") 123 124 if err := params.Validate(); err != nil { 125 return nil, fmt.Errorf("%w: %s", ErrStructValidation, err.Error()) 126 } 127 128 uri := fmt.Sprintf( 129 "/appsec/v1/configs/%d/versions/%d/security-policies/%s/ip-geo-firewall", 130 params.ConfigID, 131 params.Version, 132 params.PolicyID, 133 ) 134 135 req, err := http.NewRequestWithContext(ctx, http.MethodPut, uri, nil) 136 if err != nil { 137 return nil, fmt.Errorf("failed to create UpdateIPGeo request: %w", err) 138 } 139 140 var result UpdateIPGeoResponse 141 resp, err := p.Exec(req, &result, params) 142 if err != nil { 143 return nil, fmt.Errorf("update IPGeo request failed: %w", err) 144 } 145 if resp.StatusCode != http.StatusOK && resp.StatusCode != http.StatusCreated { 146 return nil, p.Error(resp) 147 } 148 149 return &result, nil 150 }