github.com/akamai/AkamaiOPEN-edgegrid-golang/v4@v4.1.0/pkg/appsec/ip_geo.go (about) 1 package appsec 2 3 import ( 4 "context" 5 "fmt" 6 "net/http" 7 8 validation "github.com/go-ozzo/ozzo-validation/v4" 9 ) 10 11 type ( 12 // The IPGeo interface supports querying which network lists are used in the IP/Geo firewall settings, 13 // as well as updating the method and which network lists are used for IP/Geo firewall blocking. 14 IPGeo interface { 15 // GetIPGeo lists which network lists are used in the IP/Geo Firewall settings. 16 // 17 // See: https://techdocs.akamai.com/application-security/reference/get-policy-ip-geo-firewall 18 GetIPGeo(ctx context.Context, params GetIPGeoRequest) (*GetIPGeoResponse, error) 19 20 // UpdateIPGeo updates the method and which network lists to use for IP/Geo firewall blocking. 21 // 22 // See: https://techdocs.akamai.com/application-security/reference/put-policy-ip-geo-firewall 23 UpdateIPGeo(ctx context.Context, params UpdateIPGeoRequest) (*UpdateIPGeoResponse, error) 24 } 25 26 // GetIPGeoRequest is used to retrieve the network lists used in IP/Geo firewall settings. 27 GetIPGeoRequest struct { 28 ConfigID int `json:"-"` 29 Version int `json:"-"` 30 PolicyID string `json:"-"` 31 } 32 33 // IPGeoNetworkLists is used to specify IP or GEO network lists to be blocked or allowed. 34 IPGeoNetworkLists struct { 35 NetworkList []string `json:"networkList,omitempty"` 36 } 37 38 // IPGeoGeoControls is used to specify GEO network lists to be blocked. 39 IPGeoGeoControls struct { 40 BlockedIPNetworkLists *IPGeoNetworkLists `json:"blockedIPNetworkLists,omitempty"` 41 } 42 43 // IPGeoIPControls is used to specify IP or GEO network lists to be blocked or allowed. 44 IPGeoIPControls struct { 45 AllowedIPNetworkLists *IPGeoNetworkLists `json:"allowedIPNetworkLists,omitempty"` 46 BlockedIPNetworkLists *IPGeoNetworkLists `json:"blockedIPNetworkLists,omitempty"` 47 } 48 49 // UpdateIPGeoRequest is used to update the method and which network lists are used for IP/Geo firewall blocking. 50 UpdateIPGeoRequest struct { 51 ConfigID int `json:"-"` 52 Version int `json:"-"` 53 PolicyID string `json:"-"` 54 Block string `json:"block"` 55 GeoControls *IPGeoGeoControls `json:"geoControls,omitempty"` 56 IPControls *IPGeoIPControls `json:"ipControls,omitempty"` 57 } 58 59 // IPGeoFirewall is used to describe an IP/Geo firewall. 60 IPGeoFirewall struct { 61 Block string `json:"block"` 62 GeoControls *IPGeoGeoControls `json:"geoControls,omitempty"` 63 IPControls *IPGeoIPControls `json:"ipControls,omitempty"` 64 } 65 66 // GetIPGeoResponse is returned from a call to GetIPGeo 67 GetIPGeoResponse IPGeoFirewall 68 69 // UpdateIPGeoResponse is returned from a call to UpdateIPGeo 70 UpdateIPGeoResponse IPGeoFirewall 71 ) 72 73 // Validate validates a GetIPGeoRequest. 74 func (v GetIPGeoRequest) Validate() error { 75 return validation.Errors{ 76 "ConfigID": validation.Validate(v.ConfigID, validation.Required), 77 "Version": validation.Validate(v.Version, validation.Required), 78 "PolicyID": validation.Validate(v.PolicyID, validation.Required), 79 }.Filter() 80 } 81 82 // Validate validates an UpdateIPGeoRequest. 83 func (v UpdateIPGeoRequest) Validate() error { 84 return validation.Errors{ 85 "ConfigID": validation.Validate(v.ConfigID, validation.Required), 86 "Version": validation.Validate(v.Version, validation.Required), 87 "PolicyID": validation.Validate(v.PolicyID, validation.Required), 88 }.Filter() 89 } 90 91 func (p *appsec) GetIPGeo(ctx context.Context, params GetIPGeoRequest) (*GetIPGeoResponse, error) { 92 logger := p.Log(ctx) 93 logger.Debug("GetIPGeo") 94 95 if err := params.Validate(); err != nil { 96 return nil, fmt.Errorf("%w: %s", ErrStructValidation, err.Error()) 97 } 98 99 uri := fmt.Sprintf( 100 "/appsec/v1/configs/%d/versions/%d/security-policies/%s/ip-geo-firewall", 101 params.ConfigID, 102 params.Version, 103 params.PolicyID) 104 105 req, err := http.NewRequestWithContext(ctx, http.MethodGet, uri, nil) 106 if err != nil { 107 return nil, fmt.Errorf("failed to create GetIPGeo request: %w", err) 108 } 109 110 var result GetIPGeoResponse 111 resp, err := p.Exec(req, &result) 112 if err != nil { 113 return nil, fmt.Errorf("get IPGeo request failed: %w", err) 114 } 115 if resp.StatusCode != http.StatusOK { 116 return nil, p.Error(resp) 117 } 118 119 return &result, nil 120 } 121 122 func (p *appsec) UpdateIPGeo(ctx context.Context, params UpdateIPGeoRequest) (*UpdateIPGeoResponse, error) { 123 logger := p.Log(ctx) 124 logger.Debug("UpdateIPGeo") 125 126 if err := params.Validate(); err != nil { 127 return nil, fmt.Errorf("%w: %s", ErrStructValidation, err.Error()) 128 } 129 130 uri := fmt.Sprintf( 131 "/appsec/v1/configs/%d/versions/%d/security-policies/%s/ip-geo-firewall", 132 params.ConfigID, 133 params.Version, 134 params.PolicyID, 135 ) 136 137 req, err := http.NewRequestWithContext(ctx, http.MethodPut, uri, nil) 138 if err != nil { 139 return nil, fmt.Errorf("failed to create UpdateIPGeo request: %w", err) 140 } 141 142 var result UpdateIPGeoResponse 143 resp, err := p.Exec(req, &result, params) 144 if err != nil { 145 return nil, fmt.Errorf("update IPGeo request failed: %w", err) 146 } 147 if resp.StatusCode != http.StatusOK && resp.StatusCode != http.StatusCreated { 148 return nil, p.Error(resp) 149 } 150 151 return &result, nil 152 }