observatory

package module
v1.3.1 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Sep 5, 2019 License: BSD-2-Clause-Views Imports: 11 Imported by: 1

README

observatory

GitHub release GitHub issues Go Version Build Status GoDoc SemVer License Go Report Card

Go wrapper for Mozilla Observatory API.

Requirements

  • Go >= 1.10

github.com/keltia/observatory is a Go module (you can use either Go 1.10 with vgo or 1.11+). The API exposed follows the Semantic Versioning scheme to guarantee a consistent API compatibility.

Installation

You need to install my proxy module before if you are using Go 1.10.x or earlier.

go get github.com/keltia/proxy

With Go 1.11+ and its modules support, it should work out of the box with

go get github.com/keltia/observatory/cmd/...

if you have the GO111MODULE environment variable set on on.

CLI

There is a small example program included in cmd/observatory to either show the grade of a given site or JSON dump of the detailed report.

Easy to use:

    $ observatory www.ssllabs.com
    observatory Wrapper: 0.3.0 API version 1.2.0
    
    Grade for 'www.ssllabs.com' is A+

You can use jq to display the output of observatory -d <site> in a colorised way:

observatory -d observatory.mozilla.org | jq .

API Usage

As with many API wrappers, you will need to first create a client with some optional configuration, then there are two main functions:

    // Simplest way
    c, _ := observatory.NewClient()
    grade, err := c.GetScore("example.com")
    if err != nil {
        log.Fatalf("error: %v", err)
    }

If you want to change the default options, you need to create a ssllabs.Config object and pass it to NewClient:

    // With some options, timeout at 15s, caching for 10s and debug-like verbosity
    cnf := observatory.Config{
        Timeout:15,
        Retries:3,
        Log:2,
    }
    c, err := observatory.NewClient(cnf)
    report, err := c.GetScore("example.com")
    if err != nil {
        log.Fatalf("error: %v", err)
    }

OPTIONS for NewClient()

Option Type Description
Timeout int time for connections (default: 10s)
Log int 1: verbose, 2: debug (default: 0)
Retries int Number of retries when not FINISHED (default: 5)
Refresh bool Force refresh of the sites (default: false)

For the GetScanResults() call, the raw JSON object will be returned (and presumably handled by jq).

    // Simplest way
    c, _ := observatory.NewClient()
    
    scanid, err := c.GetScanID("example.com")
    
    report, err := c.GetScanResults(scanid)
    if err != nil {
        log.Fatalf("error: %v", err)
    }
    fmt.Printf("Full report:\n%v\n", report)

The GetHostHistory() returns the list of recent scans for the given site:

    // Simplest way
    c, _ := observatory.NewClient()
    
    scans, err := c.GetHostHistory("example.com")
    for _, s := range scans {
        ...
    }

There is no top-level GetGrade function but it is very easy to implement:

    func GetGrade(site string) string {
        g, _ := observatory.NewClient().GetGrade(site)
        return g
    }
NOTE

v1.1.x implemented the GetScanReport call but that does not correspond to any real API calls. It is now just an alias to GetScanResults. DO NOT USE IT. DEPRECATED.

API Calls Implemented
  • analyze
  • getScanResults
  • getHostHistory
API NOT Implemented
  • getRecentScans

Using behind a web Proxy

Dependency: proxy support is provided by my github.com/keltia/proxy module.

UNIX/Linux:

    export HTTP_PROXY=[http://]host[:port] (sh/bash/zsh)
    setenv HTTP_PROXY [http://]host[:port] (csh/tcsh)

Windows:

    set HTTP_PROXY=[http://]host[:port]

The rules of Go's ProxyFromEnvironment apply (HTTP_PROXY, HTTPS_PROXY, NO_PROXY, lowercase variants allowed).

If your proxy requires you to authenticate, please create a file named .netrc in your HOME directory with permissions either 0400 or 0600 with the following data:

machine proxy user <username> password <password>

and it should be picked up. On Windows, the file will be located at

%LOCALAPPDATA%\observatory\netrc

License

The BSD 2-Clause license.

Contributing

This project is an open Open Source project, please read CONTRIBUTING.md.

References

Mozilla Observatory documentation

Feedback

We welcome pull requests, bug fixes and issue reports.

Before proposing a large change, first please discuss your change by raising an issue.

Documentation

Index

Constants

View Source 
const (

	// DefaultWait is the timeout
	DefaultWait = 10 * time.Second

	// DefaultRetry is the number of retries we allow
	DefaultRetry = 5

	// MyVersion is the API version
	MyVersion = "1.3.1"

	// MyName is the name used for the configuration
	MyName = "observatory"
)

Variables

This section is empty.

Functions

func AddQueryParameters 

func AddQueryParameters(baseURL string, queryParams map[string]string) string

AddQueryParameters adds query parameters to the URL.

func Version 

func Version() string

Version returns guess what?

Types

type Analyze 

type Analyze struct {
	AlgorithmVersion int `json:"algorithm_version"`

	Grade  string `json:"grade"`
	Score  int    `json:"score"`
	ScanID int    `json:"scan_id"`

	StartTime string `json:"start_time"`
	EndTime   string `json:"end_time"`

	State               string `json:"state"`
	StatusCode          int    `json:"status_code"`
	Hidden              bool   `json:"hidden"`
	LikelihoodIndicator string `json:"likelihood_indicator"`

	TestsFailed   int `json:"tests_failed"`
	TestsPassed   int `json:"tests_passed"`
	TestsQuantity int `json:"tests_quantity"`

	ResponseHeaders map[string]string `json:"response_headers"`
}

Analyze is for one run

type Client 

type Client struct {
	// contains filtered or unexported fields
}

Client is used to store proxyauth & other internal state

func NewClient 

func NewClient(cnf ...Config) (*Client, error)

NewClient setups proxy authentication

func (*Client) GetGrade 

func (c *Client) GetGrade(site string) (grade string, err error)

GetGrade returns the letter equivalent to the score

func (*Client) GetHostHistory 

func (c *Client) GetHostHistory(site string) ([]HostHistory, error)

GetHostHistory returns the list of recent scans

func (*Client) GetScanID 

func (c *Client) GetScanID(site string) (int, error)

GetScanID returns the scan ID for the most recent run

func (*Client) GetScanReport 

func (c *Client) GetScanReport(scanID int) ([]byte, error)

GetScanReport returns the full scan report

func (*Client) GetScanResults added in v1.2.0 

func (c *Client) GetScanResults(scanID int) ([]byte, error)

GetScanResults returns the full scan report

func (*Client) GetScore 

func (c *Client) GetScore(site string) (score int, err error)

GetScore returns the integer value of the grade

func (*Client) IsHTTPSonly added in v1.2.4 

func (c *Client) IsHTTPSonly(site string) (bool, error)

IsHTTPSonly checks whether a redir from http to https exist

type Config 

type Config struct {
	BaseURL string
	Timeout int
	Retries int
	Log     int
}

Config is for giving options to NewClient

type HostHistory 

type HostHistory struct {
	EndTime              string `json:"end_time"`
	EndTimeUnixTimestamp int64  `json:"end_time_unix_timestamp"`
	Grade                string
	ScanID               int `json:"scan_id"`
	Score                int
}

HostHistory for a given site

type Result added in v1.2.4 

type Result struct {
	ContentSecurityPolicy      Scan
	Contribute                 Scan
	Cookies                    Scan
	CrossOriginResourceSharing Scan
	PublicKeyPinning           Scan
	Redirection                Scan
	ReferrerPolicy             Scan
	StrictTransportSecurity    Scan
	SubresourceIntegrity       Scan
	XContentTypeOptions        Scan
	XFrameOptions              Scan
	XXSSProtection             Scan
}

Result is all the test results.

type Scan 

type Scan struct {
	Expectation      string `json:"expectation"`
	Name             string `json:"name"`
	Output           []byte `json:"-"`
	Pass             bool   `json:"pass"`
	Result           string `json:"result"`
	ScoreDescription string `json:"score_description"`
	ScoreModifier    int    `json:"score_modifier"`
}

Scan for each individual tests

Source Files

View all Source files

Directories

Path Synopsis
cmd
observatory command
This is just a very short example.
 This is just a very short example.

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.