easyai-ai-gateway/apps/api/internal/httpapi/security_events.go

23 lines
940 B
Go

package httpapi
import "net/http"
// receiveSecurityEvent accepts an RFC 8417 Security Event Token over RFC 8935 Push.
//
// @Summary Receive an SSF Security Event Token
// @Description Optional endpoint. It validates a stream-specific Bearer before parsing and verifying an ES256 SET. A committed event and a duplicate jti both return an empty 202 response.
// @Tags Security Events
// @Accept application/secevent+jwt
// @Produce json
// @Param Authorization header string true "Bearer stream-specific-secret"
// @Param set body string true "Compact signed Security Event Token"
// @Success 202
// @Failure 400 {object} map[string]string
// @Failure 401 {object} map[string]string
// @Failure 403 {object} map[string]string
// @Failure 503 {object} map[string]string
// @Router /api/v1/security-events/ssf [post]
func (s *Server) receiveSecurityEvent(w http.ResponseWriter, r *http.Request) {
s.securityEventReceiver.ServeHTTP(w, r)
}