Websocket Honeycast API about honeytrap HOT 2 CLOSED

We will need to define consistent message string or integer values(preferable) of a message type which will be sent over the wire when requesting sessions or events data from the websocket API.

Proposal

Below is defined a set of possible message int types usable for the socket message requests and response.

type MessageType int

• Request Message Type values
  (Sent by Client and responded to by backend for sessions/events)

FETCH_SESSIONS = 1
FETCH_SESSIONS_REPLY=2
FETCH_EVENTS = 3
FETCH_EVENTS_REPLY=4

• Update Message Type values
  (Sent down from backend with new sessions/events update data)

NEW_SESSIONS=5
NEW_EVENTS=6

Message Format

I reason that, to allow a consistent message type which must be used to define request and response sent and received, we need to at least use the structure as below:

type Message struct{
  Type MessageType `json:"type"`
  Payload interface{} `json:"payload"`
}

• MessageType is an int type which is used to represent the above mentioned message types.

• Payload: is a generic type which only ever be used when responding from the backend to any request, if a payload is sent along with a request Message then it will be discarded and ignored, as we only want a get/retrieve style requests for the websocket connection API.

Response

All response for the request and data delivered to the client based on internal backend operations will take the form:

type Event struct{
	Sensor      string                 `json:"sensor"`
	Date        time.Time              `json:"date"`
	Started     time.Time              `json:"started,omitempty"`
	Ended       time.Time              `json:"ended,omitempty"`
	Token       string                 `json:"token,omitempty"`
	Location    string                 `json:"location,omitempty"`
	Category    string                 `json:"category"`
	HostAddr    string                 `json:"host_addr"`
	LocalAddr   string                 `json:"local_addr"`
	Type        EventType              `json:"event_type"`
	Data        interface{}            `json:"data"`
	Details     map[string]interface{} `json:"details"`
	SessionID   string                 `json:"session_id,omitempty"`
	ContainerID string                 `json:"container_id,omitempty"`
}

// Possible message sent over the wire.
var newSessions = Message{Type: NewSessions, Payload: []Event{}}

from honeytrap.

I believe we also need a MessageType for error response as we expect we may recieved invalid requests from the client.

ErrorResponse = 7

Which should received a payload of the follow type:

type ErrorPayload struct{
  Request MessageType `json:"request"`
  Error string `json:"error"`
}

from honeytrap.