package http
import (
"io/fs"
"net/http"
)
// setupRoutes configures all HTTP routes and returns a mux.
func (h *httpHoneypot) setupRoutes(staticRoot fs.FS) *http.ServeMux {
mux := http.NewServeMux()
wpFormsHandler := h.bodySizeMiddleware(h.wpFormsHandler())
mux.Handle("POST /wp-admin/admin-post.php", wpFormsHandler)
handler := h.loggingMiddleware(h.bodySizeMiddleware(h.wpAdminHandler(staticRoot)))
mux.Handle("/wp-admin/", handler)
mux.Handle("/wp-admin", handler)
basicAdmin := h.basicAuthMiddleware(
"Restricted Area",
h.loggingMiddleware(http.HandlerFunc(h.fakeAdminOK)),
)
mux.Handle("/admin", basicAdmin)
mux.Handle("/admin/", basicAdmin)
mux.Handle("/manager/html", h.basicAuthMiddleware(
"Tomcat Manager Application",
nil,
))
mux.Handle("/server-status", h.basicAuthMiddleware(
"Apache Status",
nil,
))
mux.Handle("/metrics", h.basicAuthMiddleware(
"Prometheus",
nil,
))
// Generic REST APIs
mux.Handle("/api/", h.fakeBearerProtectedHandler(
"API",
"api",
))
mux.Handle("/api/v1/", h.fakeBearerProtectedHandler(
"API v1",
"api:v1",
))
mux.Handle("/api/v2/", h.fakeBearerProtectedHandler(
"API v2",
"api:v2",
))
// Kubernetes-style APIs
mux.Handle("/apis/", h.fakeBearerProtectedHandler(
"Kubernetes API",
"k8s",
))
mux.Handle("/api/v1/namespaces", h.fakeBearerProtectedHandler(
"Kubernetes API",
"k8s:namespaces",
))
// Elasticsearch / OpenSearch
mux.Handle("/_search", h.fakeBearerProtectedHandler(
"Elasticsearch",
"es",
))
mux.Handle("/_cat/", h.fakeBearerProtectedHandler(
"Elasticsearch",
"es:cat",
))
// Docker Registry v2
mux.Handle("/v2/", h.fakeBearerProtectedHandler(
"Docker Registry",
"docker",
))
// CI / DevOps tooling
mux.Handle("/graphql", h.fakeBearerProtectedHandler(
"GraphQL",
"graphql",
))
mux.Handle("/actions/", h.fakeBearerProtectedHandler(
"CI API",
"ci",
))
// Kibana-style APIs
mux.Handle("/kibana/api/", h.fakeBearerProtectedHandler(
"Kibana",
"kibana",
))
staticHandler := h.loggingMiddleware(h.bodySizeMiddleware(h.staticFileHandler(staticRoot)))
mux.Handle("/", staticHandler)
return mux
}