README
¶
go-hibp - Simple go client for the HIBP API
This Go package provides an simple to use interface to the excellent "Have I Been Pwned" (HIBP) API by Troy Hunt.
Completeness: This packages is still WIP. So far the "Pwned Passwords" API and parts of the "Breaches" API have been implemented.
Usage
Have a look at the GoDocs Reference for details on how to implement access to the HIBP API with this package or check out the examples for the different APIs in the examples directory.
Documentation
¶
Index ¶
Constants ¶
const BaseUrl = "https://haveibeenpwned.com/api/v3"
BaseUrl is the base URL for the majority of API calls
const Version = "0.1.2"
Version represents the version of this package
Variables ¶
This section is empty.
Functions ¶
This section is empty.
Types ¶
type ApiDate ¶ added in v0.1.2
ApiDate is a date string without time returned by the API represented as time.Time type
func (ApiDate) Time ¶ added in v0.1.2
Time adds a Time() method to the ApiDate converted time.Time type
func (*ApiDate) UnmarshalJSON ¶ added in v0.1.2
UnmarshalJSON for the ApiDate type converts a give date string into a time.Time type
type Breach ¶ added in v0.1.2
type Breach struct {
// Name is a pascal-cased name representing the breach which is unique across all other breaches.
// This value never changes and may be used to name dependent assets (such as images) but should not
// be shown directly to end users (see the "Title" attribute instead)
Name string `json:"Name"`
// Title is a descriptive title for the breach suitable for displaying to end users. It's unique across
// all breaches but individual values may change in the future (i.e. if another breach occurs against
// an organisation already in the system). If a stable value is required to reference the breach,
// refer to the "Name" attribute instead
Title string `json:"Title"`
// Domain of the primary website the breach occurred on. This may be used for identifying other
// assets external systems may have for the site
Domain string `json:"Domain"`
// BreachDate is the date (with no time) the breach originally occurred on in ISO 8601 format. This is not
// always accurate — frequently breaches are discovered and reported long after the original incident. Use
// this attribute as a guide only
BreachDate *ApiDate `json:"BreachDate,omitempty"`
// AddedDate represents the date and time (precision to the minute) the breach was added to the system
// in ISO 8601 format
AddedDate time.Time `json:"AddedDate"`
// ModifiedDate is the date and time (precision to the minute) the breach was modified in ISO 8601 format.
// This will only differ from the AddedDate attribute if other attributes represented here are changed or
// data in the breach itself is changed (i.e. additional data is identified and loaded). It is always
// either equal to or greater then the AddedDate attribute, never less than
ModifiedDate time.Time `json:"ModifiedDate"`
// PwnCount is the total number of accounts loaded into the system. This is usually less than the total
// number reported by the media due to duplication or other data integrity issues in the source data
PwnCount int `json:"PwnCount"`
// Description contains an overview of the breach represented in HTML markup. The description may include
// markup such as emphasis and strong tags as well as hyperlinks
Description string `json:"Description"`
// DataClasses describes the nature of the data compromised in the breach and contains an alphabetically ordered
// string array of impacted data classes
DataClasses []string `json:"DataClasses"`
// IsVerified indicates that the breach is considered unverified. An unverified breach may not have
// been hacked from the indicated website. An unverified breach is still loaded into HIBP when there's
// sufficient confidence that a significant portion of the data is legitimate
IsVerified bool `json:"IsVerified"`
// IsFabricated indicates that the breach is considered fabricated. A fabricated breach is unlikely
// to have been hacked from the indicated website and usually contains a large amount of manufactured
// data. However, it still contains legitimate email addresses and asserts that the account owners
// were compromised in the alleged breach
IsFabricated bool `json:"IsFabricated"`
// IsSensitive indicates if the breach is considered sensitive. The public API will not return any
// accounts for a breach flagged as sensitive
IsSensitive bool `json:"IsSensitive"`
// IsRetired indicates if the breach has been retired. This data has been permanently removed and
// will not be returned by the API
IsRetired bool `json:"IsRetired"`
// IsSpamList indicates
IsSpamList bool `json:"IsSpamList"`
// LogoPath represents a URI that specifies where a logo for the breached service can be found.
// Logos are always in PNG format
LogoPath string `json:"LogoPath"`
}
Breach represents a JSON response structure of the breaches API
type BreachApi ¶ added in v0.1.2
type BreachApi struct {
// contains filtered or unexported fields
}
BreachApi is a HIBP breaches API client
func (*BreachApi) BreachByName ¶ added in v0.1.3
func (b *BreachApi) BreachByName(n string, options ...BreachOption) (*Breach, *http.Response, error)
BreachByName returns a single breached site based on its name
type BreachOption ¶ added in v0.1.2
type BreachOption func(*BreachApi)
BreachOption is an additional option the can be set for the BreachApiClient
func WithDomain ¶ added in v0.1.2
func WithDomain(d string) BreachOption
WithDomain sets the domain filter for the breaches API
func WithoutTruncate ¶ added in v0.1.2
func WithoutTruncate() BreachOption
WithoutTruncate disables the truncateResponse parameter in the breaches API
func WithoutUnverified ¶ added in v0.1.3
func WithoutUnverified() BreachOption
WithoutUnverified suppress unverified breaches from the query
type Client ¶ added in v0.1.1
type Client struct {
PwnedPassApi *PwnedPassApi // Reference to the PwnedPassApi API
PwnedPassApiOpts *PwnedPasswordOptions // Additional options for the PwnedPassApi API
BreachApi *BreachApi // Reference to the BreachApi API
// contains filtered or unexported fields
}
Client is the HIBP client object
type Match ¶ added in v0.1.1
type Match struct {
Hash string // SHA1 hash of the matching password
Count int64 // Represents the number of leaked accounts that hold/held this password
}
Match represents a match in the Pwned Passwords API
type Option ¶ added in v0.1.1
type Option func(*Client)
Option is a function that is used for grouping of Client options.
func WithApiKey ¶ added in v0.1.1
WithApiKey set the optional API key to the Client object
func WithHttpTimeout ¶ added in v0.1.1
WithHttpTimeout overrides the default http client timeout
func WithPwnedPadding ¶ added in v0.1.2
func WithPwnedPadding() Option
WithPwnedPadding enables padding-mode for the PwnedPasswords API client
type PwnedPassApi ¶ added in v0.1.2
type PwnedPassApi struct {
// contains filtered or unexported fields
}
PwnedPassApi is a HIBP Pwned Passwords API client
func (*PwnedPassApi) CheckPassword ¶ added in v0.1.2
CheckPassword checks the Pwned Passwords database against a given password string
type PwnedPasswordOptions ¶ added in v0.1.2
type PwnedPasswordOptions struct {
// WithPadding controls if the PwnedPassword API returns with padding or not
// See: https://haveibeenpwned.com/API/v3#PwnedPasswordsPadding
WithPadding bool
}
PwnedPasswordOptions is a struct of additional options for the PP API
Source Files
Directories