From 1c443370851c916396841c772fe83d574efc73b3 Mon Sep 17 00:00:00 2001
From: odinkh <odinkh@stud.ntnu.no>
Date: Thu, 19 May 2022 19:11:19 +0200
Subject: [PATCH] Added commenting to code

---
 api/EscalateAnalysis.go | 45 +++++++++++++++++------------------------
 api/alienvault.go       | 15 +++++++++-----
 api/google.go           |  6 +++---
 3 files changed, 32 insertions(+), 34 deletions(-)

diff --git a/api/EscalateAnalysis.go b/api/EscalateAnalysis.go
index d914901..c7261d0 100644
--- a/api/EscalateAnalysis.go
+++ b/api/EscalateAnalysis.go
@@ -11,17 +11,17 @@ import (
 	gomail "gopkg.in/mail.v2"
 )
 
+//Function linked to the escalation to manual analysis button in the frontend. Function sends email to user whom requested manual analysis.
+//Function utlizes the gomail package.
 func EscalateAnalysis(url string, result string, token string, hash string) {
 
 	email_pwd := os.Getenv("email_pwd")
 
 	from := "threattotalv2@gmail.com"
 
-	to := getUserEmail(token)
+	to := getUserEmail(token) //Gets the email of the user.
 
-	fmt.Println("After return", to)
-
-	m := gomail.NewMessage()
+	m := gomail.NewMessage() //Create a new message.
 
 	// Set E-Mail sender
 	m.SetHeader("From", from)
@@ -33,14 +33,14 @@ func EscalateAnalysis(url string, result string, token string, hash string) {
 	m.SetHeader("Subject", "Analysis sucessfully escalated")
 
 	var email_body string
-	// Set E-Mail body. You can set plain text or html with text/html - The IF/Else checks if the email is an escalation of URL og File hash search
-	if hash == ""{
-	email_body = fmt.Sprintf("Your email has been escalated to manual analysis\n Details:\n URL: %s\n RequestLink: %s\n Do not reply to this email\n\n Further contact will be made from this email address", url, result)
-	}else{
-	email_body = fmt.Sprintf("Your email has been escalated to manual analysis\n Details:\n File hash: %s\n RequestLink: %s\n Do not reply to this email\n\n Further contact will be made from this email address", hash, result)
-	} 
-	
-	m.SetBody("text/plain", email_body)
+	// Set E-Mail body. - The IF/Else checks if the email is an escalation of URL og File hash search
+	if hash == "" {
+		email_body = fmt.Sprintf("Your email has been escalated to manual analysis\n Details:\n URL: %s\n RequestLink: %s\n Do not reply to this email\n\n Further contact will be made from this email address", url, result)
+	} else {
+		email_body = fmt.Sprintf("Your email has been escalated to manual analysis\n Details:\n File hash: %s\n RequestLink: %s\n Do not reply to this email\n\n Further contact will be made from this email address", hash, result)
+	}
+
+	m.SetBody("text/plain", email_body) //Set body to type text.
 
 	// Settings for SMTP server
 	d := gomail.NewDialer("smtp.gmail.com", 587, from, email_pwd)
@@ -52,15 +52,15 @@ func EscalateAnalysis(url string, result string, token string, hash string) {
 	// Now send E-Mail
 	if err := d.DialAndSend(m); err != nil {
 		fmt.Println(err)
-		panic(err)
 	}
 }
 
+//This function retrieves the user email from the redis caching solution.
 func getUserEmail(hash string) (email string) {
 
-	fmt.Println("Hash for Redis req:", hash)
+	//fmt.Println("Hash for Redis req:", hash)
 
-	value, err := utils.Conn.Do("GET", "user:"+hash)
+	value, err := utils.Conn.Do("GET", "user:"+hash) //Connect to the cache and query.
 	if value == nil {
 		if err != nil {
 			fmt.Println("Error:" + err.Error())
@@ -68,7 +68,7 @@ func getUserEmail(hash string) (email string) {
 
 		}
 	}
-	responseBytes, err := json.Marshal(value)
+	responseBytes, err := json.Marshal(value)	//Marshal data	
 	if err != nil {
 		fmt.Println(err)
 	}
@@ -76,16 +76,9 @@ func getUserEmail(hash string) (email string) {
 	var test []byte
 	var JWTdata utils.IdAndJwt
 
-	fmt.Println(string(responseBytes))
-	err = json.Unmarshal(responseBytes, &test)
+	err = json.Unmarshal(responseBytes, &test)		//Unmarshal data
 	json.Unmarshal(test, &JWTdata)
 
-	fmt.Println(test)
-	fmt.Println(string(test))
-
-	fmt.Println(JWTdata)
-	fmt.Println(JWTdata.Claims["email"])
-
-	email = fmt.Sprintf("%s", JWTdata.Claims["email"])
-	return email
+	email = fmt.Sprintf("%s", JWTdata.Claims["email"])		//Set the email
+	return email		//Return the email.
 }
diff --git a/api/alienvault.go b/api/alienvault.go
index a0e7acf..e5ae7e2 100644
--- a/api/alienvault.go
+++ b/api/alienvault.go
@@ -11,6 +11,8 @@ import (
 )
 
 // CallAlienVaultHash function takes a hash, returns data on it from the alienvault api
+//Documentation on the endpoint is found in https://otx.alienvault.com/assets/static/external_api.html
+//API endpoint contacted is: /api/v1/indicators/file/{file_hash}/{section}
 func CallAlienVaultHash(hash string, response *utils.FrontendResponse2, wg *sync.WaitGroup) {
 
 	defer wg.Done()
@@ -62,12 +64,15 @@ func CallAlienVaultHash(hash string, response *utils.FrontendResponse2, wg *sync
 	}
 }
 
+//Function to call the alienvault URL endpoint that gives us intelligence on a given URL or domain. 
+//Documentation on the endpoint is found in https://otx.alienvault.com/assets/static/external_api.html
+//API endpoint contacted is: /api/v1/indicators/url/{url}/{section}
 func CallAlienVaultUrl(url string, response *utils.FrontendResponse2, wg *sync.WaitGroup) {
 	defer wg.Done()
 	
 	APIKey := utils.APIKeyOTX
 
-	getURL := "https://otx.alienvault.com//api/v1/indicators/url/" + url + "/general"
+	getURL := "https://otx.alienvault.com//api/v1/indicators/url/" + url + "/general"	//Decalre the URL to be searched and the API endpoint. 
 
 	req, err := http.NewRequest("GET", getURL, nil)
 	req.Header.Set("X-OTX-API-KEY", APIKey)
@@ -82,20 +87,20 @@ func CallAlienVaultUrl(url string, response *utils.FrontendResponse2, wg *sync.W
 	}
 	defer res.Body.Close()
 
-	body, err := ioutil.ReadAll(res.Body)
+	body, err := ioutil.ReadAll(res.Body)	//Attempt to read body. 
 	if err != nil {
 		fmt.Println("ERROR READING JSON DATA", err)
 		logging.Logerror(err, "ERROR Reading JSON response, AlienVault API")
 
 	}
 
-	var jsonResponse utils.AlienVaultURL
+	var jsonResponse utils.AlienVaultURL		//Declare new struct. 
 
-	err = json.Unmarshal(body, &jsonResponse)
+	err = json.Unmarshal(body, &jsonResponse)		//Unmarshal data into struct.
 	if err != nil {
 		fmt.Println("UNMARSHAL ERROR:\n\n", err)
 		logging.Logerror(err, "ERROR unmarshalling, AlienVault URLsearch API")
 	}
 
-	utils.SetResponseObjectAlienVault(jsonResponse, response)
+	utils.SetResponseObjectAlienVault(jsonResponse, response)	//Set the response object for Alienvault. 
 }
diff --git a/api/google.go b/api/google.go
index d240f3e..02a7d2d 100644
--- a/api/google.go
+++ b/api/google.go
@@ -13,7 +13,9 @@ import (
 	//"dcsg2900-threattotal/main"
 )
 
-
+//Function to call the Google Safe Browsing API.
+//API documentation can be found in: https://developers.google.com/safe-browsing/v4
+// Contacted API Endpoint : https://safebrowsing.googleapis.com/v4/threatMatches
 func CallGoogleUrl(url string, response *utils.FrontendResponse2, wg *sync.WaitGroup) {
 	// Google API returnerer [] om den ikke kjenner til domenet / URL. Kan bruke dette til
 	// å avgjøre om det er malicious eller ikke.
@@ -94,8 +96,6 @@ func CallGoogleUrl(url string, response *utils.FrontendResponse2, wg *sync.WaitG
 	if err != nil {
 		fmt.Println(err)
 	}
-	output := string(body)
-	fmt.Println("BODY::!", output)
 
 	utils.SetResponeObjectGoogle(jsonResponse, response)
 }
-- 
GitLab