tum
/
soc


			
							12345678910111213141516171819202122232425262728293031323334353637383940414243444546474849505152535455565758596061626364656667686970717273747576777879808182
							from __future__ import annotations

from typing import Any, Awaitable, Callable

from fastapi import APIRouter, Depends

from app.models import ApiResponse, MvpIncidentIngestRequest, MvpIocEvaluateRequest, MvpVpnEvaluateRequest
from app.services.mvp_service import MvpService


def build_mvp_router(
    mvp_service: MvpService,
    require_internal_key: Callable[..., Awaitable[None]],
) -> APIRouter:
    router = APIRouter(prefix="/mvp", tags=["mvp"])

    @router.post(
        "/incidents/ingest",
        response_model=ApiResponse,
        dependencies=[Depends(require_internal_key)],
        summary="Ingest MVP incident",
        description="Ingest a normalized event into MVP correlation and incident workflow.",
    )
    async def ingest_incident(payload: MvpIncidentIngestRequest) -> ApiResponse:
        result = await mvp_service.ingest_incident(payload.model_dump(mode="json"))
        return ApiResponse(data=result)

    @router.post(
        "/ioc/evaluate",
        response_model=ApiResponse,
        dependencies=[Depends(require_internal_key)],
        summary="Evaluate IOC (MVP)",
        description="Evaluate IOC via configured workflow and create/update incident when matched.",
    )
    async def evaluate_ioc(payload: MvpIocEvaluateRequest) -> ApiResponse:
        result = await mvp_service.evaluate_ioc(payload.model_dump(mode="json"))
        return ApiResponse(data=result)

    @router.post(
        "/vpn/evaluate",
        response_model=ApiResponse,
        dependencies=[Depends(require_internal_key)],
        summary="Evaluate VPN anomaly (MVP)",
        description="Evaluate VPN login risk context and route to incident/escalation logic.",
    )
    async def evaluate_vpn(payload: MvpVpnEvaluateRequest) -> ApiResponse:
        result = await mvp_service.evaluate_vpn(payload.model_dump(mode="json"))
        return ApiResponse(data=result)

    @router.get(
        "/config/policies",
        response_model=ApiResponse,
        summary="Get MVP policy",
        description="Return active MVP policy configuration used for risk and escalation decisions.",
    )
    async def get_policies() -> ApiResponse:
        data = mvp_service.repo.get_policy()
        return ApiResponse(data={"policy": data})

    @router.put(
        "/config/policies",
        response_model=ApiResponse,
        dependencies=[Depends(require_internal_key)],
        summary="Update MVP policy",
        description="Replace MVP policy configuration used for incident scoring and escalation.",
    )
    async def update_policies(payload: dict[str, Any]) -> ApiResponse:
        data = mvp_service.repo.update_policy(payload)
        return ApiResponse(data={"policy": data})

    @router.get(
        "/health/dependencies",
        response_model=ApiResponse,
        summary="Dependency health (MVP)",
        description="Check connectivity and latency for Wazuh, Shuffle, IRIS, and PagerDuty stub.",
    )
    async def dependency_health() -> ApiResponse:
        data = await mvp_service.dependency_health()
        return ApiResponse(data={"dependencies": data})

    return router