Skip to content

The Antivirus Check Service provides the ability to scan files with a locally installed clamav daemon. In addition, the service offers a URL scan using virustotal.

License

Notifications You must be signed in to change notification settings

hpi-schul-cloud/antivirus_check_service

Repository files navigation

Antivirus Check Service

The Antivirus Check Service provides the ability to scan files with a locally installed clamav daemon. The Antivirus Check Service processes incoming scan requests and sends the scan result to a specified web hook.

Usage

Antivirus Check Service provides two interfaces.

WebAPI

The WebAPI is the most common interface to use Antivirus Check Service. All requests besides of the root resource / have to be authenticated using basic access authentication.

A GET request to https://<antivirus-check-service>/ gives a detailed usage api doc:

"scan file request": {
    "description": "Download file and scan against virus (using local clamd), report back to given webhook uri",
    "path": "/scan/file",
    "method": "POST",
    "params": {
        "download_uri": {
            "type": "string",
            "description": "Complete uri to the downloadable file"
        },
        "callback_uri": {
            "type": "string",
            "description": "Complete uri to the callback uri"
        },
    }
},
"clamav daemon version": {
    "description": "Get clamav daemon version and last database update",
    "path": "/antivirus-version",
    "method": "GET"
},

To get the clamav daemon version and last database update, you can send a request to the WebAPI /antivirus-version. The response is similar to:

{"clamd-version": "0.99.2/24389/Tue", "clamd-database-version": "2018/03/13 - 08:12:22"}

AMQP

The Antivirus Check Service provides an AMQP API, which is used by the WebAPI as well. Authenticate and publish a message to the regarding queue using the routing_key:

  • url: amqp://<user>:<password>@<antivirus-check-service>/antivirus

scan file:

  • routing key: scan_file_v2
  • message:
    {
      "download_uri": "https://<uri-to-file>",
      "callback_uri": "https://<uri-to-report-endpoint>"
    }

Reports

The reports are PUT requests to the given webhook Uri. The payload differs reagrding the scan type.

scan file payload

{"virus_detected": "<true|false>", "virus_signature": "<null|signature name>"}

Error

If an error occures the Antivirus Check Service will try to send an error page (500) with the error message as json:

{"error": "<error message>"}

CONFIGURATION

The configurate is taken via env vars.

About

The Antivirus Check Service provides the ability to scan files with a locally installed clamav daemon. In addition, the service offers a URL scan using virustotal.

Topics

Resources

License

Stars

Watchers

Forks

Packages