@contrast/agent 4.12.2 → 4.14.0

package/lib/protect/service.js

@@ -36,7 +36,6 @@ const headerValidators = require('./validators');
 const UserInputKit = require('../reporter/models/utils/user-input-kit');
 const UserInputFactory = require('../reporter/models/utils/user-input-factory');
 const blockRequest = require('../util/block-request');
-const Analyzer = require('./analysis/dfsa-analyzer');
 
 class ProtectService {
   /**
@@ -48,7 +47,21 @@ class ProtectService {
     this.config = agent.config;
     this.enabled = agent.isInDefendMode();
     this.assessEnabled = agent.isInAssessMode();
-    this.nativeAnalysis = this.config.agent.node.native_input_analysis;
+
+    this.agentLibAnalysis =
+      this.config.agent.node.native_input_analysis &&
+      this.config.agent.node.speedracer_input_analysis;
+
+    // if agentLib is present it will be used (for the "speedracer" variant of
+    // protect).
+    this.agentLib = agent.agentLib;
+    // map the rule-id in this.rules to the constant name for agentLib.RuleType values.
+    // are these mappings needed elsewhere? if so, yet another module...
+    if (this.agentLib && reporter.speedracer) {
+      this.agentLibRuleTypeToName = {
+        'nosql-injection-mongo': 'nosql-injection',
+      };
+    }
 
     this._exclusionFactory = new ExclusionFactory({
       featureSet: agent.tsFeatureSet,
@@ -57,7 +70,8 @@ class ProtectService {
     });
     this._ruleFactory = new RuleFactory({
       featureSet: agent.tsFeatureSet,
-      enabled: this.enabled
+      enabled: this.enabled,
+      agent
     });
     this.rules = this._ruleFactory.getRules();
     this.updateIpAllowlist(agent.tsFeatureSet.serverFeatures);
@@ -65,6 +79,9 @@ class ProtectService {
     this.urlExclusions = this._exclusionFactory.getUrlExclusions();
     this.inputExclusions = this._exclusionFactory.getInputExclusions();
     this.rules = this._ruleFactory.getRules();
+    if (this.agentLibAnalysis) {
+      this.addAgentLibBitToRules();
+    }
 
     agentEmitter.on('server-features', (serverFeatures) => {
       this.enabled = agent.isInDefendMode();
@@ -81,16 +98,32 @@ class ProtectService {
   }
 
   /**
-   * Sends Connection/Header/URI data to SR to perform input analysis.
+   * Sends Connection/Header/URI data to SR or agent-lib to perform input analysis.
+   * @param {} meta
    * @param {IncomingMessage} req The current request
    * @param {ServerResponse} res The current response
    * @returns {Boolean} Returning `true` allows instrumentation to resume app code
    */
   analyzeRequest({ meta, req, res, appContext }) {
+    if (this.agentLibAnalysis) {
+      const agentLibResults = this.analyzeWithAgentLib(meta, req);
+
+      const analysis = this.handleAgentLibAnalysis({
+        asyncStorageContext: meta.asyncStorageContext,
+        appContext,
+        agentSettings: agentLibResults,
+        req,
+        res
+      });
+      return Promise.resolve(analysis);
+    }
+
+    // if not doing native analysis (i.e., agent-lib) then send a message to
+    // SR and wait for the reply.
     return this.reporter
       .sendMessage('request', { incomingMessage: req })
       .then((agentSettings) => {
-        meta.requestId = _.get(agentSettings, 'protectState.uuid');
+        meta.requestId = agentSettings.protectState.uuid;
 
         return this.handleAnalysisResponse({
           asyncStorageContext: meta.asyncStorageContext,
@@ -113,17 +146,32 @@ class ProtectService {
   analyzeRequestStream({ meta, req, res, appContext }) {
     const { requestId, chunks } = meta;
 
-    if (this.nativeAnalysis) {
-      const analyzer = new Analyzer();
-      // if nothing is suspicious then don't send the body for analysis
-      if (!chunks.some((b) => analyzer.suspicious(b))) {
-        return Promise.resolve(true);
+    // use agentLib?
+    if (this.agentLibAnalysis) {
+      // don't try to analyze multipart bodies; agent-lib does not parse because the
+      // interpretation is framework dependent, like query params.
+      let multipart = false;
+      if (req.headers['content-type']) {
+        multipart = req.headers['content-type'].toLowerCase().includes('multipart');
+      }
+      let agentLibResults;
+      if (multipart) {
+        agentLibResults = {};
       } else {
-        // do some processing on the data. tbd in wasm/rust/napi. potentially
-        // replace entire "send to service".
+        agentLibResults = this.analyzeBodyWithAgentLib(meta, chunks);
       }
+
+      const analysis = this.handleAgentLibAnalysis({
+        asyncStorageContext: meta.asyncStorageContext,
+        appContext,
+        agentSettings: agentLibResults,
+        req,
+        res
+      });
+      return Promise.resolve(analysis);
     }
 
+    // use SR, not agentLib.
     return this.reporter
       .sendMessage('request', { requestId, chunks })
       .then((agentSettings) =>
@@ -137,6 +185,64 @@ class ProtectService {
       );
   }
 
+  //
+  // note that agent-lib returns "trackRequest" which is the logical-not
+  // of SR's "permit" return.
+  //
+  analyzeWithAgentLib(meta, req) {
+    const rules = this.getRulesMask(meta.asyncStorageContext.defend.rules);
+    if (!rules) {
+      return {};
+    }
+
+    const arg = {
+      rules,
+      preferWorthWatching: true,
+      // header names must be lowercase. should this be done in agent-lib?
+      headers: req.rawHeaders.map((h, ix) => (ix & 1 ? h : h.toLowerCase()))
+    };
+
+    const questionMark = req.url.indexOf('?');
+    if (questionMark >= 0) {
+      arg.queries = req.url.slice(questionMark + 1);
+    }
+
+    const findings = this.agentLib.scoreRequestConnect(arg);
+
+    return findings;
+  }
+
+  analyzeBodyWithAgentLib(meta, chunks) {
+    const rules = this.getRulesMask(meta.asyncStorageContext.defend.rules);
+    if (!rules) {
+      return {};
+    }
+    // also, if content-type has multipart...
+    const options = { preferWorthWatching: true };
+
+    const bodyBuffer = Buffer.concat(chunks);
+
+    const findings = this.agentLib.scoreRequestUnknownBody(
+      rules,
+      bodyBuffer,
+      options
+    );
+
+    // store body buffer on findings for nosqli sink.
+    findings.bodyBuffer = bodyBuffer;
+    return findings;
+  }
+
+  getRulesMask(rules) {
+    return rules.reduce((mask, rule) => {
+      if (!rule.agentLibBit) {
+        logger.trace(`rule ${rule.id} missing agentLibBit`);
+        return mask;
+      }
+      return mask | rule.agentLibBit;
+    }, 0);
+  }
+
   /**
    * Independent of the part(s) of the HTTP message being analyzed, there is a
    * common process for handling the analysis response from S-R.
@@ -167,9 +273,219 @@ class ProtectService {
   }
 
   /**
-   * Block at perimeter when instructed to do so by S-R.
+   * Handle the analysis response from agent-lib
+   *
+   * @param {AgentSettings} agentSettings agentLib findings
    * @param {IncomingMessage} req The current request
    * @param {ServerResponse} res The current response
+   * @returns {Boolean}
+   *
+   * agentLib findings are an object:
+   * {trackRequest: true|false, resultsList: [result]}
+   *
+   * a result is an object:
+   * {
+   *    ruleId: string,
+   *    inputType: string,
+   *    path: [string],
+   *    key: string,
+   *    value: string,
+   *    score: number
+   * }
+   */
+  // eslint-disable-next-line complexity
+  handleAgentLibAnalysis({
+    asyncStorageContext,
+    appContext,
+    agentSettings: agentLibResults,
+    res
+  }) {
+    if (!agentLibResults.resultsList) {
+      return true;
+    }
+
+    // at this point rules that are excluded by URL have been removed but
+    // none of the user-input exclusions have been applied; those exclusions
+    // are only applied for the protect.source event and this is (indirectly)
+    // invoked by the request.start and request.end events.
+
+    // determine if user input is excluded now that we have the results.
+    const { defend: { exclusions } } = asyncStorageContext;
+
+    let securityException = false;
+    // map the resultsList to the srResultsList (SR legacy format)
+    const srResultsList = [];
+
+    for (const r of agentLibResults.resultsList) {
+      // it's a little ugly but not all names returned correspond. this duplicates work
+      // in resultItemToSrResultItem() but allows us to avoid the conversion if the
+      // rule was excluded. i'm not sure it is a good trade because i'm presuming most
+      // items are not excluded, so it's a little bit of extra work to do this before
+      // the conversion.
+      const ruleId = this.agentLibRuleTypeToName[r.ruleId] || r.ruleId;
+      if (exclusions.length) {
+        const exclusionId = this.shouldExclude(exclusions, ruleId, r.inputType, r.key);
+        // don't add this to srResultsList if it is excluded.
+        // check null - can an exclusion name be an empty string?
+        if (exclusionId !== null) {
+          logger.debug(`EXCLUSION: ${exclusionId} - ${r.inputType} '${r.key}'`);
+          continue;
+        }
+      }
+
+      const mapped = this.resultItemToSrResultItem(r);
+      // nosqli requires the object at the key returned by the object to be stored
+      // on the sample so that it can be accessed at sink time.
+      if (mapped.ruleId === 'nosql-injection' && agentLibResults.bodyBuffer) {
+        this.captureMongoObject(mapped, agentLibResults.bodyBuffer);
+      }
+      // is the rule BAP?
+      if (mapped.scoreLevel === 'DEFINITE' && this.getRuleMode(mapped.ruleId) === 'BLOCK_AT_PERIMETER') {
+        securityException = true;
+      }
+
+      srResultsList.push(mapped);
+    }
+
+    /*
+    // this is the message SR returns but there is no need to create that format.
+    // only the resultsList is used by collectSamples(). securityException has
+    // already been synthesized.
+    const srAnalysisFmt = {
+      sentMs: Date.now(),
+      serverFeatures: undefined,
+      applicationSettings: undefined,
+      accumulatorSettings: undefined,
+      protectState: {
+        uuid: 'dead-beef-feed-a-fad-b4-a-fade',
+        trackRequest: agentLibResults.trackRequest,
+        securityException,
+        securityMessage: ''
+      },
+      inputAnalysis: { resultsList: srResultsList },
+      // tack on raw agent lib results so they can be used at sinks. this will
+      // facilitate removing the SR format when SR is removed.
+      agentLibResults
+    };
+    // */
+
+    // hack this into agentLibResults for now. it's needed to set sample.blocked
+    // when one had a DEFINITE score. previously, this was not needed because SR
+    // did reporting and only returned a securityException flag, indicating that
+    // the agent needed to block the request.
+    agentLibResults.securityException = securityException;
+
+    // save results for input tracing. collectSamples() is called with the
+    // additional parameter, agentLibResults, in this case. (see the implementation
+    // of collectSamples()).
+    this.collectSamples(
+      asyncStorageContext,
+      srResultsList,
+      appContext,
+      agentLibResults
+    );
+
+    // if there is a security exception there used to be no need to do anything more
+    // because SR would report it; when SR sent us a "securityException" it had already
+    // been reported, so the agent needed only to block the request. but with agentLib
+    // the sample must always be collected so it will be reported.
+    if (securityException) {
+      return this.handleBlockAtPerimeter(res);
+    }
+
+    return true;
+  }
+
+  /**
+   * map an agent-lib result to an SR format result.
+   *
+   * @param {result} r see handleAgentLibAnalysis above; an item returned by scoreRequestConnect
+   * in the resultsList array.
+   *
+   * @returns an SR-formatted result.
+   */
+  resultItemToSrResultItem(r) {
+    const copy = Object.assign({}, r, { attackCount: 1 });
+    // the ruleIds are not the same. kind of ugly.
+    if (copy.ruleId in this.agentLibRuleTypeToName) {
+      copy.ruleId = this.agentLibRuleTypeToName[copy.ruleId];
+    }
+
+    // user-input serialization wants a string. it replaces
+    // '.' with '>'; it really shouldn't do that - a '.' could
+    // be in a key, but that's how it works.
+    copy.path = copy.path.join('>');
+    // agent-lib doesn't return the pattern IDs that matched. they're not used, but the
+    // array cannot be empty for TS (rumor has it).
+    copy.idsList = ['agent-lib'];
+    if (copy.score >= 90) {
+      copy.scoreLevel = 'DEFINITE';
+    } else if (copy.score >= 10) {
+      copy.scoreLevel = 'WATCH';
+    } else {
+      // it really shouldn't be in this list...
+      copy.scoreLevel = 'NONE';
+    }
+    // get rid of the score property because it's not part of the SR
+    // resultsList items.
+    delete copy.score;
+
+    return copy;
+  }
+
+  /**
+   * Capture document object sample for Mongo. Right now applies blanketly
+   * to all nosqli rules because there is not a translation layer.
+   * For more information on how this applies to mongo injection & expansion,
+   * See `mongo.md' in the agent-lib-core repo.
+   *
+   * @param {Object} libResult  result object from library representing mongo injection/expansion
+   * @param {Buffer} bodyBuffer buffer form of the request body (concat'd from chunks)
+   */
+  captureMongoObject(libResult, bodyBuffer) {
+    try {
+      // matches Sample's _inputInfoForSink
+      if (!libResult.inputInfo) {
+        libResult.inputInfo = {};
+      }
+
+      // parse the body as json.
+      const { path } = libResult;
+      const obj = JSON.parse(bodyBuffer.toString());
+      let doc = obj;
+      // returned path from lib is array of keys to traverse.
+      for (const entry of path) {
+        doc = doc[entry];
+      }
+
+      libResult.inputInfo.docObject = doc;
+      // the query clause (eg: $ne) is always the last entry in the path.
+      libResult.inputInfo.queryClause = path[path.length - 1];
+    } catch (e) {
+      logger.debug(`Failed to parse body buffer on nosqli libResult ${e}`);
+    }
+  }
+
+  /**
+   * Get the mode for a given rule
+   * @param   {string} ruleId rule to get mode of
+   * @returns {string}        the mode of the given rule
+   */
+  getRuleMode(ruleId) {
+    // must filter every time because teamserver can update these
+    // at any time.
+    for (const rule of this.rules) {
+      if (rule.id === ruleId) {
+        return rule.mode;
+      }
+    }
+
+    return null;
+  }
+
+  /**
+   * Block at perimeter when instructed to do so by S-R.
+   * @param {ServerResponse} res The current response
    * @returns {Boolean} false which halts executing of original method
    */
   handleBlockAtPerimeter(res) {
@@ -179,41 +495,55 @@ class ProtectService {
   }
 
   /**
-   * When results are returned from S-R, save them to to input tracing.
-   * @param {Object[]} resultsList
-   * @param {ApplicationContext} appContext
+   * When results are returned from S-R, save them for input tracing.
+   *
+   * @param {AsyncContext} asyncContext
+   * @param {[Object]} resultsList SR-format results list (see handleAgentLibAnalysis)
+   * @param {ApplicationContext} appContext request is added to this if not present
+   * @param {Object} agentLibResults used only for securityException
    */
-  collectSamples(asyncStorageContext, resultsList = [], appContext = {}) {
-    if (!resultsList.length) {
+  collectSamples(asyncContext, resultsList, appContext, agentLibResults) {
+    if (!resultsList || !resultsList.length) {
       return;
     }
 
-    /*
-     * this shouldn't happen as this is retrieved when the request event
-     * is processed, and will be available.
-     */
-    if (!asyncStorageContext) {
-      logger.error(
-        'StorageContext not found - Unable to create samples from results list'
-      );
+    // this shouldn't happen as this is retrieved when the request event
+    // is processed, and will be available.
+    if (!asyncContext) {
+      logger.error('StorageContext not found - Unable to create samples from results list');
       return;
     }
 
-    const {
-      request,
-      defend: { samples }
-    } = asyncStorageContext;
+    const { request, defend } = asyncContext;
 
     if (!appContext.request) {
       appContext.request = request;
     }
 
+    this._collectSamples(defend.samples, resultsList, appContext, agentLibResults);
+  }
+
+  /**
+   * Collect samples from already checked and present arguments
+   */
+  _collectSamples(samples, resultsList, appContext, agentLibResults) {
+    let blocked = false;
+
+    if (agentLibResults) {
+      blocked = !!agentLibResults.securityException;
+    }
+
     for (const result of resultsList) {
       // Coerce custom rule id
       if (result.ruleId === RULES.NOSQL_EXPANSION) {
         result.ruleId = RULES.NOSQL_INJECTION;
       }
 
+      // don't bind all the following vars unless we need to
+      if (result.scoreLevel === IMPORTANCE.NONE) {
+        continue;
+      }
+
       const {
         scoreLevel,
         ruleId,
@@ -224,16 +554,20 @@ class ProtectService {
         idsList
       } = result;
 
-      if (scoreLevel === IMPORTANCE.NONE) {
-        return;
-      }
-
       const sample = samples.addRuleSample({
         id: ruleId,
         input: UserInputFactory.makeOne({ name, path, type, value }),
         evaluation: { results: { importance: scoreLevel } },
         appContext
       });
+
+      sample.blocked = blocked;
+
+      // copy over custom info for sink.
+      if (result.inputInfo) {
+        Object.assign(sample._inputInfoForSink, result.inputInfo);
+      }
+
       sample.filters.push(...idsList);
     }
   }
@@ -242,6 +576,15 @@ class ProtectService {
     if (settings) {
       this._ruleFactory.updateSettings(settings, this.enabled);
       this.rules = this._ruleFactory.getRules();
+      if (this.agentLibAnalysis) {
+        this.addAgentLibBitToRules();
+      }
+    }
+  }
+
+  addAgentLibBitToRules() {
+    for (const rule of this.rules) {
+      rule.agentLibBit = this.agentLib.RuleType[rule.id];
     }
   }
 
@@ -273,7 +616,7 @@ class ProtectService {
     // hack; we don't have a proper rule to create the inputs from
     const inputs = inputKit.create({}, data, ipEvent.type);
     // length should always just be 1
-    const input = inputs[0];
+    const [input] = inputs;
     return this.ipAllowlist.evaluate(input);
   }
 
@@ -295,10 +638,31 @@ class ProtectService {
   }
 
   /**
-   * Loads the rules for context storage based on current url exclusions
+   * Loads the rules for context storage based on current url exclusions.
+   * This is only called by protect/listeners.js and probably belongs there
+   * rather than here, but it's here. In any case, listeners sets async
+   * context rules based on the return value of this function.
    *
    * @param {string} path
-   * @param {UserInput} ipInput
+   * @param {SourceEvent} ipEvent created when an http 'request' event occurs
+   * @returns {[Rule]} the array of rules that applies to this URL
+   *
+   * exclusions are an array of exclusion objects.
+   * [{
+   *  assess: boolean,
+   *  assessmentRulesList: [],
+   *  defend: boolean,
+   *  inputName: string,
+   *  inputType: string enum 'PARAMETER', ? (<= querystring & parameter)
+   *  isNamed: boolean,
+   *  matchStrategy: string enum 'ALL', ?,
+   *  name: 'parameter-input',        // name of exclusion
+   *  urls: [],
+   * }]
+   *
+   * exclusion inputTypes: BODY, COOKIE, HEADER, PARAMETER - all input types
+   * are mapped to one of these four.
+   *
    */
   getEnabledRules(path, ipEvent) {
     if (!this.enabled) {
@@ -323,7 +687,7 @@ class ProtectService {
   }
 
   /**
-   * Loads the input exclusions for context storage based on current request url
+   * returns an array of the input exclusions applicable to the current url
    *
    * @param {string} path
    */
@@ -340,51 +704,264 @@ class ProtectService {
   }
 
   /**
-   * Dispatches to the appropriate <code>preFilter</code> handler
-   * based on the <code>SourceEvent</code>'s input type.
+   * Dispatches to the appropriate preFilter handler based on the SourceEvent
+   * input type. If the event type is an URL_PARAMETER and agent-lib analysis
+   * is being used, dispatches to a different handler because agent-lib needs
+   * to check url params after the framework has parsed them.
    *
-   * @param {SourceEvent} event Source event providing data and context
+   * @param {SourceEvent} event Source event providing data and context (from lib/protect/listeners).
+   * @param {[Rule]} rules enabled rules
+   * @param {[InputExclusions]} inputExclusions input exclusions
+   * @param {Samples} samples Samples object for this request
    */
+  // eslint-disable-next-line complexity
   handleSourceEvent(event, rules, inputExclusions, samples) {
-    if (this.skipEventHandling(rules)) {
+    // reduce the number of rules and exclusions that need to be checked because
+    // the event.type does not change.
+    rules = rules.filter((rule) => rule.appliesToInputType(event.type));
+    if (rules.length === 0) {
+      return;
+    }
+    inputExclusions = inputExclusions.filter((iex) => iex.appliesToInputType(event.type));
+
+    // agent-lib handles raw URLs, bodies, querystrings, headers, etc. but cannot
+    // handle URL parameter (e.g., /path/:param/action) because only the framework
+    // is aware of them. this function is invoked after the framework has parsed
+    // the URL and created the params object. this is important because the params,
+    // as represented in the URL, is URI encoded so the normal regexes will not
+    // match until the framework has decoded the param.
+    if (this.agentLibAnalysis) {
+      switch (event.type) {
+        case 'URL_PARAMETER': {
+          this.handleUrlParametersWithAgentLib(event, rules, inputExclusions, samples);
+          break;
+        }
+        case 'MULTIPART_NAME': {
+          this.handleMultipartFilenameWithAgentLib(event, rules, inputExclusions, samples);
+          break;
+        }
+        case 'MULTIPART_VALUE':
+        case 'BODY': {
+          this.handleMultipartBodyWithAgentLib(event, rules, inputExclusions, samples);
+          break;
+        }
+        case 'COOKIE_VALUE': {
+          this.handleCookiesWithAgentLib(event, rules, inputExclusions, samples);
+          break;
+        }
+      }
+    }
+
+    // remove agent-lib rules from the list to be handled by node. node handles rules
+    // that are not implemented by agent-lib. remove the agent-lib rules so those rules
+    // are not executed by both agent-lib and node.
+    rules = rules.filter((r) => !r.agentLibBit);
+    if (rules.length === 0) {
       return;
     }
 
     const data = this.filterSafeData(event);
-
-    if (_.isEmpty(data)) {
+    if (data.length === 0) {
       return;
     }
 
     const inputKit = new UserInputKit();
-    rules = rules.filter((rule) => rule.appliesToInputType(event.type));
 
     for (const rule of rules) {
       const inputs = inputKit.create(rule, data, event.type);
-
       for (const input of inputs) {
         if (this.isUserInputExcluded({ inputExclusions, rule, event, input })) {
           continue;
         }
+        // for all rules that do not use library input analysis.
+        if (!(rule.usesLibInputAnalysis && this.agentLibAnalysis)) {
+          logger.debug(`Starting rule analysis: ${input.type} ${input.name}`);
+          rule.preFilterUserInput(input, event, samples);
+        }
+      }
+    }
+  }
+
+  /**
+   * handle protect.source events for URL parameters when agent lib is enabled.
+   *
+   * @param {SourceEvent} event Source event providing data and context (from lib/protect/listeners).
+   * @param {[Rule]} rules enabled rules
+   * @param {[InputExclusions]} inputExclusions input exclusions
+   * @param {Samples} samples Samples object for this request
+   */
+  // eslint-disable-next-line complexity
+  handleUrlParametersWithAgentLib(event, rules, inputExclusions, samples) {
+    const res = event._serverResponse;
+    const params = event.data;
+    // if it's URL_PARAMETER and there are not params, then why are
+    // we here?
+    if (!params) {
+      logger.debug('handleUrlParametersWithAgentLib - no params found');
+      return;
+    }
+
+    const srResultsList = [];
+    let securityException = false;
+    const type = this.agentLib.InputType.UrlParameter;
+    const libRules = this.getRulesMask(rules);
+
+    if (!libRules) {
+      logger.debug('handleUrlParametersWithAgentLib - no rules');
+      return;
+    }
+
+    // for each key, check out the value. the key is set in the code so
+    // is not vulnerable.
+    for (const key in params) {
+      // items from scoreAtom() are only [{ruleId, score}, ...] because the key
+      // and inputType are already known and there is no path.
+      const items = this.agentLib.scoreAtom(params[key], type, libRules);
+      if (!items) {
+        continue;
+      }
+      for (const item of items) {
+        item.inputType = type;
+        const resultItem = Object.assign({ path: [key], value: params[key] }, item);
+        const mapped = this.resultItemToSrResultItem(resultItem);
+        const input = { type, name: key };
+        if (this.isUserInputExcluded({ inputExclusions, rule: { id: mapped.ruleId }, event, input })) {
+          continue;
+        }
+        if (mapped.scoreLevel === 'DEFINITE' && this.getRuleMode(mapped.ruleId) === 'BLOCK_AT_PERIMETER') {
+          securityException = true;
+        }
+        srResultsList.push(mapped);
+      }
+    }
+
+    this._collectSamples(samples, srResultsList, {}, { securityException });
+
+
+    if (securityException) {
+      this.handleBlockAtPerimeter(res);
+    }
+  }
+
+  // event.type === MULTIPART_NAME, data: {newrelic.js: 'newrelic.js'}
+  handleMultipartFilenameWithAgentLib(event, rules, inputExclusions, samples) {
+    const res = event._serverResponse;
+    const srResultsList = [];
+    let securityException = false;
+    // 'MULTIPART_NAME' is apparently used only for filenames; 'MULTIPART_VALUE'
+    // is used for multipart KV pairs (and we can just use PARAMETER_KEY/PARAMETER_VALUE).
+    const type = this.agentLib.InputType.MultipartName;
+    const libRules = this.getRulesMask(rules);
+
+    if (!libRules) {
+      logger.debug('handleUrlParametersWithAgentLib - no rules');
+      return;
+    }
+
+    // why these aren't {filename: 'newrelic.js'} instead of {newrelic.js: 'newrelic.js'}
+    // escapes me.
+    if (typeof event.data !== 'object') {
+      return;
+    }
+    const filenames = Object.keys(event.data);
+
+    for (const filename of filenames) {
+      const items = this.agentLib.scoreAtom(filename, type, libRules);
+      if (!items) {
+        continue;
+      }
+      for (const item of items) {
+        item.inputType = type;
+        const resultItem = Object.assign({ path: [filename], value: filename }, item);
+        const mapped = this.resultItemToSrResultItem(resultItem);
+        if (mapped.scoreLevel === 'DEFINITE' && this.getRuleMode(mapped.ruleId) === 'BLOCK_AT_PERIMETER') {
+          securityException = true;
+        }
+        srResultsList.push(mapped);
+      }
+    }
+
+    this._collectSamples(samples, srResultsList, {}, { securityException });
+
+    if (securityException) {
+      this.handleBlockAtPerimeter(res);
+    }
+  }
+
+  handleMultipartBodyWithAgentLib(event, rules, inputExclusions, samples) {
+    const rulesMask = this.getRulesMask(rules);
+    if (!rulesMask || typeof event.data !== 'object' || !event._ctxt) {
+      return;
+    }
+    // just treat these as an array of query params.
+    const queries = Object.entries(event.data)
+      .filter(i => typeof i[1] === 'string')
+      .reduce((queries, q) => {
+        queries.unshift(...q); return queries;
+      }, []);
+
+    const arg = {
+      rules: rulesMask,
+      preferWorthWatching: true,
+      queries,
+    };
+
+    const findings = this.agentLib.scoreRequestConnect(arg);
+
+    this.handleAgentLibAnalysis({
+      asyncStorageContext: event._ctxt,
+      appContext: {},
+      agentSettings: findings,
+      req: event._incomingMessage,
+      res: event._serverResponse,
+    });
+  }
+
+  handleCookiesWithAgentLib(event, rules, inputExclusions, samples) {
+    const cookies = Object.entries(event.data).reduce((acc, [key, value]) => {
+      acc.unshift(key, value);
+      return acc;
+    }, []);
+    const findings = this.agentLib.scoreRequestConnect({
+      preferWorthWatching: true,
+      rules: this.getRulesMask(rules),
+      cookies
+    });
+    this.handleAgentLibAnalysis({
+      asyncStorageContext: event._ctxt,
+      appContext: {},
+      agentSettings: findings,
+      req: event._incomingMessage,
+      res: event._serverResponse,
+    });
+
+  }
 
-        logger.debug(`Starting rule analysis: ${input.type} ${input.name}`);
-        rule.preFilterUserInput(input, event, samples);
+  /**
+   * check a rule/input combination against the specified exclusions.
+   *
+   * @param {[Exclusion]} exclusions array of exclusions to check against
+   * @param {String} ruleId the rule ID
+   * @param {String} inputType the type of the input
+   * @param {String} inputName the key for JSON objects and KV pairs
+   *
+   * @returns {String|null} the name of the exclusion that applied, or null.
+   */
+  shouldExclude(exclusions, ruleId, inputType, inputName) {
+    for (const exclusion of exclusions) {
+      if (exclusion.shouldExclude(ruleId, inputType, inputName)) {
+        return exclusion.name;
       }
     }
+    return null;
   }
 
   isUserInputExcluded({ inputExclusions, rule, event, input }) {
     let excluded;
     for (const exclusion of inputExclusions) {
-      excluded =
-        exclusion.appliesToInputType(event.type) &&
-        exclusion.appliesToProtectRule(rule.id) &&
-        exclusion.matches(input.name);
-
+      excluded = exclusion.shouldExclude(rule.id, input.type, input.name);
       if (excluded) {
-        logger.debug(
-          `EXCLUSION: ${exclusion.name} - ${input.type} '${input.name}'`
-        );
+        logger.debug(`EXCLUSION: ${exclusion.name} - ${input.type} '${input.name}'`);
         break;
       }
     }
@@ -392,7 +969,7 @@ class ProtectService {
   }
 
   skipEventHandling(rules) {
-    return _.isEmpty(rules) || !this._ruleFactory.enabled;
+    return _.isEmpty(rules);
   }
 
   /**
@@ -403,7 +980,7 @@ class ProtectService {
    * @param {[Samples]} params.samples worthWatching/definite
    */
   handleSinkEvent({ event, rules, samples }) {
-    if (this.skipEventHandling(rules)) {
+    if (_.isEmpty(rules)) {
       return;
     }
 
@@ -414,7 +991,23 @@ class ProtectService {
       }
 
       const applicableSamples = samples.getAll(rule.id);
-      rule.evaluateAtSink({ event, samples, applicableSamples, request });
+      // this should be tested here as opposed to constructing an object
+      // and passing it to evaluateAtSink*(). but tests expect that
+      // evaluateAtSink*() gets called and they don't bother to set up
+      // appopriate samples and event data. so, comment it out for now.
+      //if (applicableSamples.size === 0 || !event.data) {
+      //  continue;
+      //}
+
+      // Do we want to use the standard node evaluator or the library sink
+      // evaluation (which requires data from the library's input analysis stage)?
+      const args = { event, samples, applicableSamples, request };
+
+      if (!this.agentLibAnalysis || !rule.evaluateAtSinkForLib) {
+        rule.evaluateAtSink(args);
+      } else {
+        rule.evaluateAtSinkForLib(args);
+      }
     }
   }
 
@@ -477,25 +1070,12 @@ class ProtectService {
    */
   submitFindings(rules, samples) {
     const findings = this.createFindings(rules, samples);
-    const aggregated = SampleAggregator.aggregate(findings);
+    const aggregated = SampleAggregator.aggregate(findings, (finding) => this.wwFilter(finding));
     for (const finding of aggregated) {
       agentEmitter.emit('attack', finding);
     }
   }
 
-  /**
-   * checks if samples already contain input types of PARAMETER_VALUE or PARAMETER_NAME
-   *
-   * @param {boolean} isEffective
-   * @param {string} inputType
-   * @return {boolean}
-   */
-  static paramInputs(inputType) {
-    return [INPUT_TYPES.PARAMETER_VALUE, INPUT_TYPES.PARAMETER_NAME].includes(
-      inputType
-    );
-  }
-
   /**
    * See: https://contrast.atlassian.net/browse/NODE-670
    * The way we collect findings in SR vs node
@@ -506,22 +1086,30 @@ class ProtectService {
    *
    * @param {Object} params
    * @param {Array} findings to report
-   * @param {Set} set of all samples for a given rule
+   * @param {Set} ruleSamples of all samples for a given rule
    * @param {Rule} protect rule object
+   * @param {Boolean} speedracer speedracer analysis is being used. this
+   * includes agent-lib, which uses the speedracer logic.
    */
-  addSRFindings({ findings, ruleSamples, rule }) {
-    let qsSample = null;
+  addFindings({ findings, ruleSamples, rule, speedracer }) {
+    const qsSamples = [];
     let hasEffectiveParamInputs = false;
 
     for (const sample of ruleSamples) {
-      hasEffectiveParamInputs =
-        hasEffectiveParamInputs ||
-        ProtectService.paramInputs(sample.input.type);
+      if (sample.input.type === INPUT_TYPES.URI) {
+        // forget about URL things
+        continue;
+      }
+
+      // is the sample a parameter name or value?
+      hasEffectiveParamInputs = hasEffectiveParamInputs ||
+        INPUT_TYPES.PARAMETER_VALUE === sample.input.type ||
+        INPUT_TYPES.PARAMETER_NAME === sample.input.type;
 
       // saving reference to QUERYSTRING sample in case
       // there are no Parameter type samples for rule
       if (sample.input.type === INPUT_TYPES.QUERYSTRING) {
-        qsSample = sample;
+        qsSamples.push(sample);
       } else {
         findings.push({
           rule,
@@ -533,14 +1121,16 @@ class ProtectService {
     }
 
     // https://contrast.atlassian.net/browse/NODE-660 - only report one attack
-    // when there are both QUERYSTRING and PARAMETER_VALUE types for a given rule
-    if (qsSample && !hasEffectiveParamInputs) {
-      findings.push({
-        rule,
-        ruleId: rule.id,
-        sample: qsSample,
-        status: qsSample.getStatus()
-      });
+    // when there are both QUERYSTRING and PARAMETER_VALUE types for a given rule.
+    if (qsSamples.length > 0 && !hasEffectiveParamInputs) {
+      for (const qsSample of qsSamples) {
+        findings.push({
+          rule,
+          ruleId: rule.id,
+          sample: qsSample,
+          status: qsSample.getStatus()
+        });
+      }
     }
   }
 
@@ -551,31 +1141,46 @@ class ProtectService {
    * @param   {Rule[]} rules Rules from which to build findings
    * @returns {Object[]}     The findings from the rules
    */
-  createFindings(rules = [], samples) {
+  createFindings(rules, samples) {
     const findings = [];
+    const speedracer = this.reporter.speedracer &&
+      this.config.agent.node.speedracer_input_analysis;
+
     for (const rule of rules) {
       const { id } = rule;
       const ruleSamples = samples.getAll(id);
-
-      if (
-        this.reporter.speedracer &&
-        this.config.agent.node.speedracer_input_analysis
-      ) {
-        this.addSRFindings({ findings, ruleSamples, rule });
-      } else {
-        for (const sample of ruleSamples) {
-          findings.push({
-            rule,
-            ruleId: id,
-            sample,
-            status: sample.getStatus()
-          });
-        }
+      // no need to call add findings if no samples
+      if (ruleSamples.size === 0) {
+        continue;
       }
+
+      // only support SR format now; previously there was logic to handle node
+      // analysis differently than SR analysis. agent-lib mimics SR, so both
+      // should be the same now.
+      this.addFindings({ findings, ruleSamples, rule, speedracer });
     }
 
     return findings;
   }
+
+  // worth-watching filter. this is located here so agent-lib isn't exposed to the
+  // sample aggregator any more than necessary (agentLibBit is exposed).
+  //
+  // returns true if the finding should be reported as a probe, else false
+  wwFilter(finding) {
+    const { agentLibBit } = finding.rule;
+    const { _type, _value: input } = finding.sample.input;
+    const type = this.agentLib.InputType[_type];
+
+    const alFinding = this.agentLib.scoreAtom(input, type, agentLibBit);
+    if (!alFinding) {
+      return false;
+    }
+    if (alFinding.length > 1) {
+      logger.debug(`scoreAtom() returned ${alFinding.length} findings`);
+    }
+    return alFinding[0].score >= 90;
+  }
 }
 
 module.exports = ProtectService;