@prosopo/provider 3.12.3 → 3.13.0

package/dist/cjs/api/admin/apiAdminRoutesProvider.cjs

@@ -3,30 +3,25 @@ Object.defineProperty(exports, Symbol.toStringTag, { value: "Module" });
 const types = require("@prosopo/types");
 const apiRegisterSiteKeyEndpoint = require("./apiRegisterSiteKeyEndpoint.cjs");
 const apiRemoveDetectorKeyEndpoint = require("./apiRemoveDetectorKeyEndpoint.cjs");
+const apiToggleMaintenanceModeEndpoint = require("./apiToggleMaintenanceModeEndpoint.cjs");
 const apiUpdateDetectorKeyEndpoint = require("./apiUpdateDetectorKeyEndpoint.cjs");
 class ApiAdminRoutesProvider {
   constructor(tasks) {
     this.tasks = tasks;
   }
   getRoutes() {
-    return [
-      {
-        path: types.AdminApiPaths.SiteKeyRegister,
-        endpoint: new apiRegisterSiteKeyEndpoint.ApiRegisterSiteKeyEndpoint(this.tasks.clientTaskManager)
-      },
-      {
-        path: types.AdminApiPaths.UpdateDetectorKey,
-        endpoint: new apiUpdateDetectorKeyEndpoint.ApiUpdateDetectorKeyEndpoint(
-          this.tasks.clientTaskManager
-        )
-      },
-      {
-        path: types.AdminApiPaths.RemoveDetectorKey,
-        endpoint: new apiRemoveDetectorKeyEndpoint.ApiRemoveDetectorKeyEndpoint(
-          this.tasks.clientTaskManager
-        )
-      }
-    ];
+    return {
+      [types.AdminApiPaths.SiteKeyRegister]: new apiRegisterSiteKeyEndpoint.ApiRegisterSiteKeyEndpoint(
+        this.tasks.clientTaskManager
+      ),
+      [types.AdminApiPaths.UpdateDetectorKey]: new apiUpdateDetectorKeyEndpoint.ApiUpdateDetectorKeyEndpoint(
+        this.tasks.clientTaskManager
+      ),
+      [types.AdminApiPaths.RemoveDetectorKey]: new apiRemoveDetectorKeyEndpoint.ApiRemoveDetectorKeyEndpoint(
+        this.tasks.clientTaskManager
+      ),
+      [types.AdminApiPaths.ToggleMaintenanceMode]: new apiToggleMaintenanceModeEndpoint.ApiToggleMaintenanceModeEndpoint()
+    };
   }
 }
 exports.ApiAdminRoutesProvider = ApiAdminRoutesProvider;

package/dist/cjs/api/admin/apiRegisterSiteKeyEndpoint.cjs

@@ -3,13 +3,14 @@ Object.defineProperty(exports, Symbol.toStringTag, { value: "Module" });
 const apiRoute = require("@prosopo/api-route");
 const common = require("@prosopo/common");
 const types = require("@prosopo/types");
+var _documentCurrentScript = typeof document !== "undefined" ? document.currentScript : null;
 class ApiRegisterSiteKeyEndpoint {
   constructor(clientTaskManager) {
     this.clientTaskManager = clientTaskManager;
   }
   async processRequest(args, logger) {
     const { siteKey, tier, settings } = args;
-    logger = logger || common.getLogger("info", module);
+    logger = logger || common.getLogger("info", typeof document === "undefined" ? require("url").pathToFileURL(__filename).href : _documentCurrentScript && _documentCurrentScript.tagName.toUpperCase() === "SCRIPT" && _documentCurrentScript.src || new URL("api/admin/apiRegisterSiteKeyEndpoint.cjs", document.baseURI).href);
     const temp = settings || types.ClientSettingsSchema.parse({});
     logger.info(() => ({ data: { siteKey }, msg: "`Registering site key" }));
     await this.clientTaskManager.registerSiteKey(siteKey, tier, temp);

package/dist/cjs/api/admin/apiRemoveDetectorKeyEndpoint.cjs

@@ -3,15 +3,16 @@ Object.defineProperty(exports, Symbol.toStringTag, { value: "Module" });
 const apiRoute = require("@prosopo/api-route");
 const common = require("@prosopo/common");
 const types = require("@prosopo/types");
+var _documentCurrentScript = typeof document !== "undefined" ? document.currentScript : null;
 class ApiRemoveDetectorKeyEndpoint {
   constructor(clientTaskManager) {
     this.clientTaskManager = clientTaskManager;
   }
   async processRequest(args, logger) {
-    logger = logger || common.getLogger("info", module);
+    logger = logger || common.getLogger("info", typeof document === "undefined" ? require("url").pathToFileURL(__filename).href : _documentCurrentScript && _documentCurrentScript.tagName.toUpperCase() === "SCRIPT" && _documentCurrentScript.src || new URL("api/admin/apiRemoveDetectorKeyEndpoint.cjs", document.baseURI).href);
     try {
       const { detectorKey, expirationInSeconds } = args;
-      logger = logger || common.getLogger("info", module);
+      logger = logger || common.getLogger("info", typeof document === "undefined" ? require("url").pathToFileURL(__filename).href : _documentCurrentScript && _documentCurrentScript.tagName.toUpperCase() === "SCRIPT" && _documentCurrentScript.src || new URL("api/admin/apiRemoveDetectorKeyEndpoint.cjs", document.baseURI).href);
       logger.info(() => ({ msg: "Removing detector key" }));
       await this.clientTaskManager.removeDetectorKey(
         detectorKey,

package/dist/cjs/api/admin/apiToggleMaintenanceModeEndpoint.cjs

@@ -0,0 +1,41 @@
+"use strict";
+Object.defineProperty(exports, Symbol.toStringTag, { value: "Module" });
+const apiRoute = require("@prosopo/api-route");
+const common = require("@prosopo/common");
+const types = require("@prosopo/types");
+var _documentCurrentScript = typeof document !== "undefined" ? document.currentScript : null;
+function getMaintenanceMode() {
+  return process.env.MAINTENANCE_MODE?.toLowerCase() === "true";
+}
+function setMaintenanceMode(enabled) {
+  process.env.MAINTENANCE_MODE = enabled ? "true" : "false";
+}
+class ApiToggleMaintenanceModeEndpoint {
+  async processRequest(args, logger) {
+    const { enabled } = args;
+    logger = logger || common.getLogger("info", typeof document === "undefined" ? require("url").pathToFileURL(__filename).href : _documentCurrentScript && _documentCurrentScript.tagName.toUpperCase() === "SCRIPT" && _documentCurrentScript.src || new URL("api/admin/apiToggleMaintenanceModeEndpoint.cjs", document.baseURI).href);
+    const previousMode = getMaintenanceMode();
+    logger.info(() => ({
+      data: { enabled, previous: previousMode },
+      msg: "Toggling maintenance mode"
+    }));
+    setMaintenanceMode(enabled);
+    const currentMode = getMaintenanceMode();
+    logger.info(() => ({
+      data: { enabled: currentMode },
+      msg: "Maintenance mode updated"
+    }));
+    return {
+      status: apiRoute.ApiEndpointResponseStatus.SUCCESS,
+      data: {
+        maintenanceMode: currentMode
+      }
+    };
+  }
+  getRequestArgsSchema() {
+    return types.ToggleMaintenanceModeBody;
+  }
+}
+exports.ApiToggleMaintenanceModeEndpoint = ApiToggleMaintenanceModeEndpoint;
+exports.getMaintenanceMode = getMaintenanceMode;
+exports.setMaintenanceMode = setMaintenanceMode;

package/dist/cjs/api/blacklistRequestInspector.cjs

@@ -34,16 +34,16 @@ const getPrioritisedAccessRule = async (userAccessRulesStorage, userScope, clien
       if (Object.values(scope).every((value) => value === void 0)) {
         continue;
       }
-      const parsedUserScope = userAccessPolicy.userScopeInputSchema.parse(scope);
+      const parsedUserScope = userAccessPolicy.userScopeInput.parse(scope);
       const filter = {
         ...clientOrUndefined && {
           policyScope: {
             clientId: clientOrUndefined
           }
         },
-        policyScopeMatch: userAccessPolicy.ScopeMatch.Exact,
+        policyScopeMatch: userAccessPolicy.FilterScopeMatch.Exact,
         userScope: parsedUserScope,
-        userScopeMatch: userAccessPolicy.ScopeMatch.Exact
+        userScopeMatch: userAccessPolicy.FilterScopeMatch.Exact
       };
       policyPromises.push(userAccessRulesStorage.findRules(filter, true, true));
     }

package/dist/cjs/api/captcha/getFrictionlessCaptchaChallenge.cjs

@@ -0,0 +1,337 @@
+"use strict";
+const common = require("@prosopo/common");
+const types = require("@prosopo/types");
+const util = require("@prosopo/util");
+const compositeIpAddress = require("../../compositeIpAddress.cjs");
+const frictionlessTasks = require("../../tasks/frictionless/frictionlessTasks.cjs");
+const frictionlessTasksUtils = require("../../tasks/frictionless/frictionlessTasksUtils.cjs");
+require("../../tasks/index.cjs");
+const hashUserAgent = require("../../utils/hashUserAgent.cjs");
+const hashUserIp = require("../../utils/hashUserIp.cjs");
+const apiToggleMaintenanceModeEndpoint = require("../admin/apiToggleMaintenanceModeEndpoint.cjs");
+const blacklistRequestInspector = require("../blacklistRequestInspector.cjs");
+const tasks = require("../../tasks/tasks.cjs");
+const DEFAULT_FRICTIONLESS_THRESHOLD = 0.5;
+const getRoundsFromSimScore = (simScore) => {
+  if (simScore >= 0.9) return 0;
+  if (simScore >= 0.8) return 3;
+  if (simScore >= 0.7) return 4;
+  if (simScore >= 0.6) return 6;
+  if (simScore >= 0.5) return 7;
+  return 8;
+};
+const getFrictionlessCaptchaChallenge = (env, userAccessRulesStorage) => async (req, res, next) => {
+  try {
+    const tasks$1 = new tasks.Tasks(env, req.logger);
+    const { token, headHash, dapp, user } = types.GetFrictionlessCaptchaChallengeRequestBody.parse(req.body);
+    if (apiToggleMaintenanceModeEndpoint.getMaintenanceMode()) {
+      req.logger.info(() => ({
+        msg: "Maintenance mode active - storing dummy token and sending PoW captcha",
+        data: { dapp, user }
+      }));
+      return res.json(
+        await tasks$1.frictionlessManager.sendPowCaptcha({
+          token,
+          score: 0,
+          threshold: 0.5,
+          scoreComponents: {
+            baseScore: 0
+          },
+          providerSelectEntropy: 0,
+          ipAddress: compositeIpAddress.getCompositeIpAddress(req.ip || ""),
+          webView: false,
+          iFrame: false,
+          decryptedHeadHash: ""
+        })
+      );
+    }
+    const existingToken = await tasks$1.db.getSessionRecordByToken(token);
+    if (existingToken) {
+      req.logger.info(() => ({
+        token: existingToken,
+        msg: "Token has already been used"
+      }));
+      return next(
+        new common.ProsopoApiError("API.BAD_REQUEST", {
+          context: {
+            code: 400,
+            siteKey: dapp,
+            user
+          },
+          i18n: req.i18n,
+          logger: req.logger
+        })
+      );
+    }
+    const userSitekeyIpHash = hashUserIp.hashUserIp(user, req.ip || "", dapp);
+    const existingSession = await tasks$1.db.getSessionByuserSitekeyIpHash(userSitekeyIpHash);
+    if (existingSession) {
+      req.logger.info(() => ({
+        msg: "Reusing existing session for user-IP-sitekey combination",
+        data: {
+          userSitekeyIpHash,
+          sessionId: existingSession.sessionId,
+          captchaType: existingSession.captchaType
+        }
+      }));
+      return res.json({
+        [types.ApiParams.captchaType]: existingSession.captchaType,
+        [types.ApiParams.sessionId]: existingSession.sessionId,
+        [types.ApiParams.status]: "ok"
+      });
+    }
+    const lScore = tasks$1.frictionlessManager.checkLangRules(
+      req.headers["accept-language"] || ""
+    );
+    const {
+      baseBotScore,
+      timestamp,
+      providerSelectEntropy,
+      userId,
+      userAgent,
+      webView,
+      iFrame,
+      decryptedHeadHash
+    } = await tasks$1.frictionlessManager.decryptPayload(token, headHash);
+    req.logger.debug(() => ({
+      msg: "Decrypted payload",
+      data: {
+        baseBotScore,
+        timestamp,
+        providerSelectEntropy,
+        userId,
+        userAgent,
+        webView
+      }
+    }));
+    let botScore = baseBotScore + lScore;
+    const clientRecord = await tasks$1.db.getClientRecord(dapp);
+    if (!clientRecord) {
+      return next(
+        new common.ProsopoApiError("API.SITE_KEY_NOT_REGISTERED", {
+          context: { code: 400, siteKey: dapp },
+          i18n: req.i18n,
+          logger: req.logger
+        })
+      );
+    }
+    const { valid, reason } = await tasks$1.frictionlessManager.isValidRequest(
+      clientRecord,
+      types.CaptchaType.frictionless,
+      env
+    );
+    if (!valid) {
+      return next(
+        new common.ProsopoApiError(reason || "API.BAD_REQUEST", {
+          context: {
+            code: 400,
+            siteKey: dapp,
+            user
+          },
+          i18n: req.i18n,
+          logger: req.logger
+        })
+      );
+    }
+    const botThreshold = clientRecord.settings?.frictionlessThreshold || DEFAULT_FRICTIONLESS_THRESHOLD;
+    let scoreComponents = {
+      baseScore: baseBotScore,
+      ...lScore && { lScore }
+    };
+    const ipAddress = compositeIpAddress.getCompositeIpAddress(req.ip || "");
+    tasks$1.frictionlessManager.setSessionParams({
+      token,
+      score: botScore,
+      threshold: botThreshold,
+      scoreComponents,
+      providerSelectEntropy,
+      ipAddress,
+      webView,
+      iFrame,
+      decryptedHeadHash
+    });
+    const userScope = blacklistRequestInspector.getRequestUserScope(
+      util.flatten(req.headers),
+      req.ja4,
+      req.ip,
+      user
+    );
+    const userAccessPolicy = (await tasks$1.frictionlessManager.getPrioritisedAccessPolicies(
+      userAccessRulesStorage,
+      dapp,
+      userScope
+    ))[0];
+    const headersUserAgent = req.headers["user-agent"];
+    const hashedHeadersUserAgent = headersUserAgent ? hashUserAgent.hashUserAgent(headersUserAgent) : "";
+    const headersProsopoUser = req.headers["prosopo-user"];
+    if (hashedHeadersUserAgent !== userAgent || headersProsopoUser !== userId) {
+      req.logger.info(() => ({
+        msg: "User agent or user id does not match",
+        data: {
+          headersUserAgent,
+          hashedHeadersUserAgent,
+          userAgent,
+          // This is the hashed user agent from the token
+          headersProsopoUser,
+          userId
+        }
+      }));
+      return res.json(
+        await tasks$1.frictionlessManager.sendImageCaptcha({
+          solvedImagesCount: frictionlessTasksUtils.timestampDecayFunction(timestamp),
+          userSitekeyIpHash,
+          reason: frictionlessTasks.FrictionlessReason.USER_AGENT_MISMATCH
+        })
+      );
+    }
+    if (userAccessPolicy) {
+      const scoreUpdate = tasks$1.frictionlessManager.scoreIncreaseAccessPolicy(
+        userAccessPolicy,
+        baseBotScore,
+        botScore,
+        scoreComponents
+      );
+      botScore = scoreUpdate.score;
+      scoreComponents = scoreUpdate.scoreComponents;
+      tasks$1.frictionlessManager.updateScore(botScore, scoreComponents);
+      if (userAccessPolicy.captchaType === types.CaptchaType.image) {
+        return res.json(
+          await tasks$1.frictionlessManager.sendImageCaptcha({
+            solvedImagesCount: userAccessPolicy.solvedImagesCount,
+            userSitekeyIpHash,
+            reason: frictionlessTasks.FrictionlessReason.USER_ACCESS_POLICY
+          })
+        );
+      }
+      if (userAccessPolicy.captchaType === types.CaptchaType.pow) {
+        return res.json(
+          await tasks$1.frictionlessManager.sendPowCaptcha({
+            userSitekeyIpHash,
+            reason: frictionlessTasks.FrictionlessReason.USER_ACCESS_POLICY
+          })
+        );
+      }
+    }
+    if (clientRecord.settings.contextAware?.enabled) {
+      const clientEntropy = await tasks$1.frictionlessManager.getClientEntropy(
+        clientRecord.account
+      );
+      if (clientEntropy) {
+        if (!decryptedHeadHash) {
+          tasks$1.logger.info(() => ({
+            msg: "No decryptedHeadHash in session for context aware client"
+          }));
+          return next(
+            new common.ProsopoApiError("API.BAD_REQUEST", {
+              context: {
+                code: 400,
+                siteKey: dapp,
+                user
+              },
+              i18n: req.i18n,
+              logger: req.logger
+            })
+          );
+        }
+        const sim = util.compareBinaryStrings(decryptedHeadHash, clientEntropy);
+        const isValidContext = sim >= clientRecord.settings.contextAware.threshold;
+        if (!isValidContext) {
+          return res.json(
+            await tasks$1.frictionlessManager.sendImageCaptcha({
+              solvedImagesCount: getRoundsFromSimScore(sim),
+              userSitekeyIpHash,
+              reason: frictionlessTasks.FrictionlessReason.CONTEXT_AWARE_VALIDATION_FAILED
+            })
+          );
+        }
+      }
+    }
+    if (clientRecord.settings.disallowWebView && webView) {
+      tasks$1.logger.info(() => ({
+        msg: "WebView detected"
+      }));
+      const scoreUpdate = tasks$1.frictionlessManager.scoreIncreaseWebView(
+        baseBotScore,
+        botScore,
+        scoreComponents
+      );
+      botScore = scoreUpdate.score;
+      scoreComponents = scoreUpdate.scoreComponents;
+      tasks$1.frictionlessManager.updateScore(botScore, scoreComponents);
+      return res.json(
+        await tasks$1.frictionlessManager.sendImageCaptcha({
+          solvedImagesCount: env.config.captchas.solved.count * 2,
+          userSitekeyIpHash,
+          reason: frictionlessTasks.FrictionlessReason.WEBVIEW_DETECTED
+        })
+      );
+    }
+    if (frictionlessTasks.FrictionlessManager.timestampTooOld(timestamp)) {
+      const scoreUpdate = tasks$1.frictionlessManager.scoreIncreaseTimestamp(
+        timestamp,
+        baseBotScore,
+        botScore,
+        scoreComponents
+      );
+      botScore = scoreUpdate.score;
+      scoreComponents = scoreUpdate.scoreComponents;
+      tasks$1.frictionlessManager.updateScore(botScore, scoreComponents);
+      return res.json(
+        await tasks$1.frictionlessManager.sendImageCaptcha({
+          solvedImagesCount: frictionlessTasksUtils.timestampDecayFunction(timestamp),
+          userSitekeyIpHash,
+          reason: frictionlessTasks.FrictionlessReason.OLD_TIMESTAMP
+        })
+      );
+    }
+    const hostVerified = await tasks$1.frictionlessManager.hostVerified(
+      providerSelectEntropy
+    );
+    if (!hostVerified.verified) {
+      const scoreUpdate = tasks$1.frictionlessManager.scoreIncreaseUnverifiedHost(
+        hostVerified.domain,
+        baseBotScore,
+        botScore,
+        scoreComponents
+      );
+      botScore = scoreUpdate.score;
+      scoreComponents = scoreUpdate.scoreComponents;
+      tasks$1.frictionlessManager.updateScore(botScore, scoreComponents);
+    }
+    if (Number(botScore) > botThreshold) {
+      req.logger.info(() => ({
+        msg: "Bot score is greater than threshold",
+        data: {
+          botScore,
+          botThreshold,
+          token
+        }
+      }));
+      return res.json(
+        await tasks$1.frictionlessManager.sendImageCaptcha({
+          solvedImagesCount: env.config.captchas.solved.count,
+          userSitekeyIpHash,
+          reason: frictionlessTasks.FrictionlessReason.BOT_SCORE_ABOVE_THRESHOLD
+        })
+      );
+    }
+    return res.json(
+      await tasks$1.frictionlessManager.sendPowCaptcha({
+        userSitekeyIpHash
+      })
+    );
+  } catch (err) {
+    req.logger.error(() => ({
+      err,
+      msg: "Error in frictionless captcha challenge"
+    }));
+    return next(
+      new common.ProsopoApiError("API.BAD_REQUEST", {
+        context: { code: 400, error: err },
+        i18n: req.i18n,
+        logger: req.logger
+      })
+    );
+  }
+};
+module.exports = getFrictionlessCaptchaChallenge;

package/dist/cjs/api/captcha/getImageCaptchaChallenge.cjs

@@ -0,0 +1,149 @@
+"use strict";
+const common = require("@prosopo/common");
+const datasets = require("@prosopo/datasets");
+const types = require("@prosopo/types");
+const util = require("@prosopo/util");
+require("../../tasks/index.cjs");
+const blacklistRequestInspector = require("../blacklistRequestInspector.cjs");
+const validateAddress = require("../validateAddress.cjs");
+const tasks = require("../../tasks/tasks.cjs");
+const getImageCaptchaChallenge = (env, userAccessRulesStorage) => async (req, res, next) => {
+  const tasks$1 = new tasks.Tasks(env, req.logger);
+  let parsed;
+  if (!req.ip) {
+    return next(
+      new common.ProsopoApiError("API.BAD_REQUEST", {
+        context: { code: 400, error: "IP address not found" },
+        i18n: req.i18n,
+        logger: req.logger
+      })
+    );
+  }
+  const ipAddress = util.getIPAddress(req.ip || "");
+  try {
+    parsed = types.CaptchaRequestBody.parse(req.body);
+  } catch (err) {
+    return next(
+      new common.ProsopoApiError("CAPTCHA.PARSE_ERROR", {
+        context: { code: 400, error: err },
+        i18n: req.i18n,
+        logger: req.logger
+      })
+    );
+  }
+  const { datasetId, user, dapp, sessionId } = parsed;
+  validateAddress.validateSiteKey(dapp);
+  validateAddress.validateAddr(user);
+  try {
+    const clientRecord = await tasks$1.db.getClientRecord(dapp);
+    if (!clientRecord) {
+      return next(
+        new common.ProsopoApiError("API.SITE_KEY_NOT_REGISTERED", {
+          context: { code: 400, siteKey: dapp },
+          i18n: req.i18n,
+          logger: req.logger
+        })
+      );
+    }
+    const userScope = blacklistRequestInspector.getRequestUserScope(
+      util.flatten(req.headers),
+      req.ja4,
+      req.ip,
+      user
+    );
+    const userAccessPolicy = (await tasks$1.imgCaptchaManager.getPrioritisedAccessPolicies(
+      userAccessRulesStorage,
+      dapp,
+      userScope
+    ))[0];
+    const {
+      valid,
+      reason,
+      sessionId: validSessionId,
+      solvedImagesCount
+    } = await tasks$1.imgCaptchaManager.isValidRequest(
+      clientRecord,
+      types.CaptchaType.image,
+      env,
+      sessionId,
+      userAccessPolicy,
+      req.ip
+    );
+    if (!valid) {
+      return next(
+        new common.ProsopoApiError(reason || "API.BAD_REQUEST", {
+          context: {
+            code: 400,
+            siteKey: dapp,
+            user
+          },
+          i18n: req.i18n,
+          logger: req.logger
+        })
+      );
+    }
+    const captchaConfig = {
+      solved: {
+        count: solvedImagesCount || userAccessPolicy?.solvedImagesCount || env.config.captchas.solved.count
+      },
+      unsolved: {
+        count: userAccessPolicy?.unsolvedImagesCount || env.config.captchas.unsolved.count
+      }
+    };
+    const taskData = await tasks$1.imgCaptchaManager.getRandomCaptchasAndRequestHash(
+      datasetId,
+      user,
+      ipAddress,
+      captchaConfig,
+      clientRecord.settings.imageThreshold ?? 0.8,
+      validSessionId
+    );
+    const captchaResponse = {
+      [types.ApiParams.status]: "ok",
+      [types.ApiParams.captchas]: taskData.captchas.map((captcha) => ({
+        ...captcha,
+        target: req.t(`TARGET.${captcha.target}`),
+        items: captcha.items.map(
+          (item) => datasets.parseCaptchaAssets(item, env.assetsResolver)
+        )
+      })),
+      [types.ApiParams.requestHash]: taskData.requestHash,
+      [types.ApiParams.timestamp]: taskData.timestamp.toString(),
+      [types.ApiParams.signature]: {
+        [types.ApiParams.provider]: {
+          [types.ApiParams.requestHash]: taskData.signedRequestHash
+        }
+      }
+    };
+    req.logger.info(() => ({
+      msg: "Image captcha challenge issued",
+      data: {
+        captchaType: types.CaptchaType.image,
+        requestHash: taskData.requestHash,
+        solvedImagesCount: captchaConfig.solved.count,
+        user,
+        dapp,
+        sessionId
+      }
+    }));
+    return res.json(captchaResponse);
+  } catch (err) {
+    req.logger.error(() => ({
+      err,
+      data: req.params,
+      msg: "Error in image captcha challenge request"
+    }));
+    return next(
+      new common.ProsopoApiError("API.BAD_REQUEST", {
+        context: {
+          error: err,
+          code: 500,
+          params: req.params
+        },
+        i18n: req.i18n,
+        logger: req.logger
+      })
+    );
+  }
+};
+module.exports = getImageCaptchaChallenge;