npm - @prosopo/provider - Versions diffs - 3.12.3 → 3.13.0 - Mend

@prosopo/provider 3.12.3 → 3.13.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (49) hide show

package/CHANGELOG.md +214 -0
package/dist/api/admin/apiAdminRoutesProvider.js +13 -18
package/dist/api/admin/apiToggleMaintenanceModeEndpoint.js +40 -0
package/dist/api/blacklistRequestInspector.js +4 -4
package/dist/api/captcha/getFrictionlessCaptchaChallenge.js +338 -0
package/dist/api/captcha/getImageCaptchaChallenge.js +150 -0
package/dist/api/captcha/getPoWCaptchaChallenge.js +156 -0
package/dist/api/captcha/submitImageCaptchaSolution.js +87 -0
package/dist/api/captcha/submitPoWCaptchaSolution.js +77 -0
package/dist/api/captcha.js +18 -606
package/dist/api/verify.js +24 -1
package/dist/cjs/api/admin/apiAdminRoutesProvider.cjs +13 -18
package/dist/cjs/api/admin/apiRegisterSiteKeyEndpoint.cjs +2 -1
package/dist/cjs/api/admin/apiRemoveDetectorKeyEndpoint.cjs +3 -2
package/dist/cjs/api/admin/apiToggleMaintenanceModeEndpoint.cjs +41 -0
package/dist/cjs/api/blacklistRequestInspector.cjs +3 -3
package/dist/cjs/api/captcha/getFrictionlessCaptchaChallenge.cjs +337 -0
package/dist/cjs/api/captcha/getImageCaptchaChallenge.cjs +149 -0
package/dist/cjs/api/captcha/getPoWCaptchaChallenge.cjs +155 -0
package/dist/cjs/api/captcha/submitImageCaptchaSolution.cjs +86 -0
package/dist/cjs/api/captcha/submitPoWCaptchaSolution.cjs +76 -0
package/dist/cjs/api/captcha.cjs +17 -605
package/dist/cjs/api/ja4Middleware.cjs +2 -1
package/dist/cjs/api/verify.cjs +24 -1
package/dist/cjs/index.cjs +2 -0
package/dist/cjs/schedulers/setClientEntropy.cjs +36 -0
package/dist/cjs/tasks/captchaManager.cjs +7 -22
package/dist/cjs/tasks/client/clientTasks.cjs +18 -36
package/dist/cjs/tasks/detection/decodePayload.cjs +385 -714
package/dist/cjs/tasks/detection/getBotScore.cjs +15 -2
package/dist/cjs/tasks/frictionless/frictionlessTasks.cjs +136 -30
package/dist/cjs/tasks/imgCaptcha/imgCaptchaTasks.cjs +25 -13
package/dist/cjs/tasks/powCaptcha/powTasks.cjs +8 -8
package/dist/cjs/tasks/tasks.cjs +1 -0
package/dist/cjs/util.cjs +14 -1
package/dist/cjs/utils/hashUserIp.cjs +9 -0
package/dist/index.js +2 -0
package/dist/schedulers/setClientEntropy.js +36 -0
package/dist/tasks/captchaManager.js +5 -21
package/dist/tasks/client/clientTasks.js +19 -37
package/dist/tasks/detection/decodePayload.js +385 -714
package/dist/tasks/detection/getBotScore.js +17 -4
package/dist/tasks/frictionless/frictionlessTasks.js +137 -31
package/dist/tasks/imgCaptcha/imgCaptchaTasks.js +25 -13
package/dist/tasks/powCaptcha/powTasks.js +8 -8
package/dist/tasks/tasks.js +1 -0
package/dist/util.js +14 -1
package/dist/utils/hashUserIp.js +9 -0
package/package.json +24 -25

package/dist/cjs/index.cjs CHANGED Viewed

@@ -10,6 +10,7 @@ const _public = require("./api/public.cjs");
 const domainMiddleware = require("./api/domainMiddleware.cjs");
 const captchaScheduler = require("./schedulers/captchaScheduler.cjs");
 const getClientList = require("./schedulers/getClientList.cjs");
+const setClientEntropy = require("./schedulers/setClientEntropy.cjs");
 const headerCheckMiddleware = require("./api/headerCheckMiddleware.cjs");
 const createApiAdminRoutesProvider = require("./api/admin/createApiAdminRoutesProvider.cjs");
 const ignoreMiddleware = require("./api/ignoreMiddleware.cjs");
@@ -35,6 +36,7 @@ exports.publicRouter = _public.publicRouter;
 exports.domainMiddleware = domainMiddleware.domainMiddleware;
 exports.storeCaptchasExternally = captchaScheduler.storeCaptchasExternally;
 exports.getClientList = getClientList.getClientList;
+exports.setClientEntropy = setClientEntropy.setClientEntropy;
 exports.headerCheckMiddleware = headerCheckMiddleware.headerCheckMiddleware;
 exports.createApiAdminRoutesProvider = createApiAdminRoutesProvider.createApiAdminRoutesProvider;
 exports.ignoreMiddleware = ignoreMiddleware.ignoreMiddleware;

package/dist/cjs/schedulers/setClientEntropy.cjs ADDED Viewed

@@ -0,0 +1,36 @@
+"use strict";
+Object.defineProperty(exports, Symbol.toStringTag, { value: "Module" });
+const env = require("@prosopo/env");
+const types = require("@prosopo/types");
+const cron = require("cron");
+const tasks = require("../tasks/tasks.cjs");
+const util = require("../util.cjs");
+async function setClientEntropy(pair, cronSchedule, config) {
+  const env$1 = new env.ProviderEnvironment(config, pair);
+  await env$1.isReady();
+  const tasks$1 = new tasks.Tasks(env$1);
+  const job = new cron.CronJob(cronSchedule, async () => {
+    const taskRunning = await util.checkIfTaskIsRunning(
+      types.ScheduledTaskNames.SetClientEntropy,
+      env$1.getDb()
+    );
+    env$1.logger.info(() => ({
+      msg: `${types.ScheduledTaskNames.SetClientEntropy} task running: ${taskRunning}`,
+      data: { taskRunning }
+    }));
+    if (!taskRunning) {
+      env$1.logger.info(() => ({
+        msg: `${types.ScheduledTaskNames.SetClientEntropy} task....`,
+        data: {}
+      }));
+      await tasks$1.clientTaskManager.calculateClientEntropy().catch((err) => {
+        env$1.logger.error(() => ({
+          err,
+          msg: "Error setting client entropy"
+        }));
+      });
+    }
+  });
+  job.start();
+}
+exports.setClientEntropy = setClientEntropy;

package/dist/cjs/tasks/captchaManager.cjs CHANGED Viewed

@@ -3,29 +3,15 @@ Object.defineProperty(exports, Symbol.toStringTag, { value: "Module" });
 const common = require("@prosopo/common");
 const types = require("@prosopo/types");
 const blacklistRequestInspector = require("../api/blacklistRequestInspector.cjs");
+var _documentCurrentScript = typeof document !== "undefined" ? document.currentScript : null;
 class CaptchaManager {
-  constructor(db, pair, logger) {
+  constructor(db, pair, config, logger) {
     this.pair = pair;
     this.db = db;
-    this.logger = logger || common.getLogger("info", module);
+    this.config = config;
+    this.logger = logger || common.getLogger("info", typeof document === "undefined" ? require("url").pathToFileURL(__filename).href : _documentCurrentScript && _documentCurrentScript.tagName.toUpperCase() === "SCRIPT" && _documentCurrentScript.src || new URL("tasks/captchaManager.cjs", document.baseURI).href);
   }
-  async getFrictionlessTokenIdFromSession(sessionRecord) {
-    const tokenRecord = await this.db.getFrictionlessTokenRecordByTokenId(
-      sessionRecord.tokenId
-    );
-    return tokenRecord ? tokenRecord._id : void 0;
-  }
-  async validateFrictionlessTokenIP(sessionRecord, currentIP, env) {
-    const tokenRecord = await this.db.getFrictionlessTokenRecordByTokenId(
-      sessionRecord.tokenId
-    );
-    if (!tokenRecord) {
-      this.logger.info(() => ({
-        msg: "No frictionless token found for session",
-        data: { sessionId: sessionRecord.sessionId }
-      }));
-      return { valid: false, reason: "CAPTCHA.NO_SESSION_FOUND" };
-    }
+  async validateSessionIP(sessionRecord, currentIP, env) {
     return { valid: true };
   }
   async isValidRequest(clientSettings, requestedCaptchaType, env, sessionId, userAccessPolicy, currentIP) {
@@ -68,7 +54,7 @@ class CaptchaManager {
           };
         }
         if (currentIP) {
-          const ipValidation = await this.validateFrictionlessTokenIP(
+          const ipValidation = await this.validateSessionIP(
             sessionRecord,
             currentIP,
             env
@@ -81,7 +67,6 @@ class CaptchaManager {
             };
           }
         }
-        const frictionlessTokenId = await this.getFrictionlessTokenIdFromSession(sessionRecord);
         if (sessionRecord.captchaType !== requestedCaptchaType) {
           this.logger.warn(() => ({
             msg: "Invalid frictionless request",
@@ -98,7 +83,7 @@ class CaptchaManager {
         }
         return {
           valid: true,
-          frictionlessTokenId,
+          sessionId: sessionRecord.sessionId,
           type: requestedCaptchaType,
           ...sessionRecord.powDifficulty && {
             powDifficulty: sessionRecord.powDifficulty

package/dist/cjs/tasks/client/clientTasks.cjs CHANGED Viewed

@@ -102,44 +102,11 @@ class ClientTaskManager {
         async (skip) => await this.providerDB.getUnstoredSessionRecords(BATCH_SIZE, skip),
         async (batch) => {
           const filteredBatch = lastTask?.updated ? batch.filter((record) => this.isRecordUpdated(record)) : batch;
-          const frictionlessTokenRecords = await this.providerDB.getFrictionlessTokenRecordsByTokenIds(
-            filteredBatch.map((record) => record.tokenId)
-          );
-          this.logger.info(() => ({
-            msg: `Frictionless token records: ${frictionlessTokenRecords.length}`
-          }));
-          const filteredBatchWithScores = filteredBatch.map((record) => {
-            const tokenRecord = frictionlessTokenRecords.find(
-              (tokenRecord2) => tokenRecord2._id?.toString() === record.tokenId.toString()
-            );
-            if (!tokenRecord) {
-              this.logger.error(() => ({
-                msg: "No token record found",
-                data: { tokenId: record.tokenId }
-              }));
-              return {
-                ...record,
-                score: 0,
-                scoreComponents: {
-                  baseScore: 0
-                },
-                threshold: 0
-              };
-            }
-            const { _id, token, ...tokenRecordWithoutId } = tokenRecord;
-            return {
-              ...record,
-              ...tokenRecordWithoutId
-            };
-          });
           if (filteredBatch.length > 0) {
-            await captchaDB.saveCaptchas(filteredBatchWithScores, [], []);
+            await captchaDB.saveCaptchas(filteredBatch, [], []);
             await this.providerDB.markSessionRecordsStored(
               filteredBatch.map((record) => record.sessionId)
             );
-            await this.providerDB.markFrictionlessTokenRecordsStored(
-              filteredBatch.map((record) => record.tokenId).filter((id) => !!id)
-            );
           }
           processedSessionRecords += filteredBatch.length;
         }
@@ -196,7 +163,7 @@ class ClientTaskManager {
         this.logger
       );
       const tenMinuteWindow = 10 * 60 * 1e3;
-      const updatedAtTimestamp = lastTask?.updated ? lastTask.updated - tenMinuteWindow || 0 : 0;
+      const updatedAtTimestamp = lastTask?.updated ? lastTask.updated.getTime() - tenMinuteWindow || 0 : 0;
       this.logger.info(() => ({
         msg: `Getting updated client records since ${new Date(updatedAtTimestamp).toDateString()}`
       }));
@@ -229,6 +196,21 @@ class ClientTaskManager {
       );
     }
   }
+  /**
+   * @description Calculate client entropy scores and update in db
+   * @returns Promise<void>
+   */
+  async calculateClientEntropy() {
+    const clients = await this.providerDB.getAllClientRecords();
+    for (const client of clients) {
+      const sampleEntropies = await this.providerDB.sampleEntropy(
+        100,
+        client.account
+      );
+      const avgEntropy = util.majorityAverage(sampleEntropies);
+      await this.providerDB.setClientEntropy(client.account, avgEntropy);
+    }
+  }
   async registerSiteKey(siteKey, tier, settings) {
     validateAddress.validateSiteKey(siteKey);
     await this.providerDB.updateClientRecords([
@@ -295,7 +277,7 @@ class ClientTaskManager {
   }
   isRecordUpdated(record) {
     const { lastUpdatedTimestamp, storedAtTimestamp } = record;
-    return !lastUpdatedTimestamp || !storedAtTimestamp || lastUpdatedTimestamp > storedAtTimestamp;
+    return !lastUpdatedTimestamp || !storedAtTimestamp || lastUpdatedTimestamp.getTime() > storedAtTimestamp.getTime();
   }
   async processBatchesWithCursor(fetchBatch, processBatch) {
     let skip = 0;