npm - @prosopo/provider - Versions diffs - 3.3.0 → 3.12.14 - Mend

@prosopo/provider 3.3.0 → 3.12.14

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (377) hide show

package/dist/cjs/api/captcha.cjs CHANGED Viewed

@@ -6,8 +6,12 @@ const datasets = require("@prosopo/datasets");
 const types = require("@prosopo/types");
 const util = require("@prosopo/util");
 const express = require("express");
+const compositeIpAddress = require("../compositeIpAddress.cjs");
 const frictionlessTasks = require("../tasks/frictionless/frictionlessTasks.cjs");
+const frictionlessTasksUtils = require("../tasks/frictionless/frictionlessTasksUtils.cjs");
 const tasks = require("../tasks/tasks.cjs");
+const hashUserAgent = require("../utils/hashUserAgent.cjs");
+const apiToggleMaintenanceModeEndpoint = require("./admin/apiToggleMaintenanceModeEndpoint.cjs");
 const blacklistRequestInspector = require("./blacklistRequestInspector.cjs");
 const validateAddress = require("./validateAddress.cjs");
 const DEFAULT_FRICTIONLESS_THRESHOLD = 0.5;
@@ -65,11 +69,18 @@ function prosopoRouter(env) {
           dapp,
           userScope
         ))[0];
-        const { valid, reason, frictionlessTokenId } = await tasks$1.imgCaptchaManager.isValidRequest(
+        const {
+          valid,
+          reason,
+          sessionId: validSessionId,
+          solvedImagesCount
+        } = await tasks$1.imgCaptchaManager.isValidRequest(
           clientRecord,
           types.CaptchaType.image,
+          env,
           sessionId,
-          userAccessPolicy
+          userAccessPolicy,
+          req.ip
         );
         if (!valid) {
           return next(
@@ -86,7 +97,7 @@ function prosopoRouter(env) {
         }
         const captchaConfig = {
           solved: {
-            count: userAccessPolicy?.solvedImagesCount || env.config.captchas.solved.count
+            count: solvedImagesCount || userAccessPolicy?.solvedImagesCount || env.config.captchas.solved.count
           },
           unsolved: {
             count: userAccessPolicy?.unsolvedImagesCount || env.config.captchas.unsolved.count
@@ -98,7 +109,7 @@ function prosopoRouter(env) {
           ipAddress,
           captchaConfig,
           clientRecord.settings.imageThreshold ?? 0.8,
-          frictionlessTokenId
+          validSessionId
         );
         const captchaResponse = {
           [types.ApiParams.status]: "ok",
@@ -117,12 +128,23 @@ function prosopoRouter(env) {
             }
           }
         };
+        req.logger.info(() => ({
+          msg: "Image captcha challenge issued",
+          data: {
+            captchaType: types.CaptchaType.image,
+            requestHash: taskData.requestHash,
+            solvedImagesCount: captchaConfig.solved.count,
+            user,
+            dapp,
+            sessionId
+          }
+        }));
         return res.json(captchaResponse);
       } catch (err) {
         req.logger.error(() => ({
           err,
           data: req.params,
-          msg: "Error in PoW captcha solution submission"
+          msg: "Error in image captcha challenge request"
         }));
         return next(
           new common.ProsopoApiError("API.BAD_REQUEST", {
@@ -143,6 +165,17 @@ function prosopoRouter(env) {
     types.ClientApiPaths.SubmitImageCaptchaSolution,
     async (req, res, next) => {
       const tasks$1 = new tasks.Tasks(env, req.logger);
+      if (apiToggleMaintenanceModeEndpoint.getMaintenanceMode()) {
+        req.logger.info(() => ({
+          msg: "Maintenance mode active - returning verified for image captcha"
+        }));
+        const result = {
+          status: "ok",
+          captchas: [],
+          verified: true
+        };
+        return res.json(result);
+      }
       let parsed;
       try {
         parsed = types.CaptchaSolutionBody.parse(req.body);
@@ -177,7 +210,7 @@ function prosopoRouter(env) {
           parsed[types.ApiParams.signature].user.timestamp,
           Number.parseInt(parsed[types.ApiParams.timestamp]),
           parsed[types.ApiParams.signature].provider.requestHash,
-          util.getIPAddress(req.ip || "").bigInt(),
+          util.getIPAddress(req.ip || ""),
           util.flatten(req.headers),
           req.ja4
         );
@@ -192,7 +225,7 @@ function prosopoRouter(env) {
         req.logger.error(() => ({
           err,
           body: req.body,
-          msg: "Error in PoW captcha solution submission"
+          msg: "Error in image captcha solution submission"
         }));
         return next(
           new common.ProsopoApiError("API.BAD_REQUEST", {
@@ -248,11 +281,18 @@ function prosopoRouter(env) {
         dapp,
         userScope
       ))[0];
-      const { valid, reason, frictionlessTokenId } = await tasks$1.powCaptchaManager.isValidRequest(
+      const {
+        valid,
+        reason,
+        sessionId: validSessionId,
+        powDifficulty
+      } = await tasks$1.powCaptchaManager.isValidRequest(
         clientSettings,
         types.CaptchaType.pow,
+        env,
         sessionId,
-        userAccessPolicy
+        userAccessPolicy,
+        req.ip
       );
       if (!valid) {
         return next(
@@ -282,11 +322,12 @@ function prosopoRouter(env) {
           })
         );
       }
+      const difficulty = powDifficulty || userAccessPolicy?.powDifficulty || clientSettings?.settings?.powDifficulty;
       const challenge = await tasks$1.powCaptchaManager.getPowCaptchaChallenge(
         user,
         dapp,
         origin,
-        userAccessPolicy?.powDifficulty || clientSettings?.settings?.powDifficulty
+        difficulty
       );
       await tasks$1.db.storePowCaptchaRecord(
         challenge.challenge,
@@ -297,10 +338,10 @@ function prosopoRouter(env) {
         },
         challenge.difficulty,
         challenge.providerSignature,
-        util.getIPAddress(req.ip || "").bigInt(),
+        compositeIpAddress.getCompositeIpAddress(req.ip || ""),
         util.flatten(req.headers),
         req.ja4,
-        frictionlessTokenId
+        validSessionId
       );
       const getPowCaptchaResponse = {
         [types.ApiParams.status]: "ok",
@@ -313,12 +354,23 @@ function prosopoRouter(env) {
           }
         }
       };
+      req.logger.info(() => ({
+        msg: "PoW captcha challenge issued",
+        data: {
+          captchaType: types.CaptchaType.pow,
+          challenge: challenge.challenge,
+          difficulty: challenge.difficulty,
+          user,
+          dapp,
+          session: sessionId
+        }
+      }));
       return res.json(getPowCaptchaResponse);
     } catch (err) {
       req.logger.error(() => ({
         err,
         body: req.body,
-        msg: "Error in PoW captcha solution submission"
+        msg: "Error in PoW captcha challenge request"
       }));
       return next(
         new common.ProsopoApiError("API.BAD_REQUEST", {
@@ -339,6 +391,16 @@ function prosopoRouter(env) {
     async (req, res, next) => {
       let parsed;
       const tasks$1 = new tasks.Tasks(env, req.logger);
+      if (apiToggleMaintenanceModeEndpoint.getMaintenanceMode()) {
+        req.logger.info(() => ({
+          msg: "Maintenance mode active - returning verified"
+        }));
+        const response = {
+          status: "ok",
+          verified: true
+        };
+        return res.json(response);
+      }
       try {
         parsed = types.SubmitPowCaptchaSolutionBody.parse(req.body);
       } catch (err) {
@@ -350,15 +412,7 @@ function prosopoRouter(env) {
           })
         );
       }
-      const {
-        challenge,
-        difficulty,
-        signature,
-        nonce,
-        verifiedTimeout,
-        dapp,
-        user
-      } = parsed;
+      const { challenge, signature, nonce, verifiedTimeout, dapp, user } = parsed;
       validateAddress.validateSiteKey(dapp);
       validateAddress.validateAddr(user);
       try {
@@ -374,7 +428,6 @@ function prosopoRouter(env) {
         }
         const verified = await tasks$1.powCaptchaManager.verifyPowCaptchaSolution(
           challenge,
-          difficulty,
           signature.provider.challenge,
           nonce,
           verifiedTimeout,
@@ -409,24 +462,72 @@ function prosopoRouter(env) {
     async (req, res, next) => {
       try {
         const tasks$1 = new tasks.Tasks(env, req.logger);
-        const { token, dapp, user } = types.GetFrictionlessCaptchaChallengeRequestBody.parse(req.body);
-        const existingToken = await tasks$1.db.getFrictionlessTokenRecordByToken(token);
+        const { token, headHash, dapp, user } = types.GetFrictionlessCaptchaChallengeRequestBody.parse(req.body);
+        if (apiToggleMaintenanceModeEndpoint.getMaintenanceMode()) {
+          req.logger.info(() => ({
+            msg: "Maintenance mode active - storing dummy token and sending PoW captcha",
+            data: { dapp, user }
+          }));
+          return res.json(
+            await tasks$1.frictionlessManager.sendPowCaptcha({
+              token,
+              score: 0,
+              threshold: 0.5,
+              scoreComponents: {
+                baseScore: 0
+              },
+              providerSelectEntropy: 0,
+              ipAddress: compositeIpAddress.getCompositeIpAddress(req.ip || ""),
+              powDifficulty: void 0,
+              webView: false,
+              iFrame: false,
+              decryptedHeadHash: ""
+            })
+          );
+        }
+        const existingToken = await tasks$1.db.getSessionRecordByToken(token);
         if (existingToken) {
           req.logger.info(() => ({
             token: existingToken,
             msg: "Token has already been used"
           }));
-          return res.json(
-            await tasks$1.frictionlessManager.sendImageCaptcha(
-              existingToken._id
-            )
+          return next(
+            new common.ProsopoApiError("API.BAD_REQUEST", {
+              context: {
+                code: 400,
+                siteKey: dapp,
+                user
+              },
+              i18n: req.i18n,
+              logger: req.logger
+            })
           );
         }
         const lScore = tasks$1.frictionlessManager.checkLangRules(
           req.headers["accept-language"] || ""
         );
-        const { baseBotScore, timestamp } = await tasks$1.frictionlessManager.decryptPayload(token);
-        const botScore = baseBotScore + lScore;
+        const {
+          baseBotScore,
+          timestamp,
+          providerSelectEntropy,
+          userId,
+          userAgent,
+          webView,
+          iFrame,
+          decryptedHeadHash
+        } = await tasks$1.frictionlessManager.decryptPayload(token, headHash);
+        req.logger.debug(() => ({
+          msg: "Decrypted payload",
+          data: {
+            baseBotScore,
+            timestamp,
+            providerSelectEntropy,
+            userId,
+            userAgent,
+            webView
+          }
+        }));
+        let botScore = baseBotScore + lScore;
         const clientRecord = await tasks$1.db.getClientRecord(dapp);
         if (!clientRecord) {
           return next(
@@ -439,7 +540,8 @@ function prosopoRouter(env) {
         }
         const { valid, reason } = await tasks$1.frictionlessManager.isValidRequest(
           clientRecord,
-          types.CaptchaType.frictionless
+          types.CaptchaType.frictionless,
+          env
         );
         if (!valid) {
           return next(
@@ -455,14 +557,21 @@ function prosopoRouter(env) {
           );
         }
         const botThreshold = clientRecord.settings?.frictionlessThreshold || DEFAULT_FRICTIONLESS_THRESHOLD;
-        const tokenId = await tasks$1.db.storeFrictionlessTokenRecord({
+        let scoreComponents = {
+          baseScore: baseBotScore,
+          ...lScore && { lScore }
+        };
+        const ipAddress = compositeIpAddress.getCompositeIpAddress(req.ip || "");
+        tasks$1.frictionlessManager.setSessionParams({
           token,
           score: botScore,
           threshold: botThreshold,
-          scoreComponents: {
-            baseScore: baseBotScore,
-            ...lScore && { lScore }
-          }
+          scoreComponents,
+          providerSelectEntropy,
+          ipAddress,
+          webView,
+          iFrame,
+          decryptedHeadHash
         });
         const userScope = blacklistRequestInspector.getRequestUserScope(
           util.flatten(req.headers),
@@ -475,50 +584,119 @@ function prosopoRouter(env) {
           dapp,
           userScope
         ))[0];
+        const headersUserAgent = req.headers["user-agent"];
+        const hashedHeadersUserAgent = headersUserAgent ? hashUserAgent.hashUserAgent(headersUserAgent) : "";
+        const headersProsopoUser = req.headers["prosopo-user"];
+        if (hashedHeadersUserAgent !== userAgent || headersProsopoUser !== userId) {
+          req.logger.info(() => ({
+            msg: "User agent or user id does not match",
+            data: {
+              headersUserAgent,
+              hashedHeadersUserAgent,
+              userAgent,
+              // This is the hashed user agent from the token
+              headersProsopoUser,
+              userId
+            }
+          }));
+          return res.json(
+            await tasks$1.frictionlessManager.sendImageCaptcha({
+              solvedImagesCount: frictionlessTasksUtils.timestampDecayFunction(timestamp)
+            })
+          );
+        }
         if (userAccessPolicy) {
-          await tasks$1.frictionlessManager.scoreIncreaseAccessPolicy(
+          const scoreUpdate = tasks$1.frictionlessManager.scoreIncreaseAccessPolicy(
             userAccessPolicy,
             baseBotScore,
             botScore,
-            tokenId
+            scoreComponents
           );
+          botScore = scoreUpdate.score;
+          scoreComponents = scoreUpdate.scoreComponents;
+          tasks$1.frictionlessManager.updateScore(botScore, scoreComponents);
           if (userAccessPolicy.captchaType === types.CaptchaType.image) {
             return res.json(
-              await tasks$1.frictionlessManager.sendImageCaptcha(tokenId)
+              await tasks$1.frictionlessManager.sendImageCaptcha({
+                solvedImagesCount: userAccessPolicy.solvedImagesCount
+              })
             );
           }
           if (userAccessPolicy.captchaType === types.CaptchaType.pow) {
             return res.json(
-              await tasks$1.frictionlessManager.sendPowCaptcha(tokenId)
+              await tasks$1.frictionlessManager.sendPowCaptcha({
+                powDifficulty: void 0
+              })
             );
           }
         }
+        if (clientRecord.settings.disallowWebView && webView) {
+          tasks$1.logger.info(() => ({
+            msg: "WebView detected"
+          }));
+          const scoreUpdate = tasks$1.frictionlessManager.scoreIncreaseWebView(
+            baseBotScore,
+            botScore,
+            scoreComponents
+          );
+          botScore = scoreUpdate.score;
+          scoreComponents = scoreUpdate.scoreComponents;
+          tasks$1.frictionlessManager.updateScore(botScore, scoreComponents);
+          return res.json(
+            await tasks$1.frictionlessManager.sendImageCaptcha({
+              solvedImagesCount: env.config.captchas.solved.count * 2
+            })
+          );
+        }
         if (frictionlessTasks.FrictionlessManager.timestampTooOld(timestamp)) {
-          await tasks$1.frictionlessManager.scoreIncreaseTimestamp(
+          const scoreUpdate = tasks$1.frictionlessManager.scoreIncreaseTimestamp(
             timestamp,
             baseBotScore,
             botScore,
-            tokenId
+            scoreComponents
           );
+          botScore = scoreUpdate.score;
+          scoreComponents = scoreUpdate.scoreComponents;
+          tasks$1.frictionlessManager.updateScore(botScore, scoreComponents);
           return res.json(
-            await tasks$1.frictionlessManager.sendImageCaptcha(tokenId)
+            await tasks$1.frictionlessManager.sendImageCaptcha({
+              solvedImagesCount: frictionlessTasksUtils.timestampDecayFunction(timestamp)
+            })
+          );
+        }
+        const hostVerified = await tasks$1.frictionlessManager.hostVerified(
+          providerSelectEntropy
+        );
+        if (!hostVerified.verified) {
+          const scoreUpdate = tasks$1.frictionlessManager.scoreIncreaseUnverifiedHost(
+            hostVerified.domain,
+            baseBotScore,
+            botScore,
+            scoreComponents
           );
+          botScore = scoreUpdate.score;
+          scoreComponents = scoreUpdate.scoreComponents;
+          tasks$1.frictionlessManager.updateScore(botScore, scoreComponents);
         }
         if (Number(botScore) > botThreshold) {
           req.logger.info(() => ({
-            message: "Bot score is greater than threshold",
+            msg: "Bot score is greater than threshold",
             data: {
               botScore,
               botThreshold,
-              tokenId
+              token
             }
           }));
           return res.json(
-            await tasks$1.frictionlessManager.sendImageCaptcha(tokenId)
+            await tasks$1.frictionlessManager.sendImageCaptcha({
+              solvedImagesCount: env.config.captchas.solved.count
+            })
           );
         }
         return res.json(
-          await tasks$1.frictionlessManager.sendPowCaptcha(tokenId)
+          await tasks$1.frictionlessManager.sendPowCaptcha({
+            powDifficulty: void 0
+          })
         );
       } catch (err) {
         req.logger.error(() => ({

package/dist/cjs/api/domainMiddleware.cjs CHANGED Viewed

@@ -10,26 +10,26 @@ const domainMiddleware = (env) => {
   const tasks$1 = new tasks.Tasks(env);
   return async (req, res, next) => {
     try {
-      const dapp = req.headers["prosopo-site-key"];
-      if (!dapp)
+      const siteKey = req.headers["prosopo-site-key"];
+      if (!siteKey)
         throw siteKeyNotRegisteredError(
           req.i18n,
           "No sitekey provided",
           req.logger
         );
       try {
-        utilCrypto.validateAddress(dapp, false, 42);
+        utilCrypto.validateAddress(siteKey, false, 42);
       } catch (err) {
-        throw invalidSiteKeyError(req.i18n, dapp, req.logger);
+        throw invalidSiteKeyError(req.i18n, siteKey, req.logger);
       }
-      const clientSettings = await tasks$1.db.getClientRecord(dapp);
+      const clientSettings = await tasks$1.db.getClientRecord(siteKey);
       if (!clientSettings)
-        throw siteKeyNotRegisteredError(req.i18n, dapp, req.logger);
+        throw siteKeyNotRegisteredError(req.i18n, siteKey, req.logger);
       const allowedDomains = clientSettings.settings?.domains;
       if (!allowedDomains)
         throw siteKeyInvalidDomainError(
           req.i18n,
-          dapp,
+          siteKey,
           req.hostname,
           req.logger
         );
@@ -37,7 +37,7 @@ const domainMiddleware = (env) => {
       if (!origin)
         throw unauthorizedOriginError(req.i18n, void 0, req.logger);
       for (const domain of allowedDomains) {
-        if (tasks$1.clientTaskManager.isSubdomainOrExactMatch(origin, domain)) {
+        if (tasks$1.clientTaskManager.domainPatternMatcher(origin, domain)) {
           next();
           return;
         }

package/dist/cjs/api/headerCheckMiddleware.cjs CHANGED Viewed

@@ -19,6 +19,10 @@ const headerCheckMiddleware = (env) => {
       validateAddress.validateAddr(user, void 0, req.logger);
       req.user = user;
       req.siteKey = siteKey;
+      req.logger = req.logger.with({
+        user,
+        siteKey
+      });
       next();
     } catch (err) {
       return apiExpressRouter.handleErrors(err, req, res, next);

package/dist/cjs/api/ignoreMiddleware.cjs CHANGED Viewed

@@ -3,6 +3,9 @@ Object.defineProperty(exports, Symbol.toStringTag, { value: "Module" });
 const types = require("@prosopo/types");
 function ignoreMiddleware() {
   return (req, res, next) => {
+    if (req.originalUrl.indexOf(types.PublicApiPaths.Healthz) !== -1) {
+      return next();
+    }
     if (req.originalUrl.indexOf(types.ApiPrefix) === -1) {
       res.statusCode = 404;
       res.send("Not Found");

package/dist/cjs/api/ja4Middleware.cjs CHANGED Viewed

@@ -1,14 +1,14 @@
 "use strict";
 Object.defineProperty(exports, Symbol.toStringTag, { value: "Module" });
-const node_crypto = require("node:crypto");
 const node_stream = require("node:stream");
 const apiExpressRouter = require("@prosopo/api-express-router");
 const common = require("@prosopo/common");
 const utilCrypto = require("@prosopo/util-crypto");
 const readTlsClientHello = require("read-tls-client-hello");
+var _documentCurrentScript = typeof document !== "undefined" ? document.currentScript : null;
 const DEFAULT_JA4 = "ja4";
 const getJA4 = async (headers, logger) => {
-  logger = logger || common.getLogger("info", module);
+  logger = logger || common.getLogger("info", typeof document === "undefined" ? require("url").pathToFileURL(__filename).href : _documentCurrentScript && _documentCurrentScript.tagName.toUpperCase() === "SCRIPT" && _documentCurrentScript.src || new URL("api/ja4Middleware.cjs", document.baseURI).href);
   if (process.env.NODE_ENV === "development") {
     return {
       ja4PlusFingerprint: `${DEFAULT_JA4}${utilCrypto.randomAsHex().slice(28, 32)}`
@@ -17,7 +17,6 @@ const getJA4 = async (headers, logger) => {
   try {
     const xTlsClientHello = (headers["x-tls-clienthello"] || "").toString();
     const xTlsVersion = (headers["x-tls-version"] || "").toString().toLowerCase();
-    const xTlsServerName = (headers["x-tls-server-name"] || "").toString();
     const clientHelloBuffer = Buffer.from(xTlsClientHello, "base64");
     logger.debug(() => ({
       msg: "ClientHello First Bytes:",
@@ -33,32 +32,13 @@ const getJA4 = async (headers, logger) => {
       msg: "Headers TLS Version:",
       data: { xTlsVersion }
     }));
-    const tlsVersion = xTlsVersion.replace(/(tls)|\./g, "");
     const readableStream = new node_stream.Readable({
       read() {
         this.push(clientHelloBuffer);
       }
     });
     const clientHello = await readTlsClientHello.readTlsClientHello(readableStream);
-    const { alpnProtocols } = clientHello;
-    const [_tlsVersion, cipherSuites, extensions] = clientHello.fingerprintData;
-    const transport = "t";
-    const sniIndicator = xTlsServerName ? "d" : "i";
-    const validCipherSuites = cipherSuites.filter(
-      (cs) => (cs & 3855) !== 2570
-    );
-    const cipherCount = validCipherSuites.length;
-    const validExtensions = extensions.filter(
-      (ext) => (ext & 3855) !== 2570
-    );
-    const extensionCount = validExtensions.length;
-    const alpn = alpnProtocols?.length ? alpnProtocols[0] : "";
-    const alpnLabel = alpn ? `${alpn[0]}${alpn[alpn.length - 1]}` : "00";
-    const sortedCiphers = validCipherSuites.map((cs) => cs.toString(16).padStart(4, "0")).sort().join(",");
-    const cipherHash = node_crypto.createHash("sha256").update(sortedCiphers).digest("hex").slice(0, 12);
-    const decimalString = extensions.sort((a, b) => a - b).map((ext) => ext.toString(10)).join("-");
-    const extensionHash = node_crypto.createHash("sha256").update(decimalString).digest("hex").slice(0, 12);
-    const ja4PlusFingerprint = `${transport}${tlsVersion}${sniIndicator}${cipherCount}${extensionCount}${alpnLabel}_${cipherHash}_${extensionHash}`;
+    const ja4PlusFingerprint = readTlsClientHello.calculateJa4FromHelloData(clientHello);
     return { ja4PlusFingerprint };
   } catch (e) {
     logger.error(() => ({
@@ -74,6 +54,9 @@ const ja4Middleware = (env) => {
       req.logger.debug(() => ({ data: { url: req.url } }));
       const ja4 = await getJA4(req.headers, req.logger);
       req.ja4 = ja4.ja4PlusFingerprint || "";
+      req.logger = req.logger.with({
+        ja4: req.ja4
+      });
       next();
     } catch (err) {
       return apiExpressRouter.handleErrors(err, req, res, next);

package/dist/cjs/api/public.cjs CHANGED Viewed

@@ -5,16 +5,39 @@ const common = require("@prosopo/common");
 const types = require("@prosopo/types");
 const util = require("@prosopo/util");
 const express = require("express");
-function publicRouter() {
+function publicRouter(env) {
   const router = express.Router();
   router.get(types.PublicApiPaths.Healthz, (req, res) => {
     res.status(200).send("OK");
   });
   router.get(types.PublicApiPaths.GetProviderDetails, async (req, res, next) => {
     try {
-      return res.json({ version: util.version, ...{ message: "Provider online" } });
+      const db = env.getDb();
+      const redisConnection = db.getRedisConnection();
+      const redisAccessRulesConnection = db.getRedisAccessRulesConnection();
+      const response = {
+        version: util.version,
+        message: "Provider online",
+        redis: [
+          {
+            actor: "General",
+            isReady: redisConnection.isReady(),
+            awaitingTimeSeconds: Math.ceil(
+              redisConnection.getAwaitingTimeMs() / 1e3
+            )
+          },
+          {
+            actor: "UAP",
+            isReady: redisAccessRulesConnection.isReady(),
+            awaitingTimeSeconds: Math.ceil(
+              redisAccessRulesConnection.getAwaitingTimeMs() / 1e3
+            )
+          }
+        ]
+      };
+      return res.json(response);
     } catch (err) {
-      req.logger.error(() => ({
+      env.logger.error(() => ({
         err,
         data: { reqParams: req.params },
         msg: "Error getting provider details"