@prosopo/provider 3.3.0 → 3.12.14

package/dist/cjs/tasks/powCaptcha/powTasks.cjs

@@ -4,6 +4,7 @@ const util = require("@polkadot/util");
 const common = require("@prosopo/common");
 const types = require("@prosopo/types");
 const util$1 = require("@prosopo/util");
+const compositeIpAddress = require("../../compositeIpAddress.cjs");
 const util$2 = require("../../util.cjs");
 const captchaManager = require("../captchaManager.cjs");
 const frictionlessTasksUtils = require("../frictionless/frictionlessTasksUtils.cjs");
@@ -47,7 +48,7 @@ class PowCaptchaManager extends captchaManager.CaptchaManager {
    * @param ipAddress
    * @param headers
    */
-  async verifyPowCaptchaSolution(challenge, difficulty, providerChallengeSignature, nonce, timeout, userTimestampSignature, ipAddress, headers) {
+  async verifyPowCaptchaSolution(challenge, providerChallengeSignature, nonce, timeout, userTimestampSignature, ipAddress, headers) {
     powTasksUtils.checkPowSignature(
       challenge,
       providerChallengeSignature,
@@ -70,8 +71,9 @@ class PowCaptchaManager extends captchaManager.CaptchaManager {
       }));
       return false;
     }
+    const difficulty = challengeRecord.difficulty;
     if (!util$1.verifyRecency(challenge, timeout)) {
-      await this.db.updatePowCaptchaRecord(
+      await this.db.updatePowCaptchaRecordResult(
         challenge,
         {
           status: types.CaptchaStatus.disapproved,
@@ -93,7 +95,7 @@ class PowCaptchaManager extends captchaManager.CaptchaManager {
         reason: "CAPTCHA.INVALID_SOLUTION"
       };
     }
-    await this.db.updatePowCaptchaRecord(
+    await this.db.updatePowCaptchaRecordResult(
       challenge,
       result,
       false,
@@ -111,21 +113,14 @@ class PowCaptchaManager extends captchaManager.CaptchaManager {
    * @param {number} timeout - the time in milliseconds since the Provider was selected to provide the PoW captcha
    * @param ip
    */
-  async serverVerifyPowCaptchaSolution(dappAccount, challenge, timeout, ip) {
+  async serverVerifyPowCaptchaSolution(dappAccount, challenge, timeout, env, ip) {
+    const notVerifiedResponse = { verified: false };
     const challengeRecord = await this.db.getPowCaptchaRecordByChallenge(challenge);
     if (!challengeRecord) {
       this.logger.debug(() => ({
         msg: `No record of this challenge: ${challenge}`
       }));
-      return { verified: false };
-    }
-    const ipValidation = util$2.validateIpAddress(
-      ip,
-      challengeRecord.ipAddress,
-      this.logger
-    );
-    if (!ipValidation.isValid) {
-      return { verified: false };
+      return notVerifiedResponse;
     }
     if (challengeRecord.result.status !== types.CaptchaStatus.approved) {
       throw new common.ProsopoApiError("CAPTCHA.INVALID_SOLUTION", {
@@ -135,7 +130,7 @@ class PowCaptchaManager extends captchaManager.CaptchaManager {
         }
       });
     }
-    if (challengeRecord.serverChecked) return { verified: false };
+    if (challengeRecord.serverChecked) return notVerifiedResponse;
     const challengeDappAccount = challengeRecord.dappAccount;
     if (dappAccount !== challengeDappAccount) {
       throw new common.ProsopoEnvError("CAPTCHA.DAPP_USER_SOLUTION_NOT_FOUND", {
@@ -146,20 +141,53 @@ class PowCaptchaManager extends captchaManager.CaptchaManager {
         }
       });
     }
-    util$1.verifyRecency(challenge, timeout);
     await this.db.markDappUserPoWCommitmentsChecked([
       challengeRecord.challenge
     ]);
+    const recent = util$1.verifyRecency(challenge, timeout);
+    if (!recent) {
+      return notVerifiedResponse;
+    }
+    if (ip) {
+      const challengeIpAddress = compositeIpAddress.getIpAddressFromComposite(
+        challengeRecord.ipAddress
+      );
+      const clientRecord = await this.db.getClientRecord(dappAccount);
+      const ipValidationRules = clientRecord?.settings?.ipValidationRules;
+      await this.db.updatePowCaptchaRecord(challengeRecord.challenge, {
+        providedIp: compositeIpAddress.getCompositeIpAddress(ip)
+      });
+      const ipValidation = await util$2.deepValidateIpAddress(
+        ip,
+        challengeIpAddress,
+        this.logger,
+        env.config.ipApi.apiKey,
+        env.config.ipApi.baseUrl,
+        ipValidationRules
+      );
+      if (!ipValidation.isValid) {
+        this.logger.error(() => ({
+          msg: "IP validation failed for PoW captcha",
+          data: {
+            ip,
+            challengeIp: challengeIpAddress.address,
+            error: ipValidation.errorMessage,
+            distanceKm: ipValidation.distanceKm
+          }
+        }));
+        return notVerifiedResponse;
+      }
+    }
     let score;
-    if (challengeRecord.frictionlessTokenId) {
-      const tokenRecord = await this.db.getFrictionlessTokenRecordByTokenId(
-        challengeRecord.frictionlessTokenId
+    if (challengeRecord.sessionId) {
+      const sessionRecord = await this.db.getSessionRecordBySessionId(
+        challengeRecord.sessionId
       );
-      if (tokenRecord) {
-        score = frictionlessTasksUtils.computeFrictionlessScore(tokenRecord?.scoreComponents);
+      if (sessionRecord) {
+        score = frictionlessTasksUtils.computeFrictionlessScore(sessionRecord?.scoreComponents);
         this.logger.info(() => ({
           data: {
-            tscoreComponents: { ...tokenRecord?.scoreComponents || {} },
+            scoreComponents: { ...sessionRecord?.scoreComponents || {} },
             score
           }
         }));

package/dist/cjs/util.cjs

@@ -7,6 +7,7 @@ const types = require("@prosopo/types");
 const util = require("@prosopo/util");
 const utilCrypto = require("@prosopo/util-crypto");
 const ipAddress = require("ip-address");
+const ipComparison = require("./services/ipComparison.cjs");
 function encodeStringAddress(address) {
   try {
     return utilCrypto.encodeAddress(
@@ -33,7 +34,7 @@ async function checkIfTaskIsRunning(taskName, db) {
     types.ScheduledTaskStatus.Running
   );
   const twoMinutesAgo = (/* @__PURE__ */ new Date()).getTime() - 1e3 * 60 * 2;
-  if (runningTask && runningTask.datetime > twoMinutesAgo) {
+  if (runningTask && runningTask.datetime.getTime() > twoMinutesAgo) {
     const completedTask = await db.getScheduledTaskStatus(
       runningTask._id,
       types.ScheduledTaskStatus.Completed
@@ -63,7 +64,7 @@ const getIPAddressFromBigInt = (ipAddressBigInt) => {
     throw new common.ProsopoEnvError("API.INVALID_IP");
   }
 };
-const validateIpAddress = (ip, challengeRecordIpAddress, logger) => {
+const validateIpAddress = (ip, challengeIpAddress, logger) => {
   if (!ip) {
     return { isValid: true };
   }
@@ -76,27 +77,19 @@ const validateIpAddress = (ip, challengeRecordIpAddress, logger) => {
     logger.info(() => ({ msg: errorMessage }));
     return { isValid: false, errorMessage };
   }
-  let challengeIpV4orV6Address = getIPAddressFromBigInt(
-    challengeRecordIpAddress
-  );
   ipV4orV6Address = "address4" in ipV4orV6Address && ipV4orV6Address.address4 ? ipV4orV6Address.address4 : ipV4orV6Address;
-  challengeIpV4orV6Address = "address4" in challengeIpV4orV6Address && challengeIpV4orV6Address.address4 ? challengeIpV4orV6Address.address4 : challengeIpV4orV6Address;
-  if (ipV4orV6Address.v4 && !challengeIpV4orV6Address.v4) {
-    challengeIpV4orV6Address = new ipAddress.Address4(
-      challengeIpV4orV6Address.to4().correctForm()
-    );
-  }
-  if (!ipV4orV6Address.v4 && challengeIpV4orV6Address.v4) {
-    ipV4orV6Address = new ipAddress.Address6(
-      ipV4orV6Address.to4().correctForm()
+  challengeIpAddress = "address4" in challengeIpAddress && challengeIpAddress.address4 ? challengeIpAddress.address4 : challengeIpAddress;
+  if (ipV4orV6Address.v4 && !challengeIpAddress.v4) {
+    challengeIpAddress = new ipAddress.Address4(
+      challengeIpAddress.to4().correctForm()
     );
   }
-  if (challengeIpV4orV6Address.bigInt() - ipV4orV6Address.bigInt() !== 0n) {
-    const errorMessage = `IP address mismatch: ${challengeIpV4orV6Address.address} !== ${ipV4orV6Address.address}`;
+  if (challengeIpAddress.bigInt() - ipV4orV6Address.bigInt() !== 0n) {
+    const errorMessage = `IP address mismatch: ${challengeIpAddress.address} !== ${ipV4orV6Address.address}`;
     logger.info(() => ({
       msg: errorMessage,
       data: {
-        challengeIp: challengeIpV4orV6Address.address,
+        challengeIp: challengeIpAddress.address,
         providedIp: ipV4orV6Address.address
       }
     }));
@@ -104,8 +97,260 @@ const validateIpAddress = (ip, challengeRecordIpAddress, logger) => {
   }
   return { isValid: true };
 };
+const evaluateIpValidationRules = (comparison, rules, logger) => {
+  if (!comparison.comparison) {
+    return { action: types.IPValidationAction.Allow };
+  }
+  const conditions = [];
+  const rejectActions = Object.values(rules.actions).filter(
+    (action) => action === types.IPValidationAction.Reject
+  );
+  const ip1Country = comparison.comparison.ip1Details?.country;
+  const ip2Country = comparison.comparison.ip2Details?.country;
+  const ip1CountryCode = comparison.comparison.ip1Details?.countryCode;
+  const ip2CountryCode = comparison.comparison.ip2Details?.countryCode;
+  let effectiveRules = rules;
+  let countryOverride = void 0;
+  if (ip1CountryCode && rules.countryOverrides?.[ip1CountryCode]) {
+    countryOverride = rules.countryOverrides[ip1CountryCode];
+  }
+  if (ip2CountryCode && rules.countryOverrides?.[ip2CountryCode]) {
+    countryOverride = rules.countryOverrides[ip2CountryCode];
+  }
+  if (countryOverride) {
+    effectiveRules = {
+      ...rules,
+      actions: {
+        ...rules.actions,
+        ...countryOverride.actions
+      },
+      distanceThresholdKm: countryOverride.distanceThresholdKm ?? rules.distanceThresholdKm,
+      abuseScoreThreshold: countryOverride.abuseScoreThreshold ?? rules.abuseScoreThreshold,
+      requireAllConditions: countryOverride.requireAllConditions ?? rules.requireAllConditions
+    };
+  }
+  if (ip1Country !== ip2Country) {
+    conditions.push({
+      met: true,
+      action: effectiveRules.actions.countryChangeAction,
+      message: `Country changed from ${ip1Country} to ${ip2Country}`
+    });
+  }
+  const ip1City = comparison.comparison.ip1Details?.city;
+  const ip2City = comparison.comparison.ip2Details?.city;
+  if (ip1City !== ip2City) {
+    conditions.push({
+      met: true,
+      action: effectiveRules.actions.cityChangeAction,
+      message: `City changed from ${ip1City} to ${ip2City}`
+    });
+  }
+  if (comparison.comparison.differentProviders) {
+    const ip1Provider = comparison.comparison.ip1Details?.provider;
+    const ip2Provider = comparison.comparison.ip2Details?.provider;
+    conditions.push({
+      met: true,
+      action: effectiveRules.actions.ispChangeAction,
+      message: `ISP changed from ${ip1Provider} to ${ip2Provider}`
+    });
+  }
+  const distanceKm = comparison.comparison.distanceKm;
+  if (distanceKm !== void 0 && distanceKm > effectiveRules.distanceThresholdKm) {
+    conditions.push({
+      met: true,
+      action: effectiveRules.actions.distanceExceedAction,
+      message: `IP addresses are ${distanceKm.toFixed(2)}km apart (>${effectiveRules.distanceThresholdKm}km limit)`
+    });
+  }
+  console.log(JSON.stringify(effectiveRules, null, 2));
+  const ip2AbuseScore = comparison.comparison.ip2Details?.abuserScore;
+  if (ip2AbuseScore !== void 0 && ip2AbuseScore > effectiveRules.abuseScoreThreshold) {
+    conditions.push({
+      met: true,
+      action: effectiveRules.actions.abuseScoreExceedAction,
+      message: `Abuse score ${ip2AbuseScore.toFixed(4)} exceeds threshold ${effectiveRules.abuseScoreThreshold}`
+    });
+  }
+  const ip1AbuseScore = comparison.comparison.ip1Details?.abuserScore;
+  if (ip1AbuseScore !== void 0 && ip1AbuseScore > effectiveRules.abuseScoreThreshold) {
+    conditions.push({
+      met: true,
+      action: effectiveRules.actions.abuseScoreExceedAction,
+      message: `Abuse score ${ip1AbuseScore.toFixed(4)} exceeds threshold ${effectiveRules.abuseScoreThreshold}`
+    });
+  }
+  if (conditions.length === 0) {
+    return { action: types.IPValidationAction.Allow };
+  }
+  const errorMessages = [];
+  let finalAction = types.IPValidationAction.Allow;
+  let shouldFlag = false;
+  if (effectiveRules.requireAllConditions) {
+    const rejectConditions = conditions.filter(
+      (c) => c.action === types.IPValidationAction.Reject
+    );
+    if (rejectConditions.length > 0 && rejectConditions.length >= rejectActions.length) {
+      finalAction = types.IPValidationAction.Reject;
+    }
+    for (const condition of conditions) {
+      if (condition.action === types.IPValidationAction.Reject || condition.action === types.IPValidationAction.Flag) {
+        errorMessages.push(condition.message);
+      }
+    }
+  } else {
+    for (const condition of conditions) {
+      if (condition.action === types.IPValidationAction.Reject) {
+        finalAction = types.IPValidationAction.Reject;
+        errorMessages.push(condition.message);
+        break;
+      }
+      if (condition.action === types.IPValidationAction.Flag) {
+        finalAction = types.IPValidationAction.Flag;
+        shouldFlag = true;
+      }
+      errorMessages.push(condition.message);
+    }
+  }
+  logger.info(() => ({
+    msg: `IP validation rules evaluated: ${finalAction}`,
+    data: {
+      conditions,
+      finalAction,
+      requireAllConditions: effectiveRules.requireAllConditions
+    }
+  }));
+  return {
+    action: finalAction,
+    errorMessage: errorMessages.length > 0 ? errorMessages.join("; ") : void 0,
+    shouldFlag
+  };
+};
+const deepValidateIpAddress = async (ip, challengeIpAddress, logger, apiKey, apiUrl, ipValidationRules) => {
+  const standardValidation = validateIpAddress(ip, challengeIpAddress, logger);
+  if (!standardValidation.isValid) {
+    if (standardValidation.errorMessage?.includes("Invalid IP address")) {
+      return standardValidation;
+    }
+    if (ipValidationRules?.forceConsistentIp === true) {
+      logger.info(() => ({
+        msg: "IP validation failed - forceConsistentIp is true",
+        data: {
+          challengeIp: challengeIpAddress.address,
+          providedIp: ip
+        }
+      }));
+      return {
+        isValid: false,
+        errorMessage: standardValidation.errorMessage
+      };
+    }
+  } else {
+    return { isValid: true };
+  }
+  try {
+    const challengeIpString = challengeIpAddress.address;
+    const comparison = await ipComparison.compareIPs(challengeIpString, ip, apiKey, apiUrl);
+    if ("error" in comparison) {
+      logger.error(() => ({
+        msg: "Failed to get IP distance comparison",
+        data: {
+          error: comparison.error,
+          challengeIp: challengeIpString,
+          providedIp: ip
+        }
+      }));
+      return {
+        isValid: false,
+        errorMessage: "Could not determine IP distance"
+      };
+    }
+    if (comparison.ipsMatch) {
+      return { isValid: true };
+    }
+    const distanceKm = comparison.comparison?.distanceKm;
+    if (!ipValidationRules) {
+      logger.info(() => ({
+        msg: "No IP validation rules provided, using legacy logic",
+        data: {
+          challengeIp: challengeIpString,
+          providedIp: ip,
+          distanceKm
+        }
+      }));
+      if (distanceKm !== void 0 && distanceKm > 1e3) {
+        const errorMessage = `IP addresses are too far apart: ${distanceKm.toFixed(2)}km (>1000km limit)`;
+        logger.info(() => ({
+          msg: "IP validation failed - distance too great",
+          data: {
+            challengeIp: challengeIpString,
+            providedIp: ip,
+            distanceKm,
+            comparison: comparison.comparison
+          }
+        }));
+        return {
+          isValid: false,
+          errorMessage,
+          distanceKm
+        };
+      }
+      logger.info(() => ({
+        msg: "IP addresses differ but within acceptable distance",
+        data: {
+          challengeIp: challengeIpString,
+          providedIp: ip,
+          distanceKm,
+          comparison: comparison.comparison
+        }
+      }));
+      return {
+        isValid: true,
+        distanceKm,
+        shouldFlag: true
+      };
+    }
+    const ruleEvaluation = evaluateIpValidationRules(
+      comparison,
+      ipValidationRules,
+      logger
+    );
+    switch (ruleEvaluation.action) {
+      case types.IPValidationAction.Reject:
+        return {
+          isValid: false,
+          errorMessage: ruleEvaluation.errorMessage,
+          distanceKm
+        };
+      case types.IPValidationAction.Flag:
+        return {
+          isValid: true,
+          distanceKm,
+          shouldFlag: true,
+          errorMessage: ruleEvaluation.errorMessage
+        };
+      default:
+        return {
+          isValid: true,
+          distanceKm
+        };
+    }
+  } catch (error) {
+    logger.error(() => ({
+      msg: "Error during IP distance validation",
+      err: error,
+      data: { challengeIp: challengeIpAddress.address, providedIp: ip }
+    }));
+    return {
+      isValid: true,
+      shouldFlag: true,
+      errorMessage: "IP distance validation error"
+    };
+  }
+};
 exports.checkIfTaskIsRunning = checkIfTaskIsRunning;
+exports.deepValidateIpAddress = deepValidateIpAddress;
 exports.encodeStringAddress = encodeStringAddress;
+exports.evaluateIpValidationRules = evaluateIpValidationRules;
 exports.getIPAddress = getIPAddress;
 exports.getIPAddressFromBigInt = getIPAddressFromBigInt;
 exports.shuffleArray = shuffleArray;

package/dist/cjs/utils/hashUserAgent.cjs

@@ -0,0 +1,10 @@
+"use strict";
+Object.defineProperty(exports, Symbol.toStringTag, { value: "Module" });
+const node_crypto = require("node:crypto");
+function hashUserAgent(userAgent) {
+  const hash = node_crypto.createHash("sha256");
+  hash.update(userAgent, "utf8");
+  const hashHex = hash.digest("hex");
+  return hashHex.substring(0, 32);
+}
+exports.hashUserAgent = hashUserAgent;

package/dist/compositeIpAddress.d.ts

@@ -0,0 +1,5 @@
+import type { IPAddress } from "@prosopo/types";
+import { type CompositeIpAddress } from "@prosopo/types-database";
+export declare const getCompositeIpAddress: (ip: string | IPAddress) => CompositeIpAddress;
+export declare const getIpAddressFromComposite: (compositeIpAddress: CompositeIpAddress) => IPAddress;
+//# sourceMappingURL=compositeIpAddress.d.ts.map

package/dist/compositeIpAddress.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"compositeIpAddress.d.ts","sourceRoot":"","sources":["../src/compositeIpAddress.ts"],"names":[],"mappings":"AAcA,OAAO,KAAK,EAAE,SAAS,EAAE,MAAM,gBAAgB,CAAC;AAChD,OAAO,EACN,KAAK,kBAAkB,EAEvB,MAAM,yBAAyB,CAAC;AAOjC,eAAO,MAAM,qBAAqB,OAC7B,MAAM,GAAG,SAAS,KACpB,kBAaF,CAAC;AAuBF,eAAO,MAAM,yBAAyB,uBACjB,kBAAkB,KACpC,SAaF,CAAC"}

package/dist/compositeIpAddress.js

@@ -0,0 +1,53 @@
+import { IpAddressType } from "@prosopo/types-database";
+import { getIPAddress } from "@prosopo/util";
+import { Address4, Address6 } from "ip-address";
+const V6_SHIFT = 64n;
+const v6_LOWER_MASK = (1n << V6_SHIFT) - 1n;
+const getCompositeIpAddress = (ip) => {
+  let ipAddress;
+  try {
+    ipAddress = "string" === typeof ip ? getIPAddress(ip) : ip;
+  } catch (e) {
+    return {
+      lower: 0n,
+      type: IpAddressType.v4
+    };
+  }
+  return getCompositeFromIpAddress(ipAddress);
+};
+const getCompositeFromIpAddress = (ipAddress) => {
+  const numericIp = ipAddress.bigInt();
+  if (ipAddress instanceof Address4) {
+    return {
+      lower: numericIp,
+      type: IpAddressType.v4
+    };
+  }
+  ipAddress;
+  return {
+    lower: numericIp & v6_LOWER_MASK,
+    upper: numericIp >> V6_SHIFT,
+    type: IpAddressType.v6
+  };
+};
+const getIpAddressFromComposite = (compositeIpAddress) => {
+  switch (compositeIpAddress.type) {
+    case IpAddressType.v4:
+      return Address4.fromBigInt(getBigInt(compositeIpAddress.lower));
+    case IpAddressType.v6:
+      return Address6.fromBigInt(
+        getBigInt(compositeIpAddress.upper) << V6_SHIFT | getBigInt(compositeIpAddress.lower) & v6_LOWER_MASK
+      );
+    default:
+      never();
+      return Address4.fromBigInt(0n);
+  }
+};
+const getBigInt = (number) => BigInt(number || 0n);
+const never = () => {
+  throw new Error("Unhandled type");
+};
+export {
+  getCompositeIpAddress,
+  getIpAddressFromComposite
+};

package/dist/compositeIpAddress.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"compositeIpAddress.js","sourceRoot":"","sources":["../src/compositeIpAddress.ts"],"names":[],"mappings":"AAeA,OAAO,EAEN,aAAa,GACb,MAAM,yBAAyB,CAAC;AACjC,OAAO,EAAE,YAAY,EAAE,MAAM,eAAe,CAAC;AAC7C,OAAO,EAAE,QAAQ,EAAE,QAAQ,EAAE,MAAM,YAAY,CAAC;AAEhD,MAAM,QAAQ,GAAG,GAAG,CAAC;AACrB,MAAM,aAAa,GAAG,CAAC,EAAE,IAAI,QAAQ,CAAC,GAAG,EAAE,CAAC;AAE5C,MAAM,CAAC,MAAM,qBAAqB,GAAG,CACpC,EAAsB,EACD,EAAE;IACvB,IAAI,SAAoB,CAAC;IAEzB,IAAI,CAAC;QACJ,SAAS,GAAG,QAAQ,KAAK,OAAO,EAAE,CAAC,CAAC,CAAC,YAAY,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC;IAC5D,CAAC;IAAC,OAAO,CAAC,EAAE,CAAC;QACZ,OAAO;YACN,KAAK,EAAE,EAAE;YACT,IAAI,EAAE,aAAa,CAAC,EAAE;SACtB,CAAC;IACH,CAAC;IAED,OAAO,yBAAyB,CAAC,SAAS,CAAC,CAAC;AAC7C,CAAC,CAAC;AAEF,MAAM,yBAAyB,GAAG,CACjC,SAAoB,EACC,EAAE;IACvB,MAAM,SAAS,GAAG,SAAS,CAAC,MAAM,EAAE,CAAC;IAErC,IAAI,SAAS,YAAY,QAAQ,EAAE,CAAC;QACnC,OAAO;YACN,KAAK,EAAE,SAAS;YAChB,IAAI,EAAE,aAAa,CAAC,EAAE;SACtB,CAAC;IACH,CAAC;IAED,SAA4B,CAAC;IAE7B,OAAO;QACN,KAAK,EAAE,SAAS,GAAG,aAAa;QAChC,KAAK,EAAE,SAAS,IAAI,QAAQ;QAC5B,IAAI,EAAE,aAAa,CAAC,EAAE;KACtB,CAAC;AACH,CAAC,CAAC;AAEF,MAAM,CAAC,MAAM,yBAAyB,GAAG,CACxC,kBAAsC,EAC1B,EAAE;IACd,QAAQ,kBAAkB,CAAC,IAAI,EAAE,CAAC;QACjC,KAAK,aAAa,CAAC,EAAE;YACpB,OAAO,QAAQ,CAAC,UAAU,CAAC,SAAS,CAAC,kBAAkB,CAAC,KAAK,CAAC,CAAC,CAAC;QACjE,KAAK,aAAa,CAAC,EAAE;YACpB,OAAO,QAAQ,CAAC,UAAU,CACzB,CAAC,SAAS,CAAC,kBAAkB,CAAC,KAAK,CAAC,IAAI,QAAQ,CAAC;gBAChD,CAAC,SAAS,CAAC,kBAAkB,CAAC,KAAK,CAAC,GAAG,aAAa,CAAC,CACtD,CAAC;QACH;YACC,KAAK,EAAE,CAAC;YACR,OAAO,QAAQ,CAAC,UAAU,CAAC,EAAE,CAAC,CAAC;IACjC,CAAC;AACF,CAAC,CAAC;AAEF,MAAM,SAAS,GAAG,CAAC,MAAmC,EAAE,EAAE,CAAC,MAAM,CAAC,MAAM,IAAI,EAAE,CAAC,CAAC;AAEhF,MAAM,KAAK,GAAG,GAAU,EAAE;IACzB,MAAM,IAAI,KAAK,CAAC,gBAAgB,CAAC,CAAC;AACnC,CAAC,CAAC"}

package/dist/index.d.ts

@@ -0,0 +1,17 @@
+export * from "./tasks/index.js";
+export * from "./util.js";
+export * from "./api/block.js";
+export * from "./api/captcha.js";
+export * from "./api/verify.js";
+export * from "./api/ja4Middleware.js";
+export * from "./api/public.js";
+export * from "./api/domainMiddleware.js";
+export * from "./schedulers/captchaScheduler.js";
+export * from "./schedulers/getClientList.js";
+export * from "./api/headerCheckMiddleware.js";
+export * from "./api/admin/createApiAdminRoutesProvider.js";
+export * from "./api/ignoreMiddleware.js";
+export * from "./api/robotsMiddleware.js";
+export * from "./compositeIpAddress.js";
+export * from "./services/ipComparison.js";
+//# sourceMappingURL=index.d.ts.map

package/dist/index.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":"AAcA,cAAc,kBAAkB,CAAC;AACjC,cAAc,WAAW,CAAC;AAC1B,cAAc,gBAAgB,CAAC;AAC/B,cAAc,kBAAkB,CAAC;AACjC,cAAc,iBAAiB,CAAC;AAChC,cAAc,wBAAwB,CAAC;AACvC,cAAc,iBAAiB,CAAC;AAChC,cAAc,2BAA2B,CAAC;AAC1C,cAAc,kCAAkC,CAAC;AACjD,cAAc,+BAA+B,CAAC;AAC9C,cAAc,gCAAgC,CAAC;AAC/C,cAAc,6CAA6C,CAAC;AAC5D,cAAc,2BAA2B,CAAC;AAC1C,cAAc,2BAA2B,CAAC;AAC1C,cAAc,yBAAyB,CAAC;AACxC,cAAc,4BAA4B,CAAC"}

package/dist/index.js

@@ -1,5 +1,5 @@
 import "./tasks/index.js";
-import { checkIfTaskIsRunning, encodeStringAddress, getIPAddress, getIPAddressFromBigInt, shuffleArray, validateIpAddress } from "./util.js";
+import { checkIfTaskIsRunning, deepValidateIpAddress, encodeStringAddress, evaluateIpValidationRules, getIPAddress, getIPAddressFromBigInt, shuffleArray, validateIpAddress } from "./util.js";
 import { blockMiddleware } from "./api/block.js";
 import { prosopoRouter } from "./api/captcha.js";
 import { prosopoVerifyRouter } from "./api/verify.js";
@@ -12,18 +12,25 @@ import { headerCheckMiddleware } from "./api/headerCheckMiddleware.js";
 import { createApiAdminRoutesProvider } from "./api/admin/createApiAdminRoutesProvider.js";
 import { ignoreMiddleware } from "./api/ignoreMiddleware.js";
 import { robotsMiddleware } from "./api/robotsMiddleware.js";
+import { getCompositeIpAddress, getIpAddressFromComposite } from "./compositeIpAddress.js";
+import { compareIPs } from "./services/ipComparison.js";
 import { Tasks } from "./tasks/tasks.js";
 export {
   DEFAULT_JA4,
   Tasks,
   blockMiddleware,
   checkIfTaskIsRunning,
+  compareIPs,
   createApiAdminRoutesProvider,
+  deepValidateIpAddress,
   domainMiddleware,
   encodeStringAddress,
+  evaluateIpValidationRules,
   getClientList,
+  getCompositeIpAddress,
   getIPAddress,
   getIPAddressFromBigInt,
+  getIpAddressFromComposite,
   getJA4,
   headerCheckMiddleware,
   ignoreMiddleware,

package/dist/index.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.js","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":"AAcA,cAAc,kBAAkB,CAAC;AACjC,cAAc,WAAW,CAAC;AAC1B,cAAc,gBAAgB,CAAC;AAC/B,cAAc,kBAAkB,CAAC;AACjC,cAAc,iBAAiB,CAAC;AAChC,cAAc,wBAAwB,CAAC;AACvC,cAAc,iBAAiB,CAAC;AAChC,cAAc,2BAA2B,CAAC;AAC1C,cAAc,kCAAkC,CAAC;AACjD,cAAc,+BAA+B,CAAC;AAC9C,cAAc,gCAAgC,CAAC;AAC/C,cAAc,6CAA6C,CAAC;AAC5D,cAAc,2BAA2B,CAAC;AAC1C,cAAc,2BAA2B,CAAC;AAC1C,cAAc,yBAAyB,CAAC;AACxC,cAAc,4BAA4B,CAAC"}

package/dist/pairs.d.ts

@@ -0,0 +1,3 @@
+export declare const constructPairList: (list: number[]) => [number, number][];
+export declare const containsIdenticalPairs: (pairsLists: [number, number][][]) => boolean;
+//# sourceMappingURL=pairs.d.ts.map

package/dist/pairs.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"pairs.d.ts","sourceRoot":"","sources":["../src/pairs.ts"],"names":[],"mappings":"AAmBA,eAAO,MAAM,iBAAiB,SAAU,MAAM,EAAE,KAAG,CAAC,MAAM,EAAE,MAAM,CAAC,EAWlE,CAAC;AAMF,eAAO,MAAM,sBAAsB,eAAgB,CAAC,MAAM,EAAE,MAAM,CAAC,EAAE,EAAE,YActE,CAAC"}

package/dist/pairs.js

@@ -0,0 +1,27 @@
+import { at } from "@prosopo/util";
+const constructPairList = (list) => {
+  if (list.length % 2 !== 0) {
+    throw new Error("Invalid pairs length");
+  }
+  const pairList = [];
+  for (let i = 0; i < list.length; i += 2) {
+    pairList.push([at(list, i), at(list, i + 1)]);
+  }
+  return pairList;
+};
+const containsIdenticalPairs = (pairsLists) => {
+  const set = /* @__PURE__ */ new Set();
+  for (const pairList of pairsLists) {
+    for (const pair of pairList) {
+      const x = at(pair, 0);
+      const y = at(pair, 1);
+      const coordString = `${x},${y}`;
+      set.add(coordString);
+    }
+  }
+  return set.size !== pairsLists.flat().flat().length / 2;
+};
+export {
+  constructPairList,
+  containsIdenticalPairs
+};

package/dist/pairs.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"pairs.js","sourceRoot":"","sources":["../src/pairs.ts"],"names":[],"mappings":"AAcA,OAAO,EAAE,EAAE,EAAE,MAAM,eAAe,CAAC;AAKnC,MAAM,CAAC,MAAM,iBAAiB,GAAG,CAAC,IAAc,EAAsB,EAAE;IAEvE,IAAI,IAAI,CAAC,MAAM,GAAG,CAAC,KAAK,CAAC,EAAE,CAAC;QAC3B,MAAM,IAAI,KAAK,CAAC,sBAAsB,CAAC,CAAC;IACzC,CAAC;IAED,MAAM,QAAQ,GAAuB,EAAE,CAAC;IACxC,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,IAAI,CAAC,MAAM,EAAE,CAAC,IAAI,CAAC,EAAE,CAAC;QACzC,QAAQ,CAAC,IAAI,CAAC,CAAC,EAAE,CAAC,IAAI,EAAE,CAAC,CAAC,EAAE,EAAE,CAAC,IAAI,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC;IAC/C,CAAC;IACD,OAAO,QAAQ,CAAC;AACjB,CAAC,CAAC;AAMF,MAAM,CAAC,MAAM,sBAAsB,GAAG,CAAC,UAAgC,EAAE,EAAE;IAC1E,MAAM,GAAG,GAAG,IAAI,GAAG,EAAU,CAAC;IAE9B,KAAK,MAAM,QAAQ,IAAI,UAAU,EAAE,CAAC;QACnC,KAAK,MAAM,IAAI,IAAI,QAAQ,EAAE,CAAC;YAC7B,MAAM,CAAC,GAAG,EAAE,CAAC,IAAI,EAAE,CAAC,CAAC,CAAC;YACtB,MAAM,CAAC,GAAG,EAAE,CAAC,IAAI,EAAE,CAAC,CAAC,CAAC;YACtB,MAAM,WAAW,GAAG,GAAG,CAAC,IAAI,CAAC,EAAE,CAAC;YAChC,GAAG,CAAC,GAAG,CAAC,WAAW,CAAC,CAAC;QACtB,CAAC;IACF,CAAC;IAGD,OAAO,GAAG,CAAC,IAAI,KAAK,UAAU,CAAC,IAAI,EAAE,CAAC,IAAI,EAAE,CAAC,MAAM,GAAG,CAAC,CAAC;AACzD,CAAC,CAAC"}

package/dist/rules/lang.d.ts

@@ -0,0 +1,3 @@
+import type { ProsopoConfigOutput } from "@prosopo/types";
+export declare const checkLangRules: (config: ProsopoConfigOutput, acceptLanguage: string) => number;
+//# sourceMappingURL=lang.d.ts.map

package/dist/rules/lang.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"lang.d.ts","sourceRoot":"","sources":["../../src/rules/lang.ts"],"names":[],"mappings":"AAaA,OAAO,KAAK,EAAE,mBAAmB,EAAE,MAAM,gBAAgB,CAAC;AAE1D,eAAO,MAAM,cAAc,WAClB,mBAAmB,kBACX,MAAM,KACpB,MAeF,CAAC"}

package/dist/rules/lang.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"lang.js","sourceRoot":"","sources":["../../src/rules/lang.ts"],"names":[],"mappings":"AAeA,MAAM,CAAC,MAAM,cAAc,GAAG,CAC7B,MAA2B,EAC3B,cAAsB,EACb,EAAE;IACX,MAAM,OAAO,GAAG,MAAM,CAAC,MAAM,CAAC;IAC9B,IAAI,MAAM,GAAG,CAAC,CAAC;IACf,IAAI,OAAO,EAAE,CAAC;QACb,MAAM,SAAS,GAAG,cAAc;aAC9B,KAAK,CAAC,GAAG,CAAC;aACV,GAAG,CAAC,CAAC,IAAI,EAAE,EAAE,CAAC,IAAI,CAAC,IAAI,EAAE,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC;QAE3C,KAAK,MAAM,IAAI,IAAI,SAAS,EAAE,CAAC;YAC9B,IAAI,IAAI,IAAI,OAAO,CAAC,IAAI,CAAC,EAAE,CAAC;gBAC3B,MAAM,IAAI,OAAO,CAAC,IAAI,CAAC,CAAC;YACzB,CAAC;QACF,CAAC;IACF,CAAC;IACD,OAAO,MAAM,CAAC;AACf,CAAC,CAAC"}

package/dist/schedulers/captchaScheduler.d.ts

@@ -0,0 +1,4 @@
+import type { KeyringPair } from "@prosopo/types";
+import { type ProsopoConfigOutput } from "@prosopo/types";
+export declare function storeCaptchasExternally(pair: KeyringPair, cronSchedule: string, config: ProsopoConfigOutput): Promise<void>;
+//# sourceMappingURL=captchaScheduler.d.ts.map

package/dist/schedulers/captchaScheduler.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"captchaScheduler.d.ts","sourceRoot":"","sources":["../../src/schedulers/captchaScheduler.ts"],"names":[],"mappings":"AAeA,OAAO,KAAK,EAAE,WAAW,EAAE,MAAM,gBAAgB,CAAC;AAClD,OAAO,EAAE,KAAK,mBAAmB,EAAsB,MAAM,gBAAgB,CAAC;AAK9E,wBAAsB,uBAAuB,CAC5C,IAAI,EAAE,WAAW,EACjB,YAAY,EAAE,MAAM,EACpB,MAAM,EAAE,mBAAmB,iBA8B3B"}

package/dist/schedulers/captchaScheduler.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"captchaScheduler.js","sourceRoot":"","sources":["../../src/schedulers/captchaScheduler.ts"],"names":[],"mappings":"AAcA,OAAO,EAAE,mBAAmB,EAAE,MAAM,cAAc,CAAC;AAEnD,OAAO,EAA4B,kBAAkB,EAAE,MAAM,gBAAgB,CAAC;AAC9E,OAAO,EAAE,OAAO,EAAE,MAAM,MAAM,CAAC;AAC/B,OAAO,EAAE,KAAK,EAAE,MAAM,mBAAmB,CAAC;AAC1C,OAAO,EAAE,oBAAoB,EAAE,MAAM,YAAY,CAAC;AAElD,MAAM,CAAC,KAAK,UAAU,uBAAuB,CAC5C,IAAiB,EACjB,YAAoB,EACpB,MAA2B;IAE3B,MAAM,GAAG,GAAG,IAAI,mBAAmB,CAAC,MAAM,EAAE,IAAI,CAAC,CAAC;IAClD,MAAM,GAAG,CAAC,OAAO,EAAE,CAAC;IAEpB,MAAM,KAAK,GAAG,IAAI,KAAK,CAAC,GAAG,CAAC,CAAC;IAE7B,MAAM,GAAG,GAAG,IAAI,OAAO,CAAC,YAAY,EAAE,KAAK,IAAI,EAAE;QAChD,MAAM,WAAW,GAAG,MAAM,oBAAoB,CAC7C,kBAAkB,CAAC,wBAAwB,EAC3C,GAAG,CAAC,KAAK,EAAE,CACX,CAAC;QACF,GAAG,CAAC,MAAM,CAAC,IAAI,CAAC,GAAG,EAAE,CAAC,CAAC;YACtB,IAAI,EAAE,EAAE,WAAW,EAAE;YACrB,GAAG,EAAE,GAAG,kBAAkB,CAAC,wBAAwB,kBAAkB,WAAW,EAAE;SAClF,CAAC,CAAC,CAAC;QACJ,IAAI,CAAC,WAAW,EAAE,CAAC;YAClB,GAAG,CAAC,MAAM,CAAC,IAAI,CAAC,GAAG,EAAE,CAAC,CAAC;gBACtB,GAAG,EAAE,GAAG,kBAAkB,CAAC,wBAAwB,WAAW;aAC9D,CAAC,CAAC,CAAC;YACJ,MAAM,KAAK,CAAC,iBAAiB,CAAC,wBAAwB,EAAE,CAAC,KAAK,CAAC,CAAC,GAAG,EAAE,EAAE;gBACtE,GAAG,CAAC,MAAM,CAAC,KAAK,CAAC,GAAG,EAAE,CAAC,CAAC;oBACvB,GAAG;oBACH,GAAG,EAAE,sCAAsC;iBAC3C,CAAC,CAAC,CAAC;YACL,CAAC,CAAC,CAAC;QACJ,CAAC;IACF,CAAC,CAAC,CAAC;IAEH,GAAG,CAAC,KAAK,EAAE,CAAC;AACb,CAAC"}

package/dist/schedulers/getClientList.d.ts

@@ -0,0 +1,4 @@
+import type { KeyringPair } from "@prosopo/types";
+import { type ProsopoConfigOutput } from "@prosopo/types";
+export declare function getClientList(pair: KeyringPair, cronSchedule: string, config: ProsopoConfigOutput): Promise<void>;
+//# sourceMappingURL=getClientList.d.ts.map