@prosopo/provider 4.8.1 → 4.9.1
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/.turbo/turbo-build$colon$cjs.log +20 -19
- package/.turbo/turbo-build$colon$tsc.log +24 -24
- package/.turbo/turbo-build.log +21 -20
- package/CHANGELOG.md +107 -0
- package/dist/api/admin/apiAdminRoutesProvider.d.ts.map +1 -1
- package/dist/api/admin/apiAdminRoutesProvider.js +4 -1
- package/dist/api/admin/apiAdminRoutesProvider.js.map +1 -1
- package/dist/api/admin/apiDnsEventEndpoint.d.ts +4 -1
- package/dist/api/admin/apiDnsEventEndpoint.d.ts.map +1 -1
- package/dist/api/admin/apiDnsEventEndpoint.js +31 -1
- package/dist/api/admin/apiDnsEventEndpoint.js.map +1 -1
- package/dist/api/admin/apiRemoveDetectorKeyEndpoint.d.ts.map +1 -1
- package/dist/api/blacklistRequestInspector.d.ts.map +1 -1
- package/dist/api/blacklistRequestInspector.js +5 -2
- package/dist/api/blacklistRequestInspector.js.map +1 -1
- package/dist/api/captcha/checkSpamEmail.d.ts.map +1 -1
- package/dist/api/captcha/checkSpamEmail.js +9 -1
- package/dist/api/captcha/checkSpamEmail.js.map +1 -1
- package/dist/api/captcha/getFrictionlessCaptchaChallenge/handler.d.ts.map +1 -1
- package/dist/api/captcha/getFrictionlessCaptchaChallenge/handler.js +5 -5
- package/dist/api/captcha/getFrictionlessCaptchaChallenge/handler.js.map +1 -1
- package/dist/api/captcha/getImageCaptchaChallenge.d.ts.map +1 -1
- package/dist/api/captcha/getImageCaptchaChallenge.js +10 -1
- package/dist/api/captcha/getImageCaptchaChallenge.js.map +1 -1
- package/dist/api/captcha/getPoWCaptchaChallenge.d.ts.map +1 -1
- package/dist/api/captcha/getPoWCaptchaChallenge.js +2 -2
- package/dist/api/captcha/getPoWCaptchaChallenge.js.map +1 -1
- package/dist/api/captcha/getPuzzleCaptchaChallenge.d.ts.map +1 -1
- package/dist/api/captcha/getPuzzleCaptchaChallenge.js +2 -2
- package/dist/api/captcha/getPuzzleCaptchaChallenge.js.map +1 -1
- package/dist/api/captcha/maintenanceModeResponses.d.ts +2 -1
- package/dist/api/captcha/maintenanceModeResponses.d.ts.map +1 -1
- package/dist/api/captcha/maintenanceModeResponses.js +10 -0
- package/dist/api/captcha/maintenanceModeResponses.js.map +1 -1
- package/dist/api/captcha/submitImageCaptchaSolution.d.ts.map +1 -1
- package/dist/api/captcha/submitImageCaptchaSolution.js +1 -1
- package/dist/api/captcha/submitImageCaptchaSolution.js.map +1 -1
- package/dist/api/captcha/submitPoWCaptchaSolution.d.ts.map +1 -1
- package/dist/api/captcha/submitPoWCaptchaSolution.js +3 -4
- package/dist/api/captcha/submitPoWCaptchaSolution.js.map +1 -1
- package/dist/api/captcha/submitPuzzleCaptchaSolution.d.ts.map +1 -1
- package/dist/api/captcha/submitPuzzleCaptchaSolution.js +3 -4
- package/dist/api/captcha/submitPuzzleCaptchaSolution.js.map +1 -1
- package/dist/api/verify.d.ts.map +1 -1
- package/dist/api/verify.js +7 -7
- package/dist/api/verify.js.map +1 -1
- package/dist/cjs/api/admin/apiAdminRoutesProvider.cjs +4 -1
- package/dist/cjs/api/admin/apiDnsEventEndpoint.cjs +31 -1
- package/dist/cjs/api/blacklistRequestInspector.cjs +5 -2
- package/dist/cjs/api/captcha/checkSpamEmail.cjs +9 -1
- package/dist/cjs/api/captcha/getFrictionlessCaptchaChallenge/handler.cjs +5 -5
- package/dist/cjs/api/captcha/getImageCaptchaChallenge.cjs +10 -1
- package/dist/cjs/api/captcha/getPoWCaptchaChallenge.cjs +2 -2
- package/dist/cjs/api/captcha/getPuzzleCaptchaChallenge.cjs +2 -2
- package/dist/cjs/api/captcha/maintenanceModeResponses.cjs +10 -0
- package/dist/cjs/api/captcha/submitImageCaptchaSolution.cjs +1 -1
- package/dist/cjs/api/captcha/submitPoWCaptchaSolution.cjs +3 -4
- package/dist/cjs/api/captcha/submitPuzzleCaptchaSolution.cjs +3 -4
- package/dist/cjs/api/verify.cjs +7 -7
- package/dist/cjs/pairs.cjs +14 -0
- package/dist/cjs/tasks/captchaManager.cjs +10 -3
- package/dist/cjs/tasks/dnsEvent/enrichDnsEvent.cjs +62 -0
- package/dist/cjs/tasks/imgCaptcha/imgCaptchaTasks.cjs +70 -34
- package/dist/cjs/tasks/powCaptcha/powTasks.cjs +46 -17
- package/dist/cjs/tasks/puzzleCaptcha/puzzleTasks.cjs +46 -17
- package/dist/cjs/tasks/spam/checkTrafficFilter.cjs +19 -2
- package/dist/cjs/tasks/tasks.cjs +1 -0
- package/dist/cjs/util/usageCounters.cjs +18 -1
- package/dist/cjs/util.cjs +11 -1
- package/dist/pairs.d.ts +4 -0
- package/dist/pairs.d.ts.map +1 -1
- package/dist/pairs.js +15 -1
- package/dist/pairs.js.map +1 -1
- package/dist/tasks/captchaManager.d.ts +2 -2
- package/dist/tasks/captchaManager.d.ts.map +1 -1
- package/dist/tasks/captchaManager.js +10 -3
- package/dist/tasks/captchaManager.js.map +1 -1
- package/dist/tasks/dnsEvent/enrichDnsEvent.d.ts +8 -0
- package/dist/tasks/dnsEvent/enrichDnsEvent.d.ts.map +1 -0
- package/dist/tasks/dnsEvent/enrichDnsEvent.js +62 -0
- package/dist/tasks/dnsEvent/enrichDnsEvent.js.map +1 -0
- package/dist/tasks/imgCaptcha/imgCaptchaTasks.d.ts.map +1 -1
- package/dist/tasks/imgCaptcha/imgCaptchaTasks.js +71 -35
- package/dist/tasks/imgCaptcha/imgCaptchaTasks.js.map +1 -1
- package/dist/tasks/powCaptcha/powTasks.d.ts.map +1 -1
- package/dist/tasks/powCaptcha/powTasks.js +46 -17
- package/dist/tasks/powCaptcha/powTasks.js.map +1 -1
- package/dist/tasks/puzzleCaptcha/puzzleTasks.d.ts.map +1 -1
- package/dist/tasks/puzzleCaptcha/puzzleTasks.js +46 -17
- package/dist/tasks/puzzleCaptcha/puzzleTasks.js.map +1 -1
- package/dist/tasks/spam/checkTrafficFilter.d.ts +1 -1
- package/dist/tasks/spam/checkTrafficFilter.d.ts.map +1 -1
- package/dist/tasks/spam/checkTrafficFilter.js +19 -2
- package/dist/tasks/spam/checkTrafficFilter.js.map +1 -1
- package/dist/tasks/tasks.d.ts +1 -0
- package/dist/tasks/tasks.d.ts.map +1 -1
- package/dist/tasks/tasks.js +1 -0
- package/dist/tasks/tasks.js.map +1 -1
- package/dist/tests/integration/api/admin/apiRegisterSiteKeyEndpoint.integration.test.js +2 -0
- package/dist/tests/integration/api/admin/apiRegisterSiteKeyEndpoint.integration.test.js.map +1 -1
- package/dist/tests/integration/clientSettingsPersistence.integration.test.js +1 -0
- package/dist/tests/integration/clientSettingsPersistence.integration.test.js.map +1 -1
- package/dist/tests/integration/powCaptcha.integration.test.js +0 -4
- package/dist/tests/integration/powCaptcha.integration.test.js.map +1 -1
- package/dist/tests/unit/api/admin/apiRegisterSiteKeyEndpoint.unit.test.js +1 -0
- package/dist/tests/unit/api/admin/apiRegisterSiteKeyEndpoint.unit.test.js.map +1 -1
- package/dist/tests/unit/api/blacklistRequestInspector.unit.test.js +37 -0
- package/dist/tests/unit/api/blacklistRequestInspector.unit.test.js.map +1 -1
- package/dist/tests/unit/pairs.unit.test.js +79 -1
- package/dist/tests/unit/pairs.unit.test.js.map +1 -1
- package/dist/tests/unit/tasks/captchaManager.unit.test.js +29 -0
- package/dist/tests/unit/tasks/captchaManager.unit.test.js.map +1 -1
- package/dist/tests/unit/tasks/dnsEvent/enrichDnsEvent.unit.test.d.ts +2 -0
- package/dist/tests/unit/tasks/dnsEvent/enrichDnsEvent.unit.test.d.ts.map +1 -0
- package/dist/tests/unit/tasks/dnsEvent/enrichDnsEvent.unit.test.js +94 -0
- package/dist/tests/unit/tasks/dnsEvent/enrichDnsEvent.unit.test.js.map +1 -0
- package/dist/tests/unit/tasks/imgCaptcha/imgCaptchaTasks.unit.test.js +16 -0
- package/dist/tests/unit/tasks/imgCaptcha/imgCaptchaTasks.unit.test.js.map +1 -1
- package/dist/tests/unit/tasks/powCaptcha/powTasks.unit.test.js +36 -3
- package/dist/tests/unit/tasks/powCaptcha/powTasks.unit.test.js.map +1 -1
- package/dist/tests/unit/tasks/puzzleCaptcha/puzzleTasks.unit.test.js +8 -1
- package/dist/tests/unit/tasks/puzzleCaptcha/puzzleTasks.unit.test.js.map +1 -1
- package/dist/tests/unit/tasks/spam/checkTrafficFilter.unit.test.js +68 -0
- package/dist/tests/unit/tasks/spam/checkTrafficFilter.unit.test.js.map +1 -1
- package/dist/util/usageCounters.d.ts +1 -1
- package/dist/util/usageCounters.d.ts.map +1 -1
- package/dist/util/usageCounters.js +18 -1
- package/dist/util/usageCounters.js.map +1 -1
- package/dist/util.d.ts +1 -1
- package/dist/util.d.ts.map +1 -1
- package/dist/util.js +11 -1
- package/dist/util.js.map +1 -1
- package/package.json +13 -12
package/dist/api/verify.js
CHANGED
|
@@ -21,7 +21,6 @@ function prosopoVerifyRouter(env) {
|
|
|
21
21
|
router.post(
|
|
22
22
|
ClientApiPaths.VerifyImageCaptchaSolutionDapp,
|
|
23
23
|
async (req, res, next) => {
|
|
24
|
-
const tasks = new Tasks(env, req.logger);
|
|
25
24
|
if (getMaintenanceMode()) {
|
|
26
25
|
req.logger.info(() => ({
|
|
27
26
|
msg: "Maintenance mode active - returning verified for image captcha verification"
|
|
@@ -32,6 +31,7 @@ function prosopoVerifyRouter(env) {
|
|
|
32
31
|
};
|
|
33
32
|
return res.json(verificationResponse);
|
|
34
33
|
}
|
|
34
|
+
const tasks = new Tasks(env, req.logger);
|
|
35
35
|
let parsed;
|
|
36
36
|
try {
|
|
37
37
|
parsed = VerifySolutionBody.parse(req.body);
|
|
@@ -110,7 +110,6 @@ function prosopoVerifyRouter(env) {
|
|
|
110
110
|
router.post(
|
|
111
111
|
ClientApiPaths.VerifyPowCaptchaSolution,
|
|
112
112
|
async (req, res, next) => {
|
|
113
|
-
const tasks = new Tasks(env, req.logger);
|
|
114
113
|
if (getMaintenanceMode()) {
|
|
115
114
|
req.logger.info(() => ({
|
|
116
115
|
msg: "Maintenance mode active - returning verified for PoW captcha verification"
|
|
@@ -121,6 +120,7 @@ function prosopoVerifyRouter(env) {
|
|
|
121
120
|
};
|
|
122
121
|
return res.json(verificationResponse);
|
|
123
122
|
}
|
|
123
|
+
const tasks = new Tasks(env, req.logger);
|
|
124
124
|
let parsed;
|
|
125
125
|
try {
|
|
126
126
|
parsed = ServerPowCaptchaVerifyRequestBody.parse(req.body);
|
|
@@ -134,7 +134,7 @@ function prosopoVerifyRouter(env) {
|
|
|
134
134
|
);
|
|
135
135
|
}
|
|
136
136
|
try {
|
|
137
|
-
const { token, dappSignature,
|
|
137
|
+
const { token, dappSignature, ip, email } = parsed;
|
|
138
138
|
const { dapp, user, timestamp, challenge } = decodeProcaptchaOutput(token);
|
|
139
139
|
const testVerdict = resolveTestSiteKeyVerdict(dapp, req.logger);
|
|
140
140
|
if (testVerdict !== null) {
|
|
@@ -168,7 +168,7 @@ function prosopoVerifyRouter(env) {
|
|
|
168
168
|
const { verified, score, reason } = await tasks.powCaptchaManager.serverVerifyPowCaptchaSolution(
|
|
169
169
|
dapp,
|
|
170
170
|
challenge,
|
|
171
|
-
verifiedTimeout,
|
|
171
|
+
clientRecord.settings.verifiedTimeout,
|
|
172
172
|
env,
|
|
173
173
|
ip,
|
|
174
174
|
userAccessRulesStorage,
|
|
@@ -205,7 +205,6 @@ function prosopoVerifyRouter(env) {
|
|
|
205
205
|
router.post(
|
|
206
206
|
ClientApiPaths.VerifyPuzzleCaptchaSolution,
|
|
207
207
|
async (req, res, next) => {
|
|
208
|
-
const tasks = new Tasks(env, req.logger);
|
|
209
208
|
if (getMaintenanceMode()) {
|
|
210
209
|
req.logger.info(() => ({
|
|
211
210
|
msg: "Maintenance mode active - returning verified for puzzle captcha verification"
|
|
@@ -216,6 +215,7 @@ function prosopoVerifyRouter(env) {
|
|
|
216
215
|
};
|
|
217
216
|
return res.json(verificationResponse);
|
|
218
217
|
}
|
|
218
|
+
const tasks = new Tasks(env, req.logger);
|
|
219
219
|
let parsed;
|
|
220
220
|
try {
|
|
221
221
|
parsed = ServerPuzzleCaptchaVerifyRequestBody.parse(req.body);
|
|
@@ -229,7 +229,7 @@ function prosopoVerifyRouter(env) {
|
|
|
229
229
|
);
|
|
230
230
|
}
|
|
231
231
|
try {
|
|
232
|
-
const { token, dappSignature,
|
|
232
|
+
const { token, dappSignature, ip, email } = parsed;
|
|
233
233
|
const { dapp, user, timestamp, challenge } = decodeProcaptchaOutput(token);
|
|
234
234
|
const testVerdict = resolveTestSiteKeyVerdict(dapp, req.logger);
|
|
235
235
|
if (testVerdict !== null) {
|
|
@@ -263,7 +263,7 @@ function prosopoVerifyRouter(env) {
|
|
|
263
263
|
const { verified, score } = await tasks.puzzleCaptchaManager.serverVerifyPuzzleCaptchaSolution(
|
|
264
264
|
dapp,
|
|
265
265
|
challenge,
|
|
266
|
-
verifiedTimeout,
|
|
266
|
+
clientRecord.settings.verifiedTimeout,
|
|
267
267
|
env,
|
|
268
268
|
ip,
|
|
269
269
|
userAccessRulesStorage,
|
package/dist/api/verify.js.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"verify.js","sourceRoot":"","sources":["../../src/api/verify.ts"],"names":[],"mappings":"AAcA,OAAO,EAAE,YAAY,EAAE,eAAe,EAAE,MAAM,6BAA6B,CAAC;AAC5E,OAAO,EAAE,eAAe,EAAE,MAAM,iBAAiB,CAAC;AAClD,OAAO,EACN,SAAS,EACT,cAAc,EAEd,iCAAiC,EAEjC,oCAAoC,EAGpC,kBAAkB,EAElB,sBAAsB,GACtB,MAAM,gBAAgB,CAAC;AAGxB,OAAO,EAAE,eAAe,EAAE,MAAM,sBAAsB,CAAC;AACvD,OAAO,OAAwB,MAAM,SAAS,CAAC;AAC/C,OAAO,EAAE,KAAK,EAAE,MAAM,mBAAmB,CAAC;AAC1C,OAAO,EAAE,kBAAkB,EAAE,MAAM,6CAA6C,CAAC;AACjF,OAAO,EAAE,yBAAyB,EAAE,MAAM,kBAAkB,CAAC;AAQ7D,MAAM,UAAU,mBAAmB,CAAC,GAAwB;IAC3D,MAAM,MAAM,GAAG,OAAO,CAAC,MAAM,EAAE,CAAC;IAGhC,IAAI,sBAA0C,CAAC;IAC/C,IAAI,CAAC;QACJ,sBAAsB,GAAG,GAAG,CAAC,KAAK,EAAE,CAAC,yBAAyB,EAAE,CAAC;IAClE,CAAC;IAAC,OAAO,GAAG,EAAE,CAAC;QACd,GAAG,CAAC,MAAM,CAAC,IAAI,CAAC,GAAG,EAAE,CAAC,CAAC;YACtB,GAAG,EAAE,wFAAwF;YAC7F,GAAG;SACH,CAAC,CAAC,CAAC;QACJ,sBAAsB,GAAG,SAAkB,CAAC;IAC7C,CAAC;IAYD,MAAM,CAAC,IAAI,CACV,cAAc,CAAC,8BAA8B,EAC7C,KAAK,EAAE,GAAG,EAAE,GAAG,EAAE,IAAI,EAAE,EAAE;
|
|
1
|
+
{"version":3,"file":"verify.js","sourceRoot":"","sources":["../../src/api/verify.ts"],"names":[],"mappings":"AAcA,OAAO,EAAE,YAAY,EAAE,eAAe,EAAE,MAAM,6BAA6B,CAAC;AAC5E,OAAO,EAAE,eAAe,EAAE,MAAM,iBAAiB,CAAC;AAClD,OAAO,EACN,SAAS,EACT,cAAc,EAEd,iCAAiC,EAEjC,oCAAoC,EAGpC,kBAAkB,EAElB,sBAAsB,GACtB,MAAM,gBAAgB,CAAC;AAGxB,OAAO,EAAE,eAAe,EAAE,MAAM,sBAAsB,CAAC;AACvD,OAAO,OAAwB,MAAM,SAAS,CAAC;AAC/C,OAAO,EAAE,KAAK,EAAE,MAAM,mBAAmB,CAAC;AAC1C,OAAO,EAAE,kBAAkB,EAAE,MAAM,6CAA6C,CAAC;AACjF,OAAO,EAAE,yBAAyB,EAAE,MAAM,kBAAkB,CAAC;AAQ7D,MAAM,UAAU,mBAAmB,CAAC,GAAwB;IAC3D,MAAM,MAAM,GAAG,OAAO,CAAC,MAAM,EAAE,CAAC;IAGhC,IAAI,sBAA0C,CAAC;IAC/C,IAAI,CAAC;QACJ,sBAAsB,GAAG,GAAG,CAAC,KAAK,EAAE,CAAC,yBAAyB,EAAE,CAAC;IAClE,CAAC;IAAC,OAAO,GAAG,EAAE,CAAC;QACd,GAAG,CAAC,MAAM,CAAC,IAAI,CAAC,GAAG,EAAE,CAAC,CAAC;YACtB,GAAG,EAAE,wFAAwF;YAC7F,GAAG;SACH,CAAC,CAAC,CAAC;QACJ,sBAAsB,GAAG,SAAkB,CAAC;IAC7C,CAAC;IAYD,MAAM,CAAC,IAAI,CACV,cAAc,CAAC,8BAA8B,EAC7C,KAAK,EAAE,GAAG,EAAE,GAAG,EAAE,IAAI,EAAE,EAAE;QAIxB,IAAI,kBAAkB,EAAE,EAAE,CAAC;YAC1B,GAAG,CAAC,MAAM,CAAC,IAAI,CAAC,GAAG,EAAE,CAAC,CAAC;gBACtB,GAAG,EAAE,6EAA6E;aAClF,CAAC,CAAC,CAAC;YACJ,MAAM,oBAAoB,GAA8B;gBACvD,MAAM,EAAE,IAAI;gBACZ,QAAQ,EAAE,IAAI;aACd,CAAC;YACF,OAAO,GAAG,CAAC,IAAI,CAAC,oBAAoB,CAAC,CAAC;QACvC,CAAC;QAED,MAAM,KAAK,GAAG,IAAI,KAAK,CAAC,GAAG,EAAE,GAAG,CAAC,MAAM,CAAC,CAAC;QAGzC,IAAI,MAAoC,CAAC;QACzC,IAAI,CAAC;YACJ,MAAM,GAAG,kBAAkB,CAAC,KAAK,CAAC,GAAG,CAAC,IAAI,CAAC,CAAC;QAC7C,CAAC;QAAC,OAAO,GAAG,EAAE,CAAC;YACd,OAAO,IAAI,CACV,IAAI,eAAe,CAAC,qBAAqB,EAAE;gBAC1C,OAAO,EAAE,EAAE,IAAI,EAAE,GAAG,EAAE,KAAK,EAAE,GAAG,EAAE,IAAI,EAAE,GAAG,CAAC,IAAI,EAAE;gBAClD,IAAI,EAAE,GAAG,CAAC,IAAI;gBACd,MAAM,EAAE,GAAG,CAAC,MAAM;aAClB,CAAC,CACF,CAAC;QACH,CAAC;QAGD,MAAM,EAAE,aAAa,EAAE,KAAK,EAAE,EAAE,EAAE,eAAe,EAAE,KAAK,EAAE,GAAG,MAAM,CAAC;QACpE,IAAI,CAAC;YAEJ,MAAM,EAAE,IAAI,EAAE,IAAI,EAAE,SAAS,EAAE,YAAY,EAAE,GAC5C,sBAAsB,CAAC,KAAK,CAAC,CAAC;YAK/B,MAAM,WAAW,GAAG,yBAAyB,CAAC,IAAI,EAAE,GAAG,CAAC,MAAM,CAAC,CAAC;YAChE,IAAI,WAAW,KAAK,IAAI,EAAE,CAAC;gBAC1B,MAAM,oBAAoB,GAA8B;oBACvD,MAAM,EAAE,IAAI;oBACZ,QAAQ,EAAE,WAAW;iBACrB,CAAC;gBACF,OAAO,GAAG,CAAC,IAAI,CAAC,oBAAoB,CAAC,CAAC;YACvC,CAAC;YAGD,eAAe,CAAC,IAAI,EAAE,KAAK,EAAE,EAAE,CAAC,CAAC;YACjC,eAAe,CAAC,IAAI,EAAE,KAAK,EAAE,EAAE,CAAC,CAAC;YAGjC,MAAM,YAAY,GAAG,MAAM,KAAK,CAAC,EAAE,CAAC,eAAe,CAAC,IAAI,CAAC,CAAC;YAC1D,IAAI,CAAC,YAAY,EAAE,CAAC;gBACnB,OAAO,IAAI,CACV,IAAI,eAAe,CAAC,6BAA6B,EAAE;oBAClD,OAAO,EAAE,EAAE,IAAI,EAAE,GAAG,EAAE,OAAO,EAAE,IAAI,EAAE,IAAI,EAAE;oBAC3C,IAAI,EAAE,GAAG,CAAC,IAAI;oBACd,MAAM,EAAE,GAAG,CAAC,MAAM;iBAClB,CAAC,CACF,CAAC;YACH,CAAC;YAGD,MAAM,OAAO,GAAG,GAAG,CAAC,OAAO,CAAC,cAAc,CAAC,IAAI,CAAC,CAAC;YAGjD,eAAe,CAAC,aAAa,EAAE,SAAS,CAAC,QAAQ,EAAE,EAAE,OAAO,CAAC,CAAC;YAE9D,MAAM,QAAQ,GACb,MAAM,KAAK,CAAC,iBAAiB,CAAC,0BAA0B,CACvD,IAAI,EACJ,IAAI,EACJ,YAAY,EACZ,GAAG,EACH,eAAe,EACf,EAAE,EACF,YAAY,CAAC,QAAQ,CAAC,eAAe,EACrC,YAAY,CAAC,QAAQ,CAAC,YAAY,EAAE,OAAO,EAC3C,sBAAsB,EACtB,KAAK,EACL,YAAY,CAAC,QAAQ,CAAC,2BAA2B,EACjD,YAAY,CAAC,QAAQ,CAAC,UAAU,EAChC,YAAY,CAAC,QAAQ,CAAC,aAAa,EACnC,YAAY,CAAC,QAAQ,CAAC,aAAa,CACnC,CAAC;YAEH,GAAG,CAAC,MAAM,CAAC,KAAK,CAAC,GAAG,EAAE,CAAC,CAAC,EAAE,IAAI,EAAE,EAAE,QAAQ,EAAE,EAAE,CAAC,CAAC,CAAC;YACjD,MAAM,oBAAoB,GACzB,KAAK,CAAC,iBAAiB,CAAC,uBAAuB,CAC9C,QAAQ,CAAC,SAAS,CAAC,QAAQ,CAAC,EAC5B,YAAY,EACZ,GAAG,CAAC,IAAI,CAAC,CAAC,EACV,QAAQ,CAAC,SAAS,CAAC,KAAK,CAAC,EACzB,QAAQ,CAAC,SAAS,CAAC,YAAY,CAAC,EAChC,QAAQ,CAAC,SAAS,CAAC,MAAM,CAAC,CAC1B,CAAC;YACH,GAAG,CAAC,IAAI,CAAC,oBAAoB,CAAC,CAAC;QAChC,CAAC;QAAC,OAAO,GAAG,EAAE,CAAC;YACd,GAAG,CAAC,MAAM,CAAC,KAAK,CAAC,GAAG,EAAE,CAAC,CAAC,EAAE,GAAG,EAAE,IAAI,EAAE,EAAE,IAAI,EAAE,GAAG,CAAC,IAAI,EAAE,EAAE,CAAC,CAAC,CAAC;YAC5D,OAAO,IAAI,CACV,IAAI,eAAe,CAAC,iBAAiB,EAAE;gBACtC,OAAO,EAAE,EAAE,IAAI,EAAE,GAAG,EAAE,OAAO,EAAE,GAAG,CAAC,IAAI,CAAC,IAAI,EAAE,IAAI,EAAE,GAAG,CAAC,IAAI,CAAC,IAAI,EAAE;gBACnE,IAAI,EAAE,GAAG,CAAC,IAAI;gBACd,MAAM,EAAE,GAAG,CAAC,MAAM;aAClB,CAAC,CACF,CAAC;QACH,CAAC;IACF,CAAC,CACD,CAAC;IASF,MAAM,CAAC,IAAI,CACV,cAAc,CAAC,wBAAwB,EACvC,KAAK,EAAE,GAAG,EAAE,GAAG,EAAE,IAAI,EAAE,EAAE;QAIxB,IAAI,kBAAkB,EAAE,EAAE,CAAC;YAC1B,GAAG,CAAC,MAAM,CAAC,IAAI,CAAC,GAAG,EAAE,CAAC,CAAC;gBACtB,GAAG,EAAE,2EAA2E;aAChF,CAAC,CAAC,CAAC;YACJ,MAAM,oBAAoB,GAAyB;gBAClD,MAAM,EAAE,IAAI;gBACZ,QAAQ,EAAE,IAAI;aACd,CAAC;YACF,OAAO,GAAG,CAAC,IAAI,CAAC,oBAAoB,CAAC,CAAC;QACvC,CAAC;QAED,MAAM,KAAK,GAAG,IAAI,KAAK,CAAC,GAAG,EAAE,GAAG,CAAC,MAAM,CAAC,CAAC;QAEzC,IAAI,MAA+C,CAAC;QAGpD,IAAI,CAAC;YACJ,MAAM,GAAG,iCAAiC,CAAC,KAAK,CAAC,GAAG,CAAC,IAAI,CAAC,CAAC;QAC5D,CAAC;QAAC,OAAO,GAAG,EAAE,CAAC;YACd,OAAO,IAAI,CACV,IAAI,eAAe,CAAC,qBAAqB,EAAE;gBAC1C,OAAO,EAAE,EAAE,IAAI,EAAE,GAAG,EAAE,KAAK,EAAE,GAAG,EAAE,IAAI,EAAE,GAAG,CAAC,IAAI,EAAE;gBAClD,IAAI,EAAE,GAAG,CAAC,IAAI;gBACd,MAAM,EAAE,GAAG,CAAC,MAAM;aAClB,CAAC,CACF,CAAC;QACH,CAAC;QAGD,IAAI,CAAC;YACJ,MAAM,EAAE,KAAK,EAAE,aAAa,EAAE,EAAE,EAAE,KAAK,EAAE,GAAG,MAAM,CAAC;YAGnD,MAAM,EAAE,IAAI,EAAE,IAAI,EAAE,SAAS,EAAE,SAAS,EAAE,GACzC,sBAAsB,CAAC,KAAK,CAAC,CAAC;YAK/B,MAAM,WAAW,GAAG,yBAAyB,CAAC,IAAI,EAAE,GAAG,CAAC,MAAM,CAAC,CAAC;YAChE,IAAI,WAAW,KAAK,IAAI,EAAE,CAAC;gBAC1B,MAAM,oBAAoB,GAAyB;oBAClD,MAAM,EAAE,IAAI;oBACZ,QAAQ,EAAE,WAAW;iBACrB,CAAC;gBACF,OAAO,GAAG,CAAC,IAAI,CAAC,oBAAoB,CAAC,CAAC;YACvC,CAAC;YAGD,eAAe,CAAC,IAAI,EAAE,KAAK,EAAE,EAAE,CAAC,CAAC;YACjC,eAAe,CAAC,IAAI,EAAE,KAAK,EAAE,EAAE,CAAC,CAAC;YAGjC,MAAM,YAAY,GAAG,MAAM,KAAK,CAAC,EAAE,CAAC,eAAe,CAAC,IAAI,CAAC,CAAC;YAC1D,IAAI,CAAC,YAAY,EAAE,CAAC;gBACnB,OAAO,IAAI,CACV,IAAI,eAAe,CAAC,6BAA6B,EAAE;oBAClD,OAAO,EAAE,EAAE,IAAI,EAAE,GAAG,EAAE,OAAO,EAAE,IAAI,EAAE;oBACrC,IAAI,EAAE,GAAG,CAAC,IAAI;oBACd,MAAM,EAAE,GAAG,CAAC,MAAM;iBAClB,CAAC,CACF,CAAC;YACH,CAAC;YAED,IAAI,CAAC,SAAS,EAAE,CAAC;gBAChB,MAAM,kBAAkB,GAAyB;oBAChD,MAAM,EAAE,GAAG,CAAC,IAAI,CAAC,CAAC,CAAC,uBAAuB,CAAC;oBAC3C,CAAC,SAAS,CAAC,QAAQ,CAAC,EAAE,KAAK;iBAC3B,CAAC;gBACF,OAAO,GAAG,CAAC,IAAI,CAAC,kBAAkB,CAAC,CAAC;YACrC,CAAC;YAGD,MAAM,QAAQ,GAAG,GAAG,CAAC,OAAO,CAAC,cAAc,CAAC,IAAI,CAAC,CAAC;YAGlD,eAAe,CAAC,aAAa,EAAE,SAAS,CAAC,QAAQ,EAAE,EAAE,QAAQ,CAAC,CAAC;YAE/D,MAAM,EAAE,QAAQ,EAAE,KAAK,EAAE,MAAM,EAAE,GAChC,MAAM,KAAK,CAAC,iBAAiB,CAAC,8BAA8B,CAC3D,IAAI,EACJ,SAAS,EACT,YAAY,CAAC,QAAQ,CAAC,eAAe,EACrC,GAAG,EACH,EAAE,EACF,sBAAsB,EACtB,KAAK,EACL,YAAY,CAAC,QAAQ,CAAC,2BAA2B,EACjD,YAAY,CAAC,QAAQ,CAAC,UAAU,EAChC,YAAY,CAAC,QAAQ,CAAC,aAAa,EACnC,YAAY,CAAC,QAAQ,CAAC,aAAa,CACnC,CAAC;YAEH,MAAM,oBAAoB,GACzB,KAAK,CAAC,iBAAiB,CAAC,uBAAuB,CAC9C,QAAQ,EACR,YAAY,EACZ,GAAG,CAAC,IAAI,CAAC,CAAC,EACV,KAAK,EACL,MAAM,CACN,CAAC;YAEH,OAAO,GAAG,CAAC,IAAI,CAAC,oBAAoB,CAAC,CAAC;QACvC,CAAC;QAAC,OAAO,GAAG,EAAE,CAAC;YACd,GAAG,CAAC,MAAM,CAAC,KAAK,CAAC,GAAG,EAAE,CAAC,CAAC;gBACvB,GAAG,EAAE,mCAAmC;gBACxC,GAAG;gBACH,IAAI,EAAE,EAAE,IAAI,EAAE,GAAG,CAAC,IAAI,EAAE;aACxB,CAAC,CAAC,CAAC;YACJ,OAAO,IAAI,CACV,IAAI,eAAe,CAAC,iBAAiB,EAAE;gBACtC,OAAO,EAAE,EAAE,IAAI,EAAE,GAAG,EAAE,KAAK,EAAE,GAAG,EAAE;gBAClC,IAAI,EAAE,GAAG,CAAC,IAAI;gBACd,MAAM,EAAE,GAAG,CAAC,MAAM;aAClB,CAAC,CACF,CAAC;QACH,CAAC;IACF,CAAC,CACD,CAAC;IASF,MAAM,CAAC,IAAI,CACV,cAAc,CAAC,2BAA2B,EAC1C,KAAK,EAAE,GAAG,EAAE,GAAG,EAAE,IAAI,EAAE,EAAE;QAIxB,IAAI,kBAAkB,EAAE,EAAE,CAAC;YAC1B,GAAG,CAAC,MAAM,CAAC,IAAI,CAAC,GAAG,EAAE,CAAC,CAAC;gBACtB,GAAG,EAAE,8EAA8E;aACnF,CAAC,CAAC,CAAC;YACJ,MAAM,oBAAoB,GAAyB;gBAClD,MAAM,EAAE,IAAI;gBACZ,QAAQ,EAAE,IAAI;aACd,CAAC;YACF,OAAO,GAAG,CAAC,IAAI,CAAC,oBAAoB,CAAC,CAAC;QACvC,CAAC;QAED,MAAM,KAAK,GAAG,IAAI,KAAK,CAAC,GAAG,EAAE,GAAG,CAAC,MAAM,CAAC,CAAC;QAEzC,IAAI,MAAkD,CAAC;QAGvD,IAAI,CAAC;YACJ,MAAM,GAAG,oCAAoC,CAAC,KAAK,CAAC,GAAG,CAAC,IAAI,CAAC,CAAC;QAC/D,CAAC;QAAC,OAAO,GAAG,EAAE,CAAC;YACd,OAAO,IAAI,CACV,IAAI,eAAe,CAAC,qBAAqB,EAAE;gBAC1C,OAAO,EAAE,EAAE,IAAI,EAAE,GAAG,EAAE,KAAK,EAAE,GAAG,EAAE,IAAI,EAAE,GAAG,CAAC,IAAI,EAAE;gBAClD,IAAI,EAAE,GAAG,CAAC,IAAI;gBACd,MAAM,EAAE,GAAG,CAAC,MAAM;aAClB,CAAC,CACF,CAAC;QACH,CAAC;QAGD,IAAI,CAAC;YACJ,MAAM,EAAE,KAAK,EAAE,aAAa,EAAE,EAAE,EAAE,KAAK,EAAE,GAAG,MAAM,CAAC;YAGnD,MAAM,EAAE,IAAI,EAAE,IAAI,EAAE,SAAS,EAAE,SAAS,EAAE,GACzC,sBAAsB,CAAC,KAAK,CAAC,CAAC;YAK/B,MAAM,WAAW,GAAG,yBAAyB,CAAC,IAAI,EAAE,GAAG,CAAC,MAAM,CAAC,CAAC;YAChE,IAAI,WAAW,KAAK,IAAI,EAAE,CAAC;gBAC1B,MAAM,oBAAoB,GAAyB;oBAClD,MAAM,EAAE,IAAI;oBACZ,QAAQ,EAAE,WAAW;iBACrB,CAAC;gBACF,OAAO,GAAG,CAAC,IAAI,CAAC,oBAAoB,CAAC,CAAC;YACvC,CAAC;YAGD,eAAe,CAAC,IAAI,EAAE,KAAK,EAAE,EAAE,CAAC,CAAC;YACjC,eAAe,CAAC,IAAI,EAAE,KAAK,EAAE,EAAE,CAAC,CAAC;YAGjC,MAAM,YAAY,GAAG,MAAM,KAAK,CAAC,EAAE,CAAC,eAAe,CAAC,IAAI,CAAC,CAAC;YAC1D,IAAI,CAAC,YAAY,EAAE,CAAC;gBACnB,OAAO,IAAI,CACV,IAAI,eAAe,CAAC,6BAA6B,EAAE;oBAClD,OAAO,EAAE,EAAE,IAAI,EAAE,GAAG,EAAE,OAAO,EAAE,IAAI,EAAE;oBACrC,IAAI,EAAE,GAAG,CAAC,IAAI;oBACd,MAAM,EAAE,GAAG,CAAC,MAAM;iBAClB,CAAC,CACF,CAAC;YACH,CAAC;YAED,IAAI,CAAC,SAAS,EAAE,CAAC;gBAChB,MAAM,kBAAkB,GAAyB;oBAChD,MAAM,EAAE,GAAG,CAAC,IAAI,CAAC,CAAC,CAAC,uBAAuB,CAAC;oBAC3C,CAAC,SAAS,CAAC,QAAQ,CAAC,EAAE,KAAK;iBAC3B,CAAC;gBACF,OAAO,GAAG,CAAC,IAAI,CAAC,kBAAkB,CAAC,CAAC;YACrC,CAAC;YAGD,MAAM,QAAQ,GAAG,GAAG,CAAC,OAAO,CAAC,cAAc,CAAC,IAAI,CAAC,CAAC;YAGlD,eAAe,CAAC,aAAa,EAAE,SAAS,CAAC,QAAQ,EAAE,EAAE,QAAQ,CAAC,CAAC;YAE/D,MAAM,EAAE,QAAQ,EAAE,KAAK,EAAE,GACxB,MAAM,KAAK,CAAC,oBAAoB,CAAC,iCAAiC,CACjE,IAAI,EACJ,SAAS,EACT,YAAY,CAAC,QAAQ,CAAC,eAAe,EACrC,GAAG,EACH,EAAE,EACF,sBAAsB,EACtB,KAAK,EACL,YAAY,CAAC,QAAQ,CAAC,2BAA2B,EACjD,YAAY,CAAC,QAAQ,CAAC,aAAa,EACnC,YAAY,CAAC,QAAQ,CAAC,aAAa,CACnC,CAAC;YAEH,MAAM,oBAAoB,GACzB,KAAK,CAAC,oBAAoB,CAAC,uBAAuB,CACjD,QAAQ,EACR,YAAY,EACZ,GAAG,CAAC,IAAI,CAAC,CAAC,EACV,KAAK,CACL,CAAC;YAEH,OAAO,GAAG,CAAC,IAAI,CAAC,oBAAoB,CAAC,CAAC;QACvC,CAAC;QAAC,OAAO,GAAG,EAAE,CAAC;YACd,GAAG,CAAC,MAAM,CAAC,KAAK,CAAC,GAAG,EAAE,CAAC,CAAC;gBACvB,GAAG,EAAE,sCAAsC;gBAC3C,GAAG;gBACH,IAAI,EAAE,EAAE,IAAI,EAAE,GAAG,CAAC,IAAI,EAAE;aACxB,CAAC,CAAC,CAAC;YACJ,OAAO,IAAI,CACV,IAAI,eAAe,CAAC,iBAAiB,EAAE;gBACtC,OAAO,EAAE,EAAE,IAAI,EAAE,GAAG,EAAE,KAAK,EAAE,GAAG,EAAE;gBAClC,IAAI,EAAE,GAAG,CAAC,IAAI;gBACd,MAAM,EAAE,GAAG,CAAC,MAAM;aAClB,CAAC,CACF,CAAC;QACH,CAAC;IACF,CAAC,CACD,CAAC;IAKF,MAAM,CAAC,GAAG,CAAC,YAAY,CAAC,CAAC;IAEzB,OAAO,MAAM,CAAC;AACf,CAAC"}
|
|
@@ -50,7 +50,10 @@ class ApiAdminRoutesProvider {
|
|
|
50
50
|
this.tasks.clientTaskManager
|
|
51
51
|
),
|
|
52
52
|
[types.AdminApiPaths.ToggleMaintenanceMode]: new apiToggleMaintenanceModeEndpoint.ApiToggleMaintenanceModeEndpoint(),
|
|
53
|
-
[types.AdminApiPaths.DnsEvent]: new apiDnsEventEndpoint.ApiDnsEventEndpoint(
|
|
53
|
+
[types.AdminApiPaths.DnsEvent]: new apiDnsEventEndpoint.ApiDnsEventEndpoint(
|
|
54
|
+
this.tasks.db,
|
|
55
|
+
this.tasks.env.ipInfoService
|
|
56
|
+
)
|
|
54
57
|
};
|
|
55
58
|
}
|
|
56
59
|
}
|
|
@@ -3,6 +3,7 @@ Object.defineProperty(exports, Symbol.toStringTag, { value: "Module" });
|
|
|
3
3
|
const apiRoute = require("@prosopo/api-route");
|
|
4
4
|
const logger = require("@prosopo/logger");
|
|
5
5
|
const types = require("@prosopo/types");
|
|
6
|
+
const enrichDnsEvent = require("../../tasks/dnsEvent/enrichDnsEvent.cjs");
|
|
6
7
|
var _documentCurrentScript = typeof document !== "undefined" ? document.currentScript : null;
|
|
7
8
|
const dnsEventToFields = (event) => {
|
|
8
9
|
if (event.kind === "dns") {
|
|
@@ -17,8 +18,9 @@ const dnsEventToFields = (event) => {
|
|
|
17
18
|
return out;
|
|
18
19
|
};
|
|
19
20
|
class ApiDnsEventEndpoint {
|
|
20
|
-
constructor(db) {
|
|
21
|
+
constructor(db, ipInfoService) {
|
|
21
22
|
this.db = db;
|
|
23
|
+
this.ipInfoService = ipInfoService;
|
|
22
24
|
}
|
|
23
25
|
async processRequest(args, logger$1) {
|
|
24
26
|
logger$1 = logger$1 || logger.getLogger("info", typeof document === "undefined" ? require("url").pathToFileURL(__filename).href : _documentCurrentScript && _documentCurrentScript.tagName.toUpperCase() === "SCRIPT" && _documentCurrentScript.src || new URL("api/admin/apiDnsEventEndpoint.cjs", document.baseURI).href);
|
|
@@ -40,6 +42,7 @@ class ApiDnsEventEndpoint {
|
|
|
40
42
|
);
|
|
41
43
|
if (matched) {
|
|
42
44
|
stored += 1;
|
|
45
|
+
await this.recomputeDnsAsymmetry(sessionId, logger$1);
|
|
43
46
|
}
|
|
44
47
|
} catch (err) {
|
|
45
48
|
errors += 1;
|
|
@@ -62,6 +65,33 @@ class ApiDnsEventEndpoint {
|
|
|
62
65
|
getRequestArgsSchema() {
|
|
63
66
|
return types.DnsEventBatchSchema;
|
|
64
67
|
}
|
|
68
|
+
async recomputeDnsAsymmetry(sessionId, logger2) {
|
|
69
|
+
if (!this.ipInfoService) return;
|
|
70
|
+
try {
|
|
71
|
+
const session = await this.db.getSessionRecordBySessionId(sessionId);
|
|
72
|
+
if (!session?.dnsEvent) return;
|
|
73
|
+
const enriched = await enrichDnsEvent.enrichDnsEvent(
|
|
74
|
+
session.dnsEvent,
|
|
75
|
+
this.ipInfoService,
|
|
76
|
+
session.ipInfo?.ip
|
|
77
|
+
);
|
|
78
|
+
const dnsAsymmetry = enrichDnsEvent.computeDnsAsymmetry(enriched, session.ipInfo);
|
|
79
|
+
if (dnsAsymmetry > 0) {
|
|
80
|
+
await this.db.updateSessionRecord(sessionId, {
|
|
81
|
+
scoreComponents: {
|
|
82
|
+
...session.scoreComponents,
|
|
83
|
+
dnsAsymmetry
|
|
84
|
+
}
|
|
85
|
+
});
|
|
86
|
+
}
|
|
87
|
+
} catch (err) {
|
|
88
|
+
logger2.warn(() => ({
|
|
89
|
+
err,
|
|
90
|
+
data: { sessionId },
|
|
91
|
+
msg: "Failed to recompute dnsAsymmetry after DNS event merge"
|
|
92
|
+
}));
|
|
93
|
+
}
|
|
94
|
+
}
|
|
65
95
|
}
|
|
66
96
|
exports.ApiDnsEventEndpoint = ApiDnsEventEndpoint;
|
|
67
97
|
exports.dnsEventToFields = dnsEventToFields;
|
|
@@ -159,10 +159,13 @@ class BlacklistRequestInspector {
|
|
|
159
159
|
),
|
|
160
160
|
clientId
|
|
161
161
|
);
|
|
162
|
-
|
|
162
|
+
const enforceable = (accessPolicies ?? []).filter(
|
|
163
|
+
(p) => !p.deferToVerify
|
|
164
|
+
);
|
|
165
|
+
if (enforceable.length === 0 || !enforceable[0]) {
|
|
163
166
|
return false;
|
|
164
167
|
}
|
|
165
|
-
const accessPolicy =
|
|
168
|
+
const accessPolicy = enforceable[0];
|
|
166
169
|
return userAccessPolicy.AccessPolicyType.Block === accessPolicy.type;
|
|
167
170
|
} catch (err) {
|
|
168
171
|
logger.error(() => ({
|
|
@@ -4,6 +4,7 @@ const util = require("@prosopo/util");
|
|
|
4
4
|
const zod = require("zod");
|
|
5
5
|
require("../../tasks/index.cjs");
|
|
6
6
|
const checkSpamEmail$1 = require("../../tasks/spam/checkSpamEmail.cjs");
|
|
7
|
+
const apiToggleMaintenanceModeEndpoint = require("../admin/apiToggleMaintenanceModeEndpoint.cjs");
|
|
7
8
|
const tasks = require("../../tasks/tasks.cjs");
|
|
8
9
|
const CheckSpamEmailRequestBody = zod.object({
|
|
9
10
|
email: zod.string(),
|
|
@@ -11,7 +12,6 @@ const CheckSpamEmailRequestBody = zod.object({
|
|
|
11
12
|
});
|
|
12
13
|
const checkSpamEmail = (env) => async (req, res, next) => {
|
|
13
14
|
try {
|
|
14
|
-
const tasks$1 = new tasks.Tasks(env, req.logger);
|
|
15
15
|
const { email, dapp } = CheckSpamEmailRequestBody.parse(req.body);
|
|
16
16
|
const emailDomain = util.extractDomainFromEmail(email);
|
|
17
17
|
req.logger.info(() => ({
|
|
@@ -22,6 +22,14 @@ const checkSpamEmail = (env) => async (req, res, next) => {
|
|
|
22
22
|
method: req.method
|
|
23
23
|
}
|
|
24
24
|
}));
|
|
25
|
+
if (apiToggleMaintenanceModeEndpoint.getMaintenanceMode()) {
|
|
26
|
+
req.logger.info(() => ({
|
|
27
|
+
msg: "Maintenance mode active - returning isSpam=false",
|
|
28
|
+
data: { emailDomain }
|
|
29
|
+
}));
|
|
30
|
+
return res.json({ isSpam: false, emailDomain });
|
|
31
|
+
}
|
|
32
|
+
const tasks$1 = new tasks.Tasks(env, req.logger);
|
|
25
33
|
const clientRecord = await tasks$1.db.getClientRecord(dapp);
|
|
26
34
|
if (!clientRecord) {
|
|
27
35
|
return next(
|
|
@@ -33,12 +33,7 @@ const getFrictionlessCaptchaChallenge = (env, userAccessRulesStorage) => async (
|
|
|
33
33
|
}
|
|
34
34
|
}));
|
|
35
35
|
});
|
|
36
|
-
const tasks$1 = new tasks.Tasks(env, req.logger);
|
|
37
36
|
const { token, headHash, dapp, user, mode, simdReadings } = types.GetFrictionlessCaptchaChallengeRequestBody.parse(req.body);
|
|
38
|
-
const decodedSimdReadings = await decryptSimdReadings.decryptIncomingSimdReadings(
|
|
39
|
-
tasks$1.frictionlessManager,
|
|
40
|
-
simdReadings
|
|
41
|
-
);
|
|
42
37
|
const normalizedIp = normalizeRequestIp.normalizeRequestIp(req.ip, req.logger);
|
|
43
38
|
const sessionMode = mode === types.ModeEnum.invisible ? types.ModeEnum.invisible : void 0;
|
|
44
39
|
req.logger.info(() => ({
|
|
@@ -67,6 +62,11 @@ const getFrictionlessCaptchaChallenge = (env, userAccessRulesStorage) => async (
|
|
|
67
62
|
)
|
|
68
63
|
);
|
|
69
64
|
}
|
|
65
|
+
const tasks$1 = new tasks.Tasks(env, req.logger);
|
|
66
|
+
const decodedSimdReadings = await decryptSimdReadings.decryptIncomingSimdReadings(
|
|
67
|
+
tasks$1.frictionlessManager,
|
|
68
|
+
simdReadings
|
|
69
|
+
);
|
|
70
70
|
if (testSiteKey.isReservedTestSiteKey(dapp)) {
|
|
71
71
|
req.logger.warn(() => ({
|
|
72
72
|
msg: "Reserved TEST site key - returning invisible PoW session",
|
|
@@ -5,11 +5,12 @@ const types = require("@prosopo/types");
|
|
|
5
5
|
const util = require("@prosopo/util");
|
|
6
6
|
require("../../tasks/index.cjs");
|
|
7
7
|
const normalizeRequestIp = require("../../utils/normalizeRequestIp.cjs");
|
|
8
|
+
const apiToggleMaintenanceModeEndpoint = require("../admin/apiToggleMaintenanceModeEndpoint.cjs");
|
|
8
9
|
const blacklistRequestInspector = require("../blacklistRequestInspector.cjs");
|
|
9
10
|
const validateAddress = require("../validateAddress.cjs");
|
|
11
|
+
const maintenanceModeResponses = require("./maintenanceModeResponses.cjs");
|
|
10
12
|
const tasks = require("../../tasks/tasks.cjs");
|
|
11
13
|
const getImageCaptchaChallenge = (env, userAccessRulesStorage) => async (req, res, next) => {
|
|
12
|
-
const tasks$1 = new tasks.Tasks(env, req.logger);
|
|
13
14
|
let parsed;
|
|
14
15
|
const normalizedIp = normalizeRequestIp.normalizeRequestIp(req.ip, req.logger);
|
|
15
16
|
if (!normalizedIp) {
|
|
@@ -36,6 +37,14 @@ const getImageCaptchaChallenge = (env, userAccessRulesStorage) => async (req, re
|
|
|
36
37
|
const { datasetId, user, dapp, sessionId, simdReadings } = parsed;
|
|
37
38
|
validateAddress.validateSiteKey(dapp);
|
|
38
39
|
validateAddress.validateAddr(user);
|
|
40
|
+
if (apiToggleMaintenanceModeEndpoint.getMaintenanceMode()) {
|
|
41
|
+
req.logger.info(() => ({
|
|
42
|
+
msg: "Maintenance mode active - returning dummy image challenge",
|
|
43
|
+
data: { dapp, user, sessionId }
|
|
44
|
+
}));
|
|
45
|
+
return res.json(maintenanceModeResponses.buildImageMaintenanceResponse());
|
|
46
|
+
}
|
|
47
|
+
const tasks$1 = new tasks.Tasks(env, req.logger);
|
|
39
48
|
try {
|
|
40
49
|
const clientRecord = await tasks$1.db.getClientRecord(dapp);
|
|
41
50
|
if (!clientRecord) {
|
|
@@ -12,8 +12,6 @@ const maintenanceModeResponses = require("./maintenanceModeResponses.cjs");
|
|
|
12
12
|
const tasks = require("../../tasks/tasks.cjs");
|
|
13
13
|
const getPoWCaptchaChallenge = (env, userAccessRulesStorage) => async (req, res, next) => {
|
|
14
14
|
let parsed;
|
|
15
|
-
const tasks$1 = new tasks.Tasks(env);
|
|
16
|
-
tasks$1.setLogger(req.logger);
|
|
17
15
|
try {
|
|
18
16
|
parsed = types.GetPowCaptchaChallengeRequestBody.parse(req.body);
|
|
19
17
|
} catch (err) {
|
|
@@ -35,6 +33,8 @@ const getPoWCaptchaChallenge = (env, userAccessRulesStorage) => async (req, res,
|
|
|
35
33
|
}));
|
|
36
34
|
return res.json(maintenanceModeResponses.buildPowMaintenanceResponse(user, dapp));
|
|
37
35
|
}
|
|
36
|
+
const tasks$1 = new tasks.Tasks(env);
|
|
37
|
+
tasks$1.setLogger(req.logger);
|
|
38
38
|
try {
|
|
39
39
|
const clientSettings = await tasks$1.db.getClientRecord(dapp);
|
|
40
40
|
if (!clientSettings) {
|
|
@@ -12,8 +12,6 @@ const maintenanceModeResponses = require("./maintenanceModeResponses.cjs");
|
|
|
12
12
|
const tasks = require("../../tasks/tasks.cjs");
|
|
13
13
|
const getPuzzleCaptchaChallenge = (env, userAccessRulesStorage) => async (req, res, next) => {
|
|
14
14
|
let parsed;
|
|
15
|
-
const tasks$1 = new tasks.Tasks(env, req.logger);
|
|
16
|
-
tasks$1.setLogger(req.logger);
|
|
17
15
|
try {
|
|
18
16
|
parsed = types.GetPuzzleCaptchaChallengeRequestBody.parse(req.body);
|
|
19
17
|
} catch (err) {
|
|
@@ -35,6 +33,8 @@ const getPuzzleCaptchaChallenge = (env, userAccessRulesStorage) => async (req, r
|
|
|
35
33
|
}));
|
|
36
34
|
return res.json(maintenanceModeResponses.buildPuzzleMaintenanceResponse(user, dapp));
|
|
37
35
|
}
|
|
36
|
+
const tasks$1 = new tasks.Tasks(env, req.logger);
|
|
37
|
+
tasks$1.setLogger(req.logger);
|
|
38
38
|
try {
|
|
39
39
|
const clientSettings = await tasks$1.db.getClientRecord(dapp);
|
|
40
40
|
if (!clientSettings) {
|
|
@@ -21,6 +21,15 @@ const buildPowMaintenanceResponse = (user, dapp) => {
|
|
|
21
21
|
}
|
|
22
22
|
};
|
|
23
23
|
};
|
|
24
|
+
const buildImageMaintenanceResponse = () => ({
|
|
25
|
+
[types.ApiParams.status]: "ok",
|
|
26
|
+
[types.ApiParams.captchas]: [],
|
|
27
|
+
[types.ApiParams.requestHash]: "",
|
|
28
|
+
[types.ApiParams.timestamp]: Date.now().toString(),
|
|
29
|
+
[types.ApiParams.signature]: {
|
|
30
|
+
[types.ApiParams.provider]: { [types.ApiParams.requestHash]: "" }
|
|
31
|
+
}
|
|
32
|
+
});
|
|
24
33
|
const buildPuzzleMaintenanceResponse = (user, dapp) => {
|
|
25
34
|
const timestamp = Date.now();
|
|
26
35
|
return {
|
|
@@ -38,5 +47,6 @@ const buildPuzzleMaintenanceResponse = (user, dapp) => {
|
|
|
38
47
|
};
|
|
39
48
|
};
|
|
40
49
|
exports.buildFrictionlessMaintenanceResponse = buildFrictionlessMaintenanceResponse;
|
|
50
|
+
exports.buildImageMaintenanceResponse = buildImageMaintenanceResponse;
|
|
41
51
|
exports.buildPowMaintenanceResponse = buildPowMaintenanceResponse;
|
|
42
52
|
exports.buildPuzzleMaintenanceResponse = buildPuzzleMaintenanceResponse;
|
|
@@ -8,7 +8,6 @@ const testSiteKey = require("../testSiteKey.cjs");
|
|
|
8
8
|
const validateAddress = require("../validateAddress.cjs");
|
|
9
9
|
const tasks = require("../../tasks/tasks.cjs");
|
|
10
10
|
const submitImageCaptchaSolution = (env) => async (req, res, next) => {
|
|
11
|
-
const tasks$1 = new tasks.Tasks(env, req.logger);
|
|
12
11
|
if (apiToggleMaintenanceModeEndpoint.getMaintenanceMode()) {
|
|
13
12
|
req.logger.info(() => ({
|
|
14
13
|
msg: "Maintenance mode active - returning verified for image captcha"
|
|
@@ -20,6 +19,7 @@ const submitImageCaptchaSolution = (env) => async (req, res, next) => {
|
|
|
20
19
|
};
|
|
21
20
|
return res.json(result);
|
|
22
21
|
}
|
|
22
|
+
const tasks$1 = new tasks.Tasks(env, req.logger);
|
|
23
23
|
let parsed;
|
|
24
24
|
try {
|
|
25
25
|
parsed = types.CaptchaSolutionBody.parse(req.body);
|
|
@@ -8,8 +8,6 @@ const apiToggleMaintenanceModeEndpoint = require("../admin/apiToggleMaintenanceM
|
|
|
8
8
|
const testSiteKey = require("../testSiteKey.cjs");
|
|
9
9
|
const validateAddress = require("../validateAddress.cjs");
|
|
10
10
|
const submitPoWCaptchaSolution = (env) => async (req, res, next) => {
|
|
11
|
-
let parsed;
|
|
12
|
-
const tasks$1 = new tasks.Tasks(env, req.logger);
|
|
13
11
|
if (apiToggleMaintenanceModeEndpoint.getMaintenanceMode()) {
|
|
14
12
|
req.logger.info(() => ({
|
|
15
13
|
msg: "Maintenance mode active - returning verified"
|
|
@@ -20,6 +18,8 @@ const submitPoWCaptchaSolution = (env) => async (req, res, next) => {
|
|
|
20
18
|
};
|
|
21
19
|
return res.json(response);
|
|
22
20
|
}
|
|
21
|
+
let parsed;
|
|
22
|
+
const tasks$1 = new tasks.Tasks(env, req.logger);
|
|
23
23
|
try {
|
|
24
24
|
parsed = types.SubmitPowCaptchaSolutionBody.parse(req.body);
|
|
25
25
|
} catch (err) {
|
|
@@ -35,7 +35,6 @@ const submitPoWCaptchaSolution = (env) => async (req, res, next) => {
|
|
|
35
35
|
challenge,
|
|
36
36
|
signature,
|
|
37
37
|
nonce,
|
|
38
|
-
verifiedTimeout,
|
|
39
38
|
dapp,
|
|
40
39
|
user,
|
|
41
40
|
behavioralData,
|
|
@@ -83,7 +82,7 @@ const submitPoWCaptchaSolution = (env) => async (req, res, next) => {
|
|
|
83
82
|
challenge,
|
|
84
83
|
signature.provider.challenge,
|
|
85
84
|
nonce,
|
|
86
|
-
verifiedTimeout,
|
|
85
|
+
clientRecord.settings.verifiedTimeout,
|
|
87
86
|
signature.user.timestamp,
|
|
88
87
|
util.getIPAddress(req.ip || ""),
|
|
89
88
|
flatHeaders,
|
|
@@ -7,8 +7,6 @@ const apiToggleMaintenanceModeEndpoint = require("../admin/apiToggleMaintenanceM
|
|
|
7
7
|
const testSiteKey = require("../testSiteKey.cjs");
|
|
8
8
|
const validateAddress = require("../validateAddress.cjs");
|
|
9
9
|
const submitPuzzleCaptchaSolution = (env) => async (req, res, next) => {
|
|
10
|
-
let parsed;
|
|
11
|
-
const tasks$1 = new tasks.Tasks(env, req.logger);
|
|
12
10
|
if (apiToggleMaintenanceModeEndpoint.getMaintenanceMode()) {
|
|
13
11
|
req.logger.info(() => ({
|
|
14
12
|
msg: "Maintenance mode active - returning verified"
|
|
@@ -19,6 +17,8 @@ const submitPuzzleCaptchaSolution = (env) => async (req, res, next) => {
|
|
|
19
17
|
};
|
|
20
18
|
return res.json(response);
|
|
21
19
|
}
|
|
20
|
+
let parsed;
|
|
21
|
+
const tasks$1 = new tasks.Tasks(env, req.logger);
|
|
22
22
|
try {
|
|
23
23
|
parsed = types.SubmitPuzzleCaptchaSolutionBody.parse(req.body);
|
|
24
24
|
} catch (err) {
|
|
@@ -36,7 +36,6 @@ const submitPuzzleCaptchaSolution = (env) => async (req, res, next) => {
|
|
|
36
36
|
finalX,
|
|
37
37
|
finalY,
|
|
38
38
|
puzzleEvents,
|
|
39
|
-
verifiedTimeout,
|
|
40
39
|
dapp,
|
|
41
40
|
user,
|
|
42
41
|
behavioralData,
|
|
@@ -71,7 +70,7 @@ const submitPuzzleCaptchaSolution = (env) => async (req, res, next) => {
|
|
|
71
70
|
finalX,
|
|
72
71
|
finalY,
|
|
73
72
|
puzzleEvents,
|
|
74
|
-
verifiedTimeout,
|
|
73
|
+
clientRecord.settings.verifiedTimeout,
|
|
75
74
|
signature.user.timestamp,
|
|
76
75
|
util.getIPAddress(req.ip || ""),
|
|
77
76
|
util.flatten(req.headers),
|
package/dist/cjs/api/verify.cjs
CHANGED
|
@@ -23,7 +23,6 @@ function prosopoVerifyRouter(env) {
|
|
|
23
23
|
router.post(
|
|
24
24
|
types.ClientApiPaths.VerifyImageCaptchaSolutionDapp,
|
|
25
25
|
async (req, res, next) => {
|
|
26
|
-
const tasks$1 = new tasks.Tasks(env, req.logger);
|
|
27
26
|
if (apiToggleMaintenanceModeEndpoint.getMaintenanceMode()) {
|
|
28
27
|
req.logger.info(() => ({
|
|
29
28
|
msg: "Maintenance mode active - returning verified for image captcha verification"
|
|
@@ -34,6 +33,7 @@ function prosopoVerifyRouter(env) {
|
|
|
34
33
|
};
|
|
35
34
|
return res.json(verificationResponse);
|
|
36
35
|
}
|
|
36
|
+
const tasks$1 = new tasks.Tasks(env, req.logger);
|
|
37
37
|
let parsed;
|
|
38
38
|
try {
|
|
39
39
|
parsed = types.VerifySolutionBody.parse(req.body);
|
|
@@ -112,7 +112,6 @@ function prosopoVerifyRouter(env) {
|
|
|
112
112
|
router.post(
|
|
113
113
|
types.ClientApiPaths.VerifyPowCaptchaSolution,
|
|
114
114
|
async (req, res, next) => {
|
|
115
|
-
const tasks$1 = new tasks.Tasks(env, req.logger);
|
|
116
115
|
if (apiToggleMaintenanceModeEndpoint.getMaintenanceMode()) {
|
|
117
116
|
req.logger.info(() => ({
|
|
118
117
|
msg: "Maintenance mode active - returning verified for PoW captcha verification"
|
|
@@ -123,6 +122,7 @@ function prosopoVerifyRouter(env) {
|
|
|
123
122
|
};
|
|
124
123
|
return res.json(verificationResponse);
|
|
125
124
|
}
|
|
125
|
+
const tasks$1 = new tasks.Tasks(env, req.logger);
|
|
126
126
|
let parsed;
|
|
127
127
|
try {
|
|
128
128
|
parsed = types.ServerPowCaptchaVerifyRequestBody.parse(req.body);
|
|
@@ -136,7 +136,7 @@ function prosopoVerifyRouter(env) {
|
|
|
136
136
|
);
|
|
137
137
|
}
|
|
138
138
|
try {
|
|
139
|
-
const { token, dappSignature,
|
|
139
|
+
const { token, dappSignature, ip, email } = parsed;
|
|
140
140
|
const { dapp, user, timestamp, challenge } = types.decodeProcaptchaOutput(token);
|
|
141
141
|
const testVerdict = testSiteKey.resolveTestSiteKeyVerdict(dapp, req.logger);
|
|
142
142
|
if (testVerdict !== null) {
|
|
@@ -170,7 +170,7 @@ function prosopoVerifyRouter(env) {
|
|
|
170
170
|
const { verified, score, reason } = await tasks$1.powCaptchaManager.serverVerifyPowCaptchaSolution(
|
|
171
171
|
dapp,
|
|
172
172
|
challenge,
|
|
173
|
-
verifiedTimeout,
|
|
173
|
+
clientRecord.settings.verifiedTimeout,
|
|
174
174
|
env,
|
|
175
175
|
ip,
|
|
176
176
|
userAccessRulesStorage,
|
|
@@ -207,7 +207,6 @@ function prosopoVerifyRouter(env) {
|
|
|
207
207
|
router.post(
|
|
208
208
|
types.ClientApiPaths.VerifyPuzzleCaptchaSolution,
|
|
209
209
|
async (req, res, next) => {
|
|
210
|
-
const tasks$1 = new tasks.Tasks(env, req.logger);
|
|
211
210
|
if (apiToggleMaintenanceModeEndpoint.getMaintenanceMode()) {
|
|
212
211
|
req.logger.info(() => ({
|
|
213
212
|
msg: "Maintenance mode active - returning verified for puzzle captcha verification"
|
|
@@ -218,6 +217,7 @@ function prosopoVerifyRouter(env) {
|
|
|
218
217
|
};
|
|
219
218
|
return res.json(verificationResponse);
|
|
220
219
|
}
|
|
220
|
+
const tasks$1 = new tasks.Tasks(env, req.logger);
|
|
221
221
|
let parsed;
|
|
222
222
|
try {
|
|
223
223
|
parsed = types.ServerPuzzleCaptchaVerifyRequestBody.parse(req.body);
|
|
@@ -231,7 +231,7 @@ function prosopoVerifyRouter(env) {
|
|
|
231
231
|
);
|
|
232
232
|
}
|
|
233
233
|
try {
|
|
234
|
-
const { token, dappSignature,
|
|
234
|
+
const { token, dappSignature, ip, email } = parsed;
|
|
235
235
|
const { dapp, user, timestamp, challenge } = types.decodeProcaptchaOutput(token);
|
|
236
236
|
const testVerdict = testSiteKey.resolveTestSiteKeyVerdict(dapp, req.logger);
|
|
237
237
|
if (testVerdict !== null) {
|
|
@@ -265,7 +265,7 @@ function prosopoVerifyRouter(env) {
|
|
|
265
265
|
const { verified, score } = await tasks$1.puzzleCaptchaManager.serverVerifyPuzzleCaptchaSolution(
|
|
266
266
|
dapp,
|
|
267
267
|
challenge,
|
|
268
|
-
verifiedTimeout,
|
|
268
|
+
clientRecord.settings.verifiedTimeout,
|
|
269
269
|
env,
|
|
270
270
|
ip,
|
|
271
271
|
userAccessRulesStorage,
|
package/dist/cjs/pairs.cjs
CHANGED
|
@@ -11,6 +11,19 @@ const constructPairList = (list) => {
|
|
|
11
11
|
}
|
|
12
12
|
return pairList;
|
|
13
13
|
};
|
|
14
|
+
const peelCheckboxPrefix = (flat, solutionLengths) => {
|
|
15
|
+
const firstFlat = flat[0];
|
|
16
|
+
const firstLen = solutionLengths[0];
|
|
17
|
+
if (firstFlat === void 0 || firstLen === void 0) {
|
|
18
|
+
return { flat };
|
|
19
|
+
}
|
|
20
|
+
if (firstFlat.length === 2 * firstLen + 2) {
|
|
21
|
+
const checkbox = [util.at(firstFlat, 0), util.at(firstFlat, 1)];
|
|
22
|
+
const stripped = [firstFlat.slice(2), ...flat.slice(1)];
|
|
23
|
+
return { checkbox, flat: stripped };
|
|
24
|
+
}
|
|
25
|
+
return { flat };
|
|
26
|
+
};
|
|
14
27
|
const containsIdenticalPairs = (pairsLists) => {
|
|
15
28
|
const set = /* @__PURE__ */ new Set();
|
|
16
29
|
for (const pairList of pairsLists) {
|
|
@@ -25,3 +38,4 @@ const containsIdenticalPairs = (pairsLists) => {
|
|
|
25
38
|
};
|
|
26
39
|
exports.constructPairList = constructPairList;
|
|
27
40
|
exports.containsIdenticalPairs = containsIdenticalPairs;
|
|
41
|
+
exports.peelCheckboxPrefix = peelCheckboxPrefix;
|
|
@@ -5,12 +5,13 @@ const types = require("@prosopo/types");
|
|
|
5
5
|
const userAccessPolicy = require("@prosopo/user-access-policy");
|
|
6
6
|
const blacklistRequestInspector = require("../api/blacklistRequestInspector.cjs");
|
|
7
7
|
const compositeIpAddress = require("../compositeIpAddress.cjs");
|
|
8
|
+
const enrichDnsEvent = require("./dnsEvent/enrichDnsEvent.cjs");
|
|
8
9
|
const checkSpamEmail = require("./spam/checkSpamEmail.cjs");
|
|
9
10
|
const checkTrafficFilter = require("./spam/checkTrafficFilter.cjs");
|
|
10
11
|
var _documentCurrentScript = typeof document !== "undefined" ? document.currentScript : null;
|
|
11
12
|
const findHardBlockPolicy = (accessPolicies) => {
|
|
12
13
|
return accessPolicies.find(
|
|
13
|
-
(policy) => policy.type === userAccessPolicy.AccessPolicyType.Block && !policy.captchaType
|
|
14
|
+
(policy) => policy.type === userAccessPolicy.AccessPolicyType.Block && (policy.deferToVerify || !policy.captchaType)
|
|
14
15
|
);
|
|
15
16
|
};
|
|
16
17
|
class CaptchaManager {
|
|
@@ -400,6 +401,8 @@ class CaptchaManager {
|
|
|
400
401
|
* - If the dapp's server passed up the end user's current IP via the
|
|
401
402
|
* verify call, look that up fresh — it's the "now" IP for filtering
|
|
402
403
|
* and may differ from the IP that originally requested the captcha.
|
|
404
|
+
* - When the session carries a `dnsEvent`, its `peerIp` and `resolverIp`
|
|
405
|
+
* are enriched and passed alongside the primary IP.
|
|
403
406
|
* - `blockAbuser` defaults to true so abusive networks are always
|
|
404
407
|
* blocked even when the site hasn't configured a trafficFilter.
|
|
405
408
|
* - Returns `{ isBlocked: false }` if every filter flag is off, without
|
|
@@ -409,14 +412,18 @@ class CaptchaManager {
|
|
|
409
412
|
* updates record / session state differently); this helper just returns
|
|
410
413
|
* the verdict.
|
|
411
414
|
*/
|
|
412
|
-
async resolveTrafficFilterCheck(env, recordIpInfo, trafficFilter, currentIp) {
|
|
415
|
+
async resolveTrafficFilterCheck(env, recordIpInfo, trafficFilter, currentIp, enrichedDnsEvent) {
|
|
413
416
|
const effective = { blockAbuser: true, ...trafficFilter };
|
|
414
417
|
const hasAny = Object.values(effective).some((v) => v);
|
|
415
418
|
if (!hasAny) {
|
|
416
419
|
return { isBlocked: false };
|
|
417
420
|
}
|
|
418
421
|
const ipInfo = currentIp ? await env.ipInfoService.lookup(currentIp) : recordIpInfo;
|
|
419
|
-
return checkTrafficFilter.checkTrafficFilter(
|
|
422
|
+
return checkTrafficFilter.checkTrafficFilter(
|
|
423
|
+
ipInfo,
|
|
424
|
+
effective,
|
|
425
|
+
enrichDnsEvent.extraIpInfosFromEnrichedDnsEvent(enrichedDnsEvent)
|
|
426
|
+
);
|
|
420
427
|
}
|
|
421
428
|
static canClientSeeScore(tier, score) {
|
|
422
429
|
return score && tier && tier !== types.Tier.Free;
|