perimeterx-js-core 0.1.0

package/lib/enforcer/EnforcerBase.d.ts

@@ -0,0 +1,139 @@
+import { IEnforcer } from './IEnforcer';
+import { IConfiguration } from '../config';
+import { IHttpClient, IHttpRequest, IHttpResponse } from '../http';
+import { IBase64Utils, ICipherUtils, IHashUtils, IIpRangeChecker, IScoreRetriever } from '../utils';
+import { IContext } from '../context';
+import { IFilter } from '../filter';
+import { IDataEnrichment } from '../pxde';
+import { IFirstParty } from '../first_party';
+import { ITelemetry } from '../telemetry';
+import { IBlockResponseGenerator } from '../block_handler';
+import { TokenVersion } from '../risk_token';
+import { IActivityClient } from '../activities';
+export declare type EnforcerBaseOptions = {
+    tokenVersion?: TokenVersion;
+    dataEnrichment?: IDataEnrichment;
+    filter?: IFilter;
+    cookieScoreRetriever?: IScoreRetriever;
+    ipRangeChecker?: IIpRangeChecker;
+    base64Utils?: IBase64Utils;
+    hashUtils?: IHashUtils;
+    cipherUtils?: ICipherUtils;
+    blockGenerator?: IBlockResponseGenerator;
+} & ({
+    httpClient: IHttpClient;
+    firstParty?: IFirstParty;
+    telemetry?: ITelemetry;
+    riskApiScoreRetriever?: IScoreRetriever;
+    activityClient?: IActivityClient;
+} | {
+    httpClient?: IHttpClient;
+    firstParty: IFirstParty;
+    telemetry: ITelemetry;
+    riskApiScoreRetriever: IScoreRetriever;
+    activityClient: IActivityClient;
+});
+export declare abstract class EnforcerBase<EnforceArgs extends any[], Req, Res> implements IEnforcer<EnforceArgs, [Req, Res, ...EnforceArgs], Promise<Req | Res>, Promise<Res>> {
+    protected config: IConfiguration;
+    protected filter: IFilter;
+    protected dataEnrichment: IDataEnrichment;
+    protected firstParty: IFirstParty;
+    protected telemetry: ITelemetry;
+    protected cookieScoreRetriever: IScoreRetriever;
+    protected riskApiScoreRetriever: IScoreRetriever;
+    protected blockGenerator: IBlockResponseGenerator;
+    protected activityClient: IActivityClient;
+    /**
+     * Returns the original Req object in case the module is disabled or an error is thrown.
+     * @param args - The EnforceArgs required to enforce the incoming request.
+     * @returns Req - The original Req object.
+     * @protected
+     */
+    protected abstract getRequestFromArgs(...args: EnforceArgs): Req;
+    /**
+     * Constructs the concrete request context given the provided EnforceArgs.
+     * @param args - The EnforceArgs required to enforce the incoming request.
+     * @returns IContext - The context for the request.
+     * @protected
+     */
+    protected abstract constructContext(...args: EnforceArgs): IContext;
+    /**
+     * A function that retrieves the already generated context for use in the postEnforce function.
+     * @param req - The Req object sent to the origin.
+     * @param res - The Res object received from the origin.
+     * @param args - The EnforceArgs required to enforce the incoming request.
+     * @returns IContext - The context for the request.
+     * @protected
+     */
+    protected abstract retrieveContext(req: Req, res: Res, ...args: EnforceArgs): IContext;
+    /**
+     * Converts the IHttpRequest object into the Req object.
+     * @param httpRequest - The IHttpRequest object.
+     * @returns Promise<Req> - A Promise resolving to Req.
+     * @protected
+     */
+    protected abstract convertToReq(httpRequest: IHttpRequest): Promise<Req>;
+    /**
+     * Converts the IHttpResponse object into the Res object.
+     * @param httpResponse - The IHttpResponse object.
+     * @returns Promise<Res> - A Promise resolving to Res.
+     * @protected
+     */
+    protected abstract convertToRes(httpResponse: IHttpResponse): Promise<Res>;
+    /**
+     * Converts the Req object into the IHttpRequest interface.
+     * @param req - The Req object.
+     * @returns Promise<IHttpRequest> - A Promise resolving to IHttpRequest.
+     * @protected
+     */
+    protected abstract convertToHttpRequest(req: Req): Promise<IHttpRequest>;
+    /**
+     * Converts the Res object into the IHttpResponse interface.
+     * @param res - The Res object.
+     * @returns Promise<IHttpResponse> - A Promise resolving to IHttpResponse.
+     * @protected
+     */
+    protected abstract convertToHttpResponse(res: Res): Promise<IHttpResponse>;
+    /**
+     * The EnforcerBase constructor.
+     * @param config - The enforcer configuration.
+     * @param options - An options object that allows for overriding any functional building blocks in the enforcer.
+     * @protected
+     */
+    protected constructor(config: IConfiguration, options: EnforcerBaseOptions);
+    /**
+     * The central function that triggers enforcement on the incoming request.
+     * @param args - The EnforceArgs required to enforce the incoming request.
+     * @returns Promise<Req|Res> - A Promise resolving to a either Req or Res depending on the action that should be taken.
+     */
+    enforce(...args: EnforceArgs): Promise<Req | Res>;
+    /**
+     * Performs all enforcer functionality on the incoming request context.
+     * @param args - The EnforceArgs required to enforce the incoming request.
+     * @returns Promise<Req|Res> - A Promise resolving to a either Req or Res depending on the action that should be taken.
+     * @protected
+     */
+    protected doEnforce(...args: EnforceArgs): Promise<Req | Res>;
+    protected createContext(...args: EnforceArgs): Promise<IContext>;
+    protected handleFirstParty(context: IContext): Promise<IHttpResponse>;
+    protected handleFilter(context: IContext): boolean;
+    protected handleCompleteContextInitialization(context: IContext): Promise<void>;
+    protected handleTelemetryIfNeeded(context: IContext): Promise<void>;
+    protected handlePxde(context: IContext): Promise<void>;
+    protected handleCookieRetrieverIfNeeded(context: IContext): Promise<void>;
+    protected handleRiskApiIfNeeded(context: IContext): Promise<void>;
+    protected handleAdditionalActivityHandler(context: IContext): Promise<void>;
+    protected handleBlockResponse(context: IContext): Promise<null | IHttpResponse>;
+    protected handleSendActivities(context: IContext): Promise<void>;
+    /**
+     * Performs all required functionality after an origin response has been received.
+     * @param req - The Req sent to the origin.
+     * @param res - The Res received from the origin.
+     * @param args - The EnforceArgs required to enforce the incoming request.
+     * @returns Promise<Res> - A modified response
+     * @protected
+     */
+    postEnforce(req: Req, res: Res, ...args: EnforceArgs): Promise<Res>;
+    protected setResponseData(context: IContext, response: IHttpResponse): Promise<void>;
+    protected handlePxhd(context: IContext, response: IHttpResponse): Promise<IHttpResponse>;
+}

package/lib/enforcer/EnforcerBase.js

@@ -0,0 +1,376 @@
+"use strict";
+var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, generator) {
+    function adopt(value) { return value instanceof P ? value : new P(function (resolve) { resolve(value); }); }
+    return new (P || (P = Promise))(function (resolve, reject) {
+        function fulfilled(value) { try { step(generator.next(value)); } catch (e) { reject(e); } }
+        function rejected(value) { try { step(generator["throw"](value)); } catch (e) { reject(e); } }
+        function step(result) { result.done ? resolve(result.value) : adopt(result.value).then(fulfilled, rejected); }
+        step((generator = generator.apply(thisArg, _arguments || [])).next());
+    });
+};
+var __generator = (this && this.__generator) || function (thisArg, body) {
+    var _ = { label: 0, sent: function() { if (t[0] & 1) throw t[1]; return t[1]; }, trys: [], ops: [] }, f, y, t, g;
+    return g = { next: verb(0), "throw": verb(1), "return": verb(2) }, typeof Symbol === "function" && (g[Symbol.iterator] = function() { return this; }), g;
+    function verb(n) { return function (v) { return step([n, v]); }; }
+    function step(op) {
+        if (f) throw new TypeError("Generator is already executing.");
+        while (_) try {
+            if (f = 1, y && (t = op[0] & 2 ? y["return"] : op[0] ? y["throw"] || ((t = y["return"]) && t.call(y), 0) : y.next) && !(t = t.call(y, op[1])).done) return t;
+            if (y = 0, t) op = [op[0] & 2, t.value];
+            switch (op[0]) {
+                case 0: case 1: t = op; break;
+                case 4: _.label++; return { value: op[1], done: false };
+                case 5: _.label++; y = op[1]; op = [0]; continue;
+                case 7: op = _.ops.pop(); _.trys.pop(); continue;
+                default:
+                    if (!(t = _.trys, t = t.length > 0 && t[t.length - 1]) && (op[0] === 6 || op[0] === 2)) { _ = 0; continue; }
+                    if (op[0] === 3 && (!t || (op[1] > t[0] && op[1] < t[3]))) { _.label = op[1]; break; }
+                    if (op[0] === 6 && _.label < t[1]) { _.label = t[1]; t = op; break; }
+                    if (t && _.label < t[2]) { _.label = t[2]; _.ops.push(op); break; }
+                    if (t[2]) _.ops.pop();
+                    _.trys.pop(); continue;
+            }
+            op = body.call(thisArg, _);
+        } catch (e) { op = [6, e]; y = 0; } finally { f = t = 0; }
+        if (op[0] & 5) throw op[1]; return { value: op[0] ? op[1] : void 0, done: true };
+    }
+};
+var __spreadArray = (this && this.__spreadArray) || function (to, from, pack) {
+    if (pack || arguments.length === 2) for (var i = 0, l = from.length, ar; i < l; i++) {
+        if (ar || !(i in from)) {
+            if (!ar) ar = Array.prototype.slice.call(from, 0, i);
+            ar[i] = from[i];
+        }
+    }
+    return to.concat(ar || Array.prototype.slice.call(from));
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.EnforcerBase = void 0;
+var utils_1 = require("../utils");
+var pxhd_1 = require("../pxhd");
+var additional_activity_handler_1 = require("../additional_activity_handler");
+var filter_1 = require("../filter");
+var pxde_1 = require("../pxde");
+var first_party_1 = require("../first_party");
+var telemetry_1 = require("../telemetry");
+var block_handler_1 = require("../block_handler");
+var risk_token_1 = require("../risk_token");
+var risk_api_1 = require("../risk_api");
+var activities_1 = require("../activities");
+var EnforcerBase = /** @class */ (function () {
+    /**
+     * The EnforcerBase constructor.
+     * @param config - The enforcer configuration.
+     * @param options - An options object that allows for overriding any functional building blocks in the enforcer.
+     * @protected
+     */
+    function EnforcerBase(config, options) {
+        this.config = config;
+        var base64Utils = options.base64Utils || new utils_1.DefaultBase64Utils();
+        var hashUtils = options.hashUtils || new utils_1.DefaultHashUtils();
+        this.filter = options.filter || new filter_1.DefaultFilter(this.config, options === null || options === void 0 ? void 0 : options.ipRangeChecker);
+        this.cookieScoreRetriever = options.cookieScoreRetriever || new risk_token_1.RiskTokenScoreRetriever(this.config);
+        this.blockGenerator = options.blockGenerator || new block_handler_1.DefaultBlockResponseGenerator(this.config, base64Utils);
+        this.dataEnrichment = options.dataEnrichment || new pxde_1.DefaultDataEnrichment(this.config, base64Utils, hashUtils);
+        var httpClient = options.httpClient;
+        this.firstParty = options.firstParty || new first_party_1.DefaultFirstParty(this.config, httpClient);
+        this.telemetry = options.telemetry || new telemetry_1.DefaultTelemetry(this.config, httpClient, base64Utils, hashUtils);
+        this.activityClient = options.activityClient || new activities_1.HttpActivityClient(this.config, httpClient);
+        var riskResponseHandler = options.tokenVersion === risk_token_1.TokenVersion.V2
+            ? new risk_api_1.RiskResponseV2Handler(this.config)
+            : new risk_api_1.RiskResponseV3Handler(this.config);
+        this.riskApiScoreRetriever =
+            options.riskApiScoreRetriever || new risk_api_1.PostRiskApiClient(this.config, httpClient, riskResponseHandler);
+    }
+    /**
+     * The central function that triggers enforcement on the incoming request.
+     * @param args - The EnforceArgs required to enforce the incoming request.
+     * @returns Promise<Req|Res> - A Promise resolving to a either Req or Res depending on the action that should be taken.
+     */
+    EnforcerBase.prototype.enforce = function () {
+        var args = [];
+        for (var _i = 0; _i < arguments.length; _i++) {
+            args[_i] = arguments[_i];
+        }
+        return __awaiter(this, void 0, void 0, function () {
+            var e_1;
+            return __generator(this, function (_a) {
+                switch (_a.label) {
+                    case 0:
+                        _a.trys.push([0, 2, , 3]);
+                        if (!this.config.moduleEnabled) {
+                            this.config.logger.debug('module is disabled, will not enforce');
+                            return [2 /*return*/, this.getRequestFromArgs.apply(this, args)];
+                        }
+                        this.config.logger.debug('module is enabled, continuing with enforcement');
+                        return [4 /*yield*/, this.doEnforce.apply(this, args)];
+                    case 1: return [2 /*return*/, _a.sent()];
+                    case 2:
+                        e_1 = _a.sent();
+                        this.config.logger.error("caught error in enforce - ".concat(e_1));
+                        return [2 /*return*/, this.getRequestFromArgs.apply(this, args)];
+                    case 3: return [2 /*return*/];
+                }
+            });
+        });
+    };
+    /**
+     * Performs all enforcer functionality on the incoming request context.
+     * @param args - The EnforceArgs required to enforce the incoming request.
+     * @returns Promise<Req|Res> - A Promise resolving to a either Req or Res depending on the action that should be taken.
+     * @protected
+     */
+    EnforcerBase.prototype.doEnforce = function () {
+        var args = [];
+        for (var _i = 0; _i < arguments.length; _i++) {
+            args[_i] = arguments[_i];
+        }
+        return __awaiter(this, void 0, void 0, function () {
+            var context, httpResponse;
+            return __generator(this, function (_a) {
+                switch (_a.label) {
+                    case 0: return [4 /*yield*/, this.createContext.apply(this, args)];
+                    case 1:
+                        context = _a.sent();
+                        return [4 /*yield*/, this.handleFirstParty(context)];
+                    case 2:
+                        httpResponse = _a.sent();
+                        if (httpResponse) {
+                            this.config.logger.debug('returning first party response');
+                            return [2 /*return*/, this.convertToRes(httpResponse)];
+                        }
+                        if (this.handleFilter(context)) {
+                            this.config.logger.debug("filtering due to ".concat(context.filterReason));
+                            return [2 /*return*/, this.convertToReq(context.requestData.request)];
+                        }
+                        return [4 /*yield*/, this.handleCompleteContextInitialization(context)];
+                    case 3:
+                        _a.sent();
+                        this.config.logger.debug('context initialization complete');
+                        return [4 /*yield*/, this.handleTelemetryIfNeeded(context)];
+                    case 4:
+                        _a.sent();
+                        return [4 /*yield*/, this.handlePxde(context)];
+                    case 5:
+                        _a.sent();
+                        return [4 /*yield*/, this.handleCookieRetrieverIfNeeded(context)];
+                    case 6:
+                        _a.sent();
+                        return [4 /*yield*/, this.handleRiskApiIfNeeded(context)];
+                    case 7:
+                        _a.sent();
+                        return [4 /*yield*/, this.handleAdditionalActivityHandler(context)];
+                    case 8:
+                        _a.sent();
+                        return [4 /*yield*/, this.handleBlockResponse(context)];
+                    case 9:
+                        httpResponse = _a.sent();
+                        if (httpResponse) {
+                            this.config.logger.debug("blocking request due to ".concat(context.blockReason));
+                            return [2 /*return*/, this.convertToRes(httpResponse)];
+                        }
+                        this.config.logger.debug("passing request due to ".concat(context.passReason || 'monitor mode'));
+                        return [2 /*return*/, this.convertToReq(context.requestData.request)];
+                }
+            });
+        });
+    };
+    EnforcerBase.prototype.createContext = function () {
+        var args = [];
+        for (var _i = 0; _i < arguments.length; _i++) {
+            args[_i] = arguments[_i];
+        }
+        return __awaiter(this, void 0, void 0, function () {
+            return __generator(this, function (_a) {
+                return [2 /*return*/, this.constructContext.apply(this, args)];
+            });
+        });
+    };
+    EnforcerBase.prototype.handleFirstParty = function (context) {
+        return __awaiter(this, void 0, void 0, function () {
+            return __generator(this, function (_a) {
+                switch (_a.label) {
+                    case 0: return [4 /*yield*/, this.firstParty.handleFirstPartyRequest(context)];
+                    case 1: return [2 /*return*/, _a.sent()];
+                }
+            });
+        });
+    };
+    EnforcerBase.prototype.handleFilter = function (context) {
+        return this.filter.shouldFilter(context);
+    };
+    EnforcerBase.prototype.handleCompleteContextInitialization = function (context) {
+        return __awaiter(this, void 0, void 0, function () {
+            return __generator(this, function (_a) {
+                switch (_a.label) {
+                    case 0: return [4 /*yield*/, context.completeInitialization()];
+                    case 1:
+                        _a.sent();
+                        return [2 /*return*/];
+                }
+            });
+        });
+    };
+    EnforcerBase.prototype.handleTelemetryIfNeeded = function (context) {
+        return __awaiter(this, void 0, void 0, function () {
+            return __generator(this, function (_a) {
+                switch (_a.label) {
+                    case 0: return [4 /*yield*/, this.telemetry.isValidTelemetryRequest(context)];
+                    case 1:
+                        if (!_a.sent()) return [3 /*break*/, 3];
+                        return [4 /*yield*/, this.telemetry.sendTelemetry(context)];
+                    case 2:
+                        _a.sent();
+                        _a.label = 3;
+                    case 3: return [2 /*return*/];
+                }
+            });
+        });
+    };
+    EnforcerBase.prototype.handlePxde = function (context) {
+        return __awaiter(this, void 0, void 0, function () {
+            return __generator(this, function (_a) {
+                switch (_a.label) {
+                    case 0: return [4 /*yield*/, this.dataEnrichment.handlePxde(context)];
+                    case 1:
+                        _a.sent();
+                        return [2 /*return*/];
+                }
+            });
+        });
+    };
+    EnforcerBase.prototype.handleCookieRetrieverIfNeeded = function (context) {
+        return __awaiter(this, void 0, void 0, function () {
+            return __generator(this, function (_a) {
+                switch (_a.label) {
+                    case 0:
+                        if (!this.cookieScoreRetriever.shouldRetrieveScore(context)) return [3 /*break*/, 2];
+                        this.config.logger.debug('evaluating cookie');
+                        return [4 /*yield*/, this.cookieScoreRetriever.retrieveScore(context)];
+                    case 1:
+                        _a.sent();
+                        _a.label = 2;
+                    case 2: return [2 /*return*/];
+                }
+            });
+        });
+    };
+    EnforcerBase.prototype.handleRiskApiIfNeeded = function (context) {
+        return __awaiter(this, void 0, void 0, function () {
+            return __generator(this, function (_a) {
+                switch (_a.label) {
+                    case 0:
+                        if (!this.riskApiScoreRetriever.shouldRetrieveScore(context)) return [3 /*break*/, 2];
+                        this.config.logger.debug('sending risk api request');
+                        return [4 /*yield*/, this.riskApiScoreRetriever.retrieveScore(context)];
+                    case 1:
+                        _a.sent();
+                        _a.label = 2;
+                    case 2: return [2 /*return*/];
+                }
+            });
+        });
+    };
+    EnforcerBase.prototype.handleAdditionalActivityHandler = function (context) {
+        return __awaiter(this, void 0, void 0, function () {
+            return __generator(this, function (_a) {
+                switch (_a.label) {
+                    case 0: return [4 /*yield*/, additional_activity_handler_1.AdditionalActivityHandlerUtils.invokeAdditionalActivityHandler(this.config, context)];
+                    case 1:
+                        _a.sent();
+                        return [2 /*return*/];
+                }
+            });
+        });
+    };
+    EnforcerBase.prototype.handleBlockResponse = function (context) {
+        return __awaiter(this, void 0, void 0, function () {
+            return __generator(this, function (_a) {
+                switch (_a.label) {
+                    case 0:
+                        if (!this.blockGenerator.shouldGenerate(context)) return [3 /*break*/, 2];
+                        return [4 /*yield*/, this.handleSendActivities(context)];
+                    case 1:
+                        _a.sent();
+                        return [2 /*return*/, this.blockGenerator.generateBlockResponse(context)];
+                    case 2: return [2 /*return*/, null];
+                }
+            });
+        });
+    };
+    EnforcerBase.prototype.handleSendActivities = function (context) {
+        return __awaiter(this, void 0, void 0, function () {
+            return __generator(this, function (_a) {
+                switch (_a.label) {
+                    case 0: return [4 /*yield*/, this.activityClient.sendActivities(context)];
+                    case 1:
+                        _a.sent();
+                        return [2 /*return*/];
+                }
+            });
+        });
+    };
+    /**
+     * Performs all required functionality after an origin response has been received.
+     * @param req - The Req sent to the origin.
+     * @param res - The Res received from the origin.
+     * @param args - The EnforceArgs required to enforce the incoming request.
+     * @returns Promise<Res> - A modified response
+     * @protected
+     */
+    EnforcerBase.prototype.postEnforce = function (req, res) {
+        var args = [];
+        for (var _i = 2; _i < arguments.length; _i++) {
+            args[_i - 2] = arguments[_i];
+        }
+        return __awaiter(this, void 0, void 0, function () {
+            var response, context_1, e_2;
+            return __generator(this, function (_a) {
+                switch (_a.label) {
+                    case 0: return [4 /*yield*/, this.convertToHttpResponse(res)];
+                    case 1:
+                        response = _a.sent();
+                        _a.label = 2;
+                    case 2:
+                        _a.trys.push([2, 7, , 8]);
+                        context_1 = this.retrieveContext.apply(this, __spreadArray([req, res], args, false));
+                        if (!context_1) return [3 /*break*/, 6];
+                        return [4 /*yield*/, this.setResponseData(context_1, response)];
+                    case 3:
+                        _a.sent();
+                        return [4 /*yield*/, this.handleSendActivities(context_1)];
+                    case 4:
+                        _a.sent();
+                        return [4 /*yield*/, this.handlePxhd(context_1, response)];
+                    case 5:
+                        response = _a.sent();
+                        _a.label = 6;
+                    case 6: return [3 /*break*/, 8];
+                    case 7:
+                        e_2 = _a.sent();
+                        this.config.logger.error("error in post enforce - ".concat(e_2));
+                        return [3 /*break*/, 8];
+                    case 8: return [4 /*yield*/, this.convertToRes(response)];
+                    case 9: return [2 /*return*/, _a.sent()];
+                }
+            });
+        });
+    };
+    EnforcerBase.prototype.setResponseData = function (context, response) {
+        return __awaiter(this, void 0, void 0, function () {
+            return __generator(this, function (_a) {
+                context.responseData.status = response.status;
+                return [2 /*return*/];
+            });
+        });
+    };
+    EnforcerBase.prototype.handlePxhd = function (context, response) {
+        return __awaiter(this, void 0, void 0, function () {
+            return __generator(this, function (_a) {
+                return [2 /*return*/, pxhd_1.PXHDUtils.addPxhdToResponse(context, response)];
+            });
+        });
+    };
+    return EnforcerBase;
+}());
+exports.EnforcerBase = EnforcerBase;

package/lib/enforcer/IEnforcer.d.ts

@@ -0,0 +1,4 @@
+export interface IEnforcer<EnforceArgs extends any[], PostEnforceArgs extends any[], EnforceResult, PostEnforceResult> {
+    enforce(...args: EnforceArgs): EnforceResult;
+    postEnforce(...args: PostEnforceArgs): PostEnforceResult;
+}

package/lib/enforcer/IEnforcer.js

@@ -0,0 +1,2 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });

package/lib/enforcer/index.d.ts

@@ -0,0 +1,2 @@
+export { IEnforcer } from './IEnforcer';
+export { EnforcerBase, EnforcerBaseOptions } from './EnforcerBase';

package/lib/enforcer/index.js

@@ -0,0 +1,5 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.EnforcerBase = void 0;
+var EnforcerBase_1 = require("./EnforcerBase");
+Object.defineProperty(exports, "EnforcerBase", { enumerable: true, get: function () { return EnforcerBase_1.EnforcerBase; } });

package/lib/filter/DefaultFilter.d.ts

@@ -0,0 +1,16 @@
+import { IConfiguration } from '../config';
+import { IContext } from '../context/IContext';
+import { IIpRangeChecker } from '../utils';
+import { IFilter } from './IFilter';
+export declare class DefaultFilter implements IFilter {
+    private readonly config;
+    private readonly ipRangeChecker;
+    constructor(config: IConfiguration, ipRangeChecker?: IIpRangeChecker);
+    shouldFilter(context: IContext): boolean;
+    private getFilterReason;
+    private shouldFilterByExtension;
+    private shouldFilterByHttpMethod;
+    private shouldFilterByIp;
+    private shouldFilterByRoute;
+    private shouldFilterByUserAgent;
+}

package/lib/filter/DefaultFilter.js

@@ -0,0 +1,59 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.DefaultFilter = void 0;
+var http_1 = require("../http");
+var utils_1 = require("../utils");
+var FilterReason_1 = require("./FilterReason");
+var DefaultFilter = /** @class */ (function () {
+    function DefaultFilter(config, ipRangeChecker) {
+        if (ipRangeChecker === void 0) { ipRangeChecker = new utils_1.DefaultIpRangeChecker(); }
+        this.config = config;
+        this.ipRangeChecker = ipRangeChecker;
+    }
+    DefaultFilter.prototype.shouldFilter = function (context) {
+        var requestData = context.requestData;
+        var filterReason = this.getFilterReason(requestData);
+        context.filterReason = filterReason;
+        return filterReason !== FilterReason_1.FilterReason.NONE;
+    };
+    DefaultFilter.prototype.getFilterReason = function (request) {
+        if (this.shouldFilterByExtension(request)) {
+            return FilterReason_1.FilterReason.EXTENSION;
+        }
+        if (this.shouldFilterByRoute(request.url.pathname)) {
+            return FilterReason_1.FilterReason.ROUTE;
+        }
+        if (this.shouldFilterByHttpMethod(request.method)) {
+            return FilterReason_1.FilterReason.HTTP_METHOD;
+        }
+        if (this.shouldFilterByUserAgent(request.userAgent)) {
+            return FilterReason_1.FilterReason.USER_AGENT;
+        }
+        if (this.shouldFilterByIp(request.ip)) {
+            return FilterReason_1.FilterReason.IP;
+        }
+        return FilterReason_1.FilterReason.NONE;
+    };
+    DefaultFilter.prototype.shouldFilterByExtension = function (request) {
+        if (request.method !== http_1.HttpMethod.GET && request.method !== http_1.HttpMethod.HEAD) {
+            return false;
+        }
+        var ext = (0, utils_1.getExtension)(request.url.href);
+        return !!ext && this.config.filteredExtensions.includes(ext);
+    };
+    DefaultFilter.prototype.shouldFilterByHttpMethod = function (method) {
+        return this.config.filteredHttpMethods.some(function (filteredMethod) { return filteredMethod.toUpperCase() === method; });
+    };
+    DefaultFilter.prototype.shouldFilterByIp = function (ip) {
+        var _this = this;
+        return this.config.filteredIps.some(function (range) { return _this.ipRangeChecker.isIpInRange(ip, range); });
+    };
+    DefaultFilter.prototype.shouldFilterByRoute = function (route) {
+        return (0, utils_1.isRouteInPatterns)(route, this.config.filteredRoutes);
+    };
+    DefaultFilter.prototype.shouldFilterByUserAgent = function (userAgent) {
+        return this.config.filteredUserAgents.includes(userAgent);
+    };
+    return DefaultFilter;
+}());
+exports.DefaultFilter = DefaultFilter;

package/lib/filter/FilterReason.d.ts

@@ -0,0 +1,8 @@
+export declare enum FilterReason {
+    NONE = "",
+    ROUTE = "route",
+    EXTENSION = "extension",
+    HTTP_METHOD = "http_method",
+    USER_AGENT = "user_agent",
+    IP = "ip"
+}

package/lib/filter/FilterReason.js

@@ -0,0 +1,12 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.FilterReason = void 0;
+var FilterReason;
+(function (FilterReason) {
+    FilterReason["NONE"] = "";
+    FilterReason["ROUTE"] = "route";
+    FilterReason["EXTENSION"] = "extension";
+    FilterReason["HTTP_METHOD"] = "http_method";
+    FilterReason["USER_AGENT"] = "user_agent";
+    FilterReason["IP"] = "ip";
+})(FilterReason = exports.FilterReason || (exports.FilterReason = {}));

package/lib/filter/IFilter.d.ts

@@ -0,0 +1,8 @@
+import { IContext } from '../context';
+export interface IFilter {
+    /**
+     * @param context - The request context.
+     * @returns boolean - Whether or not the request should be filtered (i.e., not go through the enforcer flow).
+     */
+    shouldFilter(context: IContext): boolean;
+}

package/lib/filter/IFilter.js

@@ -0,0 +1,2 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });

package/lib/filter/index.d.ts

@@ -0,0 +1,3 @@
+export { IFilter } from './IFilter';
+export { DefaultFilter } from './DefaultFilter';
+export { FilterReason } from './FilterReason';

package/lib/filter/index.js

@@ -0,0 +1,7 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.FilterReason = exports.DefaultFilter = void 0;
+var DefaultFilter_1 = require("./DefaultFilter");
+Object.defineProperty(exports, "DefaultFilter", { enumerable: true, get: function () { return DefaultFilter_1.DefaultFilter; } });
+var FilterReason_1 = require("./FilterReason");
+Object.defineProperty(exports, "FilterReason", { enumerable: true, get: function () { return FilterReason_1.FilterReason; } });