perimeterx-js-core 0.1.1 → 0.3.0

package/lib/activities/HttpActivityClient.d.ts

@@ -2,11 +2,19 @@ import { IConfiguration } from '../config';
 import { IContext } from '../context';
 import { IHttpClient } from '../http';
 import { IActivityClient } from './IActivityClient';
+import { Activity } from './model/Activity';
 export declare class HttpActivityClient implements IActivityClient {
     private readonly config;
     private readonly httpClient;
     constructor(config: IConfiguration, httpClient: IHttpClient);
     sendActivities(context: IContext): Promise<boolean>;
-    private createActivities;
-    private postActivities;
+    protected createActivities(context: IContext): Activity[];
+    /**
+     * Allows for expansions or alterations to the async activity if needed.
+     * @param activity
+     * @returns Activity
+     * @protected
+     */
+    protected finalizeActivity(activity: Activity): Activity;
+    protected postActivities(activities: Activity[]): Promise<boolean>;
 }

package/lib/activities/HttpActivityClient.js

@@ -74,7 +74,16 @@ var HttpActivityClient = /** @class */ (function () {
         else if (context.passReason) {
             activities.push((0, utils_2.createActivity)(ActivityType_1.ActivityType.PAGE_REQUESTED, this.config, context));
         }
-        return activities;
+        return activities.map(this.finalizeActivity);
+    };
+    /**
+     * Allows for expansions or alterations to the async activity if needed.
+     * @param activity
+     * @returns Activity
+     * @protected
+     */
+    HttpActivityClient.prototype.finalizeActivity = function (activity) {
+        return activity;
     };
     HttpActivityClient.prototype.postActivities = function (activities) {
         return __awaiter(this, void 0, void 0, function () {

package/lib/activities/HttpBatchedActivityClient.d.ts

@@ -0,0 +1,21 @@
+import { HttpActivityClient } from './HttpActivityClient';
+import { IConfiguration } from '../config';
+import { IHttpClient } from '../http';
+import { Activity } from './model/Activity';
+export declare class HttpBatchedActivityClient extends HttpActivityClient {
+    private readonly batchSize;
+    private readonly timeoutMs;
+    private readonly maxBufferSize;
+    private buffer;
+    private timeoutId;
+    constructor(config: IConfiguration, httpClient: IHttpClient);
+    stop(): void;
+    protected postActivities(activities: Activity[]): Promise<boolean>;
+    private addToBuffer;
+    private shouldFlush;
+    protected triggerFlush(): Promise<boolean>;
+    private flush;
+    protected clear(): void;
+    private startTimer;
+    private stopTimer;
+}

package/lib/activities/HttpBatchedActivityClient.js

@@ -0,0 +1,137 @@
+"use strict";
+var __extends = (this && this.__extends) || (function () {
+    var extendStatics = function (d, b) {
+        extendStatics = Object.setPrototypeOf ||
+            ({ __proto__: [] } instanceof Array && function (d, b) { d.__proto__ = b; }) ||
+            function (d, b) { for (var p in b) if (Object.prototype.hasOwnProperty.call(b, p)) d[p] = b[p]; };
+        return extendStatics(d, b);
+    };
+    return function (d, b) {
+        if (typeof b !== "function" && b !== null)
+            throw new TypeError("Class extends value " + String(b) + " is not a constructor or null");
+        extendStatics(d, b);
+        function __() { this.constructor = d; }
+        d.prototype = b === null ? Object.create(b) : (__.prototype = b.prototype, new __());
+    };
+})();
+var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, generator) {
+    function adopt(value) { return value instanceof P ? value : new P(function (resolve) { resolve(value); }); }
+    return new (P || (P = Promise))(function (resolve, reject) {
+        function fulfilled(value) { try { step(generator.next(value)); } catch (e) { reject(e); } }
+        function rejected(value) { try { step(generator["throw"](value)); } catch (e) { reject(e); } }
+        function step(result) { result.done ? resolve(result.value) : adopt(result.value).then(fulfilled, rejected); }
+        step((generator = generator.apply(thisArg, _arguments || [])).next());
+    });
+};
+var __generator = (this && this.__generator) || function (thisArg, body) {
+    var _ = { label: 0, sent: function() { if (t[0] & 1) throw t[1]; return t[1]; }, trys: [], ops: [] }, f, y, t, g;
+    return g = { next: verb(0), "throw": verb(1), "return": verb(2) }, typeof Symbol === "function" && (g[Symbol.iterator] = function() { return this; }), g;
+    function verb(n) { return function (v) { return step([n, v]); }; }
+    function step(op) {
+        if (f) throw new TypeError("Generator is already executing.");
+        while (_) try {
+            if (f = 1, y && (t = op[0] & 2 ? y["return"] : op[0] ? y["throw"] || ((t = y["return"]) && t.call(y), 0) : y.next) && !(t = t.call(y, op[1])).done) return t;
+            if (y = 0, t) op = [op[0] & 2, t.value];
+            switch (op[0]) {
+                case 0: case 1: t = op; break;
+                case 4: _.label++; return { value: op[1], done: false };
+                case 5: _.label++; y = op[1]; op = [0]; continue;
+                case 7: op = _.ops.pop(); _.trys.pop(); continue;
+                default:
+                    if (!(t = _.trys, t = t.length > 0 && t[t.length - 1]) && (op[0] === 6 || op[0] === 2)) { _ = 0; continue; }
+                    if (op[0] === 3 && (!t || (op[1] > t[0] && op[1] < t[3]))) { _.label = op[1]; break; }
+                    if (op[0] === 6 && _.label < t[1]) { _.label = t[1]; t = op; break; }
+                    if (t && _.label < t[2]) { _.label = t[2]; _.ops.push(op); break; }
+                    if (t[2]) _.ops.pop();
+                    _.trys.pop(); continue;
+            }
+            op = body.call(thisArg, _);
+        } catch (e) { op = [6, e]; y = 0; } finally { f = t = 0; }
+        if (op[0] & 5) throw op[1]; return { value: op[0] ? op[1] : void 0, done: true };
+    }
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.HttpBatchedActivityClient = void 0;
+var HttpActivityClient_1 = require("./HttpActivityClient");
+var HttpBatchedActivityClient = /** @class */ (function (_super) {
+    __extends(HttpBatchedActivityClient, _super);
+    function HttpBatchedActivityClient(config, httpClient) {
+        var _this = _super.call(this, config, httpClient) || this;
+        _this.buffer = [];
+        _this.batchSize = config.maxActivityBatchSize;
+        _this.timeoutMs = config.activityBatchTimeoutMs;
+        _this.maxBufferSize = _this.batchSize * 2;
+        _this.startTimer();
+        return _this;
+    }
+    HttpBatchedActivityClient.prototype.stop = function () {
+        this.stopTimer();
+    };
+    HttpBatchedActivityClient.prototype.postActivities = function (activities) {
+        return __awaiter(this, void 0, void 0, function () {
+            return __generator(this, function (_a) {
+                this.addToBuffer(activities);
+                return [2 /*return*/, this.shouldFlush() ? this.triggerFlush() : true];
+            });
+        });
+    };
+    HttpBatchedActivityClient.prototype.addToBuffer = function (activities) {
+        this.buffer = activities.concat(this.buffer);
+        if (this.buffer.length > this.maxBufferSize) {
+            this.buffer = this.buffer.slice(0, this.maxBufferSize);
+        }
+    };
+    HttpBatchedActivityClient.prototype.shouldFlush = function () {
+        return this.buffer.length >= this.batchSize;
+    };
+    HttpBatchedActivityClient.prototype.triggerFlush = function () {
+        return __awaiter(this, void 0, void 0, function () {
+            var sentSuccessfully, _a;
+            return __generator(this, function (_b) {
+                switch (_b.label) {
+                    case 0:
+                        this.stopTimer();
+                        _a = this.buffer.length > 0;
+                        if (!_a) return [3 /*break*/, 2];
+                        return [4 /*yield*/, this.flush()];
+                    case 1:
+                        _a = (_b.sent());
+                        _b.label = 2;
+                    case 2:
+                        sentSuccessfully = _a;
+                        this.startTimer();
+                        return [2 /*return*/, sentSuccessfully];
+                }
+            });
+        });
+    };
+    HttpBatchedActivityClient.prototype.flush = function () {
+        return __awaiter(this, void 0, void 0, function () {
+            var sentSuccessfully;
+            return __generator(this, function (_a) {
+                switch (_a.label) {
+                    case 0: return [4 /*yield*/, _super.prototype.postActivities.call(this, this.buffer)];
+                    case 1:
+                        sentSuccessfully = _a.sent();
+                        if (sentSuccessfully) {
+                            this.clear();
+                        }
+                        return [2 /*return*/, sentSuccessfully];
+                }
+            });
+        });
+    };
+    HttpBatchedActivityClient.prototype.clear = function () {
+        this.buffer = [];
+    };
+    HttpBatchedActivityClient.prototype.startTimer = function () {
+        var _this = this;
+        this.timeoutId = setTimeout(function () { return _this.triggerFlush(); }, this.timeoutMs);
+    };
+    HttpBatchedActivityClient.prototype.stopTimer = function () {
+        clearTimeout(this.timeoutId);
+        this.timeoutId = null;
+    };
+    return HttpBatchedActivityClient;
+}(HttpActivityClient_1.HttpActivityClient));
+exports.HttpBatchedActivityClient = HttpBatchedActivityClient;

package/lib/activities/index.d.ts

@@ -3,3 +3,4 @@ export { Activity } from './model/Activity';
 export { ActivityTypeDetails, ActivityDetails, BlockActivityDetails, PageRequestedActivityDetails, } from './model/ActivityDetails';
 export { ActivityType } from './ActivityType';
 export { HttpActivityClient } from './HttpActivityClient';
+export { HttpBatchedActivityClient } from './HttpBatchedActivityClient';

package/lib/activities/index.js

@@ -1,7 +1,9 @@
 "use strict";
 Object.defineProperty(exports, "__esModule", { value: true });
-exports.HttpActivityClient = exports.ActivityType = void 0;
+exports.HttpBatchedActivityClient = exports.HttpActivityClient = exports.ActivityType = void 0;
 var ActivityType_1 = require("./ActivityType");
 Object.defineProperty(exports, "ActivityType", { enumerable: true, get: function () { return ActivityType_1.ActivityType; } });
 var HttpActivityClient_1 = require("./HttpActivityClient");
 Object.defineProperty(exports, "HttpActivityClient", { enumerable: true, get: function () { return HttpActivityClient_1.HttpActivityClient; } });
+var HttpBatchedActivityClient_1 = require("./HttpBatchedActivityClient");
+Object.defineProperty(exports, "HttpBatchedActivityClient", { enumerable: true, get: function () { return HttpBatchedActivityClient_1.HttpBatchedActivityClient; } });

package/lib/activities/model/ActivityDetails.d.ts

@@ -1,5 +1,6 @@
-import { PassReason } from '../../utils/PassReason';
-import { BlockReason } from '../../block_handler/BlockReason';
+import { PassReason } from '../../utils';
+import { BlockReason } from '../../block_handler';
+import { GraphQLData } from '../../graphql';
 export declare type ActivityTypeDetails = PageRequestedActivityDetails | BlockActivityDetails | AdditionalS2SActivityDetails;
 export declare type ActivityDetails = ActivityTypeDetails & {
     client_uuid: string;
@@ -17,6 +18,7 @@ export declare type ActivityDetails = ActivityTypeDetails & {
     tls_preferred_ciphers?: string;
     tls_ciphers_sha?: string;
     tls_ja3_fingerprint?: string;
+    graphql_operations?: GraphQLData[];
     credentials_compromised?: boolean;
     ci_version?: string;
     sso_step?: string;

package/lib/activities/utils.js

@@ -8,7 +8,7 @@ var createActivity = function (activityType, config, context) {
         type: activityType,
         px_app_id: config.appId,
         url: context.requestData.url.href,
-        headers: (0, utils_1.removeSensitiveHeaders)(context.requestData.headers, config.sensitiveHeaders).toObject(),
+        headers: (0, utils_1.removeSensitiveHeaders)(context.requestData.headers, config.sensitiveHeaders).toObject(','),
         pxhd: context.pxhd,
         socket_ip: context.requestData.ip,
         timestamp: Date.now(),
@@ -44,6 +44,7 @@ var createGenericActivityDetails = function (config, context) {
         requestId: 'request_id',
         uuid: 'client_uuid',
         tokenOrigin: 'cookie_origin',
+        graphqlData: 'graphql_operations',
     });
     (0, utils_1.transferExistingProperties)(context.requestData, genericActivityDetails, {
         httpVersion: 'http_version',

package/lib/config/ConfigurationParams.d.ts

@@ -58,6 +58,10 @@ export declare type ConfigurationParams = {
     px_jwt_header_name?: string;
     px_jwt_header_user_id_field_name?: string;
     px_jwt_header_additional_field_names?: string[];
+    px_graphql_enabled?: boolean;
+    px_graphql_routes?: string[];
+    px_sensitive_graphql_operation_names?: string[];
+    px_sensitive_graphql_operation_types?: Array<'query' | 'mutation' | 'subscription'>;
     px_extract_ip?: () => {};
     px_additional_activity_handler?: AdditionalActivityHandler;
     px_enrich_custom_parameters?: CustomParametersFunction;

package/lib/config/DefaultConfigurations.js

@@ -20,7 +20,7 @@ exports.DEFAULT_CONFIGURATIONS = {
     px_module_mode: ModuleMode_1.ModuleMode.MONITOR,
     px_additional_activity_handler: null,
     px_advanced_blocking_response_enabled: true,
-    px_max_activity_batch_size: 20,
+    px_max_activity_batch_size: 0,
     px_batch_activities_timeout_ms: 1000,
     px_bypass_monitor_header: '',
     px_csp_enabled: false,
@@ -94,8 +94,12 @@ exports.DEFAULT_CONFIGURATIONS = {
     px_filter_by_user_agent: [],
     px_css_ref: '',
     px_js_ref: '',
-    px_custom_cookie_header: '',
+    px_custom_cookie_header: 'x-px-cookies',
     px_custom_logo: '',
+    px_graphql_enabled: true,
+    px_graphql_routes: ['/graphql'],
+    px_sensitive_graphql_operation_names: [],
+    px_sensitive_graphql_operation_types: [],
     px_enrich_custom_parameters: null,
     px_proxy_url: '',
     px_jwt_cookie_name: '',

package/lib/config/IConfiguration.d.ts

@@ -157,6 +157,32 @@ export interface IConfiguration<ParamsType extends ConfigurationParams = Configu
      * The maximum expected length of the user-agent beyond which it will be truncated.
      */
     readonly userAgentMaxLength: number;
+    /**
+     * The batch size at which asynchronous activities are sent to the collector.
+     */
+    readonly maxActivityBatchSize: number;
+    /**
+     * The maximum amount of time to wait before sending asynchronous activities to the collector.
+     */
+    readonly activityBatchTimeoutMs: number;
+    /**
+     * Whether parsing of GraphQL request bodies should be enabled.
+     */
+    readonly graphqlEnabled: boolean;
+    /**
+     * Routes that should trigger GraphQL parsing by the enforcer.
+     */
+    readonly graphqlRoutes: string[];
+    /**
+     * An array of GraphQL operation names that should trigger a risk API call
+     * even if a valid, unexpired, low-score risk cookie is present.
+     */
+    readonly sensitiveGraphqlOperationNames: string[];
+    /**
+     * An array of GraphQL operation types (e.g., mutation) that should trigger a risk API call
+     * even if a valid, unexpired, low-score risk cookie is present.
+     */
+    readonly sensitiveGraphqlOperationTypes: string[];
     /**
      * A function returning CustomParameters that will be added to the enforcer activities.
      */

package/lib/config/StaticConfigurationBase.d.ts

@@ -51,6 +51,12 @@ export declare abstract class StaticConfigurationBase<ParamsType extends Configu
     get riskCookieMinIterations(): number;
     get riskCookieMaxLength(): number;
     get userAgentMaxLength(): number;
+    get maxActivityBatchSize(): number;
+    get activityBatchTimeoutMs(): number;
+    get graphqlEnabled(): boolean;
+    get graphqlRoutes(): string[];
+    get sensitiveGraphqlOperationNames(): string[];
+    get sensitiveGraphqlOperationTypes(): string[];
     get enrichCustomParameters(): CustomParametersFunction;
     get additionalActivityHandler(): AdditionalActivityHandler;
     get altBackendCaptchaUrl(): string;

package/lib/config/StaticConfigurationBase.js

@@ -329,6 +329,48 @@ var StaticConfigurationBase = /** @class */ (function () {
         enumerable: false,
         configurable: true
     });
+    Object.defineProperty(StaticConfigurationBase.prototype, "maxActivityBatchSize", {
+        get: function () {
+            return this.configParams.px_max_activity_batch_size;
+        },
+        enumerable: false,
+        configurable: true
+    });
+    Object.defineProperty(StaticConfigurationBase.prototype, "activityBatchTimeoutMs", {
+        get: function () {
+            return this.configParams.px_batch_activities_timeout_ms;
+        },
+        enumerable: false,
+        configurable: true
+    });
+    Object.defineProperty(StaticConfigurationBase.prototype, "graphqlEnabled", {
+        get: function () {
+            return this.configParams.px_graphql_enabled;
+        },
+        enumerable: false,
+        configurable: true
+    });
+    Object.defineProperty(StaticConfigurationBase.prototype, "graphqlRoutes", {
+        get: function () {
+            return this.configParams.px_graphql_routes;
+        },
+        enumerable: false,
+        configurable: true
+    });
+    Object.defineProperty(StaticConfigurationBase.prototype, "sensitiveGraphqlOperationNames", {
+        get: function () {
+            return this.configParams.px_sensitive_graphql_operation_names;
+        },
+        enumerable: false,
+        configurable: true
+    });
+    Object.defineProperty(StaticConfigurationBase.prototype, "sensitiveGraphqlOperationTypes", {
+        get: function () {
+            return this.configParams.px_sensitive_graphql_operation_types;
+        },
+        enumerable: false,
+        configurable: true
+    });
     Object.defineProperty(StaticConfigurationBase.prototype, "enrichCustomParameters", {
         get: function () {
             return this.configParams.px_enrich_custom_parameters || null;

package/lib/context/ContextBase.d.ts

@@ -4,6 +4,7 @@ import { CustomParameters } from '../custom_parameters';
 import { FilterReason } from '../filter';
 import { IHttpRequest, HttpHeaders } from '../http';
 import { PXDE } from '../pxde';
+import { GraphQLData } from '../graphql';
 import { IBotDefenderToken, TokenOrigin } from '../risk_token';
 import { VidSource, PassReason, ICookieParser, IUuidGenerator } from '../utils';
 import { IContext, MobileData, RequestData, ResponseData, RiskApiData, ServerData, TlsData } from './IContext';
@@ -35,21 +36,21 @@ export declare abstract class ContextBase<OptionsType extends ContextBaseOptions
     pxde?: PXDE;
     pxdeVerified?: boolean;
     customParameters?: CustomParameters;
+    graphqlData?: GraphQLData[];
     protected readonly config: IConfiguration;
     protected constructor(config: IConfiguration, request: IHttpRequest, options?: OptionsType);
     protected abstract createRiskToken(config: IConfiguration, cookies: Record<string, string>, options: OptionsType): IBotDefenderToken;
     protected createRequestData(config: IConfiguration, request: IHttpRequest, cookieParser?: ICookieParser): RequestData;
+    protected getCookies(cookieParser: ICookieParser, ...cookieHeaderValues: string[]): Record<string, string>;
     protected extractUserAgentFromHeader(config: IConfiguration, headers: HttpHeaders): string;
     protected extractIpFromHeader(config: IConfiguration, headers: HttpHeaders): string;
     protected isMonitored(config: IConfiguration, requestData: RequestData): boolean;
     protected isSensitive(config: IConfiguration, { url }: RequestData): boolean;
     protected isAllowedToBypassMonitor(config: IConfiguration, requestData: RequestData): boolean;
-    completeInitialization(): Promise<void>;
     protected setRiskTokenOnContext(config: IConfiguration, options: OptionsType): void;
     protected setMobileTokenOnContext(config: IConfiguration, mobileToken: string, options: OptionsType): void;
     protected setWebTokenOnContext(config: IConfiguration, options: OptionsType): void;
     protected setCookiesOnContext(): void;
     protected getMobileToken(config: IConfiguration, mobileToken: string, options: OptionsType): IBotDefenderToken;
-    protected handleCustomParameters(config: IConfiguration, request: IHttpRequest): Promise<void>;
     get isMobile(): boolean;
 }

package/lib/context/ContextBase.js

@@ -1,44 +1,7 @@
 "use strict";
-var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, generator) {
-    function adopt(value) { return value instanceof P ? value : new P(function (resolve) { resolve(value); }); }
-    return new (P || (P = Promise))(function (resolve, reject) {
-        function fulfilled(value) { try { step(generator.next(value)); } catch (e) { reject(e); } }
-        function rejected(value) { try { step(generator["throw"](value)); } catch (e) { reject(e); } }
-        function step(result) { result.done ? resolve(result.value) : adopt(result.value).then(fulfilled, rejected); }
-        step((generator = generator.apply(thisArg, _arguments || [])).next());
-    });
-};
-var __generator = (this && this.__generator) || function (thisArg, body) {
-    var _ = { label: 0, sent: function() { if (t[0] & 1) throw t[1]; return t[1]; }, trys: [], ops: [] }, f, y, t, g;
-    return g = { next: verb(0), "throw": verb(1), "return": verb(2) }, typeof Symbol === "function" && (g[Symbol.iterator] = function() { return this; }), g;
-    function verb(n) { return function (v) { return step([n, v]); }; }
-    function step(op) {
-        if (f) throw new TypeError("Generator is already executing.");
-        while (_) try {
-            if (f = 1, y && (t = op[0] & 2 ? y["return"] : op[0] ? y["throw"] || ((t = y["return"]) && t.call(y), 0) : y.next) && !(t = t.call(y, op[1])).done) return t;
-            if (y = 0, t) op = [op[0] & 2, t.value];
-            switch (op[0]) {
-                case 0: case 1: t = op; break;
-                case 4: _.label++; return { value: op[1], done: false };
-                case 5: _.label++; y = op[1]; op = [0]; continue;
-                case 7: op = _.ops.pop(); _.trys.pop(); continue;
-                default:
-                    if (!(t = _.trys, t = t.length > 0 && t[t.length - 1]) && (op[0] === 6 || op[0] === 2)) { _ = 0; continue; }
-                    if (op[0] === 3 && (!t || (op[1] > t[0] && op[1] < t[3]))) { _.label = op[1]; break; }
-                    if (op[0] === 6 && _.label < t[1]) { _.label = t[1]; t = op; break; }
-                    if (t && _.label < t[2]) { _.label = t[2]; _.ops.push(op); break; }
-                    if (t[2]) _.ops.pop();
-                    _.trys.pop(); continue;
-            }
-            op = body.call(thisArg, _);
-        } catch (e) { op = [6, e]; y = 0; } finally { f = t = 0; }
-        if (op[0] & 5) throw op[1]; return { value: op[0] ? op[1] : void 0, done: true };
-    }
-};
 Object.defineProperty(exports, "__esModule", { value: true });
 exports.ContextBase = void 0;
 var block_handler_1 = require("../block_handler");
-var custom_parameters_1 = require("../custom_parameters");
 var http_1 = require("../http");
 var risk_token_1 = require("../risk_token");
 var utils_1 = require("../utils");
@@ -63,18 +26,28 @@ var ContextBase = /** @class */ (function () {
         }
     }
     ContextBase.prototype.createRequestData = function (config, request, cookieParser) {
-        var _a;
+        var _a, _b;
         if (cookieParser === void 0) { cookieParser = new utils_1.DefaultCookieParser(); }
         var url = (0, utils_1.getDecodedUrl)(request.url);
         var method = request.method;
         var headers = request.headers;
-        var cookieHeaderValue = ((_a = request.headers.get(config.customCookieHeader || http_1.COOKIE_HEADER_NAME)) === null || _a === void 0 ? void 0 : _a[0]) || '';
-        var cookies = cookieHeaderValue ? cookieParser.parseCookies(cookieHeaderValue) : {};
+        var cookies = this.getCookies(cookieParser, (_a = request.headers.get(http_1.COOKIE_HEADER_NAME)) === null || _a === void 0 ? void 0 : _a[0], (_b = request.headers.get(config.customCookieHeader)) === null || _b === void 0 ? void 0 : _b[0]);
         var requestCookieNames = Object.keys(cookies);
         var userAgent = this.extractUserAgentFromHeader(config, headers);
         var ip = this.extractIpFromHeader(config, headers);
         return { url: url, method: method, headers: headers, cookies: cookies, ip: ip, userAgent: userAgent, requestCookieNames: requestCookieNames, request: request };
     };
+    ContextBase.prototype.getCookies = function (cookieParser) {
+        var cookieHeaderValues = [];
+        for (var _i = 1; _i < arguments.length; _i++) {
+            cookieHeaderValues[_i - 1] = arguments[_i];
+        }
+        var cookies = {};
+        cookieHeaderValues.forEach(function (value) {
+            Object.assign(cookies, value ? cookieParser.parseCookies(value) : null);
+        });
+        return cookies;
+    };
     ContextBase.prototype.extractUserAgentFromHeader = function (config, headers) {
         var _a;
         var userAgent = ((_a = headers === null || headers === void 0 ? void 0 : headers.get(http_1.USER_AGENT_HEADER_NAME)) === null || _a === void 0 ? void 0 : _a[0]) || '';
@@ -111,18 +84,6 @@ var ContextBase = /** @class */ (function () {
         return (config.bypassMonitorHeader &&
             ((_a = requestData.headers.get(config.bypassMonitorHeader)) === null || _a === void 0 ? void 0 : _a[0]) === utils_1.BYPASS_MONITOR_HEADER_VALUE);
     };
-    ContextBase.prototype.completeInitialization = function () {
-        return __awaiter(this, void 0, void 0, function () {
-            return __generator(this, function (_a) {
-                switch (_a.label) {
-                    case 0: return [4 /*yield*/, this.handleCustomParameters(this.config, this.requestData.request)];
-                    case 1:
-                        _a.sent();
-                        return [2 /*return*/];
-                }
-            });
-        });
-    };
     ContextBase.prototype.setRiskTokenOnContext = function (config, options) {
         var _a;
         var mobileToken = (_a = this.requestData.headers.get(utils_1.X_PX_AUTHORIZATION_HEADER_NAME)) === null || _a === void 0 ? void 0 : _a[0];
@@ -169,31 +130,6 @@ var ContextBase = /** @class */ (function () {
             return null;
         }
     };
-    ContextBase.prototype.handleCustomParameters = function (config, request) {
-        return __awaiter(this, void 0, void 0, function () {
-            var _a, _b, _c, e_1;
-            return __generator(this, function (_d) {
-                switch (_d.label) {
-                    case 0:
-                        if (!(config.enrichCustomParameters && typeof config.enrichCustomParameters === 'function')) return [3 /*break*/, 4];
-                        _d.label = 1;
-                    case 1:
-                        _d.trys.push([1, 3, , 4]);
-                        _a = this;
-                        _c = (_b = custom_parameters_1.CustomParametersUtils).normalizeCustomParams;
-                        return [4 /*yield*/, config.enrichCustomParameters(config.toParams(), request)];
-                    case 2:
-                        _a.customParameters = _c.apply(_b, [_d.sent()]);
-                        return [3 /*break*/, 4];
-                    case 3:
-                        e_1 = _d.sent();
-                        config.logger.error("unable to enrich custom params: ".concat(e_1));
-                        return [3 /*break*/, 4];
-                    case 4: return [2 /*return*/];
-                }
-            });
-        });
-    };
     Object.defineProperty(ContextBase.prototype, "isMobile", {
         get: function () {
             return this.tokenOrigin === risk_token_1.TokenOrigin.HEADER;

package/lib/context/IContext.d.ts

@@ -6,6 +6,7 @@ import { BlockAction, BlockReason } from '../block_handler';
 import { HttpHeaders, HttpMethod, IHttpRequest } from '../http';
 import { CustomParameters } from '../custom_parameters';
 import { PXDE } from '../pxde';
+import { GraphQLData } from '../graphql/model/GraphQLData';
 export declare type RequestData = {
     /**
      * The request URL.
@@ -253,8 +254,8 @@ export interface IContext {
      */
     customParameters?: CustomParameters;
     /**
-     * A function that completes context initialization. Should be called only if
-     * the request should not be filtered and is not first-party.
+     * An array of objects with information about the different GraphQL operations
+     * parsed from the request.
      */
-    completeInitialization(): Promise<void>;
+    graphqlData?: GraphQLData[];
 }

package/lib/custom_parameters/CustomParametersUtils.d.ts

@@ -1,4 +1,7 @@
+import { IConfiguration } from '../config';
+import { IContext } from '../context';
 import { CustomParameters } from './CustomParameters';
 export declare namespace CustomParametersUtils {
+    const handleCustomParameters: (config: IConfiguration, context: IContext) => Promise<void>;
     const normalizeCustomParams: (customParameters: Record<string, any>) => CustomParameters;
 }

package/lib/custom_parameters/CustomParametersUtils.js

@@ -1,8 +1,67 @@
 "use strict";
+var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, generator) {
+    function adopt(value) { return value instanceof P ? value : new P(function (resolve) { resolve(value); }); }
+    return new (P || (P = Promise))(function (resolve, reject) {
+        function fulfilled(value) { try { step(generator.next(value)); } catch (e) { reject(e); } }
+        function rejected(value) { try { step(generator["throw"](value)); } catch (e) { reject(e); } }
+        function step(result) { result.done ? resolve(result.value) : adopt(result.value).then(fulfilled, rejected); }
+        step((generator = generator.apply(thisArg, _arguments || [])).next());
+    });
+};
+var __generator = (this && this.__generator) || function (thisArg, body) {
+    var _ = { label: 0, sent: function() { if (t[0] & 1) throw t[1]; return t[1]; }, trys: [], ops: [] }, f, y, t, g;
+    return g = { next: verb(0), "throw": verb(1), "return": verb(2) }, typeof Symbol === "function" && (g[Symbol.iterator] = function() { return this; }), g;
+    function verb(n) { return function (v) { return step([n, v]); }; }
+    function step(op) {
+        if (f) throw new TypeError("Generator is already executing.");
+        while (_) try {
+            if (f = 1, y && (t = op[0] & 2 ? y["return"] : op[0] ? y["throw"] || ((t = y["return"]) && t.call(y), 0) : y.next) && !(t = t.call(y, op[1])).done) return t;
+            if (y = 0, t) op = [op[0] & 2, t.value];
+            switch (op[0]) {
+                case 0: case 1: t = op; break;
+                case 4: _.label++; return { value: op[1], done: false };
+                case 5: _.label++; y = op[1]; op = [0]; continue;
+                case 7: op = _.ops.pop(); _.trys.pop(); continue;
+                default:
+                    if (!(t = _.trys, t = t.length > 0 && t[t.length - 1]) && (op[0] === 6 || op[0] === 2)) { _ = 0; continue; }
+                    if (op[0] === 3 && (!t || (op[1] > t[0] && op[1] < t[3]))) { _.label = op[1]; break; }
+                    if (op[0] === 6 && _.label < t[1]) { _.label = t[1]; t = op; break; }
+                    if (t && _.label < t[2]) { _.label = t[2]; _.ops.push(op); break; }
+                    if (t[2]) _.ops.pop();
+                    _.trys.pop(); continue;
+            }
+            op = body.call(thisArg, _);
+        } catch (e) { op = [6, e]; y = 0; } finally { f = t = 0; }
+        if (op[0] & 5) throw op[1]; return { value: op[0] ? op[1] : void 0, done: true };
+    }
+};
 Object.defineProperty(exports, "__esModule", { value: true });
 exports.CustomParametersUtils = void 0;
 var CustomParametersUtils;
 (function (CustomParametersUtils) {
+    var _this = this;
+    CustomParametersUtils.handleCustomParameters = function (config, context) { return __awaiter(_this, void 0, void 0, function () {
+        var parameters, e_1;
+        return __generator(this, function (_a) {
+            switch (_a.label) {
+                case 0:
+                    if (!(config.enrichCustomParameters && typeof config.enrichCustomParameters === 'function')) return [3 /*break*/, 4];
+                    _a.label = 1;
+                case 1:
+                    _a.trys.push([1, 3, , 4]);
+                    return [4 /*yield*/, config.enrichCustomParameters(config.toParams(), context.requestData.request)];
+                case 2:
+                    parameters = _a.sent();
+                    context.customParameters = CustomParametersUtils.normalizeCustomParams(parameters);
+                    return [3 /*break*/, 4];
+                case 3:
+                    e_1 = _a.sent();
+                    config.logger.error("unable to enrich custom params: ".concat(e_1));
+                    return [3 /*break*/, 4];
+                case 4: return [2 /*return*/];
+            }
+        });
+    }); };
     CustomParametersUtils.normalizeCustomParams = function (customParameters) {
         var normalizedParams = {};
         if (customParameters && typeof customParameters === 'object') {