perimeterx-js-core 0.2.0 → 0.4.0

package/README.md

@@ -100,17 +100,24 @@ or use an external library (e.g., `phin`, `axios`) if needed.
 
 ### Crypto
 
-Since cryptographic functionality varies from platform to platform, this library's crypto utils takes the form of an interface
+Since cryptographic functionality varies from platform to platform, this library's crypto utils takes the form of interfaces
 as well.
 
-`IBase64Utils` - Represents a Base64 encoding and decoding utility that other components may require. A `DefaultBase64Utils`
-implementation using the `js-base64` dependency is provided.
+`IBase64Utils` - Represents a Base64 encoding and decoding utility that other components may require. The following implementations
+are provided:
+* `AtobBase64Utils`, which relies on native `atob` and `btoa` functions.
+* `BufferBase64Utils`, which relies on the native NodeJS `Buffer.from()` function.
+* `JSBase64Base64Utils`, which uses the `js-base64` dependency.
 
-`IHashUtils` - Represents an HMAC-generating utility that other components may require. A `DefaultHashUtils`
-implementation using the `crypto-js` dependency is provided.
+`IHashUtils` - Represents an HMAC-generating utility that other components may require. The following implementations are
+provided:
+* `CryptoHmacUtils`, which relies on the native NodeJS `crypto` package.
+* `CryptoJSHmacUtils`, which uses the `crypto-js` dependency.
 
-`ICipherUtils` - Represents an encryption and decryption utility that is required for RiskTokenV3. No default 
-implementation is provided.
+`ICipherUtils` - Represents an encryption and decryption utility that is required for RiskTokenV3. The following implementations
+are provided:
+* `CryptoCipherUtils`, which relies on the native NodeJS `crypto` package.
+* `SubtleCryptoCipherUtils`, which relies on an object implementing the `SubtleCrypto` interface. By default, it is assumed that the global `crypto.subtle` implements this interface.
 
 ### Other Dependencies
 
@@ -119,8 +126,8 @@ can be swapped with other implementations. These classes are:
 
 | **Library**       | **Implementation**        | **Used For**                              |
 | :---              | :---                      | :---                                      |
-| `crypto-js`       | `DefaultHashUtils`        | PXDE, telemetry, risk token V2/V3, etc.   |
-| `js-base64`       | `DefaultBase64Utils`      | PXDE, telemetry, risk token V2, etc.      |
+| `crypto-js`       | `CryptoJSHmacUtils`        | PXDE, telemetry, risk token V2/V3, etc.   |
+| `js-base64`       | `JSBase64Base64Utils`      | PXDE, telemetry, risk token V2, etc.      |
 | `cookie`          | `DefaultCookieParser`     | `ContextBase`                             |
 | `uuid`            | `DefaultUuidGenerator`    | `ContextBase`                             |
 | `ip-range-check`  | `DefaultIpRangeChecker`   | `DefaultFilter`                           |

package/lib/activities/HttpActivityClient.d.ts

@@ -1,8 +1,8 @@
 import { IConfiguration } from '../config';
 import { IContext } from '../context';
-import { IHttpClient } from '../http';
 import { IActivityClient } from './IActivityClient';
 import { Activity } from './model/Activity';
+import { IHttpClient } from '../http';
 export declare class HttpActivityClient implements IActivityClient {
     private readonly config;
     private readonly httpClient;

package/lib/activities/HttpActivityClient.js

@@ -42,6 +42,8 @@ var utils_1 = require("../utils");
 var ActivityType_1 = require("./ActivityType");
 var utils_2 = require("./utils");
 var constants_1 = require("./constants");
+var http_2 = require("../http");
+var http_3 = require("../http");
 var HttpActivityClient = /** @class */ (function () {
     function HttpActivityClient(config, httpClient) {
         this.config = config;
@@ -87,13 +89,13 @@ var HttpActivityClient = /** @class */ (function () {
     };
     HttpActivityClient.prototype.postActivities = function (activities) {
         return __awaiter(this, void 0, void 0, function () {
-            var url, method, headers, body, status;
+            var url, method, headers, body, req, status;
             var _a;
             return __generator(this, function (_b) {
                 switch (_b.label) {
                     case 0:
                         url = "".concat(this.config.backendCollectorUrl).concat(constants_1.ACTIVITIES_ENDPOINT);
-                        method = http_1.HttpMethod.POST;
+                        method = http_2.HttpMethod.POST;
                         headers = (_a = {},
                             _a[http_1.CONTENT_TYPE_HEADER_NAME] = [http_1.ContentType.APPLICATION_JSON],
                             _a[http_1.AUTHORIZATION_HEADER_NAME] = [(0, utils_1.getAuthorizationHeader)(this.config.authToken)],
@@ -103,9 +105,10 @@ var HttpActivityClient = /** @class */ (function () {
                             var type = _a.type;
                             return "".concat(type, " activity");
                         }).join(', '), " to ").concat(url));
-                        return [4 /*yield*/, this.httpClient.send(new http_1.DefaultHttpRequest(url, { method: method, headers: headers, body: body }))];
+                        req = new http_3.OutgoingRequestImpl({ url: url, method: method, headers: headers, body: body });
+                        return [4 /*yield*/, this.httpClient.send(req).then(function (resp) { return resp.status; })];
                     case 1:
-                        status = (_b.sent()).status;
+                        status = _b.sent();
                         return [2 /*return*/, status === 200];
                 }
             });

package/lib/activities/HttpBatchedActivityClient.d.ts

@@ -1,7 +1,7 @@
 import { HttpActivityClient } from './HttpActivityClient';
 import { IConfiguration } from '../config';
-import { IHttpClient } from '../http';
 import { Activity } from './model/Activity';
+import { IHttpClient } from '../http';
 export declare class HttpBatchedActivityClient extends HttpActivityClient {
     private readonly batchSize;
     private readonly timeoutMs;

package/lib/activities/model/ActivityDetails.d.ts

@@ -1,5 +1,6 @@
-import { PassReason } from '../../utils/PassReason';
-import { BlockReason } from '../../block_handler/BlockReason';
+import { PassReason } from '../../utils';
+import { BlockReason } from '../../block_handler';
+import { GraphQLData } from '../../graphql';
 export declare type ActivityTypeDetails = PageRequestedActivityDetails | BlockActivityDetails | AdditionalS2SActivityDetails;
 export declare type ActivityDetails = ActivityTypeDetails & {
     client_uuid: string;
@@ -17,6 +18,7 @@ export declare type ActivityDetails = ActivityTypeDetails & {
     tls_preferred_ciphers?: string;
     tls_ciphers_sha?: string;
     tls_ja3_fingerprint?: string;
+    graphql_operations?: GraphQLData[];
     credentials_compromised?: boolean;
     ci_version?: string;
     sso_step?: string;

package/lib/activities/utils.js

@@ -8,7 +8,7 @@ var createActivity = function (activityType, config, context) {
         type: activityType,
         px_app_id: config.appId,
         url: context.requestData.url.href,
-        headers: (0, utils_1.removeSensitiveHeaders)(context.requestData.headers, config.sensitiveHeaders).toObject(),
+        headers: (0, utils_1.removeSensitiveHeaders)(context.requestData.headers, config.sensitiveHeaders),
         pxhd: context.pxhd,
         socket_ip: context.requestData.ip,
         timestamp: Date.now(),
@@ -44,6 +44,7 @@ var createGenericActivityDetails = function (config, context) {
         requestId: 'request_id',
         uuid: 'client_uuid',
         tokenOrigin: 'cookie_origin',
+        graphqlData: 'graphql_operations',
     });
     (0, utils_1.transferExistingProperties)(context.requestData, genericActivityDetails, {
         httpVersion: 'http_version',

package/lib/block_handler/DefaultBlockResponseGenerator.d.ts

@@ -1,14 +1,14 @@
 import { IContext } from '../context';
 import { IConfiguration } from '../config';
-import { IHttpResponse } from '../http';
 import { IBase64Utils } from '../utils';
 import { IBlockResponseGenerator } from './IBlockResponseGenerator';
+import { IMinimalResponse } from '../http';
 export declare class DefaultBlockResponseGenerator implements IBlockResponseGenerator {
     private readonly config;
     private readonly captchaResponseGenerator;
     constructor(config: IConfiguration, base64Utils: IBase64Utils);
     shouldGenerate(context: IContext): boolean;
-    generateBlockResponse(context: IContext): IHttpResponse;
+    generateBlockResponse(context: IContext): IMinimalResponse;
     private generateRateLimitResponse;
     private generateCaptchaResponse;
 }

package/lib/block_handler/DefaultBlockResponseGenerator.js

@@ -6,6 +6,7 @@ var http_1 = require("../http");
 var BlockAction_1 = require("./BlockAction");
 var CaptchaBlockResponseGenerator_1 = require("./captcha/CaptchaBlockResponseGenerator");
 var rate_limit_template_1 = require("./templates/rate_limit_template");
+var http_2 = require("../http");
 var DefaultBlockResponseGenerator = /** @class */ (function () {
     function DefaultBlockResponseGenerator(config, base64Utils) {
         this.config = config;
@@ -26,7 +27,7 @@ var DefaultBlockResponseGenerator = /** @class */ (function () {
                 res = this.generateCaptchaResponse(context);
                 break;
         }
-        return pxhd_1.PXHDUtils.addPxhdToResponse(context, res);
+        return pxhd_1.PXHDUtils.addPxhdToMinimalResponse(context, res);
     };
     DefaultBlockResponseGenerator.prototype.generateRateLimitResponse = function () {
         var _a;
@@ -34,7 +35,11 @@ var DefaultBlockResponseGenerator = /** @class */ (function () {
         var headers = (_a = {},
             _a[http_1.CONTENT_TYPE_HEADER_NAME] = [http_1.ContentType.TEXT_HTML],
             _a);
-        return new http_1.DefaultHttpResponse(rate_limit_template_1.RATE_LIMIT_TEMPLATE, { status: status, headers: headers });
+        return new http_2.MinimalResponseImpl({
+            body: rate_limit_template_1.RATE_LIMIT_TEMPLATE,
+            status: status,
+            headers: headers,
+        });
     };
     DefaultBlockResponseGenerator.prototype.generateCaptchaResponse = function (context) {
         return this.captchaResponseGenerator.generateBlockResponse(context);

package/lib/block_handler/IBlockResponseGenerator.d.ts

@@ -1,5 +1,5 @@
 import { IContext } from '../context';
-import { IHttpResponse } from '../http';
+import { IMinimalResponse } from '../http';
 export interface IBlockResponseGenerator {
     /**
      * @param context - The request context.
@@ -10,5 +10,5 @@ export interface IBlockResponseGenerator {
      * @param context - The request context.
      * @returns IHttpResponse - The block response that should be returned to the end-user.
      */
-    generateBlockResponse(context: IContext): IHttpResponse;
+    generateBlockResponse(context: IContext): IMinimalResponse;
 }

package/lib/block_handler/captcha/CaptchaBlockResponseGenerator.d.ts

@@ -1,8 +1,8 @@
 import { IConfiguration } from '../../config';
 import { IContext } from '../../context';
-import { IHttpResponse } from '../../http';
 import { IBase64Utils } from '../../utils';
 import { IBlockResponseGenerator } from '../IBlockResponseGenerator';
+import { IMinimalResponse } from '../../http';
 export declare class CaptchaBlockResponseGenerator implements IBlockResponseGenerator {
     private readonly config;
     private readonly jsonCaptchaGenerator;
@@ -10,5 +10,5 @@ export declare class CaptchaBlockResponseGenerator implements IBlockResponseGene
     private readonly htmlCaptchaGenerator;
     constructor(config: IConfiguration, base64Utils: IBase64Utils);
     shouldGenerate({ blockAction }: IContext): boolean;
-    generateBlockResponse(context: IContext): IHttpResponse;
+    generateBlockResponse(context: IContext): IMinimalResponse;
 }

package/lib/block_handler/captcha/HtmlCaptchaResponseGenerator.d.ts

@@ -1,10 +1,10 @@
 import { IConfiguration } from '../../config';
 import { IContext } from '../../context';
-import { IHttpResponse } from '../../http';
 import { IBlockResponseGenerator } from '../IBlockResponseGenerator';
+import { IMinimalResponse } from '../../http';
 export declare class HtmlCaptchaResponseGenerator implements IBlockResponseGenerator {
     private readonly config;
     constructor(config: IConfiguration);
     shouldGenerate(context: IContext): boolean;
-    generateBlockResponse(context: IContext): IHttpResponse;
+    generateBlockResponse(context: IContext): IMinimalResponse;
 }

package/lib/block_handler/captcha/HtmlCaptchaResponseGenerator.js

@@ -4,6 +4,7 @@ exports.HtmlCaptchaResponseGenerator = void 0;
 var http_1 = require("../../http");
 var utils_1 = require("../utils");
 var captcha_template_1 = require("../templates/captcha_template");
+var http_2 = require("../../http");
 var HtmlCaptchaResponseGenerator = /** @class */ (function () {
     function HtmlCaptchaResponseGenerator(config) {
         this.config = config;
@@ -18,7 +19,11 @@ var HtmlCaptchaResponseGenerator = /** @class */ (function () {
             _a[http_1.CONTENT_TYPE_HEADER_NAME] = [http_1.ContentType.TEXT_HTML],
             _a);
         var body = (0, utils_1.renderHtml)(captcha_template_1.CAPTCHA_TEMPLATE, (0, utils_1.createBlockData)(this.config, context));
-        return new http_1.DefaultHttpResponse(body, { status: status, headers: headers });
+        return new http_2.MinimalResponseImpl({
+            body: body,
+            status: status,
+            headers: headers,
+        });
     };
     return HtmlCaptchaResponseGenerator;
 }());

package/lib/block_handler/captcha/JsonCaptchaResponseGenerator.d.ts

@@ -1,10 +1,10 @@
 import { IConfiguration } from '../../config';
 import { IContext } from '../../context';
-import { IHttpResponse } from '../../http';
 import { IBlockResponseGenerator } from '../IBlockResponseGenerator';
+import { IMinimalResponse } from '../../http';
 export declare class JsonCaptchaResponseGenerator implements IBlockResponseGenerator {
     private readonly config;
     constructor(config: IConfiguration);
     shouldGenerate(context: IContext): boolean;
-    generateBlockResponse(context: IContext): IHttpResponse;
+    generateBlockResponse(context: IContext): IMinimalResponse;
 }

package/lib/block_handler/captcha/JsonCaptchaResponseGenerator.js

@@ -4,17 +4,17 @@ exports.JsonCaptchaResponseGenerator = void 0;
 var BlockAction_1 = require("../BlockAction");
 var http_1 = require("../../http");
 var utils_1 = require("../utils");
+var http_2 = require("../../http");
 var JsonCaptchaResponseGenerator = /** @class */ (function () {
     function JsonCaptchaResponseGenerator(config) {
         this.config = config;
     }
     JsonCaptchaResponseGenerator.prototype.shouldGenerate = function (context) {
-        var _a, _b;
         if (!this.config.advancedBlockingResponseEnabled) {
             return false;
         }
-        var acceptHeaderValue = ((_a = context.requestData.headers.get(http_1.ACCEPT_HEADER_NAME)) === null || _a === void 0 ? void 0 : _a[0]) ||
-            ((_b = context.requestData.headers.get(http_1.CONTENT_TYPE_HEADER_NAME)) === null || _b === void 0 ? void 0 : _b[0]) ||
+        var acceptHeaderValue = context.requestData.request.headers.get(http_1.ACCEPT_HEADER_NAME) ||
+            context.requestData.request.headers.get(http_1.CONTENT_TYPE_HEADER_NAME) ||
             '';
         var acceptHeaderContainsJson = acceptHeaderValue === null || acceptHeaderValue === void 0 ? void 0 : acceptHeaderValue.split(',').some(function (value) { return value.toLowerCase() === http_1.ContentType.APPLICATION_JSON; });
         return !context.isMobile && context.blockAction !== BlockAction_1.BlockAction.RATE_LIMIT && acceptHeaderContainsJson;
@@ -37,7 +37,11 @@ var JsonCaptchaResponseGenerator = /** @class */ (function () {
             blockScript: blockData.blockScript,
             altBlockScript: blockData.altBlockScript,
         };
-        return new http_1.DefaultHttpResponse(JSON.stringify(jsonBlockPayload), { status: status, headers: headers });
+        return new http_2.MinimalResponseImpl({
+            body: JSON.stringify(jsonBlockPayload),
+            status: status,
+            headers: headers,
+        });
     };
     return JsonCaptchaResponseGenerator;
 }());

package/lib/block_handler/captcha/MobileCaptchaResponseGenerator.d.ts

@@ -1,12 +1,12 @@
 import { IConfiguration } from '../../config';
 import { IContext } from '../../context';
-import { IHttpResponse } from '../../http';
 import { IBase64Utils } from '../../utils';
 import { IBlockResponseGenerator } from '../IBlockResponseGenerator';
+import { IMinimalResponse } from '../../http';
 export declare class MobileCaptchaResponseGenerator implements IBlockResponseGenerator {
     private readonly config;
     private readonly base64Utils;
     constructor(config: IConfiguration, base64Utils: IBase64Utils);
     shouldGenerate(context: IContext): boolean;
-    generateBlockResponse(context: IContext): IHttpResponse;
+    generateBlockResponse(context: IContext): IMinimalResponse;
 }

package/lib/block_handler/captcha/MobileCaptchaResponseGenerator.js

@@ -5,6 +5,7 @@ var http_1 = require("../../http");
 var BlockAction_1 = require("../BlockAction");
 var utils_1 = require("../utils");
 var captcha_template_1 = require("../templates/captcha_template");
+var http_2 = require("../../http");
 var MobileCaptchaResponseGenerator = /** @class */ (function () {
     function MobileCaptchaResponseGenerator(config, base64Utils) {
         this.config = config;
@@ -29,7 +30,11 @@ var MobileCaptchaResponseGenerator = /** @class */ (function () {
             page: this.base64Utils.base64Encode(captchaPage),
             collectorHost: this.config.backendCollectorUrl,
         };
-        return new http_1.DefaultHttpResponse(JSON.stringify(mobileBlockPayload), { status: status, headers: headers });
+        return new http_2.MinimalResponseImpl({
+            body: JSON.stringify(mobileBlockPayload),
+            status: status,
+            headers: headers,
+        });
     };
     return MobileCaptchaResponseGenerator;
 }());

package/lib/config/ConfigurationParams.d.ts

@@ -58,6 +58,10 @@ export declare type ConfigurationParams = {
     px_jwt_header_name?: string;
     px_jwt_header_user_id_field_name?: string;
     px_jwt_header_additional_field_names?: string[];
+    px_graphql_enabled?: boolean;
+    px_graphql_routes?: string[];
+    px_sensitive_graphql_operation_names?: string[];
+    px_sensitive_graphql_operation_types?: Array<'query' | 'mutation' | 'subscription'>;
     px_extract_ip?: () => {};
     px_additional_activity_handler?: AdditionalActivityHandler;
     px_enrich_custom_parameters?: CustomParametersFunction;

package/lib/config/DefaultConfigurations.js

@@ -1,8 +1,8 @@
 "use strict";
 Object.defineProperty(exports, "__esModule", { value: true });
 exports.DEFAULT_CONFIGURATIONS = void 0;
-var LoggerSeverity_1 = require("../logger/LoggerSeverity");
-var ModuleMode_1 = require("../utils/ModuleMode");
+var logger_1 = require("../logger");
+var utils_1 = require("../utils");
 exports.DEFAULT_CONFIGURATIONS = {
     px_app_id: '',
     px_auth_token: '',
@@ -13,11 +13,11 @@ exports.DEFAULT_CONFIGURATIONS = {
     px_risk_cookie_max_length: 2048,
     px_risk_cookie_min_iterations: 500,
     px_risk_cookie_max_iterations: 5000,
-    px_logger_severity: LoggerSeverity_1.LoggerSeverity.ERROR,
+    px_logger_severity: logger_1.LoggerSeverity.ERROR,
     px_ip_headers: [],
     px_extract_ip: null,
     px_module_enabled: true,
-    px_module_mode: ModuleMode_1.ModuleMode.MONITOR,
+    px_module_mode: utils_1.ModuleMode.MONITOR,
     px_additional_activity_handler: null,
     px_advanced_blocking_response_enabled: true,
     px_max_activity_batch_size: 0,
@@ -94,8 +94,12 @@ exports.DEFAULT_CONFIGURATIONS = {
     px_filter_by_user_agent: [],
     px_css_ref: '',
     px_js_ref: '',
-    px_custom_cookie_header: '',
+    px_custom_cookie_header: 'x-px-cookies',
     px_custom_logo: '',
+    px_graphql_enabled: true,
+    px_graphql_routes: ['/graphql'],
+    px_sensitive_graphql_operation_names: [],
+    px_sensitive_graphql_operation_types: [],
     px_enrich_custom_parameters: null,
     px_proxy_url: '',
     px_jwt_cookie_name: '',

package/lib/config/IConfiguration.d.ts

@@ -165,6 +165,24 @@ export interface IConfiguration<ParamsType extends ConfigurationParams = Configu
      * The maximum amount of time to wait before sending asynchronous activities to the collector.
      */
     readonly activityBatchTimeoutMs: number;
+    /**
+     * Whether parsing of GraphQL request bodies should be enabled.
+     */
+    readonly graphqlEnabled: boolean;
+    /**
+     * Routes that should trigger GraphQL parsing by the enforcer.
+     */
+    readonly graphqlRoutes: string[];
+    /**
+     * An array of GraphQL operation names that should trigger a risk API call
+     * even if a valid, unexpired, low-score risk cookie is present.
+     */
+    readonly sensitiveGraphqlOperationNames: string[];
+    /**
+     * An array of GraphQL operation types (e.g., mutation) that should trigger a risk API call
+     * even if a valid, unexpired, low-score risk cookie is present.
+     */
+    readonly sensitiveGraphqlOperationTypes: string[];
     /**
      * A function returning CustomParameters that will be added to the enforcer activities.
      */

package/lib/config/StaticConfigurationBase.d.ts

@@ -53,6 +53,10 @@ export declare abstract class StaticConfigurationBase<ParamsType extends Configu
     get userAgentMaxLength(): number;
     get maxActivityBatchSize(): number;
     get activityBatchTimeoutMs(): number;
+    get graphqlEnabled(): boolean;
+    get graphqlRoutes(): string[];
+    get sensitiveGraphqlOperationNames(): string[];
+    get sensitiveGraphqlOperationTypes(): string[];
     get enrichCustomParameters(): CustomParametersFunction;
     get additionalActivityHandler(): AdditionalActivityHandler;
     get altBackendCaptchaUrl(): string;

package/lib/config/StaticConfigurationBase.js

@@ -343,6 +343,34 @@ var StaticConfigurationBase = /** @class */ (function () {
         enumerable: false,
         configurable: true
     });
+    Object.defineProperty(StaticConfigurationBase.prototype, "graphqlEnabled", {
+        get: function () {
+            return this.configParams.px_graphql_enabled;
+        },
+        enumerable: false,
+        configurable: true
+    });
+    Object.defineProperty(StaticConfigurationBase.prototype, "graphqlRoutes", {
+        get: function () {
+            return this.configParams.px_graphql_routes;
+        },
+        enumerable: false,
+        configurable: true
+    });
+    Object.defineProperty(StaticConfigurationBase.prototype, "sensitiveGraphqlOperationNames", {
+        get: function () {
+            return this.configParams.px_sensitive_graphql_operation_names;
+        },
+        enumerable: false,
+        configurable: true
+    });
+    Object.defineProperty(StaticConfigurationBase.prototype, "sensitiveGraphqlOperationTypes", {
+        get: function () {
+            return this.configParams.px_sensitive_graphql_operation_types;
+        },
+        enumerable: false,
+        configurable: true
+    });
     Object.defineProperty(StaticConfigurationBase.prototype, "enrichCustomParameters", {
         get: function () {
             return this.configParams.px_enrich_custom_parameters || null;

package/lib/context/ContextBase.d.ts

@@ -2,11 +2,13 @@ import { IConfiguration } from '../config';
 import { BlockReason, BlockAction } from '../block_handler';
 import { CustomParameters } from '../custom_parameters';
 import { FilterReason } from '../filter';
-import { IHttpRequest, HttpHeaders } from '../http';
 import { PXDE } from '../pxde';
+import { GraphQLData } from '../graphql';
 import { IBotDefenderToken, TokenOrigin } from '../risk_token';
 import { VidSource, PassReason, ICookieParser, IUuidGenerator } from '../utils';
 import { IContext, MobileData, RequestData, ResponseData, RiskApiData, ServerData, TlsData } from './IContext';
+import { IIncomingRequest } from '../http/interfaces/IIncomingRequest';
+import { ReadOnlyHeaders } from '../http';
 export declare type ContextBaseOptions = {
     cookieParser?: ICookieParser;
     uuidGenerator?: IUuidGenerator;
@@ -35,21 +37,21 @@ export declare abstract class ContextBase<OptionsType extends ContextBaseOptions
     pxde?: PXDE;
     pxdeVerified?: boolean;
     customParameters?: CustomParameters;
+    graphqlData?: GraphQLData[];
     protected readonly config: IConfiguration;
-    protected constructor(config: IConfiguration, request: IHttpRequest, options?: OptionsType);
+    protected constructor(config: IConfiguration, request: IIncomingRequest, options?: OptionsType);
     protected abstract createRiskToken(config: IConfiguration, cookies: Record<string, string>, options: OptionsType): IBotDefenderToken;
-    protected createRequestData(config: IConfiguration, request: IHttpRequest, cookieParser?: ICookieParser): RequestData;
-    protected extractUserAgentFromHeader(config: IConfiguration, headers: HttpHeaders): string;
-    protected extractIpFromHeader(config: IConfiguration, headers: HttpHeaders): string;
+    protected createRequestData(config: IConfiguration, request: IIncomingRequest, cookieParser?: ICookieParser): RequestData;
+    protected getCookies(cookieParser: ICookieParser, ...cookieHeaderValues: string[]): Record<string, string>;
+    protected extractUserAgentFromHeader(config: IConfiguration, headers: ReadOnlyHeaders): string;
+    protected extractIpFromHeader(config: IConfiguration, headers: ReadOnlyHeaders): string;
     protected isMonitored(config: IConfiguration, requestData: RequestData): boolean;
     protected isSensitive(config: IConfiguration, { url }: RequestData): boolean;
     protected isAllowedToBypassMonitor(config: IConfiguration, requestData: RequestData): boolean;
-    completeInitialization(): Promise<void>;
     protected setRiskTokenOnContext(config: IConfiguration, options: OptionsType): void;
     protected setMobileTokenOnContext(config: IConfiguration, mobileToken: string, options: OptionsType): void;
     protected setWebTokenOnContext(config: IConfiguration, options: OptionsType): void;
     protected setCookiesOnContext(): void;
     protected getMobileToken(config: IConfiguration, mobileToken: string, options: OptionsType): IBotDefenderToken;
-    protected handleCustomParameters(config: IConfiguration, request: IHttpRequest): Promise<void>;
     get isMobile(): boolean;
 }