perimeterx-js-core 0.2.0 → 0.4.0

package/lib/context/ContextBase.js

@@ -1,44 +1,7 @@
 "use strict";
-var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, generator) {
-    function adopt(value) { return value instanceof P ? value : new P(function (resolve) { resolve(value); }); }
-    return new (P || (P = Promise))(function (resolve, reject) {
-        function fulfilled(value) { try { step(generator.next(value)); } catch (e) { reject(e); } }
-        function rejected(value) { try { step(generator["throw"](value)); } catch (e) { reject(e); } }
-        function step(result) { result.done ? resolve(result.value) : adopt(result.value).then(fulfilled, rejected); }
-        step((generator = generator.apply(thisArg, _arguments || [])).next());
-    });
-};
-var __generator = (this && this.__generator) || function (thisArg, body) {
-    var _ = { label: 0, sent: function() { if (t[0] & 1) throw t[1]; return t[1]; }, trys: [], ops: [] }, f, y, t, g;
-    return g = { next: verb(0), "throw": verb(1), "return": verb(2) }, typeof Symbol === "function" && (g[Symbol.iterator] = function() { return this; }), g;
-    function verb(n) { return function (v) { return step([n, v]); }; }
-    function step(op) {
-        if (f) throw new TypeError("Generator is already executing.");
-        while (_) try {
-            if (f = 1, y && (t = op[0] & 2 ? y["return"] : op[0] ? y["throw"] || ((t = y["return"]) && t.call(y), 0) : y.next) && !(t = t.call(y, op[1])).done) return t;
-            if (y = 0, t) op = [op[0] & 2, t.value];
-            switch (op[0]) {
-                case 0: case 1: t = op; break;
-                case 4: _.label++; return { value: op[1], done: false };
-                case 5: _.label++; y = op[1]; op = [0]; continue;
-                case 7: op = _.ops.pop(); _.trys.pop(); continue;
-                default:
-                    if (!(t = _.trys, t = t.length > 0 && t[t.length - 1]) && (op[0] === 6 || op[0] === 2)) { _ = 0; continue; }
-                    if (op[0] === 3 && (!t || (op[1] > t[0] && op[1] < t[3]))) { _.label = op[1]; break; }
-                    if (op[0] === 6 && _.label < t[1]) { _.label = t[1]; t = op; break; }
-                    if (t && _.label < t[2]) { _.label = t[2]; _.ops.push(op); break; }
-                    if (t[2]) _.ops.pop();
-                    _.trys.pop(); continue;
-            }
-            op = body.call(thisArg, _);
-        } catch (e) { op = [6, e]; y = 0; } finally { f = t = 0; }
-        if (op[0] & 5) throw op[1]; return { value: op[0] ? op[1] : void 0, done: true };
-    }
-};
 Object.defineProperty(exports, "__esModule", { value: true });
 exports.ContextBase = void 0;
 var block_handler_1 = require("../block_handler");
-var custom_parameters_1 = require("../custom_parameters");
 var http_1 = require("../http");
 var risk_token_1 = require("../risk_token");
 var utils_1 = require("../utils");
@@ -63,21 +26,31 @@ var ContextBase = /** @class */ (function () {
         }
     }
     ContextBase.prototype.createRequestData = function (config, request, cookieParser) {
-        var _a;
         if (cookieParser === void 0) { cookieParser = new utils_1.DefaultCookieParser(); }
         var url = (0, utils_1.getDecodedUrl)(request.url);
         var method = request.method;
         var headers = request.headers;
-        var cookieHeaderValue = ((_a = request.headers.get(config.customCookieHeader || http_1.COOKIE_HEADER_NAME)) === null || _a === void 0 ? void 0 : _a[0]) || '';
-        var cookies = cookieHeaderValue ? cookieParser.parseCookies(cookieHeaderValue) : {};
+        var cookies = this.getCookies(cookieParser, request.headers.get(http_1.COOKIE_HEADER_NAME), request.headers.get(config.customCookieHeader));
         var requestCookieNames = Object.keys(cookies);
-        var userAgent = this.extractUserAgentFromHeader(config, headers);
-        var ip = this.extractIpFromHeader(config, headers);
-        return { url: url, method: method, headers: headers, cookies: cookies, ip: ip, userAgent: userAgent, requestCookieNames: requestCookieNames, request: request };
+        var readOnlyHeaders = (0, http_1.toReadOnlyHeaders)(headers);
+        var userAgent = this.extractUserAgentFromHeader(config, readOnlyHeaders);
+        var ip = this.extractIpFromHeader(config, readOnlyHeaders);
+        return { url: url, method: method, headers: readOnlyHeaders, cookies: cookies, ip: ip, userAgent: userAgent, requestCookieNames: requestCookieNames, request: request };
+    };
+    ContextBase.prototype.getCookies = function (cookieParser) {
+        var cookieHeaderValues = [];
+        for (var _i = 1; _i < arguments.length; _i++) {
+            cookieHeaderValues[_i - 1] = arguments[_i];
+        }
+        var cookies = {};
+        cookieHeaderValues.forEach(function (value) {
+            Object.assign(cookies, value ? cookieParser.parseCookies(value) : null);
+        });
+        return cookies;
     };
     ContextBase.prototype.extractUserAgentFromHeader = function (config, headers) {
         var _a;
-        var userAgent = ((_a = headers === null || headers === void 0 ? void 0 : headers.get(http_1.USER_AGENT_HEADER_NAME)) === null || _a === void 0 ? void 0 : _a[0]) || '';
+        var userAgent = ((_a = headers[http_1.USER_AGENT_HEADER_NAME]) === null || _a === void 0 ? void 0 : _a[0]) || '';
         if (userAgent.length > config.userAgentMaxLength) {
             userAgent = userAgent.substring(0, config.userAgentMaxLength);
         }
@@ -87,7 +60,7 @@ var ContextBase = /** @class */ (function () {
         var ip;
         config.ipHeaders.some(function (ipHeader) {
             var _a;
-            var headerValue = (_a = headers.get(ipHeader)) === null || _a === void 0 ? void 0 : _a[0];
+            var headerValue = (_a = headers[ipHeader]) === null || _a === void 0 ? void 0 : _a[0];
             if (headerValue) {
                 ip = headerValue;
                 return true;
@@ -107,25 +80,11 @@ var ContextBase = /** @class */ (function () {
         return (0, utils_1.isRouteInPatterns)(url.pathname, config.sensitiveRoutes);
     };
     ContextBase.prototype.isAllowedToBypassMonitor = function (config, requestData) {
-        var _a;
         return (config.bypassMonitorHeader &&
-            ((_a = requestData.headers.get(config.bypassMonitorHeader)) === null || _a === void 0 ? void 0 : _a[0]) === utils_1.BYPASS_MONITOR_HEADER_VALUE);
-    };
-    ContextBase.prototype.completeInitialization = function () {
-        return __awaiter(this, void 0, void 0, function () {
-            return __generator(this, function (_a) {
-                switch (_a.label) {
-                    case 0: return [4 /*yield*/, this.handleCustomParameters(this.config, this.requestData.request)];
-                    case 1:
-                        _a.sent();
-                        return [2 /*return*/];
-                }
-            });
-        });
+            requestData.request.headers.get(config.bypassMonitorHeader) === utils_1.BYPASS_MONITOR_HEADER_VALUE);
     };
     ContextBase.prototype.setRiskTokenOnContext = function (config, options) {
-        var _a;
-        var mobileToken = (_a = this.requestData.headers.get(utils_1.X_PX_AUTHORIZATION_HEADER_NAME)) === null || _a === void 0 ? void 0 : _a[0];
+        var mobileToken = this.requestData.request.headers.get(utils_1.X_PX_AUTHORIZATION_HEADER_NAME);
         if (mobileToken) {
             this.setMobileTokenOnContext(config, mobileToken, options);
         }
@@ -134,11 +93,10 @@ var ContextBase = /** @class */ (function () {
         }
     };
     ContextBase.prototype.setMobileTokenOnContext = function (config, mobileToken, options) {
-        var _a, _b;
         this.tokenOrigin = risk_token_1.TokenOrigin.HEADER;
         this.riskToken = this.getMobileToken(config, mobileToken, options);
-        this.mobileData.originalToken = this.getMobileToken(config, (_a = this.requestData.headers.get(utils_1.X_PX_ORIGINAL_TOKEN_HEADER_NAME)) === null || _a === void 0 ? void 0 : _a[0], options);
-        this.mobileData.bypassReason = ((_b = this.requestData.headers.get(utils_1.X_PX_BYPASS_REASON_HEADER_NAME)) === null || _b === void 0 ? void 0 : _b[0]) || '';
+        this.mobileData.originalToken = this.getMobileToken(config, this.requestData.request.headers.get(utils_1.X_PX_ORIGINAL_TOKEN_HEADER_NAME), options);
+        this.mobileData.bypassReason = this.requestData.request.headers.get(utils_1.X_PX_BYPASS_REASON_HEADER_NAME) || '';
         if (!this.riskToken && /^\d+$/.test(mobileToken)) {
             this.mobileData.mobileError = mobileToken;
         }
@@ -169,31 +127,6 @@ var ContextBase = /** @class */ (function () {
             return null;
         }
     };
-    ContextBase.prototype.handleCustomParameters = function (config, request) {
-        return __awaiter(this, void 0, void 0, function () {
-            var _a, _b, _c, e_1;
-            return __generator(this, function (_d) {
-                switch (_d.label) {
-                    case 0:
-                        if (!(config.enrichCustomParameters && typeof config.enrichCustomParameters === 'function')) return [3 /*break*/, 4];
-                        _d.label = 1;
-                    case 1:
-                        _d.trys.push([1, 3, , 4]);
-                        _a = this;
-                        _c = (_b = custom_parameters_1.CustomParametersUtils).normalizeCustomParams;
-                        return [4 /*yield*/, config.enrichCustomParameters(config.toParams(), request)];
-                    case 2:
-                        _a.customParameters = _c.apply(_b, [_d.sent()]);
-                        return [3 /*break*/, 4];
-                    case 3:
-                        e_1 = _d.sent();
-                        config.logger.error("unable to enrich custom params: ".concat(e_1));
-                        return [3 /*break*/, 4];
-                    case 4: return [2 /*return*/];
-                }
-            });
-        });
-    };
     Object.defineProperty(ContextBase.prototype, "isMobile", {
         get: function () {
             return this.tokenOrigin === risk_token_1.TokenOrigin.HEADER;

package/lib/context/DefaultTokenV2Context.d.ts

@@ -1,13 +1,13 @@
 import { IConfiguration } from '../config';
-import { IHttpRequest } from '../http';
 import { IBotDefenderToken } from '../risk_token';
 import { IBase64Utils, IHashUtils } from '../utils';
 import { ContextBase, ContextBaseOptions } from './ContextBase';
+import { IIncomingRequest } from '../http/interfaces/IIncomingRequest';
 export declare type DefaultTokenV2ContextOptions = {
     base64Utils?: IBase64Utils;
     hashUtils?: IHashUtils;
 } & ContextBaseOptions;
 export declare class DefaultTokenV2Context extends ContextBase<DefaultTokenV2ContextOptions> {
-    constructor(config: IConfiguration, httpRequest: IHttpRequest, options?: DefaultTokenV2ContextOptions);
+    constructor(config: IConfiguration, httpRequest: IIncomingRequest, options?: DefaultTokenV2ContextOptions);
     protected createRiskToken(config: IConfiguration, cookies: Record<string, string>, options: DefaultTokenV2ContextOptions): IBotDefenderToken;
 }

package/lib/context/DefaultTokenV2Context.js

@@ -26,7 +26,7 @@ var DefaultTokenV2Context = /** @class */ (function (_super) {
     }
     DefaultTokenV2Context.prototype.createRiskToken = function (config, cookies, options) {
         if (cookies[risk_token_1.COOKIE_V2_NAME]) {
-            return new risk_token_1.DefaultBotDefenderTokenV2(config, cookies[risk_token_1.COOKIE_V2_NAME], (options === null || options === void 0 ? void 0 : options.base64Utils) || new utils_1.DefaultBase64Utils(), (options === null || options === void 0 ? void 0 : options.hashUtils) || new utils_1.DefaultHashUtils());
+            return new risk_token_1.DefaultBotDefenderTokenV2(config, cookies[risk_token_1.COOKIE_V2_NAME], (options === null || options === void 0 ? void 0 : options.base64Utils) || new utils_1.JSBase64Base64Utils(), (options === null || options === void 0 ? void 0 : options.hashUtils) || new utils_1.CryptoJSHmacUtils());
         }
         return null;
     };

package/lib/context/DefaultTokenV3Context.d.ts

@@ -1,13 +1,13 @@
 import { IConfiguration } from '../config';
-import { IHttpRequest } from '../http';
 import { IBotDefenderToken } from '../risk_token';
 import { IHashUtils, ICipherUtils } from '../utils';
 import { ContextBase, ContextBaseOptions } from './ContextBase';
+import { IIncomingRequest } from '../http/interfaces/IIncomingRequest';
 export declare type DefaultTokenV3ContextOptions = {
     cipherUtils: ICipherUtils;
     hashUtils?: IHashUtils;
 } & ContextBaseOptions;
 export declare class DefaultTokenV3Context extends ContextBase<DefaultTokenV3ContextOptions> {
-    constructor(config: IConfiguration, httpRequest: IHttpRequest, options: DefaultTokenV3ContextOptions);
+    constructor(config: IConfiguration, httpRequest: IIncomingRequest, options: DefaultTokenV3ContextOptions);
     protected createRiskToken(config: IConfiguration, cookies: Record<string, string>, options: DefaultTokenV3ContextOptions): IBotDefenderToken;
 }

package/lib/context/DefaultTokenV3Context.js

@@ -26,7 +26,7 @@ var DefaultTokenV3Context = /** @class */ (function (_super) {
     }
     DefaultTokenV3Context.prototype.createRiskToken = function (config, cookies, options) {
         if (cookies[risk_token_1.COOKIE_V3_NAME]) {
-            return new risk_token_1.DefaultBotDefenderTokenV3(config, cookies[risk_token_1.COOKIE_V3_NAME], options.cipherUtils, options.hashUtils || new utils_1.DefaultHashUtils());
+            return new risk_token_1.DefaultBotDefenderTokenV3(config, cookies[risk_token_1.COOKIE_V3_NAME], options.cipherUtils, options.hashUtils || new utils_1.CryptoJSHmacUtils());
         }
         return null;
     };

package/lib/context/IContext.d.ts

@@ -3,9 +3,12 @@ import { FilterReason } from '../filter';
 import { S2SCallReason, S2SErrorReason } from '../risk_api';
 import { PassReason, VidSource } from '../utils';
 import { BlockAction, BlockReason } from '../block_handler';
-import { HttpHeaders, HttpMethod, IHttpRequest } from '../http';
 import { CustomParameters } from '../custom_parameters';
 import { PXDE } from '../pxde';
+import { GraphQLData } from '../graphql';
+import { HttpMethod } from '../http';
+import { ReadOnlyHeaders } from '../http';
+import { IIncomingRequest } from '../http/interfaces/IIncomingRequest';
 export declare type RequestData = {
     /**
      * The request URL.
@@ -19,7 +22,7 @@ export declare type RequestData = {
      * An object representing the request headers. The keys are the header names (all lowercase) and the values
      * are arrays of strings, with each string representing one value associated with the header name.
      */
-    headers: HttpHeaders;
+    headers: ReadOnlyHeaders;
     /**
      * An object representing the request cookies. The keys are the cookie
      * names and the values are the cookie values.
@@ -40,7 +43,7 @@ export declare type RequestData = {
     /**
      * An interface representing the original HTTP request.
      */
-    request: IHttpRequest;
+    request: IIncomingRequest;
     /**
      * The HTTP version used for the request (e.g., 0.9, 1.0, 1.1, 2.0).
      */
@@ -253,8 +256,8 @@ export interface IContext {
      */
     customParameters?: CustomParameters;
     /**
-     * A function that completes context initialization. Should be called only if
-     * the request should not be filtered and is not first-party.
+     * An array of objects with information about the different GraphQL operations
+     * parsed from the request.
      */
-    completeInitialization(): Promise<void>;
+    graphqlData?: GraphQLData[];
 }

package/lib/custom_parameters/CustomParametersFunction.d.ts

@@ -1,4 +1,4 @@
-import { IHttpRequest } from '../http';
 import { ConfigurationParams } from '../config';
 import { CustomParameters } from './CustomParameters';
-export declare type CustomParametersFunction = (config: ConfigurationParams, httpRequest: IHttpRequest) => CustomParameters | Promise<CustomParameters>;
+import { IIncomingRequest } from '../http/interfaces/IIncomingRequest';
+export declare type CustomParametersFunction = (config: ConfigurationParams, httpRequest: IIncomingRequest) => CustomParameters | Promise<CustomParameters>;

package/lib/custom_parameters/CustomParametersUtils.d.ts

@@ -1,4 +1,7 @@
+import { IConfiguration } from '../config';
+import { IContext } from '../context';
 import { CustomParameters } from './CustomParameters';
 export declare namespace CustomParametersUtils {
+    const handleCustomParameters: (config: IConfiguration, context: IContext) => Promise<void>;
     const normalizeCustomParams: (customParameters: Record<string, any>) => CustomParameters;
 }

package/lib/custom_parameters/CustomParametersUtils.js

@@ -1,8 +1,67 @@
 "use strict";
+var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, generator) {
+    function adopt(value) { return value instanceof P ? value : new P(function (resolve) { resolve(value); }); }
+    return new (P || (P = Promise))(function (resolve, reject) {
+        function fulfilled(value) { try { step(generator.next(value)); } catch (e) { reject(e); } }
+        function rejected(value) { try { step(generator["throw"](value)); } catch (e) { reject(e); } }
+        function step(result) { result.done ? resolve(result.value) : adopt(result.value).then(fulfilled, rejected); }
+        step((generator = generator.apply(thisArg, _arguments || [])).next());
+    });
+};
+var __generator = (this && this.__generator) || function (thisArg, body) {
+    var _ = { label: 0, sent: function() { if (t[0] & 1) throw t[1]; return t[1]; }, trys: [], ops: [] }, f, y, t, g;
+    return g = { next: verb(0), "throw": verb(1), "return": verb(2) }, typeof Symbol === "function" && (g[Symbol.iterator] = function() { return this; }), g;
+    function verb(n) { return function (v) { return step([n, v]); }; }
+    function step(op) {
+        if (f) throw new TypeError("Generator is already executing.");
+        while (_) try {
+            if (f = 1, y && (t = op[0] & 2 ? y["return"] : op[0] ? y["throw"] || ((t = y["return"]) && t.call(y), 0) : y.next) && !(t = t.call(y, op[1])).done) return t;
+            if (y = 0, t) op = [op[0] & 2, t.value];
+            switch (op[0]) {
+                case 0: case 1: t = op; break;
+                case 4: _.label++; return { value: op[1], done: false };
+                case 5: _.label++; y = op[1]; op = [0]; continue;
+                case 7: op = _.ops.pop(); _.trys.pop(); continue;
+                default:
+                    if (!(t = _.trys, t = t.length > 0 && t[t.length - 1]) && (op[0] === 6 || op[0] === 2)) { _ = 0; continue; }
+                    if (op[0] === 3 && (!t || (op[1] > t[0] && op[1] < t[3]))) { _.label = op[1]; break; }
+                    if (op[0] === 6 && _.label < t[1]) { _.label = t[1]; t = op; break; }
+                    if (t && _.label < t[2]) { _.label = t[2]; _.ops.push(op); break; }
+                    if (t[2]) _.ops.pop();
+                    _.trys.pop(); continue;
+            }
+            op = body.call(thisArg, _);
+        } catch (e) { op = [6, e]; y = 0; } finally { f = t = 0; }
+        if (op[0] & 5) throw op[1]; return { value: op[0] ? op[1] : void 0, done: true };
+    }
+};
 Object.defineProperty(exports, "__esModule", { value: true });
 exports.CustomParametersUtils = void 0;
 var CustomParametersUtils;
 (function (CustomParametersUtils) {
+    var _this = this;
+    CustomParametersUtils.handleCustomParameters = function (config, context) { return __awaiter(_this, void 0, void 0, function () {
+        var parameters, e_1;
+        return __generator(this, function (_a) {
+            switch (_a.label) {
+                case 0:
+                    if (!(config.enrichCustomParameters && typeof config.enrichCustomParameters === 'function')) return [3 /*break*/, 4];
+                    _a.label = 1;
+                case 1:
+                    _a.trys.push([1, 3, , 4]);
+                    return [4 /*yield*/, config.enrichCustomParameters(config.toParams(), context.requestData.request)];
+                case 2:
+                    parameters = _a.sent();
+                    context.customParameters = CustomParametersUtils.normalizeCustomParams(parameters);
+                    return [3 /*break*/, 4];
+                case 3:
+                    e_1 = _a.sent();
+                    config.logger.error("unable to enrich custom params: ".concat(e_1));
+                    return [3 /*break*/, 4];
+                case 4: return [2 /*return*/];
+            }
+        });
+    }); };
     CustomParametersUtils.normalizeCustomParams = function (customParameters) {
         var normalizedParams = {};
         if (customParameters && typeof customParameters === 'object') {

package/lib/enforcer/EnforcerBase.d.ts

@@ -1,6 +1,5 @@
 import { IEnforcer } from './IEnforcer';
 import { IConfiguration } from '../config';
-import { IHttpClient, IHttpRequest, IHttpResponse } from '../http';
 import { IBase64Utils, ICipherUtils, IHashUtils, IIpRangeChecker, IScoreRetriever } from '../utils';
 import { IContext } from '../context';
 import { IFilter } from '../filter';
@@ -10,6 +9,10 @@ import { ITelemetry } from '../telemetry';
 import { IBlockResponseGenerator } from '../block_handler';
 import { TokenVersion } from '../risk_token';
 import { IActivityClient } from '../activities';
+import { IGraphQLParser } from '../graphql';
+import { IHttpClient } from '../http';
+import { IOutgoingResponse } from '../http';
+import { IMinimalResponse } from '../http';
 export declare type EnforcerBaseOptions = {
     tokenVersion?: TokenVersion;
     dataEnrichment?: IDataEnrichment;
@@ -20,6 +23,7 @@ export declare type EnforcerBaseOptions = {
     hashUtils?: IHashUtils;
     cipherUtils?: ICipherUtils;
     blockGenerator?: IBlockResponseGenerator;
+    graphqlParser?: IGraphQLParser;
 } & ({
     httpClient: IHttpClient;
     firstParty?: IFirstParty;
@@ -33,7 +37,7 @@ export declare type EnforcerBaseOptions = {
     riskApiScoreRetriever: IScoreRetriever;
     activityClient: IActivityClient;
 });
-export declare abstract class EnforcerBase<EnforceArgs extends any[], Req, Res> implements IEnforcer<EnforceArgs, [Req, Res, ...EnforceArgs], Promise<Req | Res>, Promise<Res>> {
+export declare abstract class EnforcerBase<EnforceArgs extends any[], Req, Res> implements IEnforcer<EnforceArgs, [Req, Res, ...EnforceArgs], Promise<null | Res>, Promise<void>> {
     protected config: IConfiguration;
     protected filter: IFilter;
     protected dataEnrichment: IDataEnrichment;
@@ -43,6 +47,7 @@ export declare abstract class EnforcerBase<EnforceArgs extends any[], Req, Res>
     protected riskApiScoreRetriever: IScoreRetriever;
     protected blockGenerator: IBlockResponseGenerator;
     protected activityClient: IActivityClient;
+    protected graphQLParser?: IGraphQLParser;
     /**
      * Returns the original Req object in case the module is disabled or an error is thrown.
      * @param args - The EnforceArgs required to enforce the incoming request.
@@ -65,39 +70,25 @@ export declare abstract class EnforcerBase<EnforceArgs extends any[], Req, Res>
      * @returns IContext - The context for the request.
      * @protected
      */
-    protected abstract retrieveContext(req: Req, res: Res, ...args: EnforceArgs): IContext;
-    /**
-     * Converts the IHttpRequest object into the Req object.
-     * @param httpRequest - The IHttpRequest object.
-     * @returns Promise<Req> - A Promise resolving to Req.
-     * @protected
-     */
-    protected abstract convertToReq(httpRequest: IHttpRequest): Promise<Req>;
+    protected abstract retrieveContext(req: Req, res: Res, ...args: EnforceArgs): IContext | null;
     /**
      * Converts the IHttpResponse object into the Res object.
      * @param httpResponse - The IHttpResponse object.
      * @returns Promise<Res> - A Promise resolving to Res.
      * @protected
      */
-    protected abstract convertToRes(httpResponse: IHttpResponse): Promise<Res>;
-    /**
-     * Converts the Req object into the IHttpRequest interface.
-     * @param req - The Req object.
-     * @returns Promise<IHttpRequest> - A Promise resolving to IHttpRequest.
-     * @protected
-     */
-    protected abstract convertToHttpRequest(req: Req): Promise<IHttpRequest>;
+    protected abstract convertToRes(httpResponse: IMinimalResponse): Promise<Res>;
     /**
      * Converts the Res object into the IHttpResponse interface.
      * @param res - The Res object.
      * @returns Promise<IHttpResponse> - A Promise resolving to IHttpResponse.
      * @protected
      */
-    protected abstract convertToHttpResponse(res: Res): Promise<IHttpResponse>;
+    protected abstract convertToHttpResponse(res: Res): Promise<IOutgoingResponse>;
     /**
      * The EnforcerBase constructor.
      * @param config - The enforcer configuration.
-     * @param options - An options object that allows for overriding any functional building blocks in the enforcer.
+     * @param options - An MinimalResponseOptions object that allows for overriding any functional building blocks in the enforcer.
      * @protected
      */
     protected constructor(config: IConfiguration, options: EnforcerBaseOptions);
@@ -106,24 +97,26 @@ export declare abstract class EnforcerBase<EnforceArgs extends any[], Req, Res>
      * @param args - The EnforceArgs required to enforce the incoming request.
      * @returns Promise<Req|Res> - A Promise resolving to a either Req or Res depending on the action that should be taken.
      */
-    enforce(...args: EnforceArgs): Promise<Req | Res>;
+    enforce(...args: EnforceArgs): Promise<Res | null>;
     /**
      * Performs all enforcer functionality on the incoming request context.
      * @param args - The EnforceArgs required to enforce the incoming request.
      * @returns Promise<Req|Res> - A Promise resolving to a either Req or Res depending on the action that should be taken.
      * @protected
      */
-    protected doEnforce(...args: EnforceArgs): Promise<Req | Res>;
+    protected doEnforce(...args: EnforceArgs): Promise<Res | null>;
     protected createContext(...args: EnforceArgs): Promise<IContext>;
-    protected handleFirstParty(context: IContext): Promise<IHttpResponse>;
+    protected handleFirstParty(context: IContext): Promise<IMinimalResponse>;
     protected handleFilter(context: IContext): boolean;
     protected handleCompleteContextInitialization(context: IContext): Promise<void>;
+    protected handleGraphQL(context: IContext): Promise<void>;
+    protected handleEnrichCustomParameters(context: IContext): Promise<void>;
     protected handleTelemetryIfNeeded(context: IContext): Promise<void>;
     protected handlePxde(context: IContext): Promise<void>;
     protected handleCookieRetrieverIfNeeded(context: IContext): Promise<void>;
     protected handleRiskApiIfNeeded(context: IContext): Promise<void>;
     protected handleAdditionalActivityHandler(context: IContext): Promise<void>;
-    protected handleBlockResponse(context: IContext): Promise<null | IHttpResponse>;
+    protected handleBlockResponse(context: IContext): Promise<null | IMinimalResponse>;
     protected handleSendActivities(context: IContext): Promise<void>;
     /**
      * Performs all required functionality after an origin response has been received.
@@ -133,7 +126,7 @@ export declare abstract class EnforcerBase<EnforceArgs extends any[], Req, Res>
      * @returns Promise<Res> - A modified response
      * @protected
      */
-    postEnforce(req: Req, res: Res, ...args: EnforceArgs): Promise<Res>;
-    protected setResponseData(context: IContext, response: IHttpResponse): Promise<void>;
-    protected handlePxhd(context: IContext, response: IHttpResponse): Promise<IHttpResponse>;
+    postEnforce(req: Req, res: Res, ...args: EnforceArgs): Promise<void>;
+    protected setResponseData(context: IContext, response: IOutgoingResponse): Promise<void>;
+    protected handlePxhd(context: IContext, response: IOutgoingResponse): Promise<void>;
 }

package/lib/enforcer/EnforcerBase.js

@@ -57,21 +57,26 @@ var block_handler_1 = require("../block_handler");
 var risk_token_1 = require("../risk_token");
 var risk_api_1 = require("../risk_api");
 var activities_1 = require("../activities");
+var graphql_1 = require("../graphql");
+var custom_parameters_1 = require("../custom_parameters");
 var EnforcerBase = /** @class */ (function () {
     /**
      * The EnforcerBase constructor.
      * @param config - The enforcer configuration.
-     * @param options - An options object that allows for overriding any functional building blocks in the enforcer.
+     * @param options - An MinimalResponseOptions object that allows for overriding any functional building blocks in the enforcer.
      * @protected
      */
     function EnforcerBase(config, options) {
         this.config = config;
-        var base64Utils = options.base64Utils || new utils_1.DefaultBase64Utils();
-        var hashUtils = options.hashUtils || new utils_1.DefaultHashUtils();
+        var base64Utils = options.base64Utils || new utils_1.JSBase64Base64Utils();
+        var hashUtils = options.hashUtils || new utils_1.CryptoJSHmacUtils();
         this.filter = options.filter || new filter_1.DefaultFilter(this.config, options === null || options === void 0 ? void 0 : options.ipRangeChecker);
         this.cookieScoreRetriever = options.cookieScoreRetriever || new risk_token_1.RiskTokenScoreRetriever(this.config);
         this.blockGenerator = options.blockGenerator || new block_handler_1.DefaultBlockResponseGenerator(this.config, base64Utils);
         this.dataEnrichment = options.dataEnrichment || new pxde_1.DefaultDataEnrichment(this.config, base64Utils, hashUtils);
+        this.graphQLParser = this.config.graphqlEnabled
+            ? options.graphqlParser || new graphql_1.DefaultGraphQLParser(this.config)
+            : null;
         var httpClient = options.httpClient;
         this.firstParty = options.firstParty || new first_party_1.DefaultFirstParty(this.config, httpClient);
         this.telemetry = options.telemetry || new telemetry_1.DefaultTelemetry(this.config, httpClient, base64Utils, hashUtils);
@@ -104,7 +109,7 @@ var EnforcerBase = /** @class */ (function () {
                         _a.trys.push([0, 2, , 3]);
                         if (!this.config.moduleEnabled) {
                             this.config.logger.debug('module is disabled, will not enforce');
-                            return [2 /*return*/, this.getRequestFromArgs.apply(this, args)];
+                            return [2 /*return*/, null];
                         }
                         this.config.logger.debug('module is enabled, continuing with enforcement');
                         return [4 /*yield*/, this.doEnforce.apply(this, args)];
@@ -112,7 +117,7 @@ var EnforcerBase = /** @class */ (function () {
                     case 2:
                         e_1 = _a.sent();
                         this.config.logger.error("caught error in enforce - ".concat(e_1));
-                        return [2 /*return*/, this.getRequestFromArgs.apply(this, args)];
+                        return [2 /*return*/, null];
                     case 3: return [2 /*return*/];
                 }
             });
@@ -145,36 +150,42 @@ var EnforcerBase = /** @class */ (function () {
                         }
                         if (this.handleFilter(context)) {
                             this.config.logger.debug("filtering due to ".concat(context.filterReason));
-                            return [2 /*return*/, this.convertToReq(context.requestData.request)];
+                            return [2 /*return*/, null];
                         }
                         return [4 /*yield*/, this.handleCompleteContextInitialization(context)];
                     case 3:
                         _a.sent();
                         this.config.logger.debug('context initialization complete');
-                        return [4 /*yield*/, this.handleTelemetryIfNeeded(context)];
+                        return [4 /*yield*/, this.handleGraphQL(context)];
                     case 4:
                         _a.sent();
-                        return [4 /*yield*/, this.handlePxde(context)];
+                        return [4 /*yield*/, this.handleEnrichCustomParameters(context)];
                     case 5:
                         _a.sent();
-                        return [4 /*yield*/, this.handleCookieRetrieverIfNeeded(context)];
+                        return [4 /*yield*/, this.handleTelemetryIfNeeded(context)];
                     case 6:
                         _a.sent();
-                        return [4 /*yield*/, this.handleRiskApiIfNeeded(context)];
+                        return [4 /*yield*/, this.handlePxde(context)];
                     case 7:
                         _a.sent();
-                        return [4 /*yield*/, this.handleAdditionalActivityHandler(context)];
+                        return [4 /*yield*/, this.handleCookieRetrieverIfNeeded(context)];
                     case 8:
                         _a.sent();
-                        return [4 /*yield*/, this.handleBlockResponse(context)];
+                        return [4 /*yield*/, this.handleRiskApiIfNeeded(context)];
                     case 9:
+                        _a.sent();
+                        return [4 /*yield*/, this.handleAdditionalActivityHandler(context)];
+                    case 10:
+                        _a.sent();
+                        return [4 /*yield*/, this.handleBlockResponse(context)];
+                    case 11:
                         httpResponse = _a.sent();
                         if (httpResponse) {
                             this.config.logger.debug("blocking request due to ".concat(context.blockReason));
                             return [2 /*return*/, this.convertToRes(httpResponse)];
                         }
                         this.config.logger.debug("passing request due to ".concat(context.passReason || 'monitor mode'));
-                        return [2 /*return*/, this.convertToReq(context.requestData.request)];
+                        return [2 /*return*/, null];
                 }
             });
         });
@@ -204,10 +215,33 @@ var EnforcerBase = /** @class */ (function () {
         return this.filter.shouldFilter(context);
     };
     EnforcerBase.prototype.handleCompleteContextInitialization = function (context) {
+        return __awaiter(this, void 0, void 0, function () {
+            return __generator(this, function (_a) {
+                return [2 /*return*/];
+            });
+        });
+    };
+    EnforcerBase.prototype.handleGraphQL = function (context) {
+        var _a;
+        return __awaiter(this, void 0, void 0, function () {
+            return __generator(this, function (_b) {
+                switch (_b.label) {
+                    case 0:
+                        if (!((_a = this.graphQLParser) === null || _a === void 0 ? void 0 : _a.isGraphQLRequest(context))) return [3 /*break*/, 2];
+                        return [4 /*yield*/, this.graphQLParser.parseGraphQLRequest(context)];
+                    case 1:
+                        _b.sent();
+                        _b.label = 2;
+                    case 2: return [2 /*return*/];
+                }
+            });
+        });
+    };
+    EnforcerBase.prototype.handleEnrichCustomParameters = function (context) {
         return __awaiter(this, void 0, void 0, function () {
             return __generator(this, function (_a) {
                 switch (_a.label) {
-                    case 0: return [4 /*yield*/, context.completeInitialization()];
+                    case 0: return [4 /*yield*/, custom_parameters_1.CustomParametersUtils.handleCustomParameters(this.config, context)];
                     case 1:
                         _a.sent();
                         return [2 /*return*/];
@@ -347,15 +381,14 @@ var EnforcerBase = /** @class */ (function () {
                         _a.sent();
                         return [4 /*yield*/, this.handlePxhd(context_1, response)];
                     case 5:
-                        response = _a.sent();
+                        _a.sent();
                         _a.label = 6;
                     case 6: return [3 /*break*/, 8];
                     case 7:
                         e_2 = _a.sent();
                         this.config.logger.error("error in post enforce - ".concat(e_2));
                         return [3 /*break*/, 8];
-                    case 8: return [4 /*yield*/, this.convertToRes(response)];
-                    case 9: return [2 /*return*/, _a.sent()];
+                    case 8: return [2 /*return*/];
                 }
             });
         });
@@ -363,7 +396,9 @@ var EnforcerBase = /** @class */ (function () {
     EnforcerBase.prototype.setResponseData = function (context, response) {
         return __awaiter(this, void 0, void 0, function () {
             return __generator(this, function (_a) {
-                context.responseData.status = response.status;
+                if (response.status) {
+                    context.responseData.status = response.status;
+                }
                 return [2 /*return*/];
             });
         });
@@ -371,7 +406,7 @@ var EnforcerBase = /** @class */ (function () {
     EnforcerBase.prototype.handlePxhd = function (context, response) {
         return __awaiter(this, void 0, void 0, function () {
             return __generator(this, function (_a) {
-                return [2 /*return*/, pxhd_1.PXHDUtils.addPxhdToResponse(context, response)];
+                return [2 /*return*/, pxhd_1.PXHDUtils.addPxhdToOutgoingResponse(context, response)];
             });
         });
     };