perimeterx-js-core 0.2.0 → 0.4.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/README.md +16 -9
- package/lib/activities/HttpActivityClient.d.ts +1 -1
- package/lib/activities/HttpActivityClient.js +7 -4
- package/lib/activities/HttpBatchedActivityClient.d.ts +1 -1
- package/lib/activities/model/ActivityDetails.d.ts +4 -2
- package/lib/activities/utils.js +2 -1
- package/lib/block_handler/DefaultBlockResponseGenerator.d.ts +2 -2
- package/lib/block_handler/DefaultBlockResponseGenerator.js +7 -2
- package/lib/block_handler/IBlockResponseGenerator.d.ts +2 -2
- package/lib/block_handler/captcha/CaptchaBlockResponseGenerator.d.ts +2 -2
- package/lib/block_handler/captcha/HtmlCaptchaResponseGenerator.d.ts +2 -2
- package/lib/block_handler/captcha/HtmlCaptchaResponseGenerator.js +6 -1
- package/lib/block_handler/captcha/JsonCaptchaResponseGenerator.d.ts +2 -2
- package/lib/block_handler/captcha/JsonCaptchaResponseGenerator.js +8 -4
- package/lib/block_handler/captcha/MobileCaptchaResponseGenerator.d.ts +2 -2
- package/lib/block_handler/captcha/MobileCaptchaResponseGenerator.js +6 -1
- package/lib/config/ConfigurationParams.d.ts +4 -0
- package/lib/config/DefaultConfigurations.js +9 -5
- package/lib/config/IConfiguration.d.ts +18 -0
- package/lib/config/StaticConfigurationBase.d.ts +4 -0
- package/lib/config/StaticConfigurationBase.js +28 -0
- package/lib/context/ContextBase.d.ts +9 -7
- package/lib/context/ContextBase.js +22 -89
- package/lib/context/DefaultTokenV2Context.d.ts +2 -2
- package/lib/context/DefaultTokenV2Context.js +1 -1
- package/lib/context/DefaultTokenV3Context.d.ts +2 -2
- package/lib/context/DefaultTokenV3Context.js +1 -1
- package/lib/context/IContext.d.ts +9 -6
- package/lib/custom_parameters/CustomParametersFunction.d.ts +2 -2
- package/lib/custom_parameters/CustomParametersUtils.d.ts +3 -0
- package/lib/custom_parameters/CustomParametersUtils.js +59 -0
- package/lib/enforcer/EnforcerBase.d.ts +20 -27
- package/lib/enforcer/EnforcerBase.js +54 -19
- package/lib/filter/DefaultFilter.js +1 -1
- package/lib/first_party/DefaultFirstParty.d.ts +3 -2
- package/lib/first_party/DefaultFirstParty.js +45 -35
- package/lib/first_party/IFirstParty.d.ts +2 -2
- package/lib/first_party/constants.d.ts +2 -9
- package/lib/first_party/constants.js +7 -9
- package/lib/graphql/DefaultGraphQLParser.d.ts +19 -0
- package/lib/graphql/DefaultGraphQLParser.js +179 -0
- package/lib/graphql/IGraphQLParser.d.ts +5 -0
- package/lib/graphql/index.d.ts +5 -0
- package/lib/graphql/index.js +7 -0
- package/lib/graphql/model/GraphQLData.d.ts +7 -0
- package/lib/graphql/model/GraphQLOperation.d.ts +5 -0
- package/lib/graphql/model/GraphQLOperationType.d.ts +5 -0
- package/lib/graphql/model/GraphQLOperationType.js +9 -0
- package/lib/http/impl/MinimalResponseImpl.d.ts +13 -0
- package/lib/http/impl/MinimalResponseImpl.js +12 -0
- package/lib/http/impl/OutgoingRequestImpl.d.ts +14 -0
- package/lib/http/impl/OutgoingRequestImpl.js +14 -0
- package/lib/http/impl/index.d.ts +2 -0
- package/lib/http/impl/index.js +18 -0
- package/lib/http/index.d.ts +2 -9
- package/lib/http/index.js +2 -11
- package/lib/http/interfaces/IBody.d.ts +26 -0
- package/lib/http/interfaces/IHttpClient.d.ts +8 -0
- package/lib/http/interfaces/IIncomingRequest.d.ts +23 -0
- package/lib/http/interfaces/IIncomingRequest.js +2 -0
- package/lib/http/interfaces/IIncomingResponse.d.ts +9 -0
- package/lib/http/interfaces/IIncomingResponse.js +2 -0
- package/lib/http/interfaces/IMinimalResponse.d.ts +6 -0
- package/lib/http/interfaces/IMinimalResponse.js +2 -0
- package/lib/http/interfaces/IOutgoingRequest.d.ts +11 -0
- package/lib/http/interfaces/IOutgoingRequest.js +2 -0
- package/lib/http/interfaces/IOutgoingResponse.d.ts +17 -0
- package/lib/http/interfaces/IOutgoingResponse.js +2 -0
- package/lib/http/interfaces/ReadOnlyHeaders.d.ts +3 -0
- package/lib/http/interfaces/ReadOnlyHeaders.js +25 -0
- package/lib/http/interfaces/index.d.ts +7 -0
- package/lib/http/interfaces/index.js +23 -0
- package/lib/http/utils/MinimalResponseUtils.d.ts +4 -0
- package/lib/http/utils/MinimalResponseUtils.js +39 -0
- package/lib/http/utils/index.d.ts +1 -3
- package/lib/http/utils/index.js +2 -5
- package/lib/index.d.ts +1 -0
- package/lib/index.js +1 -0
- package/lib/pxde/IDataEnrichment.d.ts +1 -1
- package/lib/pxhd/PXHDUtils.d.ts +5 -2
- package/lib/pxhd/PXHDUtils.js +17 -2
- package/lib/risk_api/PostRiskApiClient.d.ts +3 -2
- package/lib/risk_api/PostRiskApiClient.js +20 -14
- package/lib/risk_api/S2SErrorHandler.d.ts +2 -2
- package/lib/risk_api/S2SErrorHandler.js +1 -1
- package/lib/risk_api/model/RiskActivity.d.ts +2 -0
- package/lib/risk_api/model/RiskResponseV2.d.ts +2 -0
- package/lib/risk_api/risk_response_handler/IRiskResponseHandler.d.ts +2 -2
- package/lib/risk_api/risk_response_handler/RiskResponseHandlerBase.d.ts +2 -2
- package/lib/risk_api/risk_response_handler/RiskResponseV2Handler.js +1 -0
- package/lib/risk_token/token/v2/DefaultBotDefenderTokenV2.js +12 -4
- package/lib/telemetry/DefaultTelemetry.d.ts +2 -1
- package/lib/telemetry/DefaultTelemetry.js +16 -7
- package/lib/utils/IScoreRetriever.d.ts +1 -1
- package/lib/utils/base64/{DefaultBase64Utils.d.ts → AtobBase64Utils.d.ts} +2 -2
- package/lib/utils/base64/AtobBase64Utils.js +15 -0
- package/lib/utils/base64/BufferBase64Utils.d.ts +6 -0
- package/lib/utils/base64/BufferBase64Utils.js +18 -0
- package/lib/utils/base64/JSBase64Base64Utils.d.ts +5 -0
- package/lib/utils/base64/JSBase64Base64Utils.js +16 -0
- package/lib/utils/base64/index.d.ts +4 -2
- package/lib/utils/base64/index.js +18 -3
- package/lib/utils/cipher/CryptoCipherUtils.d.ts +12 -0
- package/lib/{http/body_reader/StringBodyReader.js → utils/cipher/CryptoCipherUtils.js} +20 -25
- package/lib/utils/cipher/SubtleCryptoCipherUtils.d.ts +9 -0
- package/lib/utils/cipher/SubtleCryptoCipherUtils.js +94 -0
- package/lib/utils/cipher/index.d.ts +2 -0
- package/lib/utils/cipher/index.js +16 -0
- package/lib/utils/constants.d.ts +1 -1
- package/lib/utils/constants.js +1 -1
- package/lib/utils/hash/CryptoHmacUtils.d.ts +11 -0
- package/lib/utils/hash/CryptoHmacUtils.js +25 -0
- package/lib/utils/hash/{DefaultHashUtils.d.ts → CryptoJSHmacUtils.d.ts} +1 -1
- package/lib/utils/hash/CryptoJSHmacUtils.js +19 -0
- package/lib/utils/hash/index.d.ts +3 -2
- package/lib/utils/hash/index.js +17 -3
- package/lib/utils/utils.d.ts +1 -2
- package/lib/utils/utils.js +15 -4
- package/package.json +1 -2
- package/lib/http/IHttpClient.d.ts +0 -14
- package/lib/http/body_reader/IBodyReader.d.ts +0 -5
- package/lib/http/body_reader/StringBodyReader.d.ts +0 -8
- package/lib/http/request/DefaultHttpRequest.d.ts +0 -5
- package/lib/http/request/DefaultHttpRequest.js +0 -42
- package/lib/http/request/HttpRequestBase.d.ts +0 -24
- package/lib/http/request/HttpRequestBase.js +0 -77
- package/lib/http/request/IHttpRequest.d.ts +0 -31
- package/lib/http/response/DefaultHttpResponse.d.ts +0 -5
- package/lib/http/response/DefaultHttpResponse.js +0 -32
- package/lib/http/response/HttpResponseBase.d.ts +0 -17
- package/lib/http/response/HttpResponseBase.js +0 -75
- package/lib/http/response/IHttpResponse.d.ts +0 -26
- package/lib/http/utils/HttpBody.d.ts +0 -4
- package/lib/http/utils/HttpHeaders.d.ts +0 -51
- package/lib/http/utils/HttpHeaders.js +0 -106
- package/lib/utils/base64/DefaultBase64Utils.js +0 -16
- package/lib/utils/hash/DefaultHashUtils.js +0 -19
- /package/lib/{http/IHttpClient.js → graphql/IGraphQLParser.js} +0 -0
- /package/lib/{http/body_reader/IBodyReader.js → graphql/model/GraphQLData.js} +0 -0
- /package/lib/{http/request/IHttpRequest.js → graphql/model/GraphQLOperation.js} +0 -0
- /package/lib/http/{response/IHttpResponse.js → interfaces/IBody.js} +0 -0
- /package/lib/http/{utils/HttpBody.js → interfaces/IHttpClient.js} +0 -0
|
@@ -41,6 +41,8 @@ var http_1 = require("../http");
|
|
|
41
41
|
var activities_1 = require("../activities");
|
|
42
42
|
var utils_1 = require("../utils");
|
|
43
43
|
var constants_1 = require("./constants");
|
|
44
|
+
var __1 = require("..");
|
|
45
|
+
var __2 = require("..");
|
|
44
46
|
var DefaultTelemetry = /** @class */ (function () {
|
|
45
47
|
function DefaultTelemetry(config, httpClient, base64Utils, hashUtils) {
|
|
46
48
|
this.config = config;
|
|
@@ -93,12 +95,11 @@ var DefaultTelemetry = /** @class */ (function () {
|
|
|
93
95
|
});
|
|
94
96
|
};
|
|
95
97
|
DefaultTelemetry.prototype.getTelemetryHeader = function (context) {
|
|
96
|
-
|
|
97
|
-
return ((_a = context.requestData.headers.get(constants_1.TELEMETRY_HEADER_NAME)) === null || _a === void 0 ? void 0 : _a[0]) || '';
|
|
98
|
+
return context.requestData.request.headers.get(constants_1.TELEMETRY_HEADER_NAME) || '';
|
|
98
99
|
};
|
|
99
100
|
DefaultTelemetry.prototype.isTelemetryHeaderValid = function (headerValue) {
|
|
100
101
|
return __awaiter(this, void 0, void 0, function () {
|
|
101
|
-
var decodedValue, splitValue, timestamp, givenHmac,
|
|
102
|
+
var decodedValue, splitValue, timestamp, givenHmac, curUnixTime, timestampNumber;
|
|
102
103
|
return __generator(this, function (_a) {
|
|
103
104
|
this.config.logger.debug('received command to send enforcer telemetry');
|
|
104
105
|
decodedValue = this.base64Utils.base64Decode(headerValue);
|
|
@@ -109,8 +110,7 @@ var DefaultTelemetry = /** @class */ (function () {
|
|
|
109
110
|
}
|
|
110
111
|
timestamp = splitValue[constants_1.TELEMETRY_HEADER_TIMESTAMP_INDEX];
|
|
111
112
|
givenHmac = splitValue[constants_1.TELEMETRY_HEADER_HMAC_INDEX];
|
|
112
|
-
|
|
113
|
-
if (givenHmac !== calculatedHmac) {
|
|
113
|
+
if (!this.isTelemetryHmacValid(givenHmac, timestamp)) {
|
|
114
114
|
this.config.logger.debug("".concat(constants_1.TELEMETRY_HEADER_NAME, " hmac validation failed. original hmac: ").concat(givenHmac, ", timestamp: ").concat(timestamp, "."));
|
|
115
115
|
return [2 /*return*/, false];
|
|
116
116
|
}
|
|
@@ -124,6 +124,15 @@ var DefaultTelemetry = /** @class */ (function () {
|
|
|
124
124
|
});
|
|
125
125
|
});
|
|
126
126
|
};
|
|
127
|
+
DefaultTelemetry.prototype.isTelemetryHmacValid = function (givenHmac, timestamp) {
|
|
128
|
+
try {
|
|
129
|
+
return givenHmac === this.hashUtils.createHmac(utils_1.Algorithm.SHA256, timestamp, this.config.cookieSecret);
|
|
130
|
+
}
|
|
131
|
+
catch (e) {
|
|
132
|
+
this.config.logger.debug("caught error validating telemetry hmac: ".concat(e));
|
|
133
|
+
return false;
|
|
134
|
+
}
|
|
135
|
+
};
|
|
127
136
|
DefaultTelemetry.prototype.sendTelemetryActivity = function (context) {
|
|
128
137
|
return __awaiter(this, void 0, void 0, function () {
|
|
129
138
|
var telemetryRequest;
|
|
@@ -143,13 +152,13 @@ var DefaultTelemetry = /** @class */ (function () {
|
|
|
143
152
|
DefaultTelemetry.prototype.createTelemetryRequest = function (context) {
|
|
144
153
|
var _a;
|
|
145
154
|
var url = "".concat(this.config.backendScoreApiUrl).concat(constants_1.TELEMETRY_ENDPOINT);
|
|
146
|
-
var method =
|
|
155
|
+
var method = __1.HttpMethod.POST;
|
|
147
156
|
var headers = (_a = {},
|
|
148
157
|
_a[http_1.CONTENT_TYPE_HEADER_NAME] = [http_1.ContentType.APPLICATION_JSON],
|
|
149
158
|
_a[http_1.AUTHORIZATION_HEADER_NAME] = [(0, utils_1.getAuthorizationHeader)(this.config.authToken)],
|
|
150
159
|
_a);
|
|
151
160
|
var activity = this.createTelemetryActivity(context);
|
|
152
|
-
return new
|
|
161
|
+
return new __2.OutgoingRequestImpl({ url: url, method: method, headers: headers, body: JSON.stringify(activity) });
|
|
153
162
|
};
|
|
154
163
|
DefaultTelemetry.prototype.createTelemetryActivity = function (context) {
|
|
155
164
|
var SENSITIVE_CONFIG_FIELDS = ['px_auth_token', 'px_cookie_secret'];
|
|
@@ -1,5 +1,5 @@
|
|
|
1
1
|
import { IBase64Utils } from './IBase64Utils';
|
|
2
|
-
export declare class
|
|
3
|
-
base64Encode(stringToEncode: string): string;
|
|
2
|
+
export declare class AtobBase64Utils implements IBase64Utils {
|
|
4
3
|
base64Decode(stringToDecode: string): string;
|
|
4
|
+
base64Encode(stringToEncode: string): string;
|
|
5
5
|
}
|
|
@@ -0,0 +1,15 @@
|
|
|
1
|
+
"use strict";
|
|
2
|
+
Object.defineProperty(exports, "__esModule", { value: true });
|
|
3
|
+
exports.AtobBase64Utils = void 0;
|
|
4
|
+
var AtobBase64Utils = /** @class */ (function () {
|
|
5
|
+
function AtobBase64Utils() {
|
|
6
|
+
}
|
|
7
|
+
AtobBase64Utils.prototype.base64Decode = function (stringToDecode) {
|
|
8
|
+
return atob(stringToDecode);
|
|
9
|
+
};
|
|
10
|
+
AtobBase64Utils.prototype.base64Encode = function (stringToEncode) {
|
|
11
|
+
return btoa(stringToEncode);
|
|
12
|
+
};
|
|
13
|
+
return AtobBase64Utils;
|
|
14
|
+
}());
|
|
15
|
+
exports.AtobBase64Utils = AtobBase64Utils;
|
|
@@ -0,0 +1,18 @@
|
|
|
1
|
+
"use strict";
|
|
2
|
+
Object.defineProperty(exports, "__esModule", { value: true });
|
|
3
|
+
exports.BufferBase64Utils = void 0;
|
|
4
|
+
var BufferBase64Utils = /** @class */ (function () {
|
|
5
|
+
function BufferBase64Utils() {
|
|
6
|
+
}
|
|
7
|
+
BufferBase64Utils.prototype.base64Decode = function (stringToDecode) {
|
|
8
|
+
var buffer = Buffer.from(stringToDecode, BufferBase64Utils.BASE_64_ENCODING);
|
|
9
|
+
return buffer.toString();
|
|
10
|
+
};
|
|
11
|
+
BufferBase64Utils.prototype.base64Encode = function (stringToEncode) {
|
|
12
|
+
var buffer = Buffer.from(stringToEncode);
|
|
13
|
+
return buffer.toString(BufferBase64Utils.BASE_64_ENCODING);
|
|
14
|
+
};
|
|
15
|
+
BufferBase64Utils.BASE_64_ENCODING = 'base64';
|
|
16
|
+
return BufferBase64Utils;
|
|
17
|
+
}());
|
|
18
|
+
exports.BufferBase64Utils = BufferBase64Utils;
|
|
@@ -0,0 +1,16 @@
|
|
|
1
|
+
"use strict";
|
|
2
|
+
Object.defineProperty(exports, "__esModule", { value: true });
|
|
3
|
+
exports.JSBase64Base64Utils = void 0;
|
|
4
|
+
var js_base64_1 = require("js-base64");
|
|
5
|
+
var JSBase64Base64Utils = /** @class */ (function () {
|
|
6
|
+
function JSBase64Base64Utils() {
|
|
7
|
+
}
|
|
8
|
+
JSBase64Base64Utils.prototype.base64Encode = function (stringToEncode) {
|
|
9
|
+
return (0, js_base64_1.encode)(stringToEncode);
|
|
10
|
+
};
|
|
11
|
+
JSBase64Base64Utils.prototype.base64Decode = function (stringToDecode) {
|
|
12
|
+
return (0, js_base64_1.decode)(stringToDecode);
|
|
13
|
+
};
|
|
14
|
+
return JSBase64Base64Utils;
|
|
15
|
+
}());
|
|
16
|
+
exports.JSBase64Base64Utils = JSBase64Base64Utils;
|
|
@@ -1,5 +1,20 @@
|
|
|
1
1
|
"use strict";
|
|
2
|
+
var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
|
|
3
|
+
if (k2 === undefined) k2 = k;
|
|
4
|
+
var desc = Object.getOwnPropertyDescriptor(m, k);
|
|
5
|
+
if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
|
|
6
|
+
desc = { enumerable: true, get: function() { return m[k]; } };
|
|
7
|
+
}
|
|
8
|
+
Object.defineProperty(o, k2, desc);
|
|
9
|
+
}) : (function(o, m, k, k2) {
|
|
10
|
+
if (k2 === undefined) k2 = k;
|
|
11
|
+
o[k2] = m[k];
|
|
12
|
+
}));
|
|
13
|
+
var __exportStar = (this && this.__exportStar) || function(m, exports) {
|
|
14
|
+
for (var p in m) if (p !== "default" && !Object.prototype.hasOwnProperty.call(exports, p)) __createBinding(exports, m, p);
|
|
15
|
+
};
|
|
2
16
|
Object.defineProperty(exports, "__esModule", { value: true });
|
|
3
|
-
exports
|
|
4
|
-
|
|
5
|
-
|
|
17
|
+
__exportStar(require("./IBase64Utils"), exports);
|
|
18
|
+
__exportStar(require("./JSBase64Base64Utils"), exports);
|
|
19
|
+
__exportStar(require("./BufferBase64Utils"), exports);
|
|
20
|
+
__exportStar(require("./AtobBase64Utils"), exports);
|
|
@@ -0,0 +1,12 @@
|
|
|
1
|
+
/// <reference types="node" />
|
|
2
|
+
import * as crypto from 'crypto';
|
|
3
|
+
import { IBase64Utils } from '../base64';
|
|
4
|
+
import { ICipherUtils, Pbkdf2DecryptOptions } from './ICipherUtils';
|
|
5
|
+
declare type CryptoModule = typeof crypto;
|
|
6
|
+
export declare class CryptoCipherUtils implements ICipherUtils {
|
|
7
|
+
private crypto;
|
|
8
|
+
private base64Utils;
|
|
9
|
+
constructor(base64Utils: IBase64Utils, cryptoModule?: CryptoModule);
|
|
10
|
+
pbkdf2Decrypt(secret: string, encryptedString: string, iterations: number, salt: string, options?: Pbkdf2DecryptOptions): Promise<string>;
|
|
11
|
+
}
|
|
12
|
+
export {};
|
|
@@ -36,35 +36,30 @@ var __generator = (this && this.__generator) || function (thisArg, body) {
|
|
|
36
36
|
}
|
|
37
37
|
};
|
|
38
38
|
Object.defineProperty(exports, "__esModule", { value: true });
|
|
39
|
-
exports.
|
|
40
|
-
var
|
|
41
|
-
|
|
42
|
-
|
|
39
|
+
exports.CryptoCipherUtils = void 0;
|
|
40
|
+
var crypto = require("crypto");
|
|
41
|
+
var CryptoCipherUtils = /** @class */ (function () {
|
|
42
|
+
function CryptoCipherUtils(base64Utils, cryptoModule) {
|
|
43
|
+
if (cryptoModule === void 0) { cryptoModule = crypto; }
|
|
44
|
+
this.crypto = cryptoModule;
|
|
45
|
+
this.base64Utils = base64Utils;
|
|
43
46
|
}
|
|
44
|
-
|
|
47
|
+
CryptoCipherUtils.prototype.pbkdf2Decrypt = function (secret, encryptedString, iterations, salt, options) {
|
|
45
48
|
return __awaiter(this, void 0, void 0, function () {
|
|
49
|
+
var keylen, ivlen, derivation, key, iv, cipher, decrypted;
|
|
46
50
|
return __generator(this, function (_a) {
|
|
47
|
-
|
|
48
|
-
|
|
49
|
-
|
|
50
|
-
|
|
51
|
-
|
|
52
|
-
|
|
53
|
-
|
|
54
|
-
|
|
55
|
-
|
|
56
|
-
return [2 /*return*/, this.body];
|
|
51
|
+
keylen = (options === null || options === void 0 ? void 0 : options.keylen) || 32;
|
|
52
|
+
ivlen = (options === null || options === void 0 ? void 0 : options.ivlen) || 16;
|
|
53
|
+
derivation = this.crypto.pbkdf2Sync(secret, this.base64Utils.base64Decode(salt), iterations, keylen + ivlen, 'sha256');
|
|
54
|
+
key = derivation.subarray(0, keylen);
|
|
55
|
+
iv = derivation.subarray(keylen);
|
|
56
|
+
cipher = this.crypto.createDecipheriv('aes-256-cbc', key, iv);
|
|
57
|
+
decrypted = cipher.update(encryptedString, 'base64', 'utf8');
|
|
58
|
+
decrypted += cipher.final('utf8');
|
|
59
|
+
return [2 /*return*/, decrypted];
|
|
57
60
|
});
|
|
58
61
|
});
|
|
59
62
|
};
|
|
60
|
-
|
|
61
|
-
var object = {};
|
|
62
|
-
var params = new URLSearchParams(formUrlEncodedString);
|
|
63
|
-
params.forEach(function (value, key) {
|
|
64
|
-
object[key] = value;
|
|
65
|
-
});
|
|
66
|
-
return object;
|
|
67
|
-
};
|
|
68
|
-
return StringBodyReader;
|
|
63
|
+
return CryptoCipherUtils;
|
|
69
64
|
}());
|
|
70
|
-
exports.
|
|
65
|
+
exports.CryptoCipherUtils = CryptoCipherUtils;
|
|
@@ -0,0 +1,9 @@
|
|
|
1
|
+
import { IBase64Utils } from '../base64';
|
|
2
|
+
import { ICipherUtils, Pbkdf2DecryptOptions } from './ICipherUtils';
|
|
3
|
+
export declare class SubtleCryptoCipherUtils implements ICipherUtils {
|
|
4
|
+
private base64Utils;
|
|
5
|
+
private subtleCrypto;
|
|
6
|
+
constructor(base64Utils: IBase64Utils, subtleCrypto?: SubtleCrypto);
|
|
7
|
+
pbkdf2Decrypt(secret: string, encryptedString: string, iterations: number, salt: string, options?: Pbkdf2DecryptOptions): Promise<string>;
|
|
8
|
+
private base64ToArrayBuffer;
|
|
9
|
+
}
|
|
@@ -0,0 +1,94 @@
|
|
|
1
|
+
"use strict";
|
|
2
|
+
var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, generator) {
|
|
3
|
+
function adopt(value) { return value instanceof P ? value : new P(function (resolve) { resolve(value); }); }
|
|
4
|
+
return new (P || (P = Promise))(function (resolve, reject) {
|
|
5
|
+
function fulfilled(value) { try { step(generator.next(value)); } catch (e) { reject(e); } }
|
|
6
|
+
function rejected(value) { try { step(generator["throw"](value)); } catch (e) { reject(e); } }
|
|
7
|
+
function step(result) { result.done ? resolve(result.value) : adopt(result.value).then(fulfilled, rejected); }
|
|
8
|
+
step((generator = generator.apply(thisArg, _arguments || [])).next());
|
|
9
|
+
});
|
|
10
|
+
};
|
|
11
|
+
var __generator = (this && this.__generator) || function (thisArg, body) {
|
|
12
|
+
var _ = { label: 0, sent: function() { if (t[0] & 1) throw t[1]; return t[1]; }, trys: [], ops: [] }, f, y, t, g;
|
|
13
|
+
return g = { next: verb(0), "throw": verb(1), "return": verb(2) }, typeof Symbol === "function" && (g[Symbol.iterator] = function() { return this; }), g;
|
|
14
|
+
function verb(n) { return function (v) { return step([n, v]); }; }
|
|
15
|
+
function step(op) {
|
|
16
|
+
if (f) throw new TypeError("Generator is already executing.");
|
|
17
|
+
while (_) try {
|
|
18
|
+
if (f = 1, y && (t = op[0] & 2 ? y["return"] : op[0] ? y["throw"] || ((t = y["return"]) && t.call(y), 0) : y.next) && !(t = t.call(y, op[1])).done) return t;
|
|
19
|
+
if (y = 0, t) op = [op[0] & 2, t.value];
|
|
20
|
+
switch (op[0]) {
|
|
21
|
+
case 0: case 1: t = op; break;
|
|
22
|
+
case 4: _.label++; return { value: op[1], done: false };
|
|
23
|
+
case 5: _.label++; y = op[1]; op = [0]; continue;
|
|
24
|
+
case 7: op = _.ops.pop(); _.trys.pop(); continue;
|
|
25
|
+
default:
|
|
26
|
+
if (!(t = _.trys, t = t.length > 0 && t[t.length - 1]) && (op[0] === 6 || op[0] === 2)) { _ = 0; continue; }
|
|
27
|
+
if (op[0] === 3 && (!t || (op[1] > t[0] && op[1] < t[3]))) { _.label = op[1]; break; }
|
|
28
|
+
if (op[0] === 6 && _.label < t[1]) { _.label = t[1]; t = op; break; }
|
|
29
|
+
if (t && _.label < t[2]) { _.label = t[2]; _.ops.push(op); break; }
|
|
30
|
+
if (t[2]) _.ops.pop();
|
|
31
|
+
_.trys.pop(); continue;
|
|
32
|
+
}
|
|
33
|
+
op = body.call(thisArg, _);
|
|
34
|
+
} catch (e) { op = [6, e]; y = 0; } finally { f = t = 0; }
|
|
35
|
+
if (op[0] & 5) throw op[1]; return { value: op[0] ? op[1] : void 0, done: true };
|
|
36
|
+
}
|
|
37
|
+
};
|
|
38
|
+
Object.defineProperty(exports, "__esModule", { value: true });
|
|
39
|
+
exports.SubtleCryptoCipherUtils = void 0;
|
|
40
|
+
var SubtleCryptoCipherUtils = /** @class */ (function () {
|
|
41
|
+
function SubtleCryptoCipherUtils(base64Utils, subtleCrypto) {
|
|
42
|
+
if (subtleCrypto === void 0) { subtleCrypto = crypto.subtle; }
|
|
43
|
+
this.subtleCrypto = subtleCrypto;
|
|
44
|
+
this.base64Utils = base64Utils;
|
|
45
|
+
}
|
|
46
|
+
SubtleCryptoCipherUtils.prototype.pbkdf2Decrypt = function (secret, encryptedString, iterations, salt, options) {
|
|
47
|
+
return __awaiter(this, void 0, void 0, function () {
|
|
48
|
+
var ivlen, keylen, bitsLength, encodedPassword, encodedSalt, importedKey, params, derivation, derivedKey, iv, cookieBuffer, importedDecryptionKey, decrypted;
|
|
49
|
+
return __generator(this, function (_a) {
|
|
50
|
+
switch (_a.label) {
|
|
51
|
+
case 0:
|
|
52
|
+
ivlen = (options === null || options === void 0 ? void 0 : options.ivlen) || 16;
|
|
53
|
+
keylen = (options === null || options === void 0 ? void 0 : options.keylen) || 32;
|
|
54
|
+
bitsLength = (ivlen + keylen) * 8;
|
|
55
|
+
encodedPassword = new TextEncoder().encode(secret);
|
|
56
|
+
encodedSalt = this.base64ToArrayBuffer(salt);
|
|
57
|
+
return [4 /*yield*/, this.subtleCrypto.importKey('raw', encodedPassword, 'PBKDF2', false, ['deriveBits'])];
|
|
58
|
+
case 1:
|
|
59
|
+
importedKey = _a.sent();
|
|
60
|
+
params = { name: 'PBKDF2', hash: 'SHA-256', salt: encodedSalt, iterations: iterations };
|
|
61
|
+
return [4 /*yield*/, this.subtleCrypto.deriveBits(params, importedKey, bitsLength)];
|
|
62
|
+
case 2:
|
|
63
|
+
derivation = _a.sent();
|
|
64
|
+
derivedKey = derivation.slice(0, keylen);
|
|
65
|
+
iv = derivation.slice(keylen);
|
|
66
|
+
cookieBuffer = this.base64ToArrayBuffer(encryptedString);
|
|
67
|
+
return [4 /*yield*/, this.subtleCrypto.importKey('raw', derivedKey, { name: 'AES-CBC' }, false, [
|
|
68
|
+
'decrypt',
|
|
69
|
+
])];
|
|
70
|
+
case 3:
|
|
71
|
+
importedDecryptionKey = _a.sent();
|
|
72
|
+
return [4 /*yield*/, this.subtleCrypto.decrypt({
|
|
73
|
+
name: 'AES-CBC',
|
|
74
|
+
iv: iv,
|
|
75
|
+
}, importedDecryptionKey, cookieBuffer)];
|
|
76
|
+
case 4:
|
|
77
|
+
decrypted = _a.sent();
|
|
78
|
+
return [2 /*return*/, new TextDecoder('utf-8').decode(decrypted)];
|
|
79
|
+
}
|
|
80
|
+
});
|
|
81
|
+
});
|
|
82
|
+
};
|
|
83
|
+
SubtleCryptoCipherUtils.prototype.base64ToArrayBuffer = function (base64String) {
|
|
84
|
+
var binaryString = this.base64Utils.base64Decode(base64String);
|
|
85
|
+
var length = binaryString.length;
|
|
86
|
+
var bytes = new Uint8Array(length);
|
|
87
|
+
binaryString.split('').forEach(function (char, index) {
|
|
88
|
+
bytes[index] = char.charCodeAt(0);
|
|
89
|
+
});
|
|
90
|
+
return bytes.buffer;
|
|
91
|
+
};
|
|
92
|
+
return SubtleCryptoCipherUtils;
|
|
93
|
+
}());
|
|
94
|
+
exports.SubtleCryptoCipherUtils = SubtleCryptoCipherUtils;
|
|
@@ -1,2 +1,18 @@
|
|
|
1
1
|
"use strict";
|
|
2
|
+
var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
|
|
3
|
+
if (k2 === undefined) k2 = k;
|
|
4
|
+
var desc = Object.getOwnPropertyDescriptor(m, k);
|
|
5
|
+
if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
|
|
6
|
+
desc = { enumerable: true, get: function() { return m[k]; } };
|
|
7
|
+
}
|
|
8
|
+
Object.defineProperty(o, k2, desc);
|
|
9
|
+
}) : (function(o, m, k, k2) {
|
|
10
|
+
if (k2 === undefined) k2 = k;
|
|
11
|
+
o[k2] = m[k];
|
|
12
|
+
}));
|
|
13
|
+
var __exportStar = (this && this.__exportStar) || function(m, exports) {
|
|
14
|
+
for (var p in m) if (p !== "default" && !Object.prototype.hasOwnProperty.call(exports, p)) __createBinding(exports, m, p);
|
|
15
|
+
};
|
|
2
16
|
Object.defineProperty(exports, "__esModule", { value: true });
|
|
17
|
+
__exportStar(require("./SubtleCryptoCipherUtils"), exports);
|
|
18
|
+
__exportStar(require("./CryptoCipherUtils"), exports);
|
package/lib/utils/constants.d.ts
CHANGED
|
@@ -7,4 +7,4 @@ export declare const BYPASS_MONITOR_HEADER_VALUE = "1";
|
|
|
7
7
|
export declare const X_PX_AUTHORIZATION_HEADER_NAME = "x-px-authorization";
|
|
8
8
|
export declare const X_PX_ORIGINAL_TOKEN_HEADER_NAME = "x-px-original-token";
|
|
9
9
|
export declare const X_PX_BYPASS_REASON_HEADER_NAME = "x-px-bypass-reason";
|
|
10
|
-
export declare const CORE_MODULE_VERSION = "JS Core 0.
|
|
10
|
+
export declare const CORE_MODULE_VERSION = "JS Core 0.4.0";
|
package/lib/utils/constants.js
CHANGED
|
@@ -10,4 +10,4 @@ exports.BYPASS_MONITOR_HEADER_VALUE = '1';
|
|
|
10
10
|
exports.X_PX_AUTHORIZATION_HEADER_NAME = 'x-px-authorization';
|
|
11
11
|
exports.X_PX_ORIGINAL_TOKEN_HEADER_NAME = 'x-px-original-token';
|
|
12
12
|
exports.X_PX_BYPASS_REASON_HEADER_NAME = 'x-px-bypass-reason';
|
|
13
|
-
exports.CORE_MODULE_VERSION = 'JS Core 0.
|
|
13
|
+
exports.CORE_MODULE_VERSION = 'JS Core 0.4.0';
|
|
@@ -0,0 +1,11 @@
|
|
|
1
|
+
/// <reference types="node" />
|
|
2
|
+
import * as crypto from 'crypto';
|
|
3
|
+
import { IHashUtils } from './IHashUtils';
|
|
4
|
+
import { Algorithm } from '../Algorithm';
|
|
5
|
+
declare type CryptoModule = typeof crypto;
|
|
6
|
+
export declare class CryptoHmacUtils implements IHashUtils {
|
|
7
|
+
private readonly crypto;
|
|
8
|
+
constructor(cryptoModule?: CryptoModule);
|
|
9
|
+
createHmac(algo: Algorithm, payload: string, secret: string): string;
|
|
10
|
+
}
|
|
11
|
+
export {};
|
|
@@ -0,0 +1,25 @@
|
|
|
1
|
+
"use strict";
|
|
2
|
+
Object.defineProperty(exports, "__esModule", { value: true });
|
|
3
|
+
exports.CryptoHmacUtils = void 0;
|
|
4
|
+
var crypto = require("crypto");
|
|
5
|
+
var Algorithm_1 = require("../Algorithm");
|
|
6
|
+
var CryptoHmacUtils = /** @class */ (function () {
|
|
7
|
+
function CryptoHmacUtils(cryptoModule) {
|
|
8
|
+
if (cryptoModule === void 0) { cryptoModule = crypto; }
|
|
9
|
+
this.crypto = cryptoModule;
|
|
10
|
+
}
|
|
11
|
+
CryptoHmacUtils.prototype.createHmac = function (algo, payload, secret) {
|
|
12
|
+
switch (algo) {
|
|
13
|
+
case Algorithm_1.Algorithm.SHA256:
|
|
14
|
+
var hmac = this.crypto.createHmac('sha256', secret);
|
|
15
|
+
hmac.setEncoding('hex');
|
|
16
|
+
hmac.write(payload);
|
|
17
|
+
hmac.end();
|
|
18
|
+
return hmac.read();
|
|
19
|
+
default:
|
|
20
|
+
return '';
|
|
21
|
+
}
|
|
22
|
+
};
|
|
23
|
+
return CryptoHmacUtils;
|
|
24
|
+
}());
|
|
25
|
+
exports.CryptoHmacUtils = CryptoHmacUtils;
|
|
@@ -1,5 +1,5 @@
|
|
|
1
1
|
import { IHashUtils } from './IHashUtils';
|
|
2
2
|
import { Algorithm } from '../Algorithm';
|
|
3
|
-
export declare class
|
|
3
|
+
export declare class CryptoJSHmacUtils implements IHashUtils {
|
|
4
4
|
createHmac(algo: Algorithm, payload: string, secret: string): string;
|
|
5
5
|
}
|
|
@@ -0,0 +1,19 @@
|
|
|
1
|
+
"use strict";
|
|
2
|
+
Object.defineProperty(exports, "__esModule", { value: true });
|
|
3
|
+
exports.CryptoJSHmacUtils = void 0;
|
|
4
|
+
var crypto_js_1 = require("crypto-js");
|
|
5
|
+
var Algorithm_1 = require("../Algorithm");
|
|
6
|
+
var CryptoJSHmacUtils = /** @class */ (function () {
|
|
7
|
+
function CryptoJSHmacUtils() {
|
|
8
|
+
}
|
|
9
|
+
CryptoJSHmacUtils.prototype.createHmac = function (algo, payload, secret) {
|
|
10
|
+
switch (algo) {
|
|
11
|
+
case Algorithm_1.Algorithm.SHA256:
|
|
12
|
+
return (0, crypto_js_1.HmacSHA256)(payload, secret).toString(crypto_js_1.enc.Hex);
|
|
13
|
+
default:
|
|
14
|
+
return '';
|
|
15
|
+
}
|
|
16
|
+
};
|
|
17
|
+
return CryptoJSHmacUtils;
|
|
18
|
+
}());
|
|
19
|
+
exports.CryptoJSHmacUtils = CryptoJSHmacUtils;
|
|
@@ -1,2 +1,3 @@
|
|
|
1
|
-
export
|
|
2
|
-
export
|
|
1
|
+
export * from './IHashUtils';
|
|
2
|
+
export * from './CryptoHmacUtils';
|
|
3
|
+
export * from './CryptoJSHmacUtils';
|
package/lib/utils/hash/index.js
CHANGED
|
@@ -1,5 +1,19 @@
|
|
|
1
1
|
"use strict";
|
|
2
|
+
var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
|
|
3
|
+
if (k2 === undefined) k2 = k;
|
|
4
|
+
var desc = Object.getOwnPropertyDescriptor(m, k);
|
|
5
|
+
if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
|
|
6
|
+
desc = { enumerable: true, get: function() { return m[k]; } };
|
|
7
|
+
}
|
|
8
|
+
Object.defineProperty(o, k2, desc);
|
|
9
|
+
}) : (function(o, m, k, k2) {
|
|
10
|
+
if (k2 === undefined) k2 = k;
|
|
11
|
+
o[k2] = m[k];
|
|
12
|
+
}));
|
|
13
|
+
var __exportStar = (this && this.__exportStar) || function(m, exports) {
|
|
14
|
+
for (var p in m) if (p !== "default" && !Object.prototype.hasOwnProperty.call(exports, p)) __createBinding(exports, m, p);
|
|
15
|
+
};
|
|
2
16
|
Object.defineProperty(exports, "__esModule", { value: true });
|
|
3
|
-
exports
|
|
4
|
-
|
|
5
|
-
|
|
17
|
+
__exportStar(require("./IHashUtils"), exports);
|
|
18
|
+
__exportStar(require("./CryptoHmacUtils"), exports);
|
|
19
|
+
__exportStar(require("./CryptoJSHmacUtils"), exports);
|
package/lib/utils/utils.d.ts
CHANGED
|
@@ -1,4 +1,3 @@
|
|
|
1
|
-
import { HttpHeaders } from '../http';
|
|
2
1
|
export declare const isValidEnumValue: <T>(options: Record<string, T>, selection: T) => boolean;
|
|
3
2
|
export declare const isValidUuid: (uuid: string) => boolean;
|
|
4
3
|
export declare const getScoreApiDomain: (appId: string) => string;
|
|
@@ -7,7 +6,7 @@ export declare const getAuthorizationHeader: (authToken: string) => string;
|
|
|
7
6
|
export declare const getExtension: (route: string) => string;
|
|
8
7
|
export declare const getDecodedUrl: (rawUrl: string) => URL;
|
|
9
8
|
export declare const removeSensitiveFields: <T extends Record<string, any>>(object: T, sensitiveFields: (keyof T)[]) => T;
|
|
10
|
-
export declare const removeSensitiveHeaders: (headers:
|
|
9
|
+
export declare const removeSensitiveHeaders: (headers: Record<string, string[]>, sensitiveHeaderNames: string[]) => Record<string, string[]>;
|
|
11
10
|
export declare const isRouteInPatterns: (route: string, patterns: Array<string | RegExp>) => boolean;
|
|
12
11
|
export declare const isRouteMatch: (route: string, pattern: string | RegExp) => boolean;
|
|
13
12
|
export declare const transferExistingProperties: <FromObj extends Record<string, any>, ToObj extends Record<string, any>>(fromObj: FromObj, toObj: ToObj, propertyMappings: Partial<Record<keyof FromObj, keyof ToObj>>) => void;
|
package/lib/utils/utils.js
CHANGED
|
@@ -1,4 +1,15 @@
|
|
|
1
1
|
"use strict";
|
|
2
|
+
var __assign = (this && this.__assign) || function () {
|
|
3
|
+
__assign = Object.assign || function(t) {
|
|
4
|
+
for (var s, i = 1, n = arguments.length; i < n; i++) {
|
|
5
|
+
s = arguments[i];
|
|
6
|
+
for (var p in s) if (Object.prototype.hasOwnProperty.call(s, p))
|
|
7
|
+
t[p] = s[p];
|
|
8
|
+
}
|
|
9
|
+
return t;
|
|
10
|
+
};
|
|
11
|
+
return __assign.apply(this, arguments);
|
|
12
|
+
};
|
|
2
13
|
var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, generator) {
|
|
3
14
|
function adopt(value) { return value instanceof P ? value : new P(function (resolve) { resolve(value); }); }
|
|
4
15
|
return new (P || (P = Promise))(function (resolve, reject) {
|
|
@@ -89,11 +100,11 @@ var removeSensitiveFields = function (object, sensitiveFields) {
|
|
|
89
100
|
};
|
|
90
101
|
exports.removeSensitiveFields = removeSensitiveFields;
|
|
91
102
|
var removeSensitiveHeaders = function (headers, sensitiveHeaderNames) {
|
|
92
|
-
var
|
|
103
|
+
var ret = __assign({}, headers);
|
|
93
104
|
sensitiveHeaderNames.forEach(function (name) {
|
|
94
|
-
|
|
105
|
+
delete ret[name];
|
|
95
106
|
});
|
|
96
|
-
return
|
|
107
|
+
return ret;
|
|
97
108
|
};
|
|
98
109
|
exports.removeSensitiveHeaders = removeSensitiveHeaders;
|
|
99
110
|
var isRouteInPatterns = function (route, patterns) {
|
|
@@ -104,7 +115,7 @@ var isRouteMatch = function (route, pattern) {
|
|
|
104
115
|
if (!route || !pattern) {
|
|
105
116
|
return false;
|
|
106
117
|
}
|
|
107
|
-
if (pattern instanceof RegExp &&
|
|
118
|
+
if (pattern instanceof RegExp && pattern.test(route)) {
|
|
108
119
|
return true;
|
|
109
120
|
}
|
|
110
121
|
if (typeof pattern === 'string' && route.startsWith(pattern)) {
|
package/package.json
CHANGED
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
{
|
|
2
2
|
"name": "perimeterx-js-core",
|
|
3
|
-
"version": "0.
|
|
3
|
+
"version": "0.4.0",
|
|
4
4
|
"description": "",
|
|
5
5
|
"main": "lib/index.js",
|
|
6
6
|
"types": "lib/index.d.ts",
|
|
@@ -39,7 +39,6 @@
|
|
|
39
39
|
"core-js": "^3.19.1",
|
|
40
40
|
"eslint": "^8.25.0",
|
|
41
41
|
"eslint-config-prettier": "^8.5.0",
|
|
42
|
-
"eslint-plugin-no-loops": "^0.3.0",
|
|
43
42
|
"eslint-plugin-prettier": "^4.2.1",
|
|
44
43
|
"husky": "^8.0.3",
|
|
45
44
|
"lint-staged": "^13.1.0",
|
|
@@ -1,14 +0,0 @@
|
|
|
1
|
-
import { IHttpRequest } from './request/IHttpRequest';
|
|
2
|
-
import { IHttpResponse } from './response/IHttpResponse';
|
|
3
|
-
export declare type HttpSendOptions = {
|
|
4
|
-
timeoutMs?: number;
|
|
5
|
-
};
|
|
6
|
-
export interface IHttpClient<UnreadBodyType = unknown> {
|
|
7
|
-
/**
|
|
8
|
-
* A function that sends the provided IHttpRequest and returns a Promise resolving to an IHttpResponse.
|
|
9
|
-
* @param request - The request to be sent by the client.
|
|
10
|
-
* @param options - Options that the HttpClient should consider
|
|
11
|
-
* @returns Promise<IHttpResponse> - A Promise resolving to the response the client received.
|
|
12
|
-
*/
|
|
13
|
-
send(request: IHttpRequest<UnreadBodyType>, options?: HttpSendOptions): Promise<IHttpResponse<UnreadBodyType>>;
|
|
14
|
-
}
|
|
@@ -1,8 +0,0 @@
|
|
|
1
|
-
import { ContentType, HttpBody } from '../utils';
|
|
2
|
-
import { IBodyReader } from './IBodyReader';
|
|
3
|
-
export declare class StringBodyReader implements IBodyReader<string> {
|
|
4
|
-
readonly body: string;
|
|
5
|
-
constructor(rawBody: string);
|
|
6
|
-
readBody(contentType: ContentType): Promise<HttpBody>;
|
|
7
|
-
private convertFormUrlEncodedStringToObject;
|
|
8
|
-
}
|
|
@@ -1,5 +0,0 @@
|
|
|
1
|
-
import { HttpRequestBase, HttpRequestOptions } from './HttpRequestBase';
|
|
2
|
-
export declare class DefaultHttpRequest extends HttpRequestBase<string, DefaultHttpRequest> {
|
|
3
|
-
constructor(url: string, options?: HttpRequestOptions<string>);
|
|
4
|
-
getUnderlyingRequest(): DefaultHttpRequest;
|
|
5
|
-
}
|