perimeterx-js-core 0.23.3 → 0.24.1

package/lib/esm/activities/utils.js

@@ -75,9 +75,10 @@ export function redactCookieSecret(secret) {
     return '***'.concat(secret.substring(secret.length - 3, secret.length));
 }
 export const addConfigDataToDetails = (details, config) => {
-    if (config.remoteConfigVersion) {
-        details.remote_config_version = config.remoteConfigVersion;
-    }
+    transferExistingProperties(config, details, {
+        remoteConfigId: 'remote_config_id',
+        remoteConfigVersion: 'remote_config_version',
+    });
 };
 export const addCustomParametersToDetails = (details, customParameters) => {
     if (customParameters) {

package/lib/esm/config/ConfigurationBase.js

@@ -363,6 +363,12 @@ export class ConfigurationBase {
     get tokenVersion() {
         return this.configParams.px_token_version;
     }
+    get snippetInjectionEnabled() {
+        return this.configParams.px_snippet_injection_enabled;
+    }
+    get createCustomSnippet() {
+        return this.configParams.px_create_custom_snippet;
+    }
     get enableBlockedUrlOnCaptchaBlockPage() {
         return true;
     }

package/lib/esm/config/defaults/DefaultConfigurationParams.js

@@ -127,6 +127,8 @@ export const defaultConfigurationParams = () => ({
     px_remote_config_retry_interval_ms: 1000,
     px_url_decode_reserved_characters: false,
     px_secured_pxhd_enabled: false,
+    px_snippet_injection_enabled: false,
+    px_create_custom_snippet: null,
     px_custom_is_sensitive_request: null,
     px_custom_is_monitored_request: null,
     px_custom_is_enforced_request: null,

package/lib/esm/context/DefaultContext.js

@@ -34,6 +34,7 @@ export class DefaultContext {
     enforcerStartTime;
     logger;
     usedCookieSecret;
+    shouldSendTelemetry;
     config;
     urlUtils;
     constructor(config, request, options) {
@@ -62,6 +63,7 @@ export class DefaultContext {
         if (!this.isMobile) {
             this.setCookiesOnContext();
         }
+        this.shouldSendTelemetry = false;
     }
     get isMobile() {
         return this.tokenOrigin === TokenOrigin.HEADER;
@@ -175,6 +177,7 @@ export class DefaultContext {
             enforcerStartTime: this.enforcerStartTime,
             blockAction: this.blockAction,
             pxdeVerified: this.pxdeVerified,
+            shouldSendTelemetry: this.shouldSendTelemetry,
             logger: this.shouldSendLogs
                 ? {
                     logs: this.logger.getLogs(),

package/lib/esm/context/SerializedContext.js

@@ -27,6 +27,7 @@ export class SerializedContext {
     vidSource;
     tokenOrigin;
     uuid;
+    shouldSendTelemetry;
     constructor(config, contextJson, request, urlUtils) {
         this.action = contextJson.action;
         this.reasons = contextJson.reasons;
@@ -53,6 +54,7 @@ export class SerializedContext {
         this.graphqlData = contextJson.graphqlData;
         this.enforcerStartTime = contextJson.enforcerStartTime;
         this.blockAction = contextJson.blockAction;
+        this.shouldSendTelemetry = contextJson.shouldSendTelemetry;
     }
     createRequestData({ requestData }, request, urlUtils) {
         return {

package/lib/esm/enforcer/utils.js

@@ -9,6 +9,7 @@ import { HttpActivityClient, HttpBatchedActivityClient } from '../activities';
 import { HttpLogServiceClient } from '../logger';
 import { AccountDefender, BotDefender, CredentialIntelligence, HypeSaleChallenge, ProductName, } from '../products';
 import { EnforcerError, isValidTokenVersion } from '../utils';
+import { DefaultSnippetRetriever } from '../snippet_injection';
 export const createEnforcerInitializationBlock = (config, options) => {
     const tokenVersion = config.tokenVersion;
     if (!isValidTokenVersion(tokenVersion)) {
@@ -50,6 +51,8 @@ export const createEnforcerInitializationBlock = (config, options) => {
                 hmacUtils,
             })
             : null);
+    const snippetInjector = options.snippetInjector ?? null;
+    const snippetRetriever = options.snippetRetriever || (snippetInjector ? new DefaultSnippetRetriever(config) : null);
     const allOptions = {
         httpClient,
         base64Utils,
@@ -69,6 +72,8 @@ export const createEnforcerInitializationBlock = (config, options) => {
         remoteConfigStorageClient,
         remoteConfigServiceClient,
         remoteConfigUpdater,
+        snippetInjector,
+        snippetRetriever,
     };
     const products = createEnforcerProducts(config, options.products, base64Utils, hashUtils, urlUtils, ipRangeChecker);
     return { products, ...allOptions };

package/lib/esm/index.js

@@ -7,6 +7,7 @@ export * from './context';
 export * from './custom_parameters';
 export * from './sensitive_request';
 export * from './monitored_request';
+export * from './snippet_injection';
 export * from './cors';
 export * from './enforcer';
 export * from './filter';

package/lib/esm/phase/flow/EndEnforcerFlow.js

@@ -1,8 +1,8 @@
 import { CompositePhase, SendLogsPhase } from '../impl';
-import { ClearLogsPhase } from '../impl/ClearLogsPhase';
+import { ClearLogsPhase, SendTelemetryActivityPhase } from '../impl';
 export class EndEnforcerFlow extends CompositePhase {
-    constructor(config, { logServiceClient }) {
-        const phases = [];
+    constructor(config, { logServiceClient, telemetry, }) {
+        const phases = [new SendTelemetryActivityPhase(telemetry)];
         if (logServiceClient) {
             phases.push(new SendLogsPhase(config, logServiceClient));
         }

package/lib/esm/phase/flow/FilterFlow.js

@@ -1,6 +1,6 @@
 import { ProductName } from '../../products';
 import { isNullOrUndefined } from '../../utils';
-import { CompositePhase, FilterPhase, FirstPartyPhase, PreflightPhase, TelemetryPhase, UpdateRemoteConfigPhase, } from '../impl';
+import { CompositePhase, FilterPhase, FirstPartyPhase, PreflightPhase, UpdateRemoteConfigPhase, IdentifyTelemetryRequestPhase, } from '../impl';
 export class FilterFlow extends CompositePhase {
     constructor(config, { httpClient, products, cors, telemetry, remoteConfigUpdater, }) {
         const phases = [];
@@ -13,7 +13,7 @@ export class FilterFlow extends CompositePhase {
             phases.push(new FilterPhase(filterProducts));
         }
         phases.push(new PreflightPhase(config, cors));
-        phases.push(new TelemetryPhase(telemetry));
+        phases.push(new IdentifyTelemetryRequestPhase(telemetry));
         if (remoteConfigUpdater) {
             const updateRemoteConfigPhase = new UpdateRemoteConfigPhase(config, remoteConfigUpdater);
             phases.push(updateRemoteConfigPhase);

package/lib/esm/phase/flow/PostEnforceFlow.js

@@ -1,9 +1,9 @@
 import { CompositePhase, EnrichContextFromResponsePhase, ModifyOutgoingResponsePhase, SendAsyncActivitiesOnResponsePhase, } from '../impl';
 export class PostEnforceFlow extends CompositePhase {
-    constructor(config, { products, activityClient, }) {
+    constructor(config, { products, activityClient, snippetRetriever, snippetInjector, }) {
         super([
             new EnrichContextFromResponsePhase(config, products),
-            new ModifyOutgoingResponsePhase(config, Object.values(products)),
+            new ModifyOutgoingResponsePhase(config, Object.values(products), snippetRetriever, snippetInjector),
             new SendAsyncActivitiesOnResponsePhase(activityClient),
         ]);
     }

package/lib/esm/phase/impl/IdentifyTelemetryRequestPhase.js

@@ -0,0 +1,13 @@
+export class IdentifyTelemetryRequestPhase {
+    telemetry;
+    constructor(telemetry) {
+        this.telemetry = telemetry;
+    }
+    async execute(context) {
+        if (await this.telemetry.isValidTelemetryRequest(context)) {
+            context.shouldSendTelemetry = true;
+            return { done: true };
+        }
+        return { done: false };
+    }
+}

package/lib/esm/phase/impl/ModifyOutgoingResponsePhase.js

@@ -1,16 +1,32 @@
 import { PXHDSource, PXHDUtils } from '../../pxhd';
+import { CONTENT_TYPE_HEADER_NAME, ContentType } from '../../http';
 export class ModifyOutgoingResponsePhase {
     config;
     products;
-    constructor(config, products) {
+    snippetRetriever;
+    snippetInjector;
+    constructor(config, products, snippetRetriever, snippetInjector) {
         this.config = config;
         this.products = products;
+        this.snippetRetriever = snippetRetriever;
+        this.snippetInjector = snippetInjector;
     }
     async execute(context) {
         await Promise.all(this.products.map((product) => product?.modifyOutgoingResponse(context)));
         if (context.pxhd?.source === PXHDSource.RISK && context.response) {
             PXHDUtils.addPxhdToOutgoingResponse(this.config, context, context.response);
         }
+        await this.handleSnippetInjection(context);
         return { done: false };
     }
+    async handleSnippetInjection(context) {
+        if (this.snippetRetriever &&
+            this.snippetInjector &&
+            this.config.snippetInjectionEnabled &&
+            !!context.response?.headers?.get(CONTENT_TYPE_HEADER_NAME)?.includes(ContentType.TEXT_HTML)) {
+            context.logger.debug('snippet injection enabled');
+            const snippet = await this.snippetRetriever.retrieveSnippet(context);
+            context.response = await this.snippetInjector.injectSnippet(context.response, snippet);
+        }
+    }
 }

package/lib/esm/phase/impl/RiskApiPhase.js

@@ -41,6 +41,7 @@ export class RiskApiPhase extends DecideActionPhase {
             uuid: 'uuid',
             action: 'blockAction',
             dataEnrichment: 'pxde',
+            telemetryRequested: 'shouldSendTelemetry',
         });
         if (riskResponse.dataEnrichment) {
             context.pxdeVerified = true;

package/lib/esm/phase/impl/{TelemetryPhase.js → SendTelemetryActivityPhase.js}

@@ -1,12 +1,11 @@
-export class TelemetryPhase {
+export class SendTelemetryActivityPhase {
     telemetry;
     constructor(telemetry) {
         this.telemetry = telemetry;
     }
     async execute(context) {
-        if (await this.telemetry.isValidTelemetryRequest(context)) {
-            await this.sendTelemetry(context);
-            return { done: true };
+        if (context.shouldSendTelemetry) {
+            await this.telemetry.sendTelemetry(context);
         }
         return { done: false };
     }

package/lib/esm/phase/impl/index.js

@@ -1,7 +1,6 @@
 export * from './FirstPartyPhase';
 export * from './FilterPhase';
 export * from './PreflightPhase';
-export * from './TelemetryPhase';
 export * from './EnrichContextFromRequestPhase';
 export * from './ParseTokenPhase';
 export * from './DecideActionPhase';
@@ -17,3 +16,5 @@ export * from './CompositePhase';
 export * from './SendLogsPhase';
 export * from './/UpdateRemoteConfigPhase';
 export * from './ClearLogsPhase';
+export * from './IdentifyTelemetryRequestPhase';
+export * from './SendTelemetryActivityPhase';

package/lib/esm/risk_api/client/PostRiskApiClientBase.js

@@ -23,12 +23,12 @@ export class PostRiskApiClientBase {
             const riskActivity = this.createRiskActivity(context);
             response = await this.sendRiskActivity(riskActivity, riskApiData, context);
             if (response?.status !== 200) {
-                return await this.handleS2SError(riskApiData, response);
+                return await this.handleS2SError(riskApiData, context, response);
             }
             riskResponse = this.createRiskResponse(response);
             riskApiData.riskResponse = riskResponse;
             if (!(await riskResponse.validate())) {
-                return await this.handleS2SError(riskApiData, response);
+                return await this.handleS2SError(riskApiData, context, response);
             }
             context.logger.debug(`received risk response, score: ${riskResponse.score}, rtt: ${riskApiData.riskRtt}`);
             return riskApiData;
@@ -38,7 +38,7 @@ export class PostRiskApiClientBase {
                 return this.handleS2STimeout(riskApiData);
             }
             context.logger.error(`caught error in risk api: ${err} - ${JSON.stringify(context.requestData.url)}`);
-            return await this.handleS2SError(riskApiData, response, err);
+            return await this.handleS2SError(riskApiData, context, response, err);
         }
     }
     /**
@@ -105,7 +105,7 @@ export class PostRiskApiClientBase {
         riskApiData.riskApiCallResult = RiskApiCallResult.TIMEOUT;
         return riskApiData;
     }
-    async handleS2SError(riskApiData, response, error) {
+    async handleS2SError(riskApiData, context, response, error) {
         riskApiData.riskApiCallResult = RiskApiCallResult.ERROR;
         riskApiData.errorReason = S2SErrorReason.UNKNOWN_ERROR;
         if (response) {
@@ -131,6 +131,7 @@ export class PostRiskApiClientBase {
             const existingMessage = riskApiData.errorMessage;
             riskApiData.errorMessage = existingMessage ? `${existingMessage}, ${errorMessage}` : errorMessage;
         }
+        context.logger.debug(`S2S error message: ${riskApiData.errorMessage}`);
         return riskApiData;
     }
 }

package/lib/esm/risk_api/risk_response/RiskResponseBase.js

@@ -38,6 +38,9 @@ export class RiskResponseBase {
     get additionalRiskInfo() {
         return this.riskResponse?.additional_risk_info;
     }
+    get telemetryRequested() {
+        return this.riskResponse?.telemetry_requested;
+    }
     get drc() {
         return this.riskResponse?.drc;
     }
@@ -52,6 +55,7 @@ export class RiskResponseBase {
             score: this.score,
             drc: this.drc,
             additionalRiskInfo: this.additionalRiskInfo,
+            telemetryRequested: this.telemetryRequested,
             uuid: this.uuid,
         };
     }

package/lib/esm/risk_api/risk_response/serialize/SerializedRiskResponse.js

@@ -1,6 +1,7 @@
 export class SerializedRiskResponse {
     action;
     additionalRiskInfo;
+    telemetryRequested;
     dataEnrichment;
     drc;
     message;
@@ -12,6 +13,7 @@ export class SerializedRiskResponse {
     constructor(riskResponseJson) {
         this.action = riskResponseJson.action;
         this.additionalRiskInfo = riskResponseJson.additionalRiskInfo;
+        this.telemetryRequested = riskResponseJson.telemetryRequested;
         this.dataEnrichment = riskResponseJson.dataEnrichment;
         this.drc = riskResponseJson.drc;
         this.message = riskResponseJson.message;

package/lib/esm/snippet_injection/CustomSnippetFunction.js

@@ -0,0 +1 @@
+export {};

package/lib/esm/snippet_injection/index.js

@@ -0,0 +1,4 @@
+export * from './snippet_injector';
+export * from './snippet_retriever';
+export * from './utils';
+export * from './CustomSnippetFunction';

package/lib/esm/snippet_injection/snippet_injector/ISnippetInjector.js

@@ -0,0 +1 @@
+export {};

package/lib/esm/snippet_injection/snippet_injector/index.js

@@ -0,0 +1 @@
+export * from './ISnippetInjector';

package/lib/esm/snippet_injection/snippet_retriever/DefaultSnippetRetriever.js

@@ -0,0 +1,36 @@
+import { FirstPartySuffix, getMostCustomizedFirstPartyPath } from '../../products';
+import { createDefaultSnippet } from '../utils';
+export class DefaultSnippetRetriever {
+    config;
+    constructor(config) {
+        this.config = config;
+    }
+    async retrieveSnippet(context) {
+        return (await this.retrieveCustomSnippet(context)) || this.retrieveDefaultSnippet(context);
+    }
+    async retrieveCustomSnippet(context) {
+        if (!this.config.createCustomSnippet) {
+            return null;
+        }
+        try {
+            const snippet = await this.config.createCustomSnippet(this.config.getActiveConfig(), context.requestData.request.getUnderlyingRequest(), context.response.getUnderlyingResponse());
+            if (!snippet || typeof snippet !== 'string') {
+                context.logger.debug(`invalid custom snippet of type ${typeof snippet}`);
+                return null;
+            }
+            context.logger.debug('retrieving custom snippet');
+            return snippet;
+        }
+        catch (e) {
+            context.logger.debug(`failed retrieving custom snippet: ${e}`);
+        }
+        return null;
+    }
+    retrieveDefaultSnippet(context) {
+        const sensorSrc = this.config.firstPartyEnabled
+            ? getMostCustomizedFirstPartyPath(this.config, FirstPartySuffix.SENSOR)
+            : `${this.config.backendClientUrl}/${this.config.appId}/main.min.js`;
+        context.logger.debug(`retrieving default snippet with src ${sensorSrc}`);
+        return createDefaultSnippet(this.config.appId, sensorSrc);
+    }
+}

package/lib/esm/snippet_injection/snippet_retriever/ISnippetRetriever.js

@@ -0,0 +1 @@
+export {};

package/lib/esm/snippet_injection/snippet_retriever/index.js

@@ -0,0 +1,2 @@
+export * from './ISnippetRetriever';
+export * from './DefaultSnippetRetriever';

package/lib/esm/snippet_injection/utils.js

@@ -0,0 +1,9 @@
+export const createDefaultSnippet = (appId, sensorSrc) => `<script type="text/javascript">
+    (function(){
+        window._pxAppId = '${appId}';
+        var p = document.getElementsByTagName('script')[0], s = document.createElement('script');
+        s.async = 1;
+        s.src = '${sensorSrc}';
+        p.parentNode.insertBefore(s,p);
+    }());
+</script>`;

package/lib/esm/utils/constants.js

@@ -11,4 +11,4 @@ export const PUSH_DATA_FEATURE_HEADER_NAME = 'x-px-feature';
 export const EMAIL_ADDRESS_REGEX = /^[a-zA-Z0-9_+&*-]+(?:\.[a-zA-Z0-9_+&*-]+)*@(?:[a-zA-Z0-9-]+\.)+[a-zA-Z]{2,7}$/;
 export const URL_REGEX = /^(https?:)\/\/(([^@\s:\/]+):?([^@\s\/]*)@)?(([^:\/?#]*)(?:\:([0-9]+))?)(\/?[^?#]*)(\?[^#]*|)(#.*|)$/;
 export const REGEX_STRUCTURE = /^\/(.+?)\/([gimsuyvd]*)$/;
-export const CORE_MODULE_VERSION = 'JS Core 0.23.3';
+export const CORE_MODULE_VERSION = 'JS Core 0.24.1';

package/lib/esm/utils/request_id_generator/SimpleRequestIdGenerator.js

@@ -0,0 +1,9 @@
+export class SimpleRequestIdGenerator {
+    requestId;
+    constructor(requestId) {
+        this.requestId = requestId;
+    }
+    generateRequestId() {
+        return this.requestId;
+    }
+}

package/lib/esm/utils/request_id_generator/index.js

@@ -1 +1,2 @@
 export * from './IRequestIdGenerator';
+export * from './SimpleRequestIdGenerator';

package/lib/types/activities/model/CommonActivityDetails.d.ts

@@ -39,6 +39,7 @@ export type CommonActivityDetails = {
     ci_version?: CredentialIntelligenceVersion;
     sso_step?: SsoStep;
     remote_config_version?: number;
+    remote_config_id?: string;
     enforcer_start_time: number;
     raw_url?: string;
     used_cookie_secret?: string;

package/lib/types/config/ConfigurationBase.d.ts

@@ -9,6 +9,7 @@ import { CredentialEndpointConfiguration, CredentialIntelligenceVersion, CustomL
 import { CustomRequestFunction } from './CustomRequestFunction';
 import { ExtractGraphQLKeywordsFunction } from '../graphql';
 import { TokenVersion } from '../risk_token';
+import { CustomSnippetFunction } from '../snippet_injection';
 export declare abstract class ConfigurationBase<Req, Res, Added, Removed extends string> implements IConfiguration<Req, Res, Added, Removed> {
     protected configParams: RequiredAllConfigurationParams<Req, Res, Added, Removed>;
     protected readonly staticConfigParams: StaticConfigurationParams<Req, Res, Added, Removed>;
@@ -115,5 +116,7 @@ export declare abstract class ConfigurationBase<Req, Res, Added, Removed extends
     get urlDecodeReservedCharacters(): boolean;
     get securedPxhdEnabled(): boolean;
     get tokenVersion(): `${TokenVersion}`;
+    get snippetInjectionEnabled(): boolean;
+    get createCustomSnippet(): CustomSnippetFunction<Req, Res, Added, Removed> | null;
     get enableBlockedUrlOnCaptchaBlockPage(): boolean;
 }

package/lib/types/config/ConfigurationBuilderBase.d.ts

@@ -4,7 +4,7 @@ import { CoreConfigurationParams, StaticConfigurationParams, RemoteConfiguration
 import { IBase64Utils } from '../utils';
 export declare abstract class ConfigurationBuilderBase<Req, Res, Added, Removed, ParamsType extends CoreConfigurationParams<Req, Res, Added, Removed>, ConfigurationType extends IConfiguration<Req, Res, Added, Removed>> {
     protected readonly base64Utils: IBase64Utils;
-    protected abstract createRemoteConfigStorageClient(staticConfig: ConfigurationType): Promise<IRemoteConfigStorageClient<Req, Res, Added, Removed>>;
+    protected abstract createRemoteConfigStorageClient(staticConfig: ConfigurationType): Promise<IRemoteConfigStorageClient<Req, Res, Added, Removed> | null>;
     protected abstract createConfiguration(params: ParamsType | StaticConfigurationParams<Req, Res, Added, Removed>): ConfigurationType;
     protected constructor(base64Utils: IBase64Utils);
     build(params: StaticConfigurationParams<Req, Res, Added, Removed>): Promise<ConfigurationType>;

package/lib/types/config/IConfiguration.d.ts

@@ -8,6 +8,7 @@ import { CredentialEndpointConfiguration, CredentialIntelligenceVersion, CustomL
 import { CustomRequestFunction } from './CustomRequestFunction';
 import { ExtractGraphQLKeywordsFunction } from '../graphql';
 import { TokenVersion } from '../risk_token';
+import { CustomSnippetFunction } from '../snippet_injection';
 export interface IConfiguration<Req, Res, Added, Removed> {
     /**
      * The application ID.
@@ -370,6 +371,14 @@ export interface IConfiguration<Req, Res, Added, Removed> {
      * Whether to add the Secure attribute when setting the PXHD cookie.
      */
     readonly securedPxhdEnabled: boolean;
+    /**
+     * Whether snippet injection on response bodies is enabled.
+     */
+    readonly snippetInjectionEnabled: boolean;
+    /**
+     * A custom function that returns a string representing the snippet to be injected.
+     */
+    readonly createCustomSnippet: CustomSnippetFunction<Req, Res, Added, Removed> | null;
     /**
      * Whether to include the request url in captcha block page
      */

package/lib/types/config/params/CoreConfigurationParams.d.ts

@@ -7,6 +7,7 @@ import { CustomParametersFunction } from '../../custom_parameters';
 import { CustomBlockResponseHeadersHandler, CustomPreflightHandler } from '../../cors';
 import { CustomRequestFunction } from '../CustomRequestFunction';
 import { TokenVersion } from '../../risk_token';
+import { CustomSnippetFunction } from '../../snippet_injection';
 export type StaticConfigurationParamsOnly = {
     px_app_id: string;
     px_cookie_secret: string | string[];
@@ -34,7 +35,11 @@ export type TokenV3ConfigurationParamsOnly = {
     px_risk_cookie_min_iterations?: number;
     px_risk_cookie_max_iterations?: number;
 };
-export type CommonConfigurationParams<Req, Res, Added, Removed> = TokenV3ConfigurationParamsOnly & BatchedActivitiesConfigParamsOnly & {
+export type SnippetInjectionParamsOnly<Req, Res, Added, Removed> = {
+    px_snippet_injection_enabled?: boolean;
+    px_create_custom_snippet?: CustomSnippetFunction<Req, Res, Added, Removed> | null;
+};
+export type CommonConfigurationParams<Req, Res, Added, Removed> = TokenV3ConfigurationParamsOnly & BatchedActivitiesConfigParamsOnly & SnippetInjectionParamsOnly<Req, Res, Added, Removed> & {
     px_s2s_timeout?: number;
     px_backend_url?: string;
     px_user_agent_max_length?: number;

package/lib/types/context/ContextJson.d.ts

@@ -41,5 +41,6 @@ export type ContextJson<Req = unknown, Res = unknown> = {
     logger?: {
         logs: LogRecord[];
     };
+    shouldSendTelemetry: boolean;
 };
 export {};

package/lib/types/context/DefaultContext.d.ts

@@ -44,6 +44,7 @@ export declare class DefaultContext<Req, Res, Added, Removed> implements IContex
     enforcerStartTime?: number;
     logger: ILogger;
     usedCookieSecret?: string;
+    shouldSendTelemetry: boolean;
     protected readonly config: IConfiguration<Req, Res, Added, Removed>;
     protected readonly urlUtils: IUrlUtils;
     constructor(config: IConfiguration<Req, Res, Added, Removed>, request: IIncomingRequest<Req>, options: DefaultContextOptions);

package/lib/types/context/SerializedContext.d.ts

@@ -38,6 +38,7 @@ export declare class SerializedContext<Req, Res, Added, Removed> implements ICon
     vidSource?: VidSource;
     tokenOrigin: TokenOrigin;
     uuid?: string;
+    shouldSendTelemetry: boolean;
     constructor(config: IConfiguration<Req, Res, Added, Removed>, contextJson: ContextJson<Req, Res>, request: IIncomingRequest<Req>, urlUtils: IUrlUtils);
     protected createRequestData({ requestData }: ContextJson<Req, Res>, request: IIncomingRequest<Req>, urlUtils: IUrlUtils): RequestData<Req>;
     protected createTokenData({ tokenData }: ContextJson<Req, Res>, config: IConfiguration<Req, Res, Added, Removed>): TokenData<Req, Res>;

package/lib/types/context/interfaces/IContext.d.ts

@@ -129,4 +129,8 @@ export interface IContext<Req, Res> {
      * The time the Enforcer process started
      */
     readonly enforcerStartTime?: number;
+    /**
+     * Whether to send telemetry activity for the current request.
+     */
+    shouldSendTelemetry: boolean;
 }

package/lib/types/enforcer/EnforcerOptions.d.ts

@@ -10,6 +10,7 @@ import { Products } from '../products';
 import { IGraphQLParser } from '../graphql';
 import { ILogServiceClient } from '../logger';
 import { IRemoteConfigStorageClient, IRemoteConfigServiceClient, IRemoteConfigUpdater } from '../config';
+import { ISnippetInjector, ISnippetRetriever } from '../snippet_injection';
 export type EnforcerOptions<Req, Res, Added, Removed> = {
     httpClient: IHttpClient;
     base64Utils: IBase64Utils;
@@ -30,4 +31,6 @@ export type EnforcerOptions<Req, Res, Added, Removed> = {
     remoteConfigUpdater?: IRemoteConfigUpdater<Req, Res> | null;
     remoteConfigStorageClient?: IRemoteConfigStorageClient<Req, Res, Added, Removed> | null;
     remoteConfigServiceClient?: IRemoteConfigServiceClient<Req, Res, Added, Removed> | null;
+    snippetRetriever?: ISnippetRetriever<Req, Res> | null;
+    snippetInjector?: ISnippetInjector<Res> | null;
 };

package/lib/types/index.d.ts

@@ -7,6 +7,7 @@ export * from './context';
 export * from './custom_parameters';
 export * from './sensitive_request';
 export * from './monitored_request';
+export * from './snippet_injection';
 export * from './cors';
 export * from './enforcer';
 export * from './filter';

package/lib/types/phase/flow/EndEnforcerFlow.d.ts

@@ -1,6 +1,8 @@
 import { IConfiguration } from '../../config';
 import { CompositePhase } from '../impl';
 import { EnforcerOptions } from '../../enforcer';
+type RequiredEndEnforcerFlowOptions = 'logServiceClient' | 'telemetry';
 export declare class EndEnforcerFlow<Req, Res, Added, Removed> extends CompositePhase<Req, Res> {
-    constructor(config: IConfiguration<Req, Res, Added, Removed>, { logServiceClient }: Pick<Required<EnforcerOptions<Req, Res, Added, Removed>>, 'logServiceClient'>);
+    constructor(config: IConfiguration<Req, Res, Added, Removed>, { logServiceClient, telemetry, }: Pick<Required<EnforcerOptions<Req, Res, Added, Removed>>, RequiredEndEnforcerFlowOptions>);
 }
+export {};

package/lib/types/phase/flow/PostEnforceFlow.d.ts

@@ -2,5 +2,5 @@ import { IConfiguration } from '../../config';
 import { EnforcerOptions } from '../../enforcer';
 import { CompositePhase } from '../impl';
 export declare class PostEnforceFlow<Req, Res, Added, Removed> extends CompositePhase<Req, Res> {
-    constructor(config: IConfiguration<Req, Res, Added, Removed>, { products, activityClient, }: Pick<Required<EnforcerOptions<Req, Res, Added, Removed>>, 'products' | 'activityClient'>);
+    constructor(config: IConfiguration<Req, Res, Added, Removed>, { products, activityClient, snippetRetriever, snippetInjector, }: Pick<Required<EnforcerOptions<Req, Res, Added, Removed>>, 'products' | 'activityClient' | 'snippetRetriever' | 'snippetInjector'>);
 }

package/lib/types/phase/impl/IdentifyTelemetryRequestPhase.d.ts

@@ -0,0 +1,9 @@
+import { IPhase } from '../IPhase';
+import { PhaseResult } from '../PhaseResult';
+import { IContext } from '../../context';
+import { ITelemetry } from '../../telemetry';
+export declare class IdentifyTelemetryRequestPhase<Req, Res> implements IPhase<Req, Res> {
+    protected readonly telemetry: ITelemetry<Req, Res>;
+    constructor(telemetry: ITelemetry<Req, Res>);
+    execute(context: IContext<Req, Res>): Promise<PhaseResult>;
+}

package/lib/types/phase/impl/ModifyOutgoingResponsePhase.d.ts

@@ -3,9 +3,13 @@ import { IProduct } from '../../products';
 import { IPhase } from '../IPhase';
 import { PhaseResult } from '../PhaseResult';
 import { IConfiguration } from '../../config';
+import { ISnippetInjector, ISnippetRetriever } from '../../snippet_injection';
 export declare class ModifyOutgoingResponsePhase<Req, Res, Added, Removed> implements IPhase<Req, Res> {
     protected readonly config: IConfiguration<Req, Res, Added, Removed>;
     protected readonly products: IProduct<any, Req, Res>[];
-    constructor(config: IConfiguration<Req, Res, Added, Removed>, products: IProduct<any, Req, Res>[]);
+    protected readonly snippetRetriever?: ISnippetRetriever<Req, Res> | null;
+    protected readonly snippetInjector?: ISnippetInjector<Res> | null;
+    constructor(config: IConfiguration<Req, Res, Added, Removed>, products: IProduct<any, Req, Res>[], snippetRetriever?: ISnippetRetriever<Req, Res> | null, snippetInjector?: ISnippetInjector<Res> | null);
     execute(context: IContext<Req, Res>): Promise<PhaseResult>;
+    protected handleSnippetInjection(context: IContext<Req, Res>): Promise<void>;
 }

package/lib/types/phase/impl/{TelemetryPhase.d.ts → SendTelemetryActivityPhase.d.ts}

@@ -2,7 +2,7 @@ import { IPhase } from '../IPhase';
 import { PhaseResult } from '../PhaseResult';
 import { IContext } from '../../context';
 import { ITelemetry } from '../../telemetry';
-export declare class TelemetryPhase<Req, Res> implements IPhase<Req, Res> {
+export declare class SendTelemetryActivityPhase<Req, Res> implements IPhase<Req, Res> {
     protected readonly telemetry: ITelemetry<Req, Res>;
     constructor(telemetry: ITelemetry<Req, Res>);
     execute(context: IContext<Req, Res>): Promise<PhaseResult>;