perimeterx-js-core 0.25.0 → 0.26.0

package/lib/cjs/enforcer/EnforcerBase.js

@@ -46,8 +46,11 @@ var __spreadArray = (this && this.__spreadArray) || function (to, from, pack) {
 };
 Object.defineProperty(exports, "__esModule", { value: true });
 exports.EnforcerBase = void 0;
-var phase_1 = require("../phase/index.js");
+var flow_1 = require("../flow/index.js");
 var utils_1 = require("./utils.js");
+/**
+ * The base class for fundamental enforcer logic.
+ */
 var EnforcerBase = /** @class */ (function () {
     /**
      * The EnforcerBase constructor.
@@ -68,17 +71,49 @@ var EnforcerBase = /** @class */ (function () {
             this.config.logger.debug('HUMAN enforcer is disabled, will not enforce');
         }
     }
+    /**
+     * Creates the filter flow for the enforcer. The filter flow is responsible for filtering out requests that should not undergo the usual enforcement flow.
+     * For example, first party, filtered, CORS preflight, and telemetry requests are filtered out.
+     * @param config - The configuration object.
+     * @param initializationBlock - All entities necessary for the enforcer to function.
+     * @protected
+     * @returns - The filter flow for the enforcer.
+     */
     EnforcerBase.prototype.createFilterFlow = function (config, initializationBlock) {
-        return new phase_1.FilterFlow(config, initializationBlock);
+        return new flow_1.FilterFlow(config, initializationBlock);
     };
+    /**
+     * Creates the post enforce flow for the enforcer. The post enforce flow is responsible for any logic that requires the origin response in the case of passed requests.
+     * For example, enriching the context with response data (status, login successful information) and modifying the origin response (snippet injection, PXHD) are part of the post enforce flow.
+     * @param config - The configuration object.
+     * @param initializationBlock - All entities necessary for the enforcer to function.
+     * @protected
+     * @returns - The post enforce flow for the enforcer or null if post enforce is not enabled.
+     */
     EnforcerBase.prototype.createPostEnforceFlow = function (config, initializationBlock) {
-        return new phase_1.PostEnforceFlow(config, initializationBlock);
+        return this.config.isPostEnforceEnabled ? new flow_1.PostEnforceFlow(config, initializationBlock) : null;
     };
+    /**
+     * Creates the enforce flow for the enforcer. The enforce flow is responsible for the core functionality of HUMAN enforcement.
+     * For example, parsing HUMAN cookies, performing Risk API, invoking the additional activity handler, and returning a block response are part of the enforce flow.
+     * @param config - The configuration object.
+     * @param initializationBlock - All entities necessary for the enforcer to function.
+     * @protected
+     * @returns - The enforce flow for the enforcer.
+     */
     EnforcerBase.prototype.createEnforceFlow = function (config, initializationBlock) {
-        return new phase_1.EnforceFlow(config, initializationBlock);
+        return new flow_1.EnforceFlow(config, initializationBlock);
     };
+    /**
+     * Creates the end enforce flow for the enforcer. The end enforce flow is responsible for all actions that must be done after every incoming request.
+     * For example, sending the async activities, sending the telemetry activity, or updating the remote config, sending and clearing the enforcer logs, are parts of the end enforce flow.
+     * @param config - The configuration object.
+     * @param initializationBlock - All entities necessary for the enforcer to function.
+     * @protected
+     * @returns - The end enforce flow for the enforcer.
+     */
     EnforcerBase.prototype.createEndEnforcerFlow = function (config, initializationBlock) {
-        return new phase_1.EndEnforcerFlow(config, initializationBlock);
+        return new flow_1.EndEnforcerFlow(config, initializationBlock);
     };
     /**
      * The central function that triggers enforcement on the incoming request.
@@ -142,18 +177,21 @@ var EnforcerBase = /** @class */ (function () {
                     case 2:
                         _a.sent();
                         return [2 /*return*/, result.response ? this.convertToRes.apply(this, __spreadArray([result.response], args, false)) : null];
-                    case 3: return [4 /*yield*/, this.preserveContext.apply(this, __spreadArray([context], args, false))];
+                    case 3: return [4 /*yield*/, this.enforceFlow.execute(context)];
                     case 4:
-                        _a.sent();
-                        return [4 /*yield*/, this.enforceFlow.execute(context)];
-                    case 5:
                         result = _a.sent();
-                        if (!result.done) return [3 /*break*/, 7];
+                        if (!(result.done || !this.config.isPostEnforceEnabled)) return [3 /*break*/, 6];
                         return [4 /*yield*/, this.endEnforcerFlow.execute(context)];
-                    case 6:
+                    case 5:
                         _a.sent();
                         return [2 /*return*/, result.response ? this.convertToRes.apply(this, __spreadArray([result.response], args, false)) : null];
-                    case 7: return [2 /*return*/, null];
+                    case 6:
+                        if (!this.config.isPostEnforceEnabled) return [3 /*break*/, 8];
+                        return [4 /*yield*/, this.preserveContext.apply(this, __spreadArray([context], args, false))];
+                    case 7:
+                        _a.sent();
+                        _a.label = 8;
+                    case 8: return [2 /*return*/, null];
                 }
             });
         });
@@ -170,11 +208,12 @@ var EnforcerBase = /** @class */ (function () {
         }
         return __awaiter(this, void 0, void 0, function () {
             var context, _a, e_2;
-            return __generator(this, function (_b) {
-                switch (_b.label) {
+            var _b;
+            return __generator(this, function (_c) {
+                switch (_c.label) {
                     case 0:
-                        _b.trys.push([0, 5, , 6]);
-                        if (!this.config.moduleEnabled) {
+                        _c.trys.push([0, 5, , 6]);
+                        if (!this.config.moduleEnabled || !this.config.isPostEnforceEnabled) {
                             return [2 /*return*/];
                         }
                         context = this.retrieveContext.apply(this, args);
@@ -182,17 +221,17 @@ var EnforcerBase = /** @class */ (function () {
                         _a = context;
                         return [4 /*yield*/, this.convertToOutgoingResponse.apply(this, args)];
                     case 1:
-                        _a.response = _b.sent();
-                        return [4 /*yield*/, this.postEnforceFlow.execute(context)];
+                        _a.response = _c.sent();
+                        return [4 /*yield*/, ((_b = this.postEnforceFlow) === null || _b === void 0 ? void 0 : _b.execute(context))];
                     case 2:
-                        _b.sent();
+                        _c.sent();
                         return [4 /*yield*/, this.endEnforcerFlow.execute(context)];
                     case 3:
-                        _b.sent();
-                        _b.label = 4;
+                        _c.sent();
+                        _c.label = 4;
                     case 4: return [3 /*break*/, 6];
                     case 5:
-                        e_2 = _b.sent();
+                        e_2 = _c.sent();
                         (context || this.config).logger.error("caught error in post enforce - ".concat(e_2));
                         return [3 /*break*/, 6];
                     case 6: return [2 /*return*/];

package/lib/cjs/enforcer/index.js

@@ -15,6 +15,7 @@ var __exportStar = (this && this.__exportStar) || function(m, exports) {
 };
 Object.defineProperty(exports, "__esModule", { value: true });
 __exportStar(require("./IEnforcer.js"), exports);
+__exportStar(require("./IPostEnforcer.js"), exports);
 __exportStar(require("./EnforcerBase.js"), exports);
 __exportStar(require("./EnforcerOptions.js"), exports);
 __exportStar(require("./utils.js"), exports);

package/lib/cjs/{phase/flow → flow}/EndEnforcerFlow.js

@@ -16,21 +16,25 @@ var __extends = (this && this.__extends) || (function () {
 })();
 Object.defineProperty(exports, "__esModule", { value: true });
 exports.EndEnforcerFlow = void 0;
-var impl_1 = require("../impl/index.js");
+var phase_1 = require("../phase/index.js");
+var Flow_1 = require("./Flow.js");
 var EndEnforcerFlow = /** @class */ (function (_super) {
     __extends(EndEnforcerFlow, _super);
     function EndEnforcerFlow(config, _a) {
-        var logServiceClient = _a.logServiceClient, telemetry = _a.telemetry, remoteConfigManager = _a.remoteConfigManager;
-        var phases = [new impl_1.SendTelemetryActivityPhase(telemetry)];
+        var logServiceClient = _a.logServiceClient, telemetry = _a.telemetry, remoteConfigManager = _a.remoteConfigManager, activityClient = _a.activityClient;
+        var phases = [
+            new phase_1.SendAsyncActivitiesPhase(activityClient),
+            new phase_1.SendTelemetryActivityPhase(telemetry),
+        ];
         if (remoteConfigManager) {
-            phases.push(new impl_1.UpdateRemoteConfigPhase(config, remoteConfigManager));
+            phases.push(new phase_1.UpdateRemoteConfigPhase(config, remoteConfigManager));
         }
         if (logServiceClient) {
-            phases.push(new impl_1.SendLogsPhase(config, logServiceClient));
+            phases.push(new phase_1.SendLogsPhase(config, logServiceClient));
         }
-        phases.push(new impl_1.ClearLogsPhase());
+        phases.push(new phase_1.ClearLogsPhase());
         return _super.call(this, phases) || this;
     }
     return EndEnforcerFlow;
-}(impl_1.CompositePhase));
+}(Flow_1.Flow));
 exports.EndEnforcerFlow = EndEnforcerFlow;

package/lib/cjs/{phase/flow → flow}/EnforceFlow.js

@@ -16,26 +16,21 @@ var __extends = (this && this.__extends) || (function () {
 })();
 Object.defineProperty(exports, "__esModule", { value: true });
 exports.EnforceFlow = void 0;
-var products_1 = require("../../products/index.js");
-var impl_1 = require("../impl/index.js");
+var phase_1 = require("../phase/index.js");
+var Flow_1 = require("./Flow.js");
 var EnforceFlow = /** @class */ (function (_super) {
     __extends(EnforceFlow, _super);
     function EnforceFlow(config, _a) {
-        var _b;
-        var dataEnrichment = _a.dataEnrichment, tokenParser = _a.tokenParser, riskApiClient = _a.riskApiClient, activityClient = _a.activityClient, cors = _a.cors, products = _a.products, graphQLParser = _a.graphQLParser;
+        var dataEnrichment = _a.dataEnrichment, tokenParser = _a.tokenParser, riskApiClient = _a.riskApiClient, cors = _a.cors, products = _a.products, graphQLParser = _a.graphQLParser;
         return _super.call(this, [
-            new impl_1.ParseTokenPhase(tokenParser),
-            new impl_1.EnrichContextFromRequestPhase(config, products, dataEnrichment, graphQLParser),
-            new impl_1.RiskApiPhase(products, riskApiClient),
-            new impl_1.AdditionalActivityHandlerPhase(config),
-            new impl_1.SendAsyncActivitiesOnRequestPhase(activityClient),
-            new impl_1.CreateBlockResponsePhase(config, (_b = {},
-                _b[products_1.ProductName.BOT_DEFENDER] = products[products_1.ProductName.BOT_DEFENDER],
-                _b[products_1.ProductName.HYPE_SALE_CHALLENGE] = products[products_1.ProductName.HYPE_SALE_CHALLENGE],
-                _b), cors),
-            new impl_1.ModifyIncomingRequestPhase(Object.values(products)),
+            new phase_1.ParseTokenPhase(tokenParser),
+            new phase_1.EnrichContextFromRequestPhase(config, products, dataEnrichment, graphQLParser),
+            new phase_1.RiskApiPhase(products, riskApiClient),
+            new phase_1.AdditionalActivityHandlerPhase(config),
+            new phase_1.CreateBlockResponsePhase(config, phase_1.CreateBlockResponsePhase.getBlockers(products), cors),
+            new phase_1.ModifyIncomingRequestPhase(Object.values(products)),
         ]) || this;
     }
     return EnforceFlow;
-}(impl_1.CompositePhase));
+}(Flow_1.Flow));
 exports.EnforceFlow = EnforceFlow;

package/lib/cjs/{phase/flow → flow}/FilterFlow.js

@@ -16,9 +16,10 @@ var __extends = (this && this.__extends) || (function () {
 })();
 Object.defineProperty(exports, "__esModule", { value: true });
 exports.FilterFlow = void 0;
-var products_1 = require("../../products/index.js");
-var utils_1 = require("../../utils/index.js");
-var impl_1 = require("../impl/index.js");
+var products_1 = require("../products/index.js");
+var utils_1 = require("../utils/index.js");
+var phase_1 = require("../phase/index.js");
+var Flow_1 = require("./Flow.js");
 var FilterFlow = /** @class */ (function (_super) {
     __extends(FilterFlow, _super);
     function FilterFlow(config, _a) {
@@ -26,16 +27,16 @@ var FilterFlow = /** @class */ (function (_super) {
         var phases = [];
         var firstPartyProducts = FilterFlow.getFirstPartyProducts(products);
         if ((firstPartyProducts === null || firstPartyProducts === void 0 ? void 0 : firstPartyProducts.length) > 0) {
-            phases.push(new impl_1.FirstPartyPhase(config, httpClient, firstPartyProducts));
+            phases.push(new phase_1.FirstPartyPhase(config, httpClient, firstPartyProducts));
         }
         var filterProducts = FilterFlow.getFilterProducts(products);
         if ((filterProducts === null || filterProducts === void 0 ? void 0 : filterProducts.length) > 0) {
-            phases.push(new impl_1.FilterPhase(filterProducts));
+            phases.push(new phase_1.FilterPhase(filterProducts));
         }
-        phases.push(new impl_1.PreflightPhase(config, cors));
-        phases.push(new impl_1.IdentifyTelemetryRequestPhase(telemetry));
+        phases.push(new phase_1.PreflightPhase(config, cors));
+        phases.push(new phase_1.IdentifyTelemetryRequestPhase(telemetry));
         if (remoteConfigUpdateParser) {
-            phases.push(new impl_1.IdentifyRemoteConfigNotifyRequestPhase(remoteConfigUpdateParser));
+            phases.push(new phase_1.IdentifyRemoteConfigNotifyRequestPhase(remoteConfigUpdateParser));
         }
         return _super.call(this, phases) || this;
     }
@@ -46,5 +47,5 @@ var FilterFlow = /** @class */ (function (_super) {
         return [products[products_1.ProductName.BOT_DEFENDER]].filter(function (prod) { return !(0, utils_1.isNullOrUndefined)(prod); });
     };
     return FilterFlow;
-}(impl_1.CompositePhase));
+}(Flow_1.Flow));
 exports.FilterFlow = FilterFlow;

package/lib/cjs/flow/Flow.js

@@ -0,0 +1,60 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.Flow = void 0;
+var phase_1 = require("../phase/index.js");
+var Flow = /** @class */ (function () {
+    function Flow(phases) {
+        this.phases = phases;
+    }
+    Flow.prototype.insert = function (phase, options) {
+        if (!options) {
+            this.phases.push(phase);
+            return;
+        }
+        if (options.before) {
+            var index = this.getIndexOfPhase(options.before);
+            if (index === -1) {
+                return;
+            }
+            this.phases.splice(index, 0, phase);
+        }
+        if (options.after) {
+            var index = this.getIndexOfPhase(options.after);
+            if (index === -1) {
+                return;
+            }
+            this.phases.splice(index + 1, 0, phase);
+        }
+    };
+    Flow.prototype.remove = function (name) {
+        var index = this.getIndexOfPhase(name);
+        if (index === -1) {
+            return;
+        }
+        this.phases.splice(index, 1);
+    };
+    Flow.prototype.replace = function (name, phase) {
+        var index = this.getIndexOfPhase(name);
+        if (index === -1) {
+            return;
+        }
+        this.phases.splice(index, 1, phase);
+    };
+    Flow.prototype.move = function (name, to) {
+        var index = this.getIndexOfPhase(name);
+        if (index === -1) {
+            return;
+        }
+        var phase = this.phases[index];
+        this.phases.splice(index, 1);
+        this.insert(phase, to);
+    };
+    Flow.prototype.getIndexOfPhase = function (name) {
+        return this.phases.findIndex(function (existingPhase) { return existingPhase.constructor.name === name; });
+    };
+    Flow.prototype.execute = function (context) {
+        return new phase_1.CompositePhase(this.phases).execute(context);
+    };
+    return Flow;
+}());
+exports.Flow = Flow;

package/lib/cjs/flow/IFlow.js

@@ -0,0 +1,2 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });

package/lib/cjs/{phase/flow → flow}/PostEnforceFlow.js

@@ -16,17 +16,17 @@ var __extends = (this && this.__extends) || (function () {
 })();
 Object.defineProperty(exports, "__esModule", { value: true });
 exports.PostEnforceFlow = void 0;
-var impl_1 = require("../impl/index.js");
+var phase_1 = require("../phase/index.js");
+var Flow_1 = require("./Flow.js");
 var PostEnforceFlow = /** @class */ (function (_super) {
     __extends(PostEnforceFlow, _super);
     function PostEnforceFlow(config, _a) {
-        var products = _a.products, activityClient = _a.activityClient, snippetRetriever = _a.snippetRetriever, snippetInjector = _a.snippetInjector;
+        var products = _a.products, snippetRetriever = _a.snippetRetriever, snippetInjector = _a.snippetInjector;
         return _super.call(this, [
-            new impl_1.EnrichContextFromResponsePhase(config, products),
-            new impl_1.ModifyOutgoingResponsePhase(config, Object.values(products), snippetRetriever, snippetInjector),
-            new impl_1.SendAsyncActivitiesOnResponsePhase(activityClient),
+            new phase_1.EnrichContextFromResponsePhase(config, products),
+            new phase_1.ModifyOutgoingResponsePhase(config, Object.values(products), snippetRetriever, snippetInjector),
         ]) || this;
     }
     return PostEnforceFlow;
-}(impl_1.CompositePhase));
+}(Flow_1.Flow));
 exports.PostEnforceFlow = PostEnforceFlow;

package/lib/cjs/{phase/flow → flow}/index.js

@@ -18,3 +18,5 @@ __exportStar(require("./FilterFlow.js"), exports);
 __exportStar(require("./EnforceFlow.js"), exports);
 __exportStar(require("./PostEnforceFlow.js"), exports);
 __exportStar(require("./EndEnforcerFlow.js"), exports);
+__exportStar(require("./IFlow.js"), exports);
+__exportStar(require("./Flow.js"), exports);

package/lib/cjs/index.js

@@ -25,6 +25,7 @@ __exportStar(require("./sensitive_request/index.js"), exports);
 __exportStar(require("./monitored_request/index.js"), exports);
 __exportStar(require("./snippet_injection/index.js"), exports);
 __exportStar(require("./cors/index.js"), exports);
+__exportStar(require("./flow/index.js"), exports);
 __exportStar(require("./enforcer/index.js"), exports);
 __exportStar(require("./filter/index.js"), exports);
 __exportStar(require("./first_party/index.js"), exports);

package/lib/cjs/phase/impl/AdditionalActivityHandlerPhase.js

@@ -38,6 +38,9 @@ var __generator = (this && this.__generator) || function (thisArg, body) {
 Object.defineProperty(exports, "__esModule", { value: true });
 exports.AdditionalActivityHandlerPhase = void 0;
 var additional_activity_handler_1 = require("../../additional_activity_handler/index.js");
+/**
+ * The `AdditionalActivityHandlerPhase` invokes the additional activity handler defined in the configuration.
+ */
 var AdditionalActivityHandlerPhase = /** @class */ (function () {
     function AdditionalActivityHandlerPhase(config) {
         this.config = config;

package/lib/cjs/phase/impl/ClearLogsPhase.js

@@ -37,6 +37,9 @@ var __generator = (this && this.__generator) || function (thisArg, body) {
 };
 Object.defineProperty(exports, "__esModule", { value: true });
 exports.ClearLogsPhase = void 0;
+/**
+ * The `ClearLogsPhase` class deletes the context logs to free up memory.
+ */
 var ClearLogsPhase = /** @class */ (function () {
     function ClearLogsPhase() {
     }

package/lib/cjs/phase/impl/CompositePhase.js

@@ -37,7 +37,16 @@ var __generator = (this && this.__generator) || function (thisArg, body) {
 };
 Object.defineProperty(exports, "__esModule", { value: true });
 exports.CompositePhase = void 0;
+/**
+ * The `CompositePhase` class executes a series of phases in sequence.
+ * It will stop executing phases as soon as one of them returns a result with `done: true`.
+ * It will return the result of the last phase executed or `{ done: false }`.
+ */
 var CompositePhase = /** @class */ (function () {
+    /**
+     * Creates a new CompositePhase instance.
+     * @param phases - An array of phases to be executed in sequence.
+     */
     function CompositePhase(phases) {
         this.phases = phases;
     }

package/lib/cjs/phase/impl/CreateBlockResponsePhase.js

@@ -41,6 +41,10 @@ var http_1 = require("../../http/index.js");
 var pxhd_1 = require("../../pxhd/index.js");
 var action_1 = require("../../action/index.js");
 var products_1 = require("../../products/index.js");
+/**
+ * `CreateBlockResponsePhase` is a phase that creates a block response for the product that recommended a block action.
+ * If multiple products recommended block, it will return the block response for the highest priority product.
+ */
 var CreateBlockResponsePhase = /** @class */ (function () {
     function CreateBlockResponsePhase(config, blockers, cors) {
         this.config = config;
@@ -49,6 +53,18 @@ var CreateBlockResponsePhase = /** @class */ (function () {
             this.cors = cors;
         }
     }
+    /**
+     * A static method that identifies those products that can block incoming requests and returns a map of the product name to the product instance.
+     * @param products - All supported products.
+     * @returns A mapping of those products that implement the `IConditionalBlocker` interface.
+     */
+    CreateBlockResponsePhase.getBlockers = function (products) {
+        var _a;
+        return _a = {},
+            _a[products_1.ProductName.BOT_DEFENDER] = products[products_1.ProductName.BOT_DEFENDER],
+            _a[products_1.ProductName.HYPE_SALE_CHALLENGE] = products[products_1.ProductName.HYPE_SALE_CHALLENGE],
+            _a;
+    };
     CreateBlockResponsePhase.prototype.execute = function (context) {
         return __awaiter(this, void 0, void 0, function () {
             var response;

package/lib/cjs/phase/impl/DecideActionPhase.js

@@ -40,9 +40,20 @@ exports.DecideActionPhase = void 0;
 var logger_1 = require("../../logger/index.js");
 var action_1 = require("../../action/index.js");
 var blocker_1 = require("../../blocker/index.js");
+/**
+ * `DecideActionPhase` is an abstract class that provides the protected function `updateContextDecision`.
+ * Phases that extend this class can use the `updateContextDecision` method to update the `context.action` and
+ * `context.reasons` properties based on the product data in the context. Calling this function essentially
+ * recalculates what action the enforcer should take and why.
+ */
 var DecideActionPhase = /** @class */ (function () {
     function DecideActionPhase() {
     }
+    /**
+     * Updates the `action`, `reasons`, and `blockAction` properties based on the product data in the context.
+     * @param context - The request context.
+     * @protected
+     */
     DecideActionPhase.prototype.updateContextDecision = function (context) {
         return __awaiter(this, void 0, void 0, function () {
             var _a, action, reasons, productReasons;

package/lib/cjs/phase/impl/EnrichContextFromRequestPhase.js

@@ -54,6 +54,15 @@ Object.defineProperty(exports, "__esModule", { value: true });
 exports.EnrichContextFromRequestPhase = void 0;
 var custom_parameters_1 = require("../../custom_parameters/index.js");
 var DecideActionPhase_1 = require("./DecideActionPhase.js");
+/**
+ * `EnrichContextFromRequestPhase` adds data to the context from the request. This includes parsing the data enrichment cookie,
+ * adding GraphQL data, custom parameters, and enriching the context with any product-specific data by calling each product's
+ * `enrichContextFromRequest` method. (As an example, this is where the Credential Intelligence product enriches the context by
+ * extracting login credentials and adding them to the product data of the request.) It then updates the context's final action
+ * and reasons based on the enriched data.
+ *
+ * Note: This phase should come after the `ParseTokenPhase`, since the Bot Defender product uses the parsed token to determine its recommended action.
+ */
 var EnrichContextFromRequestPhase = /** @class */ (function (_super) {
     __extends(EnrichContextFromRequestPhase, _super);
     function EnrichContextFromRequestPhase(config, products, dataEnrichment, graphQLParser) {
@@ -131,18 +140,13 @@ var EnrichContextFromRequestPhase = /** @class */ (function (_super) {
             return __generator(this, function (_a) {
                 switch (_a.label) {
                     case 0: return [4 /*yield*/, Promise.all(Object.entries(this.products).map(function (_a) { return __awaiter(_this, [_a], void 0, function (_b) {
-                            var _c, _d;
                             var name = _b[0], product = _b[1];
-                            return __generator(this, function (_e) {
-                                switch (_e.label) {
-                                    case 0:
-                                        // @ts-ignore
-                                        _c = context.productData;
-                                        _d = name;
-                                        return [4 /*yield*/, (product === null || product === void 0 ? void 0 : product.enrichContextFromRequest(context))];
+                            return __generator(this, function (_c) {
+                                switch (_c.label) {
+                                    case 0: return [4 /*yield*/, (product === null || product === void 0 ? void 0 : product.enrichContextFromRequest(context))];
                                     case 1:
                                         // @ts-ignore
-                                        _c[_d] = _e.sent();
+                                        context.productData[name] = _c.sent();
                                         return [2 /*return*/];
                                 }
                             });

package/lib/cjs/phase/impl/EnrichContextFromResponsePhase.js

@@ -38,6 +38,10 @@ var __generator = (this && this.__generator) || function (thisArg, body) {
 Object.defineProperty(exports, "__esModule", { value: true });
 exports.EnrichContextFromResponsePhase = void 0;
 var utils_1 = require("../../utils/index.js");
+/**
+ * `EnrichContextFromResponsePhase` enriches the context with response data. Each product's `enrichContextFromResponse`
+ * method is called since every product may use the response data differently.
+ */
 var EnrichContextFromResponsePhase = /** @class */ (function () {
     function EnrichContextFromResponsePhase(config, products) {
         this.config = config;

package/lib/cjs/phase/impl/FilterPhase.js

@@ -37,6 +37,10 @@ var __generator = (this && this.__generator) || function (thisArg, body) {
 };
 Object.defineProperty(exports, "__esModule", { value: true });
 exports.FilterPhase = void 0;
+/**
+ * The `FilterPhase` class checks if the provided filters indicate that the incoming HTTP request should be filtered from the flow.
+ * If any filter returns `true` for `shouldFilter`, the phase will stop further processing and return a `done` status.
+ */
 var FilterPhase = /** @class */ (function () {
     function FilterPhase(filters) {
         this.filters = filters;

package/lib/cjs/phase/impl/FirstPartyPhase.js

@@ -38,6 +38,11 @@ var __generator = (this && this.__generator) || function (thisArg, body) {
 Object.defineProperty(exports, "__esModule", { value: true });
 exports.FirstPartyPhase = void 0;
 var http_1 = require("../../http/index.js");
+/**
+ * The `FirstPartyPhase` class is responsible for handling first-party requests. If a first-party request is detected,
+ * it will create the `FirstPartyData`, send the request to the configured endpoint using the provided HTTP client, and return
+ * a done status with the response. If an error occurs, it will return the default response.
+ */
 var FirstPartyPhase = /** @class */ (function () {
     function FirstPartyPhase(config, httpClient, firstParties) {
         this.config = config;

package/lib/cjs/phase/impl/IdentifyRemoteConfigNotifyRequestPhase.js

@@ -38,6 +38,11 @@ var __generator = (this && this.__generator) || function (thisArg, body) {
 Object.defineProperty(exports, "__esModule", { value: true });
 exports.IdentifyRemoteConfigNotifyRequestPhase = void 0;
 var http_1 = require("../../http/index.js");
+/**
+ * The `IdentifyRemoteConfigNotifyRequestPhase` class is responsible for identifying incoming remote config update requests.
+ * It checks if the request is a remote config update request and, if so, parses the request and updates the context accordingly.
+ * Note that the remote config is not updated during this phase; that occurs in the `UpdateRemoteConfigPhase`.
+ */
 var IdentifyRemoteConfigNotifyRequestPhase = /** @class */ (function () {
     function IdentifyRemoteConfigNotifyRequestPhase(remoteConfigUpdateParser) {
         this.remoteConfigUpdateParser = remoteConfigUpdateParser;

package/lib/cjs/phase/impl/IdentifyTelemetryRequestPhase.js

@@ -37,6 +37,11 @@ var __generator = (this && this.__generator) || function (thisArg, body) {
 };
 Object.defineProperty(exports, "__esModule", { value: true });
 exports.IdentifyTelemetryRequestPhase = void 0;
+/**
+ * The `IdentifyTelemetryRequestPhase` class is responsible for identifying incoming telemetry requests.
+ * It checks if the request is a telemetry request and, if so, parses the request and updates the context accordingly.
+ * Note that the telemetry activity is not sent during this phase; that occurs in the `SendTelemetryActivityPhase`.
+ */
 var IdentifyTelemetryRequestPhase = /** @class */ (function () {
     function IdentifyTelemetryRequestPhase(telemetry) {
         this.telemetry = telemetry;

package/lib/cjs/phase/impl/ModifyIncomingRequestPhase.js

@@ -37,6 +37,11 @@ var __generator = (this && this.__generator) || function (thisArg, body) {
 };
 Object.defineProperty(exports, "__esModule", { value: true });
 exports.ModifyIncomingRequestPhase = void 0;
+/**
+ * The `ModifyIncomingRequestPhase` class is responsible for modifying the incoming HTTP request prior to forwarding the
+ * request to the origin server or cache. This phase invokes each product's `modifyIncomingRequest` method. (As an example,
+ * this is where the Credential Intelligence product adds the compromised credentials header to the request if needed.)
+ */
 var ModifyIncomingRequestPhase = /** @class */ (function () {
     function ModifyIncomingRequestPhase(products) {
         this.products = products;

package/lib/cjs/phase/impl/ModifyOutgoingResponsePhase.js

@@ -39,6 +39,11 @@ Object.defineProperty(exports, "__esModule", { value: true });
 exports.ModifyOutgoingResponsePhase = void 0;
 var pxhd_1 = require("../../pxhd/index.js");
 var http_1 = require("../../http/index.js");
+/**
+ * The `ModifyOutgoingResponsePhase` class is responsible for modifying the outgoing HTTP response prior to returning it
+ * to the end user. This phase invokes each product's `modifyOutgoingResponse` method, as well as adding the PXHD cookie.
+ * If snippet injection is supported and enabled, it also occurs in this phase.
+ */
 var ModifyOutgoingResponsePhase = /** @class */ (function () {
     function ModifyOutgoingResponsePhase(config, products, snippetRetriever, snippetInjector) {
         this.config = config;

package/lib/cjs/phase/impl/ParseTokenPhase.js

@@ -39,6 +39,9 @@ Object.defineProperty(exports, "__esModule", { value: true });
 exports.ParseTokenPhase = void 0;
 var risk_token_1 = require("../../risk_token/index.js");
 var utils_1 = require("../../utils/index.js");
+/**
+ * The `ParseTokenPhase` class is responsible for parsing the risk token from the incoming request and updating the context.
+ */
 var ParseTokenPhase = /** @class */ (function () {
     function ParseTokenPhase(tokenParser) {
         this.tokenParser = tokenParser;
@@ -59,14 +62,18 @@ var ParseTokenPhase = /** @class */ (function () {
     };
     ParseTokenPhase.prototype.addTokenDataToContext = function (context, tokenData) {
         Object.assign(context.tokenData, tokenData);
-        if (tokenData.tokenParseResult === risk_token_1.TokenParseResult.SUCCESSFUL) {
-            (0, utils_1.transferExistingProperties)(tokenData.token, context, {
-                vid: 'vid',
-                uuid: 'uuid',
-                score: 'score',
-                action: 'blockAction',
-            });
+        if (tokenData.tokenParseResult === risk_token_1.TokenParseResult.SUCCESSFUL && tokenData.token) {
+            if (tokenData.token.score != null) {
+                context.score = tokenData.token.score;
+            }
+            if (tokenData.token.action) {
+                context.blockAction = tokenData.token.action;
+            }
+            if (tokenData.token.uuid) {
+                context.uuid = tokenData.token.uuid;
+            }
             if (tokenData.token.vid) {
+                context.vid = tokenData.token.vid;
                 context.vidSource = utils_1.VidSource.RISK_COOKIE;
             }
         }

package/lib/cjs/phase/impl/PreflightPhase.js

@@ -37,6 +37,10 @@ var __generator = (this && this.__generator) || function (thisArg, body) {
 };
 Object.defineProperty(exports, "__esModule", { value: true });
 exports.PreflightPhase = void 0;
+/**
+ * The `PreflightPhase` class is responsible for handling preflight requests in CORS (Cross-Origin Resource Sharing).
+ * This includes filtering preflight requests or invoking the preflight custom handler if configured.
+ */
 var PreflightPhase = /** @class */ (function () {
     function PreflightPhase(config, cors) {
         this.corsSupportEnabled = config.corsSupportEnabled;