perimeterx-js-core 0.3.0 → 0.4.0

package/README.md

@@ -100,17 +100,24 @@ or use an external library (e.g., `phin`, `axios`) if needed.
 
 ### Crypto
 
-Since cryptographic functionality varies from platform to platform, this library's crypto utils takes the form of an interface
+Since cryptographic functionality varies from platform to platform, this library's crypto utils takes the form of interfaces
 as well.
 
-`IBase64Utils` - Represents a Base64 encoding and decoding utility that other components may require. A `DefaultBase64Utils`
-implementation using the `js-base64` dependency is provided.
+`IBase64Utils` - Represents a Base64 encoding and decoding utility that other components may require. The following implementations
+are provided:
+* `AtobBase64Utils`, which relies on native `atob` and `btoa` functions.
+* `BufferBase64Utils`, which relies on the native NodeJS `Buffer.from()` function.
+* `JSBase64Base64Utils`, which uses the `js-base64` dependency.
 
-`IHashUtils` - Represents an HMAC-generating utility that other components may require. A `DefaultHashUtils`
-implementation using the `crypto-js` dependency is provided.
+`IHashUtils` - Represents an HMAC-generating utility that other components may require. The following implementations are
+provided:
+* `CryptoHmacUtils`, which relies on the native NodeJS `crypto` package.
+* `CryptoJSHmacUtils`, which uses the `crypto-js` dependency.
 
-`ICipherUtils` - Represents an encryption and decryption utility that is required for RiskTokenV3. No default 
-implementation is provided.
+`ICipherUtils` - Represents an encryption and decryption utility that is required for RiskTokenV3. The following implementations
+are provided:
+* `CryptoCipherUtils`, which relies on the native NodeJS `crypto` package.
+* `SubtleCryptoCipherUtils`, which relies on an object implementing the `SubtleCrypto` interface. By default, it is assumed that the global `crypto.subtle` implements this interface.
 
 ### Other Dependencies
 
@@ -119,8 +126,8 @@ can be swapped with other implementations. These classes are:
 
 | **Library**       | **Implementation**        | **Used For**                              |
 | :---              | :---                      | :---                                      |
-| `crypto-js`       | `DefaultHashUtils`        | PXDE, telemetry, risk token V2/V3, etc.   |
-| `js-base64`       | `DefaultBase64Utils`      | PXDE, telemetry, risk token V2, etc.      |
+| `crypto-js`       | `CryptoJSHmacUtils`        | PXDE, telemetry, risk token V2/V3, etc.   |
+| `js-base64`       | `JSBase64Base64Utils`      | PXDE, telemetry, risk token V2, etc.      |
 | `cookie`          | `DefaultCookieParser`     | `ContextBase`                             |
 | `uuid`            | `DefaultUuidGenerator`    | `ContextBase`                             |
 | `ip-range-check`  | `DefaultIpRangeChecker`   | `DefaultFilter`                           |

package/lib/activities/HttpActivityClient.d.ts

@@ -1,8 +1,8 @@
 import { IConfiguration } from '../config';
 import { IContext } from '../context';
-import { IHttpClient } from '../http';
 import { IActivityClient } from './IActivityClient';
 import { Activity } from './model/Activity';
+import { IHttpClient } from '../http';
 export declare class HttpActivityClient implements IActivityClient {
     private readonly config;
     private readonly httpClient;

package/lib/activities/HttpActivityClient.js

@@ -42,6 +42,8 @@ var utils_1 = require("../utils");
 var ActivityType_1 = require("./ActivityType");
 var utils_2 = require("./utils");
 var constants_1 = require("./constants");
+var http_2 = require("../http");
+var http_3 = require("../http");
 var HttpActivityClient = /** @class */ (function () {
     function HttpActivityClient(config, httpClient) {
         this.config = config;
@@ -87,13 +89,13 @@ var HttpActivityClient = /** @class */ (function () {
     };
     HttpActivityClient.prototype.postActivities = function (activities) {
         return __awaiter(this, void 0, void 0, function () {
-            var url, method, headers, body, status;
+            var url, method, headers, body, req, status;
             var _a;
             return __generator(this, function (_b) {
                 switch (_b.label) {
                     case 0:
                         url = "".concat(this.config.backendCollectorUrl).concat(constants_1.ACTIVITIES_ENDPOINT);
-                        method = http_1.HttpMethod.POST;
+                        method = http_2.HttpMethod.POST;
                         headers = (_a = {},
                             _a[http_1.CONTENT_TYPE_HEADER_NAME] = [http_1.ContentType.APPLICATION_JSON],
                             _a[http_1.AUTHORIZATION_HEADER_NAME] = [(0, utils_1.getAuthorizationHeader)(this.config.authToken)],
@@ -103,9 +105,10 @@ var HttpActivityClient = /** @class */ (function () {
                             var type = _a.type;
                             return "".concat(type, " activity");
                         }).join(', '), " to ").concat(url));
-                        return [4 /*yield*/, this.httpClient.send(new http_1.DefaultHttpRequest(url, { method: method, headers: headers, body: body }))];
+                        req = new http_3.OutgoingRequestImpl({ url: url, method: method, headers: headers, body: body });
+                        return [4 /*yield*/, this.httpClient.send(req).then(function (resp) { return resp.status; })];
                     case 1:
-                        status = (_b.sent()).status;
+                        status = _b.sent();
                         return [2 /*return*/, status === 200];
                 }
             });

package/lib/activities/HttpBatchedActivityClient.d.ts

@@ -1,7 +1,7 @@
 import { HttpActivityClient } from './HttpActivityClient';
 import { IConfiguration } from '../config';
-import { IHttpClient } from '../http';
 import { Activity } from './model/Activity';
+import { IHttpClient } from '../http';
 export declare class HttpBatchedActivityClient extends HttpActivityClient {
     private readonly batchSize;
     private readonly timeoutMs;

package/lib/activities/utils.js

@@ -8,7 +8,7 @@ var createActivity = function (activityType, config, context) {
         type: activityType,
         px_app_id: config.appId,
         url: context.requestData.url.href,
-        headers: (0, utils_1.removeSensitiveHeaders)(context.requestData.headers, config.sensitiveHeaders).toObject(','),
+        headers: (0, utils_1.removeSensitiveHeaders)(context.requestData.headers, config.sensitiveHeaders),
         pxhd: context.pxhd,
         socket_ip: context.requestData.ip,
         timestamp: Date.now(),

package/lib/block_handler/DefaultBlockResponseGenerator.d.ts

@@ -1,14 +1,14 @@
 import { IContext } from '../context';
 import { IConfiguration } from '../config';
-import { IHttpResponse } from '../http';
 import { IBase64Utils } from '../utils';
 import { IBlockResponseGenerator } from './IBlockResponseGenerator';
+import { IMinimalResponse } from '../http';
 export declare class DefaultBlockResponseGenerator implements IBlockResponseGenerator {
     private readonly config;
     private readonly captchaResponseGenerator;
     constructor(config: IConfiguration, base64Utils: IBase64Utils);
     shouldGenerate(context: IContext): boolean;
-    generateBlockResponse(context: IContext): IHttpResponse;
+    generateBlockResponse(context: IContext): IMinimalResponse;
     private generateRateLimitResponse;
     private generateCaptchaResponse;
 }

package/lib/block_handler/DefaultBlockResponseGenerator.js

@@ -6,6 +6,7 @@ var http_1 = require("../http");
 var BlockAction_1 = require("./BlockAction");
 var CaptchaBlockResponseGenerator_1 = require("./captcha/CaptchaBlockResponseGenerator");
 var rate_limit_template_1 = require("./templates/rate_limit_template");
+var http_2 = require("../http");
 var DefaultBlockResponseGenerator = /** @class */ (function () {
     function DefaultBlockResponseGenerator(config, base64Utils) {
         this.config = config;
@@ -26,7 +27,7 @@ var DefaultBlockResponseGenerator = /** @class */ (function () {
                 res = this.generateCaptchaResponse(context);
                 break;
         }
-        return pxhd_1.PXHDUtils.addPxhdToResponse(context, res);
+        return pxhd_1.PXHDUtils.addPxhdToMinimalResponse(context, res);
     };
     DefaultBlockResponseGenerator.prototype.generateRateLimitResponse = function () {
         var _a;
@@ -34,7 +35,11 @@ var DefaultBlockResponseGenerator = /** @class */ (function () {
         var headers = (_a = {},
             _a[http_1.CONTENT_TYPE_HEADER_NAME] = [http_1.ContentType.TEXT_HTML],
             _a);
-        return new http_1.DefaultHttpResponse(rate_limit_template_1.RATE_LIMIT_TEMPLATE, { status: status, headers: headers });
+        return new http_2.MinimalResponseImpl({
+            body: rate_limit_template_1.RATE_LIMIT_TEMPLATE,
+            status: status,
+            headers: headers,
+        });
     };
     DefaultBlockResponseGenerator.prototype.generateCaptchaResponse = function (context) {
         return this.captchaResponseGenerator.generateBlockResponse(context);

package/lib/block_handler/IBlockResponseGenerator.d.ts

@@ -1,5 +1,5 @@
 import { IContext } from '../context';
-import { IHttpResponse } from '../http';
+import { IMinimalResponse } from '../http';
 export interface IBlockResponseGenerator {
     /**
      * @param context - The request context.
@@ -10,5 +10,5 @@ export interface IBlockResponseGenerator {
      * @param context - The request context.
      * @returns IHttpResponse - The block response that should be returned to the end-user.
      */
-    generateBlockResponse(context: IContext): IHttpResponse;
+    generateBlockResponse(context: IContext): IMinimalResponse;
 }

package/lib/block_handler/captcha/CaptchaBlockResponseGenerator.d.ts

@@ -1,8 +1,8 @@
 import { IConfiguration } from '../../config';
 import { IContext } from '../../context';
-import { IHttpResponse } from '../../http';
 import { IBase64Utils } from '../../utils';
 import { IBlockResponseGenerator } from '../IBlockResponseGenerator';
+import { IMinimalResponse } from '../../http';
 export declare class CaptchaBlockResponseGenerator implements IBlockResponseGenerator {
     private readonly config;
     private readonly jsonCaptchaGenerator;
@@ -10,5 +10,5 @@ export declare class CaptchaBlockResponseGenerator implements IBlockResponseGene
     private readonly htmlCaptchaGenerator;
     constructor(config: IConfiguration, base64Utils: IBase64Utils);
     shouldGenerate({ blockAction }: IContext): boolean;
-    generateBlockResponse(context: IContext): IHttpResponse;
+    generateBlockResponse(context: IContext): IMinimalResponse;
 }

package/lib/block_handler/captcha/HtmlCaptchaResponseGenerator.d.ts

@@ -1,10 +1,10 @@
 import { IConfiguration } from '../../config';
 import { IContext } from '../../context';
-import { IHttpResponse } from '../../http';
 import { IBlockResponseGenerator } from '../IBlockResponseGenerator';
+import { IMinimalResponse } from '../../http';
 export declare class HtmlCaptchaResponseGenerator implements IBlockResponseGenerator {
     private readonly config;
     constructor(config: IConfiguration);
     shouldGenerate(context: IContext): boolean;
-    generateBlockResponse(context: IContext): IHttpResponse;
+    generateBlockResponse(context: IContext): IMinimalResponse;
 }

package/lib/block_handler/captcha/HtmlCaptchaResponseGenerator.js

@@ -4,6 +4,7 @@ exports.HtmlCaptchaResponseGenerator = void 0;
 var http_1 = require("../../http");
 var utils_1 = require("../utils");
 var captcha_template_1 = require("../templates/captcha_template");
+var http_2 = require("../../http");
 var HtmlCaptchaResponseGenerator = /** @class */ (function () {
     function HtmlCaptchaResponseGenerator(config) {
         this.config = config;
@@ -18,7 +19,11 @@ var HtmlCaptchaResponseGenerator = /** @class */ (function () {
             _a[http_1.CONTENT_TYPE_HEADER_NAME] = [http_1.ContentType.TEXT_HTML],
             _a);
         var body = (0, utils_1.renderHtml)(captcha_template_1.CAPTCHA_TEMPLATE, (0, utils_1.createBlockData)(this.config, context));
-        return new http_1.DefaultHttpResponse(body, { status: status, headers: headers });
+        return new http_2.MinimalResponseImpl({
+            body: body,
+            status: status,
+            headers: headers,
+        });
     };
     return HtmlCaptchaResponseGenerator;
 }());

package/lib/block_handler/captcha/JsonCaptchaResponseGenerator.d.ts

@@ -1,10 +1,10 @@
 import { IConfiguration } from '../../config';
 import { IContext } from '../../context';
-import { IHttpResponse } from '../../http';
 import { IBlockResponseGenerator } from '../IBlockResponseGenerator';
+import { IMinimalResponse } from '../../http';
 export declare class JsonCaptchaResponseGenerator implements IBlockResponseGenerator {
     private readonly config;
     constructor(config: IConfiguration);
     shouldGenerate(context: IContext): boolean;
-    generateBlockResponse(context: IContext): IHttpResponse;
+    generateBlockResponse(context: IContext): IMinimalResponse;
 }

package/lib/block_handler/captcha/JsonCaptchaResponseGenerator.js

@@ -4,17 +4,17 @@ exports.JsonCaptchaResponseGenerator = void 0;
 var BlockAction_1 = require("../BlockAction");
 var http_1 = require("../../http");
 var utils_1 = require("../utils");
+var http_2 = require("../../http");
 var JsonCaptchaResponseGenerator = /** @class */ (function () {
     function JsonCaptchaResponseGenerator(config) {
         this.config = config;
     }
     JsonCaptchaResponseGenerator.prototype.shouldGenerate = function (context) {
-        var _a, _b;
         if (!this.config.advancedBlockingResponseEnabled) {
             return false;
         }
-        var acceptHeaderValue = ((_a = context.requestData.headers.get(http_1.ACCEPT_HEADER_NAME)) === null || _a === void 0 ? void 0 : _a[0]) ||
-            ((_b = context.requestData.headers.get(http_1.CONTENT_TYPE_HEADER_NAME)) === null || _b === void 0 ? void 0 : _b[0]) ||
+        var acceptHeaderValue = context.requestData.request.headers.get(http_1.ACCEPT_HEADER_NAME) ||
+            context.requestData.request.headers.get(http_1.CONTENT_TYPE_HEADER_NAME) ||
             '';
         var acceptHeaderContainsJson = acceptHeaderValue === null || acceptHeaderValue === void 0 ? void 0 : acceptHeaderValue.split(',').some(function (value) { return value.toLowerCase() === http_1.ContentType.APPLICATION_JSON; });
         return !context.isMobile && context.blockAction !== BlockAction_1.BlockAction.RATE_LIMIT && acceptHeaderContainsJson;
@@ -37,7 +37,11 @@ var JsonCaptchaResponseGenerator = /** @class */ (function () {
             blockScript: blockData.blockScript,
             altBlockScript: blockData.altBlockScript,
         };
-        return new http_1.DefaultHttpResponse(JSON.stringify(jsonBlockPayload), { status: status, headers: headers });
+        return new http_2.MinimalResponseImpl({
+            body: JSON.stringify(jsonBlockPayload),
+            status: status,
+            headers: headers,
+        });
     };
     return JsonCaptchaResponseGenerator;
 }());

package/lib/block_handler/captcha/MobileCaptchaResponseGenerator.d.ts

@@ -1,12 +1,12 @@
 import { IConfiguration } from '../../config';
 import { IContext } from '../../context';
-import { IHttpResponse } from '../../http';
 import { IBase64Utils } from '../../utils';
 import { IBlockResponseGenerator } from '../IBlockResponseGenerator';
+import { IMinimalResponse } from '../../http';
 export declare class MobileCaptchaResponseGenerator implements IBlockResponseGenerator {
     private readonly config;
     private readonly base64Utils;
     constructor(config: IConfiguration, base64Utils: IBase64Utils);
     shouldGenerate(context: IContext): boolean;
-    generateBlockResponse(context: IContext): IHttpResponse;
+    generateBlockResponse(context: IContext): IMinimalResponse;
 }

package/lib/block_handler/captcha/MobileCaptchaResponseGenerator.js

@@ -5,6 +5,7 @@ var http_1 = require("../../http");
 var BlockAction_1 = require("../BlockAction");
 var utils_1 = require("../utils");
 var captcha_template_1 = require("../templates/captcha_template");
+var http_2 = require("../../http");
 var MobileCaptchaResponseGenerator = /** @class */ (function () {
     function MobileCaptchaResponseGenerator(config, base64Utils) {
         this.config = config;
@@ -29,7 +30,11 @@ var MobileCaptchaResponseGenerator = /** @class */ (function () {
             page: this.base64Utils.base64Encode(captchaPage),
             collectorHost: this.config.backendCollectorUrl,
         };
-        return new http_1.DefaultHttpResponse(JSON.stringify(mobileBlockPayload), { status: status, headers: headers });
+        return new http_2.MinimalResponseImpl({
+            body: JSON.stringify(mobileBlockPayload),
+            status: status,
+            headers: headers,
+        });
     };
     return MobileCaptchaResponseGenerator;
 }());

package/lib/config/DefaultConfigurations.js

@@ -1,8 +1,8 @@
 "use strict";
 Object.defineProperty(exports, "__esModule", { value: true });
 exports.DEFAULT_CONFIGURATIONS = void 0;
-var LoggerSeverity_1 = require("../logger/LoggerSeverity");
-var ModuleMode_1 = require("../utils/ModuleMode");
+var logger_1 = require("../logger");
+var utils_1 = require("../utils");
 exports.DEFAULT_CONFIGURATIONS = {
     px_app_id: '',
     px_auth_token: '',
@@ -13,11 +13,11 @@ exports.DEFAULT_CONFIGURATIONS = {
     px_risk_cookie_max_length: 2048,
     px_risk_cookie_min_iterations: 500,
     px_risk_cookie_max_iterations: 5000,
-    px_logger_severity: LoggerSeverity_1.LoggerSeverity.ERROR,
+    px_logger_severity: logger_1.LoggerSeverity.ERROR,
     px_ip_headers: [],
     px_extract_ip: null,
     px_module_enabled: true,
-    px_module_mode: ModuleMode_1.ModuleMode.MONITOR,
+    px_module_mode: utils_1.ModuleMode.MONITOR,
     px_additional_activity_handler: null,
     px_advanced_blocking_response_enabled: true,
     px_max_activity_batch_size: 0,

package/lib/context/ContextBase.d.ts

@@ -2,12 +2,13 @@ import { IConfiguration } from '../config';
 import { BlockReason, BlockAction } from '../block_handler';
 import { CustomParameters } from '../custom_parameters';
 import { FilterReason } from '../filter';
-import { IHttpRequest, HttpHeaders } from '../http';
 import { PXDE } from '../pxde';
 import { GraphQLData } from '../graphql';
 import { IBotDefenderToken, TokenOrigin } from '../risk_token';
 import { VidSource, PassReason, ICookieParser, IUuidGenerator } from '../utils';
 import { IContext, MobileData, RequestData, ResponseData, RiskApiData, ServerData, TlsData } from './IContext';
+import { IIncomingRequest } from '../http/interfaces/IIncomingRequest';
+import { ReadOnlyHeaders } from '../http';
 export declare type ContextBaseOptions = {
     cookieParser?: ICookieParser;
     uuidGenerator?: IUuidGenerator;
@@ -38,12 +39,12 @@ export declare abstract class ContextBase<OptionsType extends ContextBaseOptions
     customParameters?: CustomParameters;
     graphqlData?: GraphQLData[];
     protected readonly config: IConfiguration;
-    protected constructor(config: IConfiguration, request: IHttpRequest, options?: OptionsType);
+    protected constructor(config: IConfiguration, request: IIncomingRequest, options?: OptionsType);
     protected abstract createRiskToken(config: IConfiguration, cookies: Record<string, string>, options: OptionsType): IBotDefenderToken;
-    protected createRequestData(config: IConfiguration, request: IHttpRequest, cookieParser?: ICookieParser): RequestData;
+    protected createRequestData(config: IConfiguration, request: IIncomingRequest, cookieParser?: ICookieParser): RequestData;
     protected getCookies(cookieParser: ICookieParser, ...cookieHeaderValues: string[]): Record<string, string>;
-    protected extractUserAgentFromHeader(config: IConfiguration, headers: HttpHeaders): string;
-    protected extractIpFromHeader(config: IConfiguration, headers: HttpHeaders): string;
+    protected extractUserAgentFromHeader(config: IConfiguration, headers: ReadOnlyHeaders): string;
+    protected extractIpFromHeader(config: IConfiguration, headers: ReadOnlyHeaders): string;
     protected isMonitored(config: IConfiguration, requestData: RequestData): boolean;
     protected isSensitive(config: IConfiguration, { url }: RequestData): boolean;
     protected isAllowedToBypassMonitor(config: IConfiguration, requestData: RequestData): boolean;

package/lib/context/ContextBase.js

@@ -26,16 +26,16 @@ var ContextBase = /** @class */ (function () {
         }
     }
     ContextBase.prototype.createRequestData = function (config, request, cookieParser) {
-        var _a, _b;
         if (cookieParser === void 0) { cookieParser = new utils_1.DefaultCookieParser(); }
         var url = (0, utils_1.getDecodedUrl)(request.url);
         var method = request.method;
         var headers = request.headers;
-        var cookies = this.getCookies(cookieParser, (_a = request.headers.get(http_1.COOKIE_HEADER_NAME)) === null || _a === void 0 ? void 0 : _a[0], (_b = request.headers.get(config.customCookieHeader)) === null || _b === void 0 ? void 0 : _b[0]);
+        var cookies = this.getCookies(cookieParser, request.headers.get(http_1.COOKIE_HEADER_NAME), request.headers.get(config.customCookieHeader));
         var requestCookieNames = Object.keys(cookies);
-        var userAgent = this.extractUserAgentFromHeader(config, headers);
-        var ip = this.extractIpFromHeader(config, headers);
-        return { url: url, method: method, headers: headers, cookies: cookies, ip: ip, userAgent: userAgent, requestCookieNames: requestCookieNames, request: request };
+        var readOnlyHeaders = (0, http_1.toReadOnlyHeaders)(headers);
+        var userAgent = this.extractUserAgentFromHeader(config, readOnlyHeaders);
+        var ip = this.extractIpFromHeader(config, readOnlyHeaders);
+        return { url: url, method: method, headers: readOnlyHeaders, cookies: cookies, ip: ip, userAgent: userAgent, requestCookieNames: requestCookieNames, request: request };
     };
     ContextBase.prototype.getCookies = function (cookieParser) {
         var cookieHeaderValues = [];
@@ -50,7 +50,7 @@ var ContextBase = /** @class */ (function () {
     };
     ContextBase.prototype.extractUserAgentFromHeader = function (config, headers) {
         var _a;
-        var userAgent = ((_a = headers === null || headers === void 0 ? void 0 : headers.get(http_1.USER_AGENT_HEADER_NAME)) === null || _a === void 0 ? void 0 : _a[0]) || '';
+        var userAgent = ((_a = headers[http_1.USER_AGENT_HEADER_NAME]) === null || _a === void 0 ? void 0 : _a[0]) || '';
         if (userAgent.length > config.userAgentMaxLength) {
             userAgent = userAgent.substring(0, config.userAgentMaxLength);
         }
@@ -60,7 +60,7 @@ var ContextBase = /** @class */ (function () {
         var ip;
         config.ipHeaders.some(function (ipHeader) {
             var _a;
-            var headerValue = (_a = headers.get(ipHeader)) === null || _a === void 0 ? void 0 : _a[0];
+            var headerValue = (_a = headers[ipHeader]) === null || _a === void 0 ? void 0 : _a[0];
             if (headerValue) {
                 ip = headerValue;
                 return true;
@@ -80,13 +80,11 @@ var ContextBase = /** @class */ (function () {
         return (0, utils_1.isRouteInPatterns)(url.pathname, config.sensitiveRoutes);
     };
     ContextBase.prototype.isAllowedToBypassMonitor = function (config, requestData) {
-        var _a;
         return (config.bypassMonitorHeader &&
-            ((_a = requestData.headers.get(config.bypassMonitorHeader)) === null || _a === void 0 ? void 0 : _a[0]) === utils_1.BYPASS_MONITOR_HEADER_VALUE);
+            requestData.request.headers.get(config.bypassMonitorHeader) === utils_1.BYPASS_MONITOR_HEADER_VALUE);
     };
     ContextBase.prototype.setRiskTokenOnContext = function (config, options) {
-        var _a;
-        var mobileToken = (_a = this.requestData.headers.get(utils_1.X_PX_AUTHORIZATION_HEADER_NAME)) === null || _a === void 0 ? void 0 : _a[0];
+        var mobileToken = this.requestData.request.headers.get(utils_1.X_PX_AUTHORIZATION_HEADER_NAME);
         if (mobileToken) {
             this.setMobileTokenOnContext(config, mobileToken, options);
         }
@@ -95,11 +93,10 @@ var ContextBase = /** @class */ (function () {
         }
     };
     ContextBase.prototype.setMobileTokenOnContext = function (config, mobileToken, options) {
-        var _a, _b;
         this.tokenOrigin = risk_token_1.TokenOrigin.HEADER;
         this.riskToken = this.getMobileToken(config, mobileToken, options);
-        this.mobileData.originalToken = this.getMobileToken(config, (_a = this.requestData.headers.get(utils_1.X_PX_ORIGINAL_TOKEN_HEADER_NAME)) === null || _a === void 0 ? void 0 : _a[0], options);
-        this.mobileData.bypassReason = ((_b = this.requestData.headers.get(utils_1.X_PX_BYPASS_REASON_HEADER_NAME)) === null || _b === void 0 ? void 0 : _b[0]) || '';
+        this.mobileData.originalToken = this.getMobileToken(config, this.requestData.request.headers.get(utils_1.X_PX_ORIGINAL_TOKEN_HEADER_NAME), options);
+        this.mobileData.bypassReason = this.requestData.request.headers.get(utils_1.X_PX_BYPASS_REASON_HEADER_NAME) || '';
         if (!this.riskToken && /^\d+$/.test(mobileToken)) {
             this.mobileData.mobileError = mobileToken;
         }

package/lib/context/DefaultTokenV2Context.d.ts

@@ -1,13 +1,13 @@
 import { IConfiguration } from '../config';
-import { IHttpRequest } from '../http';
 import { IBotDefenderToken } from '../risk_token';
 import { IBase64Utils, IHashUtils } from '../utils';
 import { ContextBase, ContextBaseOptions } from './ContextBase';
+import { IIncomingRequest } from '../http/interfaces/IIncomingRequest';
 export declare type DefaultTokenV2ContextOptions = {
     base64Utils?: IBase64Utils;
     hashUtils?: IHashUtils;
 } & ContextBaseOptions;
 export declare class DefaultTokenV2Context extends ContextBase<DefaultTokenV2ContextOptions> {
-    constructor(config: IConfiguration, httpRequest: IHttpRequest, options?: DefaultTokenV2ContextOptions);
+    constructor(config: IConfiguration, httpRequest: IIncomingRequest, options?: DefaultTokenV2ContextOptions);
     protected createRiskToken(config: IConfiguration, cookies: Record<string, string>, options: DefaultTokenV2ContextOptions): IBotDefenderToken;
 }

package/lib/context/DefaultTokenV2Context.js

@@ -26,7 +26,7 @@ var DefaultTokenV2Context = /** @class */ (function (_super) {
     }
     DefaultTokenV2Context.prototype.createRiskToken = function (config, cookies, options) {
         if (cookies[risk_token_1.COOKIE_V2_NAME]) {
-            return new risk_token_1.DefaultBotDefenderTokenV2(config, cookies[risk_token_1.COOKIE_V2_NAME], (options === null || options === void 0 ? void 0 : options.base64Utils) || new utils_1.DefaultBase64Utils(), (options === null || options === void 0 ? void 0 : options.hashUtils) || new utils_1.DefaultHashUtils());
+            return new risk_token_1.DefaultBotDefenderTokenV2(config, cookies[risk_token_1.COOKIE_V2_NAME], (options === null || options === void 0 ? void 0 : options.base64Utils) || new utils_1.JSBase64Base64Utils(), (options === null || options === void 0 ? void 0 : options.hashUtils) || new utils_1.CryptoJSHmacUtils());
         }
         return null;
     };

package/lib/context/DefaultTokenV3Context.d.ts

@@ -1,13 +1,13 @@
 import { IConfiguration } from '../config';
-import { IHttpRequest } from '../http';
 import { IBotDefenderToken } from '../risk_token';
 import { IHashUtils, ICipherUtils } from '../utils';
 import { ContextBase, ContextBaseOptions } from './ContextBase';
+import { IIncomingRequest } from '../http/interfaces/IIncomingRequest';
 export declare type DefaultTokenV3ContextOptions = {
     cipherUtils: ICipherUtils;
     hashUtils?: IHashUtils;
 } & ContextBaseOptions;
 export declare class DefaultTokenV3Context extends ContextBase<DefaultTokenV3ContextOptions> {
-    constructor(config: IConfiguration, httpRequest: IHttpRequest, options: DefaultTokenV3ContextOptions);
+    constructor(config: IConfiguration, httpRequest: IIncomingRequest, options: DefaultTokenV3ContextOptions);
     protected createRiskToken(config: IConfiguration, cookies: Record<string, string>, options: DefaultTokenV3ContextOptions): IBotDefenderToken;
 }

package/lib/context/DefaultTokenV3Context.js

@@ -26,7 +26,7 @@ var DefaultTokenV3Context = /** @class */ (function (_super) {
     }
     DefaultTokenV3Context.prototype.createRiskToken = function (config, cookies, options) {
         if (cookies[risk_token_1.COOKIE_V3_NAME]) {
-            return new risk_token_1.DefaultBotDefenderTokenV3(config, cookies[risk_token_1.COOKIE_V3_NAME], options.cipherUtils, options.hashUtils || new utils_1.DefaultHashUtils());
+            return new risk_token_1.DefaultBotDefenderTokenV3(config, cookies[risk_token_1.COOKIE_V3_NAME], options.cipherUtils, options.hashUtils || new utils_1.CryptoJSHmacUtils());
         }
         return null;
     };

package/lib/context/IContext.d.ts

@@ -3,10 +3,12 @@ import { FilterReason } from '../filter';
 import { S2SCallReason, S2SErrorReason } from '../risk_api';
 import { PassReason, VidSource } from '../utils';
 import { BlockAction, BlockReason } from '../block_handler';
-import { HttpHeaders, HttpMethod, IHttpRequest } from '../http';
 import { CustomParameters } from '../custom_parameters';
 import { PXDE } from '../pxde';
-import { GraphQLData } from '../graphql/model/GraphQLData';
+import { GraphQLData } from '../graphql';
+import { HttpMethod } from '../http';
+import { ReadOnlyHeaders } from '../http';
+import { IIncomingRequest } from '../http/interfaces/IIncomingRequest';
 export declare type RequestData = {
     /**
      * The request URL.
@@ -20,7 +22,7 @@ export declare type RequestData = {
      * An object representing the request headers. The keys are the header names (all lowercase) and the values
      * are arrays of strings, with each string representing one value associated with the header name.
      */
-    headers: HttpHeaders;
+    headers: ReadOnlyHeaders;
     /**
      * An object representing the request cookies. The keys are the cookie
      * names and the values are the cookie values.
@@ -41,7 +43,7 @@ export declare type RequestData = {
     /**
      * An interface representing the original HTTP request.
      */
-    request: IHttpRequest;
+    request: IIncomingRequest;
     /**
      * The HTTP version used for the request (e.g., 0.9, 1.0, 1.1, 2.0).
      */

package/lib/custom_parameters/CustomParametersFunction.d.ts

@@ -1,4 +1,4 @@
-import { IHttpRequest } from '../http';
 import { ConfigurationParams } from '../config';
 import { CustomParameters } from './CustomParameters';
-export declare type CustomParametersFunction = (config: ConfigurationParams, httpRequest: IHttpRequest) => CustomParameters | Promise<CustomParameters>;
+import { IIncomingRequest } from '../http/interfaces/IIncomingRequest';
+export declare type CustomParametersFunction = (config: ConfigurationParams, httpRequest: IIncomingRequest) => CustomParameters | Promise<CustomParameters>;