perimeterx-js-core 0.3.0 → 0.4.1

package/lib/http/interfaces/IIncomingRequest.d.ts

@@ -0,0 +1,23 @@
+import { HttpMethod } from '../utils';
+import { IBody } from './IBody';
+/**
+ * describes a request that comes from the end user.
+ */
+export interface IIncomingRequest extends IBody {
+    /**
+     * returns a url.
+     */
+    url: string;
+    /**
+     * returns the method.
+     */
+    readonly method: HttpMethod;
+    /**
+     * returns the request headers (for read usage).
+     */
+    readonly headers: Headers;
+    /**
+     * return the client ip or null.
+     */
+    readonly clientIP: string | null;
+}

package/lib/http/interfaces/IIncomingResponse.d.ts

@@ -0,0 +1,9 @@
+import { ReadOnlyHeaders } from './ReadOnlyHeaders';
+import { IBody } from './IBody';
+/**
+ * describes a response that is fetched from IHttpClient
+ */
+export interface IIncomingResponse extends IBody {
+    readonly status: number;
+    readonly headers: ReadOnlyHeaders;
+}

package/lib/http/interfaces/IMinimalResponse.d.ts

@@ -0,0 +1,6 @@
+import { ReadOnlyHeaders } from './ReadOnlyHeaders';
+export interface IMinimalResponse {
+    readonly headers: ReadOnlyHeaders;
+    readonly body: any;
+    readonly status: number;
+}

package/lib/http/interfaces/IOutgoingRequest.d.ts

@@ -0,0 +1,11 @@
+import { HttpMethod } from '../utils';
+import { ReadOnlyHeaders } from './ReadOnlyHeaders';
+/**
+ * describes a request that can be sent via IHttpClient.
+ */
+export interface IOutgoingRequest {
+    readonly url: string;
+    readonly method: HttpMethod;
+    readonly body: any;
+    readonly headers: ReadOnlyHeaders;
+}

package/lib/http/interfaces/IOutgoingRequest.js

@@ -0,0 +1,2 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });

package/lib/http/interfaces/IOutgoingResponse.d.ts

@@ -0,0 +1,17 @@
+/**
+ * Describes a response that is going to be returned to the end user.
+ */
+export interface IOutgoingResponse {
+    /**
+     * the status code, null if it cannot be fetched
+     */
+    readonly status: number | null;
+    /**
+     * the response headers (for read usage)
+     */
+    readonly headers: Headers | null;
+    /**
+     * the response body.
+     */
+    readonly body: any;
+}

package/lib/http/interfaces/IOutgoingResponse.js

@@ -0,0 +1,2 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });

package/lib/http/interfaces/ReadOnlyHeaders.d.ts

@@ -0,0 +1,3 @@
+export declare type ReadOnlyHeaders = Readonly<Record<string, string[]>>;
+export declare const toReadOnlyHeaders: (headers: Headers) => ReadOnlyHeaders;
+export declare const fromReadOnlyHeaders: (headers?: ReadOnlyHeaders) => Headers;

package/lib/http/interfaces/ReadOnlyHeaders.js

@@ -0,0 +1,25 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.fromReadOnlyHeaders = exports.toReadOnlyHeaders = void 0;
+var toReadOnlyHeaders = function (headers) {
+    var readonlyHeaders = {};
+    headers.forEach(function (headerValue, headerName) {
+        var current = readonlyHeaders[headerName] || [];
+        readonlyHeaders[headerName] = current.concat([headerValue]);
+    });
+    return readonlyHeaders;
+};
+exports.toReadOnlyHeaders = toReadOnlyHeaders;
+var fromReadOnlyHeaders = function (headers) {
+    if (!headers) {
+        return new Headers();
+    }
+    var init = Object.entries(headers)
+        .filter(function (e) { return (e === null || e === void 0 ? void 0 : e[0]) && (e === null || e === void 0 ? void 0 : e[1]); })
+        .flatMap(function (_a) {
+        var key = _a[0], values = _a[1];
+        return values.map(function (value) { return [key, value]; });
+    });
+    return new Headers(init);
+};
+exports.fromReadOnlyHeaders = fromReadOnlyHeaders;

package/lib/http/interfaces/index.d.ts

@@ -0,0 +1,8 @@
+export * from './ReadOnlyHeaders';
+export * from './IHttpClient';
+export * from './IIncomingResponse';
+export * from './IIncomingRequest';
+export * from './IMinimalResponse';
+export * from './IOutgoingRequest';
+export * from './IOutgoingResponse';
+export * from './IBody';

package/lib/http/interfaces/index.js

@@ -0,0 +1,24 @@
+"use strict";
+var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    var desc = Object.getOwnPropertyDescriptor(m, k);
+    if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
+      desc = { enumerable: true, get: function() { return m[k]; } };
+    }
+    Object.defineProperty(o, k2, desc);
+}) : (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    o[k2] = m[k];
+}));
+var __exportStar = (this && this.__exportStar) || function(m, exports) {
+    for (var p in m) if (p !== "default" && !Object.prototype.hasOwnProperty.call(exports, p)) __createBinding(exports, m, p);
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+__exportStar(require("./ReadOnlyHeaders"), exports);
+__exportStar(require("./IHttpClient"), exports);
+__exportStar(require("./IIncomingResponse"), exports);
+__exportStar(require("./IIncomingRequest"), exports);
+__exportStar(require("./IMinimalResponse"), exports);
+__exportStar(require("./IOutgoingRequest"), exports);
+__exportStar(require("./IOutgoingResponse"), exports);
+__exportStar(require("./IBody"), exports);

package/lib/http/utils/MinimalResponseUtils.d.ts

@@ -0,0 +1,4 @@
+import { IMinimalResponse } from '..';
+import { IIncomingResponse } from '..';
+export declare const appendHeader: (response: IMinimalResponse, name: string, value: string) => IMinimalResponse;
+export declare const from: (response: IIncomingResponse) => IMinimalResponse;

package/lib/http/utils/MinimalResponseUtils.js

@@ -0,0 +1,39 @@
+"use strict";
+var __assign = (this && this.__assign) || function () {
+    __assign = Object.assign || function(t) {
+        for (var s, i = 1, n = arguments.length; i < n; i++) {
+            s = arguments[i];
+            for (var p in s) if (Object.prototype.hasOwnProperty.call(s, p))
+                t[p] = s[p];
+        }
+        return t;
+    };
+    return __assign.apply(this, arguments);
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.from = exports.appendHeader = void 0;
+var __1 = require("..");
+var appendHeader = function (response, name, value) {
+    var body = response.body;
+    var statusCode = response.status;
+    var headers = response.headers;
+    var newHeaders = __assign({}, headers);
+    newHeaders[name] = (newHeaders[name] || []).concat([value]);
+    return new __1.MinimalResponseImpl({
+        body: body,
+        headers: newHeaders,
+        status: statusCode,
+    });
+};
+exports.appendHeader = appendHeader;
+var from = function (response) {
+    return new (/** @class */ (function () {
+        function class_1() {
+            this.body = response.body;
+            this.headers = response.headers;
+            this.status = response.status;
+        }
+        return class_1;
+    }()))();
+};
+exports.from = from;

package/lib/http/utils/index.d.ts

@@ -1,5 +1,3 @@
-export { HttpMethod } from './HttpMethod';
 export { ContentType } from './ContentType';
-export { HttpHeaders, HttpHeadersInit } from './HttpHeaders';
-export { HttpBody } from './HttpBody';
 export * from './constants';
+export * from './HttpMethod';

package/lib/http/utils/index.js

@@ -14,11 +14,8 @@ var __exportStar = (this && this.__exportStar) || function(m, exports) {
     for (var p in m) if (p !== "default" && !Object.prototype.hasOwnProperty.call(exports, p)) __createBinding(exports, m, p);
 };
 Object.defineProperty(exports, "__esModule", { value: true });
-exports.HttpHeaders = exports.ContentType = exports.HttpMethod = void 0;
-var HttpMethod_1 = require("./HttpMethod");
-Object.defineProperty(exports, "HttpMethod", { enumerable: true, get: function () { return HttpMethod_1.HttpMethod; } });
+exports.ContentType = void 0;
 var ContentType_1 = require("./ContentType");
 Object.defineProperty(exports, "ContentType", { enumerable: true, get: function () { return ContentType_1.ContentType; } });
-var HttpHeaders_1 = require("./HttpHeaders");
-Object.defineProperty(exports, "HttpHeaders", { enumerable: true, get: function () { return HttpHeaders_1.HttpHeaders; } });
 __exportStar(require("./constants"), exports);
+__exportStar(require("./HttpMethod"), exports);

package/lib/pxde/IDataEnrichment.d.ts

@@ -1,4 +1,4 @@
-import { IContext } from '../context/IContext';
+import { IContext } from '../context';
 export interface IDataEnrichment {
     /**
      * If the PXDE cookie is present on the request, parses it and enriches the context with its contents.

package/lib/pxhd/PXHDUtils.d.ts

@@ -1,8 +1,11 @@
-import { IHttpResponse } from '../http';
 import { IContext } from '../context';
+import { IOutgoingResponse } from '../http';
+import { IMinimalResponse } from '../http';
 export declare namespace PXHDUtils {
     const PXHD_SAMESITE_VALUE = "Lax";
     const PXHD_PATH_VALUE = "/";
-    const addPxhdToResponse: (context: IContext, httpResponse: IHttpResponse) => IHttpResponse;
+    const addPxhdToResponse: (context: IContext, httpResponse: IMinimalResponse) => IMinimalResponse;
+    const addPxhdToOutgoingResponse: (context: IContext, response: IOutgoingResponse) => void;
+    const addPxhdToMinimalResponse: (context: IContext, response: IMinimalResponse) => IMinimalResponse;
     const getPxhdCookieValue: (pxhdValue: string) => string;
 }

package/lib/pxhd/PXHDUtils.js

@@ -1,8 +1,9 @@
 "use strict";
 Object.defineProperty(exports, "__esModule", { value: true });
 exports.PXHDUtils = void 0;
-var http_1 = require("../http");
 var utils_1 = require("../utils");
+var http_1 = require("../http");
+var MinimalResponseUtils_1 = require("../http/utils/MinimalResponseUtils");
 var PXHDUtils;
 (function (PXHDUtils) {
     PXHDUtils.PXHD_SAMESITE_VALUE = 'Lax';
@@ -10,10 +11,24 @@ var PXHDUtils;
     PXHDUtils.addPxhdToResponse = function (context, httpResponse) {
         if (context === null || context === void 0 ? void 0 : context.pxhd) {
             var setPxhdCookie = PXHDUtils.getPxhdCookieValue(context.pxhd);
-            httpResponse.headers.append(http_1.SET_COOKIE_HEADER_NAME, setPxhdCookie);
+            return (0, MinimalResponseUtils_1.appendHeader)(httpResponse, http_1.SET_COOKIE_HEADER_NAME, setPxhdCookie);
         }
         return httpResponse;
     };
+    PXHDUtils.addPxhdToOutgoingResponse = function (context, response) {
+        if (!(context === null || context === void 0 ? void 0 : context.pxhd)) {
+            return;
+        }
+        var setPxhdCookie = PXHDUtils.getPxhdCookieValue(context.pxhd);
+        response.headers.append(http_1.SET_COOKIE_HEADER_NAME, setPxhdCookie);
+    };
+    PXHDUtils.addPxhdToMinimalResponse = function (context, response) {
+        if (context === null || context === void 0 ? void 0 : context.pxhd) {
+            var setPxhdCookie = PXHDUtils.getPxhdCookieValue(context.pxhd);
+            return (0, MinimalResponseUtils_1.appendHeader)(response, http_1.SET_COOKIE_HEADER_NAME, setPxhdCookie);
+        }
+        return response;
+    };
     PXHDUtils.getPxhdCookieValue = function (pxhdValue) {
         return "".concat(utils_1.PXHD_COOKIE_NAME, "=").concat(pxhdValue, "; path=").concat(PXHDUtils.PXHD_PATH_VALUE, "; SameSite=").concat(PXHDUtils.PXHD_SAMESITE_VALUE);
     };

package/lib/risk_api/PostRiskApiClient.d.ts

@@ -1,11 +1,12 @@
 import { IContext } from '../context';
 import { IConfiguration } from '../config';
 import { RiskActivity } from './model/RiskActivity';
-import { IHttpClient, IHttpResponse } from '../http';
 import { IScoreRetriever } from '../utils';
 import { IRiskResponseHandler } from './risk_response_handler/IRiskResponseHandler';
 import { RiskResponseV2 } from './model/RiskResponseV2';
 import { RiskResponseV3 } from './model/RiskResponseV3';
+import { IHttpClient } from '../http';
+import { IIncomingResponse } from '../http';
 export declare class PostRiskApiClient<RiskResponseType extends RiskResponseV2 | RiskResponseV3> implements IScoreRetriever {
     private readonly config;
     private readonly httpClient;
@@ -35,7 +36,7 @@ export declare class PostRiskApiClient<RiskResponseType extends RiskResponseV2 |
     private addCustomParamsToAdditional;
     private addCookieRiskFieldsToAdditional;
     private formatRiskHeadersField;
-    protected sendRiskActivity(context: IContext, riskActivity: RiskActivity): Promise<IHttpResponse>;
+    protected sendRiskActivity(context: IContext, riskActivity: RiskActivity): Promise<IIncomingResponse>;
     private getRiskUrl;
     private getRiskHeaders;
     private handleS2STimeout;

package/lib/risk_api/PostRiskApiClient.js

@@ -43,6 +43,8 @@ var utils_1 = require("../utils");
 var S2SCallReason_1 = require("./S2SCallReason");
 var S2SErrorHandler_1 = require("./S2SErrorHandler");
 var constants_1 = require("./constants");
+var http_2 = require("../http");
+var http_3 = require("../http");
 var PostRiskApiClient = /** @class */ (function () {
     function PostRiskApiClient(config, httpClient, riskResponseHandler) {
         this.config = config;
@@ -94,7 +96,7 @@ var PostRiskApiClient = /** @class */ (function () {
                     case 2:
                         _a.sent();
                         return [2 /*return*/, false];
-                    case 3: return [4 /*yield*/, response.readBody()];
+                    case 3: return [4 /*yield*/, response.json()];
                     case 4:
                         riskResponse = (_a.sent());
                         return [4 /*yield*/, this.riskResponseHandler.handleRiskResponse(context, response, riskResponse)];
@@ -208,13 +210,14 @@ var PostRiskApiClient = /** @class */ (function () {
         }
     };
     PostRiskApiClient.prototype.formatRiskHeadersField = function (headers) {
-        var headerEntries = [];
-        (0, utils_1.removeSensitiveHeaders)(headers, this.config.sensitiveHeaders).forEach(function (values, name) {
-            values.forEach(function (value) {
-                headerEntries.push({ name: name, value: value });
-            });
+        var headersWithoutSensitive = (0, utils_1.removeSensitiveHeaders)(headers, this.config.sensitiveHeaders);
+        return Object.entries(headersWithoutSensitive).flatMap(function (_a) {
+            var key = _a[0], values = _a[1];
+            return values.map(function (value) { return ({
+                name: key,
+                value: value,
+            }); });
         });
-        return headerEntries;
     };
     PostRiskApiClient.prototype.sendRiskActivity = function (context, riskActivity) {
         return __awaiter(this, void 0, void 0, function () {
@@ -225,8 +228,8 @@ var PostRiskApiClient = /** @class */ (function () {
                         url = this.getRiskUrl();
                         headers = this.getRiskHeaders();
                         body = JSON.stringify(riskActivity);
-                        method = http_1.HttpMethod.POST;
-                        riskRequest = new http_1.DefaultHttpRequest(url, { headers: headers, method: method, body: body });
+                        method = http_2.HttpMethod.POST;
+                        riskRequest = new http_3.OutgoingRequestImpl({ url: url, method: method, headers: headers, body: body });
                         this.config.logger.debug("sending risk api to ".concat(url));
                         startTime = Date.now();
                         return [4 /*yield*/, this.httpClient.send(riskRequest, { timeoutMs: this.config.s2sTimeout })];
@@ -245,10 +248,10 @@ var PostRiskApiClient = /** @class */ (function () {
     };
     PostRiskApiClient.prototype.getRiskHeaders = function () {
         var _a;
-        return new http_1.HttpHeaders((_a = {},
+        return _a = {},
             _a[http_1.CONTENT_TYPE_HEADER_NAME] = [http_1.ContentType.APPLICATION_JSON],
             _a[http_1.AUTHORIZATION_HEADER_NAME] = [(0, utils_1.getAuthorizationHeader)(this.config.authToken)],
-            _a));
+            _a;
     };
     PostRiskApiClient.prototype.handleS2STimeout = function (context) {
         context.passReason = utils_1.PassReason.S2S_TIMEOUT;

package/lib/risk_api/S2SErrorHandler.d.ts

@@ -1,9 +1,9 @@
 import { IContext } from '../context';
-import { IHttpResponse } from '../http';
 import { RiskResponseV2 } from './model/RiskResponseV2';
 import { RiskResponseV3 } from './model/RiskResponseV3';
+import { IIncomingResponse } from '../http';
 export declare class S2SErrorHandler {
-    handleS2SError(context: IContext, response?: IHttpResponse, responseBody?: RiskResponseV2 | RiskResponseV3, error?: Error): Promise<void>;
+    handleS2SError(context: IContext, response?: IIncomingResponse, responseBody?: RiskResponseV2 | RiskResponseV3, error?: Error): Promise<void>;
     private enrichS2SErrorWithResponse;
     private enrichS2SErrorWithError;
 }

package/lib/risk_api/S2SErrorHandler.js

@@ -75,7 +75,7 @@ var S2SErrorHandler = /** @class */ (function () {
                         if (!responseBody) return [3 /*break*/, 1];
                         _b = JSON.stringify(responseBody);
                         return [3 /*break*/, 3];
-                    case 1: return [4 /*yield*/, response.readBody()];
+                    case 1: return [4 /*yield*/, response.text()];
                     case 2:
                         _b = _c.sent();
                         _c.label = 3;

package/lib/risk_api/risk_response_handler/IRiskResponseHandler.d.ts

@@ -1,5 +1,5 @@
 import { IContext } from '../../context';
-import { IHttpResponse } from '../../http';
+import { IIncomingResponse } from '../../http';
 export interface IRiskResponseHandler<RiskResponseType> {
-    handleRiskResponse(context: IContext, response: IHttpResponse, riskResponse: RiskResponseType): Promise<void>;
+    handleRiskResponse(context: IContext, response: IIncomingResponse, riskResponse: RiskResponseType): Promise<void>;
 }

package/lib/risk_api/risk_response_handler/RiskResponseHandlerBase.d.ts

@@ -1,16 +1,16 @@
 import { IConfiguration } from '../../config';
 import { IContext } from '../../context';
-import { IHttpResponse } from '../../http';
 import { IRiskResponseHandler } from './IRiskResponseHandler';
 import { RiskResponseV2 } from '../model/RiskResponseV2';
 import { RiskResponseV3 } from '../model/RiskResponseV3';
+import { IIncomingResponse } from '../../http';
 export declare abstract class RiskResponseHandlerBase<RiskResponseType extends RiskResponseV2 | RiskResponseV3> implements IRiskResponseHandler<RiskResponseType> {
     protected readonly config: IConfiguration;
     protected abstract isRiskResponseValid(riskResponse: RiskResponseType): boolean;
     protected abstract extractScoreFromRiskResponse(riskResponse: RiskResponseType): number;
     protected abstract setRiskResponseContextFields(context: IContext, riskResponse: RiskResponseType): void;
     protected constructor(config: IConfiguration);
-    handleRiskResponse(context: IContext, response: IHttpResponse, riskResponse: RiskResponseType): Promise<void>;
+    handleRiskResponse(context: IContext, response: IIncomingResponse, riskResponse: RiskResponseType): Promise<void>;
     protected handleValidRiskResponse(context: IContext, riskResponse: RiskResponseType): void;
     protected shouldBlock(score: number): boolean;
 }

package/lib/risk_token/token/v2/DefaultBotDefenderTokenV2.js

@@ -84,7 +84,7 @@ var DefaultBotDefenderTokenV2 = /** @class */ (function (_super) {
     };
     DefaultBotDefenderTokenV2.prototype.validate = function (context) {
         return __awaiter(this, void 0, void 0, function () {
-            var signingFields, passHmac, blockHmac;
+            var signingFields, passHmac, blockHmac, e_1;
             return __generator(this, function (_a) {
                 switch (_a.label) {
                     case 0:
@@ -94,22 +94,30 @@ var DefaultBotDefenderTokenV2 = /** @class */ (function (_super) {
                             !this.payload.h) {
                             return [2 /*return*/, false];
                         }
+                        _a.label = 1;
+                    case 1:
+                        _a.trys.push([1, 4, , 5]);
                         signingFields = this.getSigningFields(context);
                         return [4 /*yield*/, this.calculateHmac(this.getHashParam('0', signingFields))];
-                    case 1:
+                    case 2:
                         passHmac = _a.sent();
                         if (passHmac === this.payload.h) {
                             this.isHighRisk = false;
                             return [2 /*return*/, true];
                         }
                         return [4 /*yield*/, this.calculateHmac(this.getHashParam('1', signingFields))];
-                    case 2:
+                    case 3:
                         blockHmac = _a.sent();
                         if (blockHmac === this.payload.h) {
                             this.isHighRisk = true;
                             return [2 /*return*/, true];
                         }
-                        return [2 /*return*/, false];
+                        return [3 /*break*/, 5];
+                    case 4:
+                        e_1 = _a.sent();
+                        this.logger.debug("cookie v2 validation caught error: ".concat(e_1));
+                        return [3 /*break*/, 5];
+                    case 5: return [2 /*return*/, false];
                 }
             });
         });

package/lib/telemetry/DefaultTelemetry.d.ts

@@ -1,8 +1,8 @@
 import { IConfiguration } from '../config';
 import { IContext } from '../context';
-import { IHttpClient } from '../http';
 import { IBase64Utils, IHashUtils } from '../utils';
 import { ITelemetry } from './ITelemetry';
+import { IHttpClient } from '..';
 export declare class DefaultTelemetry implements ITelemetry {
     private readonly config;
     private readonly httpClient;
@@ -13,6 +13,7 @@ export declare class DefaultTelemetry implements ITelemetry {
     sendTelemetry(context: IContext): Promise<void>;
     private getTelemetryHeader;
     private isTelemetryHeaderValid;
+    private isTelemetryHmacValid;
     private sendTelemetryActivity;
     private createTelemetryRequest;
     private createTelemetryActivity;

package/lib/telemetry/DefaultTelemetry.js

@@ -41,6 +41,8 @@ var http_1 = require("../http");
 var activities_1 = require("../activities");
 var utils_1 = require("../utils");
 var constants_1 = require("./constants");
+var __1 = require("..");
+var __2 = require("..");
 var DefaultTelemetry = /** @class */ (function () {
     function DefaultTelemetry(config, httpClient, base64Utils, hashUtils) {
         this.config = config;
@@ -93,12 +95,11 @@ var DefaultTelemetry = /** @class */ (function () {
         });
     };
     DefaultTelemetry.prototype.getTelemetryHeader = function (context) {
-        var _a;
-        return ((_a = context.requestData.headers.get(constants_1.TELEMETRY_HEADER_NAME)) === null || _a === void 0 ? void 0 : _a[0]) || '';
+        return context.requestData.request.headers.get(constants_1.TELEMETRY_HEADER_NAME) || '';
     };
     DefaultTelemetry.prototype.isTelemetryHeaderValid = function (headerValue) {
         return __awaiter(this, void 0, void 0, function () {
-            var decodedValue, splitValue, timestamp, givenHmac, calculatedHmac, curUnixTime, timestampNumber;
+            var decodedValue, splitValue, timestamp, givenHmac, curUnixTime, timestampNumber;
             return __generator(this, function (_a) {
                 this.config.logger.debug('received command to send enforcer telemetry');
                 decodedValue = this.base64Utils.base64Decode(headerValue);
@@ -109,8 +110,7 @@ var DefaultTelemetry = /** @class */ (function () {
                 }
                 timestamp = splitValue[constants_1.TELEMETRY_HEADER_TIMESTAMP_INDEX];
                 givenHmac = splitValue[constants_1.TELEMETRY_HEADER_HMAC_INDEX];
-                calculatedHmac = this.hashUtils.createHmac(utils_1.Algorithm.SHA256, timestamp, this.config.cookieSecret);
-                if (givenHmac !== calculatedHmac) {
+                if (!this.isTelemetryHmacValid(givenHmac, timestamp)) {
                     this.config.logger.debug("".concat(constants_1.TELEMETRY_HEADER_NAME, " hmac validation failed. original hmac: ").concat(givenHmac, ", timestamp: ").concat(timestamp, "."));
                     return [2 /*return*/, false];
                 }
@@ -124,6 +124,15 @@ var DefaultTelemetry = /** @class */ (function () {
             });
         });
     };
+    DefaultTelemetry.prototype.isTelemetryHmacValid = function (givenHmac, timestamp) {
+        try {
+            return givenHmac === this.hashUtils.createHmac(utils_1.Algorithm.SHA256, timestamp, this.config.cookieSecret);
+        }
+        catch (e) {
+            this.config.logger.debug("caught error validating telemetry hmac: ".concat(e));
+            return false;
+        }
+    };
     DefaultTelemetry.prototype.sendTelemetryActivity = function (context) {
         return __awaiter(this, void 0, void 0, function () {
             var telemetryRequest;
@@ -143,13 +152,13 @@ var DefaultTelemetry = /** @class */ (function () {
     DefaultTelemetry.prototype.createTelemetryRequest = function (context) {
         var _a;
         var url = "".concat(this.config.backendScoreApiUrl).concat(constants_1.TELEMETRY_ENDPOINT);
-        var method = http_1.HttpMethod.POST;
+        var method = __1.HttpMethod.POST;
         var headers = (_a = {},
             _a[http_1.CONTENT_TYPE_HEADER_NAME] = [http_1.ContentType.APPLICATION_JSON],
             _a[http_1.AUTHORIZATION_HEADER_NAME] = [(0, utils_1.getAuthorizationHeader)(this.config.authToken)],
             _a);
         var activity = this.createTelemetryActivity(context);
-        return new http_1.DefaultHttpRequest(url, { method: method, headers: headers, body: JSON.stringify(activity) });
+        return new __2.OutgoingRequestImpl({ url: url, method: method, headers: headers, body: JSON.stringify(activity) });
     };
     DefaultTelemetry.prototype.createTelemetryActivity = function (context) {
         var SENSITIVE_CONFIG_FIELDS = ['px_auth_token', 'px_cookie_secret'];

package/lib/utils/IScoreRetriever.d.ts

@@ -1,4 +1,4 @@
-import { IContext } from '../context/IContext';
+import { IContext } from '../context';
 export interface IScoreRetriever {
     /**
      * @param context - The request context.

package/lib/utils/base64/{DefaultBase64Utils.d.ts → AtobBase64Utils.d.ts}

@@ -1,5 +1,5 @@
 import { IBase64Utils } from './IBase64Utils';
-export declare class DefaultBase64Utils implements IBase64Utils {
-    base64Encode(stringToEncode: string): string;
+export declare class AtobBase64Utils implements IBase64Utils {
     base64Decode(stringToDecode: string): string;
+    base64Encode(stringToEncode: string): string;
 }

package/lib/utils/base64/AtobBase64Utils.js

@@ -0,0 +1,15 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.AtobBase64Utils = void 0;
+var AtobBase64Utils = /** @class */ (function () {
+    function AtobBase64Utils() {
+    }
+    AtobBase64Utils.prototype.base64Decode = function (stringToDecode) {
+        return atob(stringToDecode);
+    };
+    AtobBase64Utils.prototype.base64Encode = function (stringToEncode) {
+        return btoa(stringToEncode);
+    };
+    return AtobBase64Utils;
+}());
+exports.AtobBase64Utils = AtobBase64Utils;

package/lib/utils/base64/BufferBase64Utils.d.ts

@@ -0,0 +1,6 @@
+import { IBase64Utils } from './IBase64Utils';
+export declare class BufferBase64Utils implements IBase64Utils {
+    static BASE_64_ENCODING: 'base64';
+    base64Decode(stringToDecode: string): string;
+    base64Encode(stringToEncode: string): string;
+}

package/lib/utils/base64/BufferBase64Utils.js

@@ -0,0 +1,18 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.BufferBase64Utils = void 0;
+var BufferBase64Utils = /** @class */ (function () {
+    function BufferBase64Utils() {
+    }
+    BufferBase64Utils.prototype.base64Decode = function (stringToDecode) {
+        var buffer = Buffer.from(stringToDecode, BufferBase64Utils.BASE_64_ENCODING);
+        return buffer.toString();
+    };
+    BufferBase64Utils.prototype.base64Encode = function (stringToEncode) {
+        var buffer = Buffer.from(stringToEncode);
+        return buffer.toString(BufferBase64Utils.BASE_64_ENCODING);
+    };
+    BufferBase64Utils.BASE_64_ENCODING = 'base64';
+    return BufferBase64Utils;
+}());
+exports.BufferBase64Utils = BufferBase64Utils;

package/lib/utils/base64/JSBase64Base64Utils.d.ts

@@ -0,0 +1,5 @@
+import { IBase64Utils } from './IBase64Utils';
+export declare class JSBase64Base64Utils implements IBase64Utils {
+    base64Encode(stringToEncode: string): string;
+    base64Decode(stringToDecode: string): string;
+}

package/lib/utils/base64/JSBase64Base64Utils.js

@@ -0,0 +1,16 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.JSBase64Base64Utils = void 0;
+var js_base64_1 = require("js-base64");
+var JSBase64Base64Utils = /** @class */ (function () {
+    function JSBase64Base64Utils() {
+    }
+    JSBase64Base64Utils.prototype.base64Encode = function (stringToEncode) {
+        return (0, js_base64_1.encode)(stringToEncode);
+    };
+    JSBase64Base64Utils.prototype.base64Decode = function (stringToDecode) {
+        return (0, js_base64_1.decode)(stringToDecode);
+    };
+    return JSBase64Base64Utils;
+}());
+exports.JSBase64Base64Utils = JSBase64Base64Utils;

package/lib/utils/base64/index.d.ts

@@ -1,2 +1,4 @@
-export { IBase64Utils } from './IBase64Utils';
-export { DefaultBase64Utils } from './DefaultBase64Utils';
+export * from './IBase64Utils';
+export * from './JSBase64Base64Utils';
+export * from './BufferBase64Utils';
+export * from './AtobBase64Utils';