perimeterx-js-core 0.30.0 → 0.30.1
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/lib/cjs/enforcer/utils.js +1 -3
- package/lib/cjs/products/credential_intelligence/CredentialIntelligence.js +32 -8
- package/lib/cjs/utils/constants.js +1 -1
- package/lib/esm/enforcer/utils.js +1 -3
- package/lib/esm/products/credential_intelligence/CredentialIntelligence.js +33 -8
- package/lib/esm/utils/constants.js +1 -1
- package/lib/types/products/credential_intelligence/CredentialIntelligence.d.ts +5 -1
- package/lib/types/utils/constants.d.ts +1 -1
- package/package.json +1 -1
|
@@ -66,9 +66,7 @@ var createEnforcerProducts = function (config, products, base64Utils, hashUtils,
|
|
|
66
66
|
var _a;
|
|
67
67
|
var botDefender = (products === null || products === void 0 ? void 0 : products.bd) || new products_1.BotDefender(config, { base64Utils: base64Utils, ipRangeChecker: ipRangeChecker, urlUtils: urlUtils });
|
|
68
68
|
var accountDefender = (products === null || products === void 0 ? void 0 : products.ad) || new products_1.AccountDefender(config, { base64Utils: base64Utils });
|
|
69
|
-
var credentialIntelligence = config
|
|
70
|
-
? (products === null || products === void 0 ? void 0 : products.ci) || new products_1.CredentialIntelligence(config, { hashUtils: hashUtils, urlUtils: urlUtils })
|
|
71
|
-
: undefined;
|
|
69
|
+
var credentialIntelligence = (products === null || products === void 0 ? void 0 : products.ci) || new products_1.CredentialIntelligence(config, { hashUtils: hashUtils, urlUtils: urlUtils });
|
|
72
70
|
var hypeSaleChallenge = (products === null || products === void 0 ? void 0 : products.hsc) || new products_1.HypeSaleChallenge(config, { base64Utils: base64Utils });
|
|
73
71
|
return _a = {},
|
|
74
72
|
_a[products_1.ProductName.BOT_DEFENDER] = botDefender,
|
|
@@ -55,7 +55,9 @@ var constants_1 = require("./constants.js");
|
|
|
55
55
|
var CredentialIntelligence = /** @class */ (function () {
|
|
56
56
|
function CredentialIntelligence(config, options) {
|
|
57
57
|
this.config = config;
|
|
58
|
-
this.
|
|
58
|
+
this.options = options;
|
|
59
|
+
this.remoteConfigVersion = config.remoteConfigVersion;
|
|
60
|
+
this.endpointManager = new endpoint_1.CredentialEndpointManager(this.initializeCredentialIntelligenceEndpoints(this.config, this.options));
|
|
59
61
|
}
|
|
60
62
|
CredentialIntelligence.prototype.enrichContextFromRequest = function (context) {
|
|
61
63
|
return __awaiter(this, void 0, void 0, function () {
|
|
@@ -63,6 +65,12 @@ var CredentialIntelligence = /** @class */ (function () {
|
|
|
63
65
|
return __generator(this, function (_a) {
|
|
64
66
|
switch (_a.label) {
|
|
65
67
|
case 0:
|
|
68
|
+
if (!this.config.ciEnabled) {
|
|
69
|
+
return [2 /*return*/, null];
|
|
70
|
+
}
|
|
71
|
+
if (this.shouldRefreshCredentialIntelligenceEndpoints()) {
|
|
72
|
+
this.refreshCredentialIntelligenceEndpoints();
|
|
73
|
+
}
|
|
66
74
|
endpointIndex = this.endpointManager.getEndpointIndex(context);
|
|
67
75
|
if (endpointIndex === -1) {
|
|
68
76
|
return [2 /*return*/, null];
|
|
@@ -159,14 +167,30 @@ var CredentialIntelligence = /** @class */ (function () {
|
|
|
159
167
|
request.headers.set(constants_1.ADDITIONAL_S2S_URL_HEADER_NAME, "".concat(this.config.backendCollectorUrl).concat(activities_1.ACTIVITIES_ENDPOINT));
|
|
160
168
|
};
|
|
161
169
|
CredentialIntelligence.prototype.initializeCredentialIntelligenceEndpoints = function (config, options) {
|
|
162
|
-
|
|
170
|
+
var _this = this;
|
|
171
|
+
return config.ciEndpoints
|
|
172
|
+
.map(function (endpointConfig) {
|
|
163
173
|
var _a;
|
|
164
|
-
|
|
165
|
-
|
|
166
|
-
|
|
167
|
-
|
|
168
|
-
|
|
169
|
-
|
|
174
|
+
try {
|
|
175
|
+
var matcher = endpoint_1.CredentialIntelligenceEndpointMatcherFactory.create(endpointConfig);
|
|
176
|
+
var extractor = endpoint_1.CredentialExtractorFactory.create(endpointConfig, options.urlUtils);
|
|
177
|
+
var protocol = endpoint_1.CredentialIntelligenceHashProtocolFactory.create(((_a = endpointConfig.protocol) !== null && _a !== void 0 ? _a : config.ciDefaultVersion), options.hashUtils);
|
|
178
|
+
var loginSuccessfulParser = endpoint_1.LoginSuccessfulParserFactory.create(config, endpointConfig);
|
|
179
|
+
return new endpoint_1.CredentialEndpoint(matcher, extractor, protocol, loginSuccessfulParser);
|
|
180
|
+
}
|
|
181
|
+
catch (error) {
|
|
182
|
+
_this.config.logger.error("caught error initializing credential intelligence endpoint: ".concat(error));
|
|
183
|
+
return null;
|
|
184
|
+
}
|
|
185
|
+
})
|
|
186
|
+
.filter(function (endpoint) { return endpoint !== null; });
|
|
187
|
+
};
|
|
188
|
+
CredentialIntelligence.prototype.shouldRefreshCredentialIntelligenceEndpoints = function () {
|
|
189
|
+
return this.remoteConfigVersion !== this.config.remoteConfigVersion;
|
|
190
|
+
};
|
|
191
|
+
CredentialIntelligence.prototype.refreshCredentialIntelligenceEndpoints = function () {
|
|
192
|
+
this.remoteConfigVersion = this.config.remoteConfigVersion;
|
|
193
|
+
this.endpointManager = new endpoint_1.CredentialEndpointManager(this.initializeCredentialIntelligenceEndpoints(this.config, this.options));
|
|
170
194
|
};
|
|
171
195
|
return CredentialIntelligence;
|
|
172
196
|
}());
|
|
@@ -15,4 +15,4 @@ exports.PUSH_DATA_FEATURE_HEADER_NAME = 'x-px-feature';
|
|
|
15
15
|
exports.EMAIL_ADDRESS_REGEX = /^[a-zA-Z0-9_+&*-]+(?:\.[a-zA-Z0-9_+&*-]+)*@(?:[a-zA-Z0-9-]+\.)+[a-zA-Z]{2,7}$/;
|
|
16
16
|
exports.URL_REGEX = /^(https?:)\/\/(([^@\s:\/]+):?([^@\s\/]*)@)?(([^:\/?#]*)(?:\:([0-9]+))?)(\/?[^?#]*)(\?[^#]*|)(#.*|)$/;
|
|
17
17
|
exports.REGEX_STRUCTURE = /^\/(.+?)\/([gimsuyvd]*)$/;
|
|
18
|
-
exports.CORE_MODULE_VERSION = 'JS Core 0.30.
|
|
18
|
+
exports.CORE_MODULE_VERSION = 'JS Core 0.30.1';
|
|
@@ -68,9 +68,7 @@ export const createEnforcerInitializationBlock = (config, options) => {
|
|
|
68
68
|
export const createEnforcerProducts = (config, products, base64Utils, hashUtils, urlUtils, ipRangeChecker) => {
|
|
69
69
|
const botDefender = products?.bd || new BotDefender(config, { base64Utils, ipRangeChecker, urlUtils });
|
|
70
70
|
const accountDefender = products?.ad || new AccountDefender(config, { base64Utils });
|
|
71
|
-
const credentialIntelligence = config
|
|
72
|
-
? products?.ci || new CredentialIntelligence(config, { hashUtils, urlUtils })
|
|
73
|
-
: undefined;
|
|
71
|
+
const credentialIntelligence = products?.ci || new CredentialIntelligence(config, { hashUtils, urlUtils });
|
|
74
72
|
const hypeSaleChallenge = products?.hsc || new HypeSaleChallenge(config, { base64Utils });
|
|
75
73
|
return {
|
|
76
74
|
[ProductName.BOT_DEFENDER]: botDefender,
|
|
@@ -4,12 +4,22 @@ import { CredentialEndpoint, CredentialEndpointManager, CredentialExtractorFacto
|
|
|
4
4
|
import { ADDITIONAL_S2S_ACTIVITY_HEADER_NAME, ADDITIONAL_S2S_URL_HEADER_NAME, COMPROMISED_CREDENTIALS_HEADER_VALUE, } from './constants.js';
|
|
5
5
|
export class CredentialIntelligence {
|
|
6
6
|
config;
|
|
7
|
+
options;
|
|
8
|
+
remoteConfigVersion;
|
|
7
9
|
endpointManager;
|
|
8
10
|
constructor(config, options) {
|
|
9
11
|
this.config = config;
|
|
10
|
-
this.
|
|
12
|
+
this.options = options;
|
|
13
|
+
this.remoteConfigVersion = config.remoteConfigVersion;
|
|
14
|
+
this.endpointManager = new CredentialEndpointManager(this.initializeCredentialIntelligenceEndpoints(this.config, this.options));
|
|
11
15
|
}
|
|
12
16
|
async enrichContextFromRequest(context) {
|
|
17
|
+
if (!this.config.ciEnabled) {
|
|
18
|
+
return null;
|
|
19
|
+
}
|
|
20
|
+
if (this.shouldRefreshCredentialIntelligenceEndpoints()) {
|
|
21
|
+
this.refreshCredentialIntelligenceEndpoints();
|
|
22
|
+
}
|
|
13
23
|
const endpointIndex = this.endpointManager.getEndpointIndex(context);
|
|
14
24
|
if (endpointIndex === -1) {
|
|
15
25
|
return null;
|
|
@@ -66,12 +76,27 @@ export class CredentialIntelligence {
|
|
|
66
76
|
request.headers.set(ADDITIONAL_S2S_URL_HEADER_NAME, `${this.config.backendCollectorUrl}${ACTIVITIES_ENDPOINT}`);
|
|
67
77
|
}
|
|
68
78
|
initializeCredentialIntelligenceEndpoints(config, options) {
|
|
69
|
-
return config.ciEndpoints
|
|
70
|
-
|
|
71
|
-
|
|
72
|
-
|
|
73
|
-
|
|
74
|
-
|
|
75
|
-
|
|
79
|
+
return config.ciEndpoints
|
|
80
|
+
.map((endpointConfig) => {
|
|
81
|
+
try {
|
|
82
|
+
const matcher = CredentialIntelligenceEndpointMatcherFactory.create(endpointConfig);
|
|
83
|
+
const extractor = CredentialExtractorFactory.create(endpointConfig, options.urlUtils);
|
|
84
|
+
const protocol = CredentialIntelligenceHashProtocolFactory.create((endpointConfig.protocol ?? config.ciDefaultVersion), options.hashUtils);
|
|
85
|
+
const loginSuccessfulParser = LoginSuccessfulParserFactory.create(config, endpointConfig);
|
|
86
|
+
return new CredentialEndpoint(matcher, extractor, protocol, loginSuccessfulParser);
|
|
87
|
+
}
|
|
88
|
+
catch (error) {
|
|
89
|
+
this.config.logger.error(`caught error initializing credential intelligence endpoint: ${error}`);
|
|
90
|
+
return null;
|
|
91
|
+
}
|
|
92
|
+
})
|
|
93
|
+
.filter((endpoint) => endpoint !== null);
|
|
94
|
+
}
|
|
95
|
+
shouldRefreshCredentialIntelligenceEndpoints() {
|
|
96
|
+
return this.remoteConfigVersion !== this.config.remoteConfigVersion;
|
|
97
|
+
}
|
|
98
|
+
refreshCredentialIntelligenceEndpoints() {
|
|
99
|
+
this.remoteConfigVersion = this.config.remoteConfigVersion;
|
|
100
|
+
this.endpointManager = new CredentialEndpointManager(this.initializeCredentialIntelligenceEndpoints(this.config, this.options));
|
|
76
101
|
}
|
|
77
102
|
}
|
|
@@ -12,4 +12,4 @@ export const PUSH_DATA_FEATURE_HEADER_NAME = 'x-px-feature';
|
|
|
12
12
|
export const EMAIL_ADDRESS_REGEX = /^[a-zA-Z0-9_+&*-]+(?:\.[a-zA-Z0-9_+&*-]+)*@(?:[a-zA-Z0-9-]+\.)+[a-zA-Z]{2,7}$/;
|
|
13
13
|
export const URL_REGEX = /^(https?:)\/\/(([^@\s:\/]+):?([^@\s\/]*)@)?(([^:\/?#]*)(?:\:([0-9]+))?)(\/?[^?#]*)(\?[^#]*|)(#.*|)$/;
|
|
14
14
|
export const REGEX_STRUCTURE = /^\/(.+?)\/([gimsuyvd]*)$/;
|
|
15
|
-
export const CORE_MODULE_VERSION = 'JS Core 0.30.
|
|
15
|
+
export const CORE_MODULE_VERSION = 'JS Core 0.30.1';
|
|
@@ -11,7 +11,9 @@ export type CredentialIntelligenceOptions = {
|
|
|
11
11
|
};
|
|
12
12
|
export declare class CredentialIntelligence<Req, Res, Added, Removed> implements ICredentialIntelligence<Req, Res> {
|
|
13
13
|
protected readonly config: IConfiguration<Req, Res, Added, Removed>;
|
|
14
|
-
protected readonly
|
|
14
|
+
protected readonly options: CredentialIntelligenceOptions;
|
|
15
|
+
protected remoteConfigVersion: number;
|
|
16
|
+
protected endpointManager: CredentialEndpointManager<Req, Res>;
|
|
15
17
|
constructor(config: IConfiguration<Req, Res, Added, Removed>, options: CredentialIntelligenceOptions);
|
|
16
18
|
enrichContextFromRequest(context: ReadonlyContext<Req, Res>): Promise<CredentialIntelligenceData | null>;
|
|
17
19
|
enrichContextFromRiskApi(context: ReadonlyContext<Req, Res>): Promise<Partial<CredentialIntelligenceData> | null>;
|
|
@@ -23,4 +25,6 @@ export declare class CredentialIntelligence<Req, Res, Added, Removed> implements
|
|
|
23
25
|
protected shouldSetAdditionalS2SActivityHeaders(): boolean;
|
|
24
26
|
protected setAdditionalS2SActivityHeaders(request: IIncomingRequest<Req>, context: ReadonlyContext<Req, Res>): void;
|
|
25
27
|
protected initializeCredentialIntelligenceEndpoints(config: IConfiguration<Req, Res, Added, Removed>, options: CredentialIntelligenceOptions): ICredentialEndpoint<Req, Res>[];
|
|
28
|
+
protected shouldRefreshCredentialIntelligenceEndpoints(): boolean;
|
|
29
|
+
protected refreshCredentialIntelligenceEndpoints(): void;
|
|
26
30
|
}
|
|
@@ -12,4 +12,4 @@ export declare const PUSH_DATA_FEATURE_HEADER_NAME = "x-px-feature";
|
|
|
12
12
|
export declare const EMAIL_ADDRESS_REGEX: RegExp;
|
|
13
13
|
export declare const URL_REGEX: RegExp;
|
|
14
14
|
export declare const REGEX_STRUCTURE: RegExp;
|
|
15
|
-
export declare const CORE_MODULE_VERSION = "JS Core 0.30.
|
|
15
|
+
export declare const CORE_MODULE_VERSION = "JS Core 0.30.1";
|