perimeterx-js-core 0.30.0 → 0.31.0

package/lib/cjs/config/ConfigurationBase.js

@@ -775,6 +775,13 @@ var ConfigurationBase = /** @class */ (function () {
         enumerable: false,
         configurable: true
     });
+    Object.defineProperty(ConfigurationBase.prototype, "dataEnrichmentHeaderName", {
+        get: function () {
+            return this.configParams.px_data_enrichment_header_name;
+        },
+        enumerable: false,
+        configurable: true
+    });
     Object.defineProperty(ConfigurationBase.prototype, "enableBlockedUrlOnCaptchaBlockPage", {
         get: function () {
             return true;

package/lib/cjs/config/defaults/DefaultConfigurationParams.js

@@ -132,6 +132,7 @@ var defaultConfigurationParams = function () { return ({
     px_remote_config_retry_interval_ms: 1000,
     px_url_decode_reserved_characters: false,
     px_secured_pxhd_enabled: false,
+    px_data_enrichment_header_name: '',
     px_snippet_injection_enabled: false,
     px_create_custom_snippet: null,
     px_custom_is_sensitive_request: null,

package/lib/cjs/enforcer/utils.js

@@ -66,9 +66,7 @@ var createEnforcerProducts = function (config, products, base64Utils, hashUtils,
     var _a;
     var botDefender = (products === null || products === void 0 ? void 0 : products.bd) || new products_1.BotDefender(config, { base64Utils: base64Utils, ipRangeChecker: ipRangeChecker, urlUtils: urlUtils });
     var accountDefender = (products === null || products === void 0 ? void 0 : products.ad) || new products_1.AccountDefender(config, { base64Utils: base64Utils });
-    var credentialIntelligence = config.ciEnabled
-        ? (products === null || products === void 0 ? void 0 : products.ci) || new products_1.CredentialIntelligence(config, { hashUtils: hashUtils, urlUtils: urlUtils })
-        : undefined;
+    var credentialIntelligence = (products === null || products === void 0 ? void 0 : products.ci) || new products_1.CredentialIntelligence(config, { hashUtils: hashUtils, urlUtils: urlUtils });
     var hypeSaleChallenge = (products === null || products === void 0 ? void 0 : products.hsc) || new products_1.HypeSaleChallenge(config, { base64Utils: base64Utils });
     return _a = {},
         _a[products_1.ProductName.BOT_DEFENDER] = botDefender,

package/lib/cjs/products/bot_defender/BotDefender.js

@@ -189,9 +189,17 @@ var BotDefender = /** @class */ (function () {
     BotDefender.prototype.createBlockResponse = function (context) {
         return this.blocker.createBlockResponse(context);
     };
-    BotDefender.prototype.modifyIncomingRequest = function (_context) {
+    BotDefender.prototype.modifyIncomingRequest = function (context) {
         return __awaiter(this, void 0, void 0, function () {
             return __generator(this, function (_a) {
+                if (this.config.dataEnrichmentHeaderName && context.pxde && context.pxdeVerified) {
+                    try {
+                        context.requestData.request.headers.set(this.config.dataEnrichmentHeaderName, JSON.stringify(context.pxde));
+                    }
+                    catch (err) {
+                        context.logger.debug("unable to set data enrichment header: ".concat(err));
+                    }
+                }
                 return [2 /*return*/];
             });
         });

package/lib/cjs/products/credential_intelligence/CredentialIntelligence.js

@@ -55,7 +55,9 @@ var constants_1 = require("./constants.js");
 var CredentialIntelligence = /** @class */ (function () {
     function CredentialIntelligence(config, options) {
         this.config = config;
-        this.endpointManager = new endpoint_1.CredentialEndpointManager(this.initializeCredentialIntelligenceEndpoints(config, options));
+        this.options = options;
+        this.remoteConfigVersion = config.remoteConfigVersion;
+        this.endpointManager = new endpoint_1.CredentialEndpointManager(this.initializeCredentialIntelligenceEndpoints(this.config, this.options));
     }
     CredentialIntelligence.prototype.enrichContextFromRequest = function (context) {
         return __awaiter(this, void 0, void 0, function () {
@@ -63,6 +65,12 @@ var CredentialIntelligence = /** @class */ (function () {
             return __generator(this, function (_a) {
                 switch (_a.label) {
                     case 0:
+                        if (!this.config.ciEnabled) {
+                            return [2 /*return*/, null];
+                        }
+                        if (this.shouldRefreshCredentialIntelligenceEndpoints()) {
+                            this.refreshCredentialIntelligenceEndpoints();
+                        }
                         endpointIndex = this.endpointManager.getEndpointIndex(context);
                         if (endpointIndex === -1) {
                             return [2 /*return*/, null];
@@ -159,14 +167,30 @@ var CredentialIntelligence = /** @class */ (function () {
         request.headers.set(constants_1.ADDITIONAL_S2S_URL_HEADER_NAME, "".concat(this.config.backendCollectorUrl).concat(activities_1.ACTIVITIES_ENDPOINT));
     };
     CredentialIntelligence.prototype.initializeCredentialIntelligenceEndpoints = function (config, options) {
-        return config.ciEndpoints.map(function (endpointConfig) {
+        var _this = this;
+        return config.ciEndpoints
+            .map(function (endpointConfig) {
             var _a;
-            var matcher = endpoint_1.CredentialIntelligenceEndpointMatcherFactory.create(endpointConfig);
-            var extractor = endpoint_1.CredentialExtractorFactory.create(endpointConfig, options.urlUtils);
-            var protocol = endpoint_1.CredentialIntelligenceHashProtocolFactory.create(((_a = endpointConfig.protocol) !== null && _a !== void 0 ? _a : config.ciDefaultVersion), options.hashUtils);
-            var loginSuccessfulParser = endpoint_1.LoginSuccessfulParserFactory.create(config, endpointConfig);
-            return new endpoint_1.CredentialEndpoint(matcher, extractor, protocol, loginSuccessfulParser);
-        });
+            try {
+                var matcher = endpoint_1.CredentialIntelligenceEndpointMatcherFactory.create(endpointConfig);
+                var extractor = endpoint_1.CredentialExtractorFactory.create(endpointConfig, options.urlUtils);
+                var protocol = endpoint_1.CredentialIntelligenceHashProtocolFactory.create(((_a = endpointConfig.protocol) !== null && _a !== void 0 ? _a : config.ciDefaultVersion), options.hashUtils);
+                var loginSuccessfulParser = endpoint_1.LoginSuccessfulParserFactory.create(config, endpointConfig);
+                return new endpoint_1.CredentialEndpoint(matcher, extractor, protocol, loginSuccessfulParser);
+            }
+            catch (error) {
+                _this.config.logger.error("caught error initializing credential intelligence endpoint: ".concat(error));
+                return null;
+            }
+        })
+            .filter(function (endpoint) { return endpoint !== null; });
+    };
+    CredentialIntelligence.prototype.shouldRefreshCredentialIntelligenceEndpoints = function () {
+        return this.remoteConfigVersion !== this.config.remoteConfigVersion;
+    };
+    CredentialIntelligence.prototype.refreshCredentialIntelligenceEndpoints = function () {
+        this.remoteConfigVersion = this.config.remoteConfigVersion;
+        this.endpointManager = new endpoint_1.CredentialEndpointManager(this.initializeCredentialIntelligenceEndpoints(this.config, this.options));
     };
     return CredentialIntelligence;
 }());

package/lib/cjs/utils/constants.js

@@ -15,4 +15,4 @@ exports.PUSH_DATA_FEATURE_HEADER_NAME = 'x-px-feature';
 exports.EMAIL_ADDRESS_REGEX = /^[a-zA-Z0-9_+&*-]+(?:\.[a-zA-Z0-9_+&*-]+)*@(?:[a-zA-Z0-9-]+\.)+[a-zA-Z]{2,7}$/;
 exports.URL_REGEX = /^(https?:)\/\/(([^@\s:\/]+):?([^@\s\/]*)@)?(([^:\/?#]*)(?:\:([0-9]+))?)(\/?[^?#]*)(\?[^#]*|)(#.*|)$/;
 exports.REGEX_STRUCTURE = /^\/(.+?)\/([gimsuyvd]*)$/;
-exports.CORE_MODULE_VERSION = 'JS Core 0.30.0';
+exports.CORE_MODULE_VERSION = 'JS Core 0.31.0';

package/lib/esm/config/ConfigurationBase.js

@@ -405,6 +405,9 @@ export class ConfigurationBase {
     get createCustomSnippet() {
         return this.configParams.px_create_custom_snippet;
     }
+    get dataEnrichmentHeaderName() {
+        return this.configParams.px_data_enrichment_header_name;
+    }
     get enableBlockedUrlOnCaptchaBlockPage() {
         return true;
     }

package/lib/esm/config/defaults/DefaultConfigurationParams.js

@@ -129,6 +129,7 @@ export const defaultConfigurationParams = () => ({
     px_remote_config_retry_interval_ms: 1000,
     px_url_decode_reserved_characters: false,
     px_secured_pxhd_enabled: false,
+    px_data_enrichment_header_name: '',
     px_snippet_injection_enabled: false,
     px_create_custom_snippet: null,
     px_custom_is_sensitive_request: null,

package/lib/esm/enforcer/utils.js

@@ -68,9 +68,7 @@ export const createEnforcerInitializationBlock = (config, options) => {
 export const createEnforcerProducts = (config, products, base64Utils, hashUtils, urlUtils, ipRangeChecker) => {
     const botDefender = products?.bd || new BotDefender(config, { base64Utils, ipRangeChecker, urlUtils });
     const accountDefender = products?.ad || new AccountDefender(config, { base64Utils });
-    const credentialIntelligence = config.ciEnabled
-        ? products?.ci || new CredentialIntelligence(config, { hashUtils, urlUtils })
-        : undefined;
+    const credentialIntelligence = products?.ci || new CredentialIntelligence(config, { hashUtils, urlUtils });
     const hypeSaleChallenge = products?.hsc || new HypeSaleChallenge(config, { base64Utils });
     return {
         [ProductName.BOT_DEFENDER]: botDefender,

package/lib/esm/products/bot_defender/BotDefender.js

@@ -101,8 +101,15 @@ export class BotDefender {
     createBlockResponse(context) {
         return this.blocker.createBlockResponse(context);
     }
-    async modifyIncomingRequest(_context) {
-        // intentionally left blank
+    async modifyIncomingRequest(context) {
+        if (this.config.dataEnrichmentHeaderName && context.pxde && context.pxdeVerified) {
+            try {
+                context.requestData.request.headers.set(this.config.dataEnrichmentHeaderName, JSON.stringify(context.pxde));
+            }
+            catch (err) {
+                context.logger.debug(`unable to set data enrichment header: ${err}`);
+            }
+        }
     }
     async modifyOutgoingResponse(_context) {
         // intentionally left blank

package/lib/esm/products/credential_intelligence/CredentialIntelligence.js

@@ -4,12 +4,22 @@ import { CredentialEndpoint, CredentialEndpointManager, CredentialExtractorFacto
 import { ADDITIONAL_S2S_ACTIVITY_HEADER_NAME, ADDITIONAL_S2S_URL_HEADER_NAME, COMPROMISED_CREDENTIALS_HEADER_VALUE, } from './constants.js';
 export class CredentialIntelligence {
     config;
+    options;
+    remoteConfigVersion;
     endpointManager;
     constructor(config, options) {
         this.config = config;
-        this.endpointManager = new CredentialEndpointManager(this.initializeCredentialIntelligenceEndpoints(config, options));
+        this.options = options;
+        this.remoteConfigVersion = config.remoteConfigVersion;
+        this.endpointManager = new CredentialEndpointManager(this.initializeCredentialIntelligenceEndpoints(this.config, this.options));
     }
     async enrichContextFromRequest(context) {
+        if (!this.config.ciEnabled) {
+            return null;
+        }
+        if (this.shouldRefreshCredentialIntelligenceEndpoints()) {
+            this.refreshCredentialIntelligenceEndpoints();
+        }
         const endpointIndex = this.endpointManager.getEndpointIndex(context);
         if (endpointIndex === -1) {
             return null;
@@ -66,12 +76,27 @@ export class CredentialIntelligence {
         request.headers.set(ADDITIONAL_S2S_URL_HEADER_NAME, `${this.config.backendCollectorUrl}${ACTIVITIES_ENDPOINT}`);
     }
     initializeCredentialIntelligenceEndpoints(config, options) {
-        return config.ciEndpoints.map((endpointConfig) => {
-            const matcher = CredentialIntelligenceEndpointMatcherFactory.create(endpointConfig);
-            const extractor = CredentialExtractorFactory.create(endpointConfig, options.urlUtils);
-            const protocol = CredentialIntelligenceHashProtocolFactory.create((endpointConfig.protocol ?? config.ciDefaultVersion), options.hashUtils);
-            const loginSuccessfulParser = LoginSuccessfulParserFactory.create(config, endpointConfig);
-            return new CredentialEndpoint(matcher, extractor, protocol, loginSuccessfulParser);
-        });
+        return config.ciEndpoints
+            .map((endpointConfig) => {
+            try {
+                const matcher = CredentialIntelligenceEndpointMatcherFactory.create(endpointConfig);
+                const extractor = CredentialExtractorFactory.create(endpointConfig, options.urlUtils);
+                const protocol = CredentialIntelligenceHashProtocolFactory.create((endpointConfig.protocol ?? config.ciDefaultVersion), options.hashUtils);
+                const loginSuccessfulParser = LoginSuccessfulParserFactory.create(config, endpointConfig);
+                return new CredentialEndpoint(matcher, extractor, protocol, loginSuccessfulParser);
+            }
+            catch (error) {
+                this.config.logger.error(`caught error initializing credential intelligence endpoint: ${error}`);
+                return null;
+            }
+        })
+            .filter((endpoint) => endpoint !== null);
+    }
+    shouldRefreshCredentialIntelligenceEndpoints() {
+        return this.remoteConfigVersion !== this.config.remoteConfigVersion;
+    }
+    refreshCredentialIntelligenceEndpoints() {
+        this.remoteConfigVersion = this.config.remoteConfigVersion;
+        this.endpointManager = new CredentialEndpointManager(this.initializeCredentialIntelligenceEndpoints(this.config, this.options));
     }
 }

package/lib/esm/utils/constants.js

@@ -12,4 +12,4 @@ export const PUSH_DATA_FEATURE_HEADER_NAME = 'x-px-feature';
 export const EMAIL_ADDRESS_REGEX = /^[a-zA-Z0-9_+&*-]+(?:\.[a-zA-Z0-9_+&*-]+)*@(?:[a-zA-Z0-9-]+\.)+[a-zA-Z]{2,7}$/;
 export const URL_REGEX = /^(https?:)\/\/(([^@\s:\/]+):?([^@\s\/]*)@)?(([^:\/?#]*)(?:\:([0-9]+))?)(\/?[^?#]*)(\?[^#]*|)(#.*|)$/;
 export const REGEX_STRUCTURE = /^\/(.+?)\/([gimsuyvd]*)$/;
-export const CORE_MODULE_VERSION = 'JS Core 0.30.0';
+export const CORE_MODULE_VERSION = 'JS Core 0.31.0';

package/lib/types/config/ConfigurationBase.d.ts

@@ -143,6 +143,7 @@ export declare abstract class ConfigurationBase<Req, Res, Added, Removed extends
     get tokenVersion(): `${TokenVersion}`;
     get snippetInjectionEnabled(): boolean;
     get createCustomSnippet(): CustomSnippetFunction<Req, Res, Added, Removed> | null;
+    get dataEnrichmentHeaderName(): string;
     get enableBlockedUrlOnCaptchaBlockPage(): boolean;
     get awaitAsyncHttpRequests(): boolean;
     get isPostEnforceEnabled(): boolean;

package/lib/types/config/IConfiguration.d.ts

@@ -404,6 +404,10 @@ export interface IConfiguration<Req, Res, Added, Removed> {
      * The version of the token the enforcer is able to parse.
      */
     readonly tokenVersion: `${TokenVersion}`;
+    /**
+     * The header name to use when adding the data enrichment value as an incoming request header.
+     */
+    readonly dataEnrichmentHeaderName: string;
     /**
      * Returns an object representation of the current configuration.
      */

package/lib/types/config/params/CoreConfigurationParams.d.ts

@@ -120,6 +120,7 @@ export type CommonConfigurationParams<Req, Res, Added, Removed> = TokenV3Configu
     px_remote_config_retry_interval_ms?: number;
     px_url_decode_reserved_characters?: boolean;
     px_secured_pxhd_enabled?: boolean;
+    px_data_enrichment_header_name?: string;
     px_additional_activity_handler?: AdditionalActivityHandler<Req, Res, Added, Removed> | null;
     px_enrich_custom_parameters?: CustomParametersFunction<Req, Res, Added, Removed> | null;
     px_enrich_response_custom_parameters?: ResponseCustomParametersFunction<Req, Res, Added, Removed> | null;

package/lib/types/products/bot_defender/BotDefender.d.ts

@@ -46,6 +46,6 @@ export declare class BotDefender<Req, Res, Added, Removed> implements IBotDefend
     protected getSuccessfulRiskApiAction(riskResponse: DeepReadonly<IRiskResponse>, isMonitored: boolean): ActionData;
     shouldBlock(context: ReadonlyContext<Req, Res>): boolean;
     createBlockResponse(context: ReadonlyContext<Req, Res>): IMinimalResponse;
-    modifyIncomingRequest(_context: ReadonlyContext<Req, Res>): Promise<void>;
+    modifyIncomingRequest(context: ReadonlyContext<Req, Res>): Promise<void>;
     modifyOutgoingResponse(_context: ReadonlyContext<Req, Res>): Promise<void>;
 }

package/lib/types/products/credential_intelligence/CredentialIntelligence.d.ts

@@ -11,7 +11,9 @@ export type CredentialIntelligenceOptions = {
 };
 export declare class CredentialIntelligence<Req, Res, Added, Removed> implements ICredentialIntelligence<Req, Res> {
     protected readonly config: IConfiguration<Req, Res, Added, Removed>;
-    protected readonly endpointManager: CredentialEndpointManager<Req, Res>;
+    protected readonly options: CredentialIntelligenceOptions;
+    protected remoteConfigVersion: number;
+    protected endpointManager: CredentialEndpointManager<Req, Res>;
     constructor(config: IConfiguration<Req, Res, Added, Removed>, options: CredentialIntelligenceOptions);
     enrichContextFromRequest(context: ReadonlyContext<Req, Res>): Promise<CredentialIntelligenceData | null>;
     enrichContextFromRiskApi(context: ReadonlyContext<Req, Res>): Promise<Partial<CredentialIntelligenceData> | null>;
@@ -23,4 +25,6 @@ export declare class CredentialIntelligence<Req, Res, Added, Removed> implements
     protected shouldSetAdditionalS2SActivityHeaders(): boolean;
     protected setAdditionalS2SActivityHeaders(request: IIncomingRequest<Req>, context: ReadonlyContext<Req, Res>): void;
     protected initializeCredentialIntelligenceEndpoints(config: IConfiguration<Req, Res, Added, Removed>, options: CredentialIntelligenceOptions): ICredentialEndpoint<Req, Res>[];
+    protected shouldRefreshCredentialIntelligenceEndpoints(): boolean;
+    protected refreshCredentialIntelligenceEndpoints(): void;
 }

package/lib/types/utils/constants.d.ts

@@ -12,4 +12,4 @@ export declare const PUSH_DATA_FEATURE_HEADER_NAME = "x-px-feature";
 export declare const EMAIL_ADDRESS_REGEX: RegExp;
 export declare const URL_REGEX: RegExp;
 export declare const REGEX_STRUCTURE: RegExp;
-export declare const CORE_MODULE_VERSION = "JS Core 0.30.0";
+export declare const CORE_MODULE_VERSION = "JS Core 0.31.0";

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "perimeterx-js-core",
-  "version": "0.30.0",
+  "version": "0.31.0",
   "description": "",
   "type": "module",
   "typesVersions": {
@@ -38,7 +38,7 @@
     "lint": "eslint . --ext .ts",
     "lint:fix": "eslint . --ext .ts --fix",
     "test": "mocha",
-    "coverage": "nyc npm run test",
+    "coverage": "c8 npm run test",
     "pre-commit": "./node_modules/.bin/lint-staged",
     "prepare": "husky"
   },
@@ -58,8 +58,9 @@
     "@types/node": "^18.19.50 || ^20.6.0 || ^22.0.0",
     "@types/sinon": "^17.0.1",
     "@types/uuid": "^10.0.0",
-    "@typescript-eslint/eslint-plugin": "^8.26.0",
+    "@typescript-eslint/eslint-plugin": "^8.38.0",
     "@typescript-eslint/parser": "^8.26.0",
+    "c8": "^10.1.3",
     "chai": "^5.2.0",
     "chai-as-promised": "^8.0.0",
     "core-js": "^3.19.1",
@@ -69,9 +70,8 @@
     "husky": "^9.1.7",
     "lint-staged": "^16.0.0",
     "mocha": "^11.4.0",
-    "nyc": "^17.0.0",
     "prettier": "^3.5.3",
-    "sinon": "^20.0.0",
+    "sinon": "^21.0.0",
     "ts-loader": "^9.4.1",
     "ts-node": "^10.9.1",
     "tsc-alias": "^1.8.11",