perimeterx-js-core 0.31.0 → 0.32.0

package/lib/types/config/params/CoreConfigurationParams.d.ts

@@ -50,14 +50,14 @@ export type TokenV3ConfigurationParamsOnly = {
 /**
  * The configuration parameters relevant to the snippet injection feature.
  */
-export type SnippetInjectionParamsOnly<Req, Res, Added, Removed> = {
+export type SnippetInjectionParamsOnly<Req, Res, Supported extends string, Added> = {
     px_snippet_injection_enabled?: boolean;
-    px_create_custom_snippet?: CustomSnippetFunction<Req, Res, Added, Removed> | null;
+    px_create_custom_snippet?: CustomSnippetFunction<Req, Res, Supported, Added> | null;
 };
 /**
  * The configuration parameters that can be set via either the static or remote configuration.
  */
-export type CommonConfigurationParams<Req, Res, Added, Removed> = TokenV3ConfigurationParamsOnly & BatchedActivitiesConfigParamsOnly & SnippetInjectionParamsOnly<Req, Res, Added, Removed> & {
+export type CommonConfigurationParams<Req, Res, Supported extends string, Added> = TokenV3ConfigurationParamsOnly & BatchedActivitiesConfigParamsOnly & SnippetInjectionParamsOnly<Req, Res, Supported, Added> & {
     px_s2s_timeout?: number;
     px_async_timeout?: number;
     px_backend_url?: string;
@@ -121,9 +121,9 @@ export type CommonConfigurationParams<Req, Res, Added, Removed> = TokenV3Configu
     px_url_decode_reserved_characters?: boolean;
     px_secured_pxhd_enabled?: boolean;
     px_data_enrichment_header_name?: string;
-    px_additional_activity_handler?: AdditionalActivityHandler<Req, Res, Added, Removed> | null;
-    px_enrich_custom_parameters?: CustomParametersFunction<Req, Res, Added, Removed> | null;
-    px_enrich_response_custom_parameters?: ResponseCustomParametersFunction<Req, Res, Added, Removed> | null;
+    px_additional_activity_handler?: AdditionalActivityHandler<Req, Res, Supported, Added> | null;
+    px_enrich_custom_parameters?: CustomParametersFunction<Req, Res, Supported, Added> | null;
+    px_enrich_response_custom_parameters?: ResponseCustomParametersFunction<Req, Res, Supported, Added> | null;
     px_login_successful_custom_callback?: CustomLoginSuccessfulCallback<Res> | null;
     px_cors_custom_preflight_handler?: CustomPreflightHandler<Req> | null;
     px_cors_create_custom_block_response_headers?: CustomBlockResponseHeadersHandler<Req> | null;
@@ -136,4 +136,21 @@ export type CommonConfigurationParams<Req, Res, Added, Removed> = TokenV3Configu
 /**
  * All configuration parameters supported by JS Core.
  */
-export type CoreConfigurationParams<Req, Res, Added, Removed> = StaticConfigurationParamsOnly & RemoteConfigurationParamsOnly & CommonConfigurationParams<Req, Res, Added, Removed>;
+export type CoreConfigurationParams<Req, Res, Supported extends string, Added> = StaticConfigurationParamsOnly & RemoteConfigurationParamsOnly & CommonConfigurationParams<Req, Res, Supported, Added>;
+export type CoreConfigurationParamsKeys = keyof CoreConfigurationParams<any, any, any, any>;
+/**
+ * Utility type to validate that enforcer-supported configurations are valid core configuration keys.
+ * This provides compile-time type safety to ensure wrapper libraries only reference existing core configs.
+ *
+ * @template T - Union of core configuration parameter keys to validate
+ * @example
+ * ```typescript
+ * // In wrapper library:
+ * export type SupportedCoreConfigs = ValidateSupportedConfigurations<
+ *     | 'px_app_id'
+ *     | 'px_auth_token'
+ *     | 'px_blocking_score'
+ * >;
+ * ```
+ */
+export type ValidateSupportedConfigurations<T extends CoreConfigurationParamsKeys> = T;

package/lib/types/config/params/CreateHumanSecurityConfigurationParams.d.ts

@@ -0,0 +1,2 @@
+import { CoreConfigurationParamsKeys, CoreConfigurationParams } from './CoreConfigurationParams';
+export type CreateHumanSecurityConfigurationParams<Req, Res, Supported extends CoreConfigurationParamsKeys, Added> = Added & Pick<CoreConfigurationParams<Req, Res, Supported, Added>, Supported>;

package/lib/types/config/params/RemoteConfigurationParams.d.ts

@@ -1,5 +1,6 @@
 import { CoreConfigurationParams, StaticConfigurationParamsOnly } from './CoreConfigurationParams';
 /**
- * All configurations that can be set via the remote configurations, taking into account any added or removed configurations.
+ * All core configurations that can be set via the remote configurations.
+ * Note: Only core configs can be set remotely, not wrapper-specific Added configs.
  */
-export type RemoteConfigurationParams<Req, Res, Added, Removed> = Omit<CoreConfigurationParams<Req, Res, Added, Removed>, keyof StaticConfigurationParamsOnly>;
+export type RemoteConfigurationParams<Req, Res, Supported extends string, Added> = Omit<CoreConfigurationParams<Req, Res, Supported, Added>, keyof StaticConfigurationParamsOnly>;

package/lib/types/config/params/StaticConfigurationParams.d.ts

@@ -1,6 +1,8 @@
-import { RemoteConfigurationParamsOnly } from './CoreConfigurationParams';
-import { CreateHumanSecurityConfigurationParams } from './AllConfigurationParams';
+import { CoreConfigurationParamsKeys, RemoteConfigurationParamsOnly } from './CoreConfigurationParams';
+import { CreateHumanSecurityConfigurationParams } from './CreateHumanSecurityConfigurationParams';
 /**
  * All configurations that can be set via the static configurations, taking into account any added or removed configurations.
  */
-export type StaticConfigurationParams<Req, Res, Added = {}, Removed = never> = Omit<CreateHumanSecurityConfigurationParams<Req, Res, Added, Removed>, keyof RemoteConfigurationParamsOnly>;
+export type StaticConfigurationParams<Req, Res, Supported extends string, Added> = [Supported] extends [
+    CoreConfigurationParamsKeys
+] ? Omit<CreateHumanSecurityConfigurationParams<Req, Res, Supported, Added>, keyof RemoteConfigurationParamsOnly> : never;

package/lib/types/config/params/index.d.ts

@@ -3,3 +3,4 @@ export * from './AllConfigurationParams';
 export * from './CoreConfigurationParams';
 export * from './RemoteConfigurationParams';
 export * from './StaticConfigurationParams';
+export * from './CreateHumanSecurityConfigurationParams';

package/lib/types/config/remote_config/RemoteConfigUtils.d.ts

@@ -4,6 +4,6 @@ import { RemoteConfigurationParams } from '../params';
 import { RemoteConfigData } from './model';
 export declare namespace RemoteConfigUtils {
     const isRemoteConfigUpdateRequest: <Req>(request: IIncomingRequest<Req>) => boolean;
-    const prepareRemoteConfigParams: <Req, Res, Added, Removed>({ version, configValue }: RemoteConfigData<Req, Res, Added, Removed>, logger: ILogger) => RemoteConfigurationParams<Req, Res, Added, Removed>;
+    const prepareRemoteConfigParams: <Req, Res, Supported extends string, Added>({ version, configValue }: RemoteConfigData<Req, Res, Supported, Added>, logger: ILogger) => RemoteConfigurationParams<Req, Res, Supported, Added>;
     const mergeStringRegexConfigurationValues: (stringFields: Array<string | RegExp> | undefined, regexFields: string[] | undefined, logger: ILogger) => Array<string | RegExp>;
 }

package/lib/types/config/remote_config/manager/DefaultRemoteConfigManager.d.ts

@@ -4,20 +4,20 @@ import { RemoteConfigData } from '../model';
 import { IRemoteConfigServiceClient } from '../service_client';
 import { IRemoteConfigStorageClient } from '../storage_client';
 import { IRemoteConfigManager } from './IRemoteConfigManager';
-export type DefaultRemoteConfigManagerOptions<Req, Res, Added, Removed> = {
-    serviceClient: IRemoteConfigServiceClient<Req, Res, Added, Removed>;
-    storageClient: IRemoteConfigStorageClient<Req, Res, Added, Removed>;
+export type DefaultRemoteConfigManagerOptions<Req, Res, Supported extends string, Added> = {
+    serviceClient: IRemoteConfigServiceClient<Req, Res, Supported, Added>;
+    storageClient: IRemoteConfigStorageClient<Req, Res, Supported, Added>;
 };
-export declare class DefaultRemoteConfigManager<Req, Res, Added, Removed> implements IRemoteConfigManager<Req, Res> {
-    protected readonly config: IConfiguration<Req, Res, Added, Removed>;
-    protected serviceClient: IRemoteConfigServiceClient<Req, Res, Added, Removed>;
-    protected storageClient: IRemoteConfigStorageClient<Req, Res, Added, Removed>;
-    constructor(config: IConfiguration<Req, Res, Added, Removed>, options: DefaultRemoteConfigManagerOptions<Req, Res, Added, Removed>);
+export declare class DefaultRemoteConfigManager<Req, Res, Supported extends string, Added> implements IRemoteConfigManager<Req, Res> {
+    protected readonly config: IConfiguration<Req, Res, Supported, Added>;
+    protected serviceClient: IRemoteConfigServiceClient<Req, Res, Supported, Added>;
+    protected storageClient: IRemoteConfigStorageClient<Req, Res, Supported, Added>;
+    constructor(config: IConfiguration<Req, Res, Supported, Added>, options: DefaultRemoteConfigManagerOptions<Req, Res, Supported, Added>);
     loadRemoteConfig(): Promise<void>;
-    protected loadRemoteConfigData(): Promise<RemoteConfigData<Req, Res, Added, Removed> | null>;
+    protected loadRemoteConfigData(): Promise<RemoteConfigData<Req, Res, Supported, Added> | null>;
     protected isValidRemoteConfigId(remoteConfigId: string): boolean;
     shouldUpdateRemoteConfig(context: IContext<Req, Res>): boolean;
     updateRemoteConfig(context: ReadonlyContext<Req, Res>): Promise<void>;
-    protected fetchRemoteConfigData(desiredVersion: number, context: ReadonlyContext<Req, Res>): Promise<RemoteConfigData<Req, Res, Added, Removed> | null>;
+    protected fetchRemoteConfigData(desiredVersion: number, context: ReadonlyContext<Req, Res>): Promise<RemoteConfigData<Req, Res, Supported, Added> | null>;
     protected sleepBetweenFetchAttempts(ms: number): Promise<void>;
 }

package/lib/types/config/remote_config/model/RemoteConfigData.d.ts

@@ -1,7 +1,7 @@
 import { RemoteConfigurationParams } from '../../params';
-export type RemoteConfigData<Req, Res, Added, Removed> = {
+export type RemoteConfigData<Req, Res, Supported extends string, Added> = {
     id: string;
-    configValue: RemoteConfigurationParams<Req, Res, Added, Removed>;
+    configValue: RemoteConfigurationParams<Req, Res, Supported, Added>;
     lastUpdated: number;
     version: number;
 };

package/lib/types/config/remote_config/service_client/HttpRemoteConfigServiceClient.d.ts

@@ -2,11 +2,11 @@ import { IHttpClient, IIncomingResponse, IOutgoingRequest } from '../../../http'
 import { IConfiguration } from '../../IConfiguration';
 import { RemoteConfigData, RemoteConfigNotifyRequestPayload } from '../model';
 import { IRemoteConfigServiceClient } from './IRemoteConfigServiceClient';
-export declare class HttpRemoteConfigServiceClient<Req, Res, Added, Removed> implements IRemoteConfigServiceClient<Req, Res, Added, Removed> {
-    protected readonly config: IConfiguration<Req, Res, Added, Removed>;
+export declare class HttpRemoteConfigServiceClient<Req, Res, Supported extends string, Added> implements IRemoteConfigServiceClient<Req, Res, Supported, Added> {
+    protected readonly config: IConfiguration<Req, Res, Supported, Added>;
     protected readonly httpClient: IHttpClient;
-    constructor(config: IConfiguration<Req, Res, Added, Removed>, httpClient: IHttpClient);
-    fetch(_updateRequestData: RemoteConfigNotifyRequestPayload): Promise<RemoteConfigData<Req, Res, Added, Removed>>;
+    constructor(config: IConfiguration<Req, Res, Supported, Added>, httpClient: IHttpClient);
+    fetch(_updateRequestData: RemoteConfigNotifyRequestPayload): Promise<RemoteConfigData<Req, Res, Supported, Added>>;
     protected createFetchRemoteConfigRequest(): IOutgoingRequest;
-    protected extractConfigFromResponse(response: IIncomingResponse): Promise<RemoteConfigData<Req, Res, Added, Removed>>;
+    protected extractConfigFromResponse(response: IIncomingResponse): Promise<RemoteConfigData<Req, Res, Supported, Added>>;
 }

package/lib/types/config/remote_config/service_client/IRemoteConfigServiceClient.d.ts

@@ -1,5 +1,5 @@
 import { AsyncOrSync } from 'ts-essentials';
 import { RemoteConfigData, RemoteConfigNotifyRequestPayload } from '../model';
-export interface IRemoteConfigServiceClient<Req, Res, Added, Removed> {
-    fetch(updateRequestData: RemoteConfigNotifyRequestPayload): AsyncOrSync<RemoteConfigData<Req, Res, Added, Removed>>;
+export interface IRemoteConfigServiceClient<Req, Res, Supported extends string, Added> {
+    fetch(updateRequestData: RemoteConfigNotifyRequestPayload): AsyncOrSync<RemoteConfigData<Req, Res, Supported, Added>>;
 }

package/lib/types/config/remote_config/storage_client/IRemoteConfigStorageClient.d.ts

@@ -1,6 +1,6 @@
 import { AsyncOrSync } from 'ts-essentials';
 import { RemoteConfigData } from '../model';
-export interface IRemoteConfigStorageClient<Req, Res, Added, Removed> {
-    load(): AsyncOrSync<RemoteConfigData<Req, Res, Added, Removed> | null>;
-    save(remoteConfigData: RemoteConfigData<Req, Res, Added, Removed>): AsyncOrSync<void>;
+export interface IRemoteConfigStorageClient<Req, Res, Supported extends string, Added> {
+    load(): AsyncOrSync<RemoteConfigData<Req, Res, Supported, Added> | null>;
+    save(remoteConfigData: RemoteConfigData<Req, Res, Supported, Added>): AsyncOrSync<void>;
 }

package/lib/types/config/remote_config/update_parser/DefaultNotifyRemoteConfigUpdateParser.d.ts

@@ -11,10 +11,10 @@ export type DefaultNotifyRemoteConfigUpdateParserOptions = {
     hmacUtils?: never;
     timestampHmacHeaderValidator: ITimestampHmacHeaderValidator;
 };
-export declare class DefaultNotifyRemoteConfigUpdateParser<Req, Res, Added, Removed> implements IRemoteConfigUpdateParser<Req, Res> {
-    protected readonly config: IConfiguration<Req, Res, Added, Removed>;
+export declare class DefaultNotifyRemoteConfigUpdateParser<Req, Res, Supported extends string, Added> implements IRemoteConfigUpdateParser<Req, Res> {
+    protected readonly config: IConfiguration<Req, Res, Supported, Added>;
     protected readonly timestampHmacHeaderValidator: ITimestampHmacHeaderValidator;
-    constructor(config: IConfiguration<Req, Res, Added, Removed>, options: DefaultNotifyRemoteConfigUpdateParserOptions);
+    constructor(config: IConfiguration<Req, Res, Supported, Added>, options: DefaultNotifyRemoteConfigUpdateParserOptions);
     isUpdateRequest({ requestData: { request } }: ReadonlyContext<Req, Res>): Promise<boolean>;
     parseUpdate(context: ReadonlyContext<Req, Res>): Promise<RemoteConfigUpdateData>;
     protected isNotifyRequestValid(context: ReadonlyContext<Req, Res>): Promise<boolean>;

package/lib/types/context/DefaultContext.d.ts

@@ -21,7 +21,7 @@ export type DefaultContextOptions = {
  * The default implementation of the request context which uses the incoming HTTP request and enforcer configuration
  * to populate the context with relevant data.
  */
-export declare class DefaultContext<Req, Res, Added, Removed> implements IContext<Req, Res> {
+export declare class DefaultContext<Req, Res, Supported extends string, Added> implements IContext<Req, Res> {
     readonly requestId: string;
     readonly tokenOrigin: TokenOrigin;
     readonly remoteConfigUpdateData: RemoteConfigUpdateData;
@@ -49,19 +49,19 @@ export declare class DefaultContext<Req, Res, Added, Removed> implements IContex
     usedCookieSecret?: string;
     shouldSendTelemetry: boolean;
     protected _shouldSendLogs: boolean;
-    protected readonly config: IConfiguration<Req, Res, Added, Removed>;
+    protected readonly config: IConfiguration<Req, Res, Supported, Added>;
     protected readonly urlUtils: IUrlUtils;
-    constructor(config: IConfiguration<Req, Res, Added, Removed>, request: IIncomingRequest<Req>, options: DefaultContextOptions);
+    constructor(config: IConfiguration<Req, Res, Supported, Added>, request: IIncomingRequest<Req>, options: DefaultContextOptions);
     get shouldSendLogs(): boolean;
     set shouldSendLogs(shouldSendLogs: boolean);
     get isMobile(): boolean;
-    protected createContextLogger(config: IConfiguration<Req, Res, Added, Removed>, shouldSaveLogs: boolean): ILogger;
-    protected createRequestData(config: IConfiguration<Req, Res, Added, Removed>, request: IIncomingRequest<Req>, cookieParser?: ICookieParser): RequestData<Req>;
+    protected createContextLogger(config: IConfiguration<Req, Res, Supported, Added>, shouldSaveLogs: boolean): ILogger;
+    protected createRequestData(config: IConfiguration<Req, Res, Supported, Added>, request: IIncomingRequest<Req>, cookieParser?: ICookieParser): RequestData<Req>;
     protected normalizeUrl(rawUrl: string): IUrl;
-    protected extractUserAgentFromHeader(config: IConfiguration<Req, Res, Added, Removed>, headers: ReadonlyHeaders): string;
-    protected extractIpFromHeader(config: IConfiguration<Req, Res, Added, Removed>, headers: ReadonlyHeaders): string | null;
+    protected extractUserAgentFromHeader(config: IConfiguration<Req, Res, Supported, Added>, headers: ReadonlyHeaders): string;
+    protected extractIpFromHeader(config: IConfiguration<Req, Res, Supported, Added>, headers: ReadonlyHeaders): string | null;
     protected getTokenOrigin(request: IIncomingRequest<Req>): TokenOrigin;
     protected setCookiesOnContext(): void;
-    protected isHeaderBasedLoggerRequest(config: IConfiguration<Req, Res, Added, Removed>, request: IIncomingRequest<Req>): boolean;
+    protected isHeaderBasedLoggerRequest(config: IConfiguration<Req, Res, Supported, Added>, request: IIncomingRequest<Req>): boolean;
     toJSON(): ContextJson<Req, Res>;
 }

package/lib/types/context/SerializedContext.d.ts

@@ -17,7 +17,7 @@ import { ContextJson } from './ContextJson';
  * incoming request, but rather uses already-extracted data from the `ContextJson` (likely returned from the `DefaultContext.toJSON()`
  * function) and fills in the gaps using the other parameters.
  */
-export declare class SerializedContext<Req, Res, Added, Removed> implements IContext<Req, Res> {
+export declare class SerializedContext<Req, Res, Supported extends string, Added> implements IContext<Req, Res> {
     readonly isMobile: boolean;
     readonly remoteConfigUpdateData: RemoteConfigUpdateData;
     readonly logger: ILogger;
@@ -44,9 +44,9 @@ export declare class SerializedContext<Req, Res, Added, Removed> implements ICon
     tokenOrigin: TokenOrigin;
     uuid?: string;
     shouldSendTelemetry: boolean;
-    constructor(config: IConfiguration<Req, Res, Added, Removed>, contextJson: ContextJson<Req, Res>, request: IIncomingRequest<Req>, urlUtils: IUrlUtils);
+    constructor(config: IConfiguration<Req, Res, Supported, Added>, contextJson: ContextJson<Req, Res>, request: IIncomingRequest<Req>, urlUtils: IUrlUtils);
     protected createRequestData({ requestData }: ContextJson<Req, Res>, request: IIncomingRequest<Req>, urlUtils: IUrlUtils): RequestData<Req>;
-    protected createTokenData({ tokenData }: ContextJson<Req, Res>, config: IConfiguration<Req, Res, Added, Removed>): TokenData<Req, Res>;
+    protected createTokenData({ tokenData }: ContextJson<Req, Res>, config: IConfiguration<Req, Res, Supported, Added>): TokenData<Req, Res>;
     protected createRiskApiData({ riskApiData }: ContextJson<Req, Res>): RiskApiData;
-    protected createLogger(config: IConfiguration<Req, Res, Added, Removed>, shouldSendLogs: boolean, logs?: LogRecord[]): ILogger;
+    protected createLogger(config: IConfiguration<Req, Res, Supported, Added>, shouldSendLogs: boolean, logs?: LogRecord[]): ILogger;
 }

package/lib/types/cors/DefaultCors.d.ts

@@ -2,11 +2,11 @@ import { ICors } from './ICors';
 import { IConfiguration } from '../config';
 import { ReadonlyContext } from '../context';
 import { ReadonlyHeaders, IMinimalResponse } from '../http';
-export declare class DefaultCors<Req, Res, Added, Removed> implements ICors<Req, Res> {
+export declare class DefaultCors<Req, Res, Supported extends string, Added> implements ICors<Req, Res> {
     private readonly customBlockResponseHeaders;
     private readonly customPreflightHandler;
     private readonly logger;
-    constructor(config: IConfiguration<Req, Res, Added, Removed>);
+    constructor(config: IConfiguration<Req, Res, Supported, Added>);
     isPreflightRequest(context: ReadonlyContext<Req, Res>): boolean;
     runPreflightCustomHandler(context: ReadonlyContext<Req, Res>): Promise<IMinimalResponse | null>;
     isCorsRequest(context: ReadonlyContext<Req, Res>): boolean;

package/lib/types/custom_parameters/CustomParametersFunction.d.ts

@@ -1,4 +1,4 @@
 import { CustomParameters, ResponseCustomParameters } from './CustomParameters';
 import { ActiveConfigurationParams } from '../config';
-export type CustomParametersFunction<Req, Res, Added, Removed> = (config: ActiveConfigurationParams<Req, Res, Added, Removed>, request: Req) => CustomParameters | Promise<CustomParameters>;
-export type ResponseCustomParametersFunction<Req, Res, Added, Removed> = (config: ActiveConfigurationParams<Req, Res, Added, Removed>, response: Res) => ResponseCustomParameters | Promise<ResponseCustomParameters>;
+export type CustomParametersFunction<Req, Res, Supported extends string, Added> = (config: ActiveConfigurationParams<Req, Res, Supported, Added>, request: Req) => CustomParameters | Promise<CustomParameters>;
+export type ResponseCustomParametersFunction<Req, Res, Supported extends string, Added> = (config: ActiveConfigurationParams<Req, Res, Supported, Added>, response: Res) => ResponseCustomParameters | Promise<ResponseCustomParameters>;

package/lib/types/custom_parameters/CustomParametersUtils.d.ts

@@ -2,8 +2,8 @@ import { IConfiguration } from '../config';
 import { ReadonlyContext } from '../context';
 import { CustomParameters, ResponseCustomParameters } from './CustomParameters';
 export declare namespace CustomParametersUtils {
-    const createCustomParameters: <Req, Res, Added, Removed>(config: IConfiguration<Req, Res, Added, Removed>, context: ReadonlyContext<Req, Res>) => Promise<CustomParameters | null>;
-    const createResponseCustomParameters: <Req, Res, Added, Removed>(config: IConfiguration<Req, Res, Added, Removed>, context: ReadonlyContext<Req, Res>) => Promise<ResponseCustomParameters | null>;
+    const createCustomParameters: <Req, Res, Supported extends string, Added>(config: IConfiguration<Req, Res, Supported, Added>, context: ReadonlyContext<Req, Res>) => Promise<CustomParameters | null>;
+    const createResponseCustomParameters: <Req, Res, Supported extends string, Added>(config: IConfiguration<Req, Res, Supported, Added>, context: ReadonlyContext<Req, Res>) => Promise<ResponseCustomParameters | null>;
     const normalizeCustomParams: (customParameters: Record<string, any>) => CustomParameters | null;
     const normalizeResponseCustomParams: (customParameters: Record<string, any>) => ResponseCustomParameters | null;
 }

package/lib/types/enforcer/EnforcerBase.d.ts

@@ -1,5 +1,5 @@
 import { AsyncOrSync } from 'ts-essentials';
-import { IConfiguration, IRemoteConfigManager } from '../config';
+import { IConfiguration, IRemoteConfigManager, CoreConfigurationParamsKeys } from '../config';
 import { IContext } from '../context';
 import { IMinimalResponse, IOutgoingResponse } from '../http';
 import { IFlow } from '../flow';
@@ -10,8 +10,8 @@ import { IPostEnforcer } from './IPostEnforcer';
 /**
  * The base class for fundamental enforcer logic.
  */
-export declare abstract class EnforcerBase<Req, Res, EnforceArgs extends any[], PostEnforceArgs extends any[], Added, Removed> implements IEnforcer<EnforceArgs, Promise<Res | null>>, IPostEnforcer<PostEnforceArgs, Promise<void>> {
-    protected readonly config: IConfiguration<Req, Res, Added, Removed>;
+export declare abstract class EnforcerBase<Req, Res, EnforceArgs extends any[], PostEnforceArgs extends any[], Supported extends CoreConfigurationParamsKeys, Added> implements IEnforcer<EnforceArgs, Promise<Res | null>>, IPostEnforcer<PostEnforceArgs, Promise<void>> {
+    protected readonly config: IConfiguration<Req, Res, Supported, Added>;
     protected readonly filterFlow: IFlow<Req, Res>;
     protected readonly enforceFlow: IFlow<Req, Res>;
     protected readonly postEnforceFlow: IFlow<Req, Res> | null;
@@ -61,7 +61,7 @@ export declare abstract class EnforcerBase<Req, Res, EnforceArgs extends any[],
      * @param options - An EnforcerOptions object that allows for overriding any functional building blocks in the enforcer.
      * @protected
      */
-    protected constructor(config: IConfiguration<Req, Res, Added, Removed>, options: EnforcerOptions<Req, Res, Added, Removed>);
+    protected constructor(config: IConfiguration<Req, Res, Supported, Added>, options: EnforcerOptions<Req, Res, Supported, Added>);
     /**
      * Creates the filter flow for the enforcer. The filter flow is responsible for filtering out requests that should not undergo the usual enforcement flow.
      * For example, first party, filtered, CORS preflight, and telemetry requests are filtered out.
@@ -70,7 +70,7 @@ export declare abstract class EnforcerBase<Req, Res, EnforceArgs extends any[],
      * @protected
      * @returns - The filter flow for the enforcer.
      */
-    protected createFilterFlow(config: IConfiguration<Req, Res, Added, Removed>, initializationBlock: Required<EnforcerOptions<Req, Res, Added, Removed>>): IFlow<Req, Res>;
+    protected createFilterFlow(config: IConfiguration<Req, Res, Supported, Added>, initializationBlock: Required<EnforcerOptions<Req, Res, Supported, Added>>): IFlow<Req, Res>;
     /**
      * Creates the post enforce flow for the enforcer. The post enforce flow is responsible for any logic that requires the origin response in the case of passed requests.
      * For example, enriching the context with response data (status, login successful information) and modifying the origin response (snippet injection, PXHD) are part of the post enforce flow.
@@ -79,7 +79,7 @@ export declare abstract class EnforcerBase<Req, Res, EnforceArgs extends any[],
      * @protected
      * @returns - The post enforce flow for the enforcer or null if post enforce is not enabled.
      */
-    protected createPostEnforceFlow(config: IConfiguration<Req, Res, Added, Removed>, initializationBlock: Required<EnforcerOptions<Req, Res, Added, Removed>>): IFlow<Req, Res> | null;
+    protected createPostEnforceFlow(config: IConfiguration<Req, Res, Supported, Added>, initializationBlock: Required<EnforcerOptions<Req, Res, Supported, Added>>): IFlow<Req, Res> | null;
     /**
      * Creates the enforce flow for the enforcer. The enforce flow is responsible for the core functionality of HUMAN enforcement.
      * For example, parsing HUMAN cookies, performing Risk API, invoking the additional activity handler, and returning a block response are part of the enforce flow.
@@ -88,7 +88,7 @@ export declare abstract class EnforcerBase<Req, Res, EnforceArgs extends any[],
      * @protected
      * @returns - The enforce flow for the enforcer.
      */
-    protected createEnforceFlow(config: IConfiguration<Req, Res, Added, Removed>, initializationBlock: Required<EnforcerOptions<Req, Res, Added, Removed>>): IFlow<Req, Res>;
+    protected createEnforceFlow(config: IConfiguration<Req, Res, Supported, Added>, initializationBlock: Required<EnforcerOptions<Req, Res, Supported, Added>>): IFlow<Req, Res>;
     /**
      * Creates the end enforce flow for the enforcer. The end enforce flow is responsible for all actions that must be done after every incoming request.
      * For example, sending the async activities, sending the telemetry activity, or updating the remote config, sending and clearing the enforcer logs, are parts of the end enforce flow.
@@ -97,7 +97,7 @@ export declare abstract class EnforcerBase<Req, Res, EnforceArgs extends any[],
      * @protected
      * @returns - The end enforce flow for the enforcer.
      */
-    protected createEndEnforcerFlow(config: IConfiguration<Req, Res, Added, Removed>, initializationBlock: Required<EnforcerOptions<Req, Res, Added, Removed>>): IFlow<Req, Res>;
+    protected createEndEnforcerFlow(config: IConfiguration<Req, Res, Supported, Added>, initializationBlock: Required<EnforcerOptions<Req, Res, Supported, Added>>): IFlow<Req, Res>;
     /**
      * The central function that triggers enforcement on the incoming request.
      * @param args - The EnforceArgs required to enforce the incoming request.

package/lib/types/enforcer/EnforcerOptions.d.ts

@@ -11,7 +11,7 @@ import { IGraphQLParser } from '../graphql';
 import { ILogServiceClient } from '../logger';
 import { IRemoteConfigStorageClient, IRemoteConfigServiceClient, IRemoteConfigManager, IRemoteConfigUpdateParser } from '../config';
 import { ISnippetInjector, ISnippetRetriever } from '../snippet_injection';
-export type EnforcerOptions<Req, Res, Added, Removed> = {
+export type EnforcerOptions<Req, Res, Supported extends string, Added> = {
     httpClient: IHttpClient;
     base64Utils: IBase64Utils;
     hmacUtils: IHmacUtils;
@@ -30,8 +30,8 @@ export type EnforcerOptions<Req, Res, Added, Removed> = {
     logServiceClient?: ILogServiceClient<Req, Res> | null;
     remoteConfigManager?: IRemoteConfigManager<Req, Res> | null;
     remoteConfigUpdateParser?: IRemoteConfigUpdateParser<Req, Res> | null;
-    remoteConfigStorageClient?: IRemoteConfigStorageClient<Req, Res, Added, Removed> | null;
-    remoteConfigServiceClient?: IRemoteConfigServiceClient<Req, Res, Added, Removed> | null;
+    remoteConfigStorageClient?: IRemoteConfigStorageClient<Req, Res, Supported, Added> | null;
+    remoteConfigServiceClient?: IRemoteConfigServiceClient<Req, Res, Supported, Added> | null;
     snippetRetriever?: ISnippetRetriever<Req, Res> | null;
     snippetInjector?: ISnippetInjector<Res> | null;
 };

package/lib/types/enforcer/utils.d.ts

@@ -1,12 +1,12 @@
-import { IConfiguration, IRemoteConfigManager, IRemoteConfigServiceClient, IRemoteConfigStorageClient, IRemoteConfigUpdateParser } from '../config';
+import { IConfiguration, IRemoteConfigManager, IRemoteConfigServiceClient, IRemoteConfigStorageClient, IRemoteConfigUpdateParser, CoreConfigurationParamsKeys } from '../config';
 import { EnforcerOptions } from './EnforcerOptions';
 import { Products } from '../products';
 import { IBase64Utils, IHashUtils, IIpRangeChecker, IUrlUtils } from '../utils';
-export declare const createEnforcerInitializationBlock: <Req, Res, Added, Removed>(config: IConfiguration<Req, Res, Added, Removed>, options: EnforcerOptions<Req, Res, Added, Removed>) => Required<EnforcerOptions<Req, Res, Added, Removed>>;
-export declare const createEnforcerProducts: <Req, Res, Added, Removed>(config: IConfiguration<Req, Res, Added, Removed>, products: Products<Req, Res> | undefined, base64Utils: IBase64Utils, hashUtils: IHashUtils, urlUtils: IUrlUtils, ipRangeChecker: IIpRangeChecker) => Products<Req, Res>;
-export declare const createRemoteConfigClients: <Req, Res, Added, Removed>(config: IConfiguration<Req, Res, Added, Removed>, options: EnforcerOptions<Req, Res, Added, Removed>) => {
-    remoteConfigServiceClient: IRemoteConfigServiceClient<Req, Res, Added, Removed> | null;
+export declare const createEnforcerInitializationBlock: <Req, Res, Supported extends CoreConfigurationParamsKeys, Added>(config: IConfiguration<Req, Res, Supported, Added>, options: EnforcerOptions<Req, Res, Supported, Added>) => Required<EnforcerOptions<Req, Res, Supported, Added>>;
+export declare const createEnforcerProducts: <Req, Res, Supported extends string, Added>(config: IConfiguration<Req, Res, Supported, Added>, products: Products<Req, Res> | undefined, base64Utils: IBase64Utils, hashUtils: IHashUtils, urlUtils: IUrlUtils, ipRangeChecker: IIpRangeChecker) => Products<Req, Res>;
+export declare const createRemoteConfigClients: <Req, Res, Supported extends string, Added>(config: IConfiguration<Req, Res, Supported, Added>, options: EnforcerOptions<Req, Res, Supported, Added>) => {
+    remoteConfigServiceClient: IRemoteConfigServiceClient<Req, Res, Supported, Added> | null;
     remoteConfigManager: IRemoteConfigManager<Req, Res> | null;
     remoteConfigUpdateParser: IRemoteConfigUpdateParser<Req, Res> | null;
-    remoteConfigStorageClient: IRemoteConfigStorageClient<Req, Res, Added, Removed> | null;
+    remoteConfigStorageClient: IRemoteConfigStorageClient<Req, Res, Supported, Added> | null;
 };

package/lib/types/flow/EndEnforcerFlow.d.ts

@@ -2,7 +2,7 @@ import { IConfiguration } from '../config';
 import { EnforcerOptions } from '../enforcer';
 import { Flow } from './Flow';
 type RequiredEndEnforcerFlowOptions = 'activityClient' | 'logServiceClient' | 'telemetry' | 'remoteConfigManager';
-export declare class EndEnforcerFlow<Req, Res, Added, Removed> extends Flow<Req, Res> {
-    constructor(config: IConfiguration<Req, Res, Added, Removed>, { logServiceClient, telemetry, remoteConfigManager, activityClient, }: Pick<Required<EnforcerOptions<Req, Res, Added, Removed>>, RequiredEndEnforcerFlowOptions>);
+export declare class EndEnforcerFlow<Req, Res, Supported extends string, Added> extends Flow<Req, Res> {
+    constructor(config: IConfiguration<Req, Res, Supported, Added>, { logServiceClient, telemetry, remoteConfigManager, activityClient, }: Pick<Required<EnforcerOptions<Req, Res, Supported, Added>>, RequiredEndEnforcerFlowOptions>);
 }
 export {};

package/lib/types/flow/EnforceFlow.d.ts

@@ -1,8 +1,8 @@
 import { IConfiguration } from '../config';
 import { EnforcerOptions } from '../enforcer';
 import { Flow } from './Flow';
-type RequiredEnforceFlowOptions = 'dataEnrichment' | 'tokenParser' | 'riskApiClient' | 'cors' | 'products' | 'graphQLParser';
-export declare class EnforceFlow<Req, Res, Added, Removed> extends Flow<Req, Res> {
-    constructor(config: IConfiguration<Req, Res, Added, Removed>, { dataEnrichment, tokenParser, riskApiClient, cors, products, graphQLParser, }: Pick<Required<EnforcerOptions<Req, Res, Added, Removed>>, RequiredEnforceFlowOptions>);
+type RequiredEnforceFlowOptions = 'dataEnrichment' | 'tokenParser' | 'riskApiClient' | 'cors' | 'products' | 'graphQLParser' | 'base64Utils';
+export declare class EnforceFlow<Req, Res, Supported extends string, Added> extends Flow<Req, Res> {
+    constructor(config: IConfiguration<Req, Res, Supported, Added>, { dataEnrichment, tokenParser, riskApiClient, cors, products, graphQLParser, base64Utils, }: Pick<Required<EnforcerOptions<Req, Res, Supported, Added>>, RequiredEnforceFlowOptions>);
 }
 export {};

package/lib/types/flow/FilterFlow.d.ts

@@ -4,8 +4,8 @@ import { Products } from '../products';
 import { IFirstParty } from '../first_party';
 import { IFilter } from '../filter';
 import { Flow } from './Flow';
-export declare class FilterFlow<Req, Res, Added, Removed> extends Flow<Req, Res> {
-    constructor(config: IConfiguration<Req, Res, Added, Removed>, { httpClient, products, cors, telemetry, remoteConfigUpdateParser, }: Required<EnforcerOptions<Req, Res, Added, Removed>>);
+export declare class FilterFlow<Req, Res, Supported extends string, Added> extends Flow<Req, Res> {
+    constructor(config: IConfiguration<Req, Res, Supported, Added>, { httpClient, products, cors, telemetry, remoteConfigUpdateParser, }: Required<EnforcerOptions<Req, Res, Supported, Added>>);
     protected static getFirstPartyProducts<Req, Res>(products: Products<Req, Res>): IFirstParty<Req, Res>[];
     protected static getFilterProducts<Req, Res>(products: Products<Req, Res>): IFilter<Req, Res>[];
 }

package/lib/types/flow/PostEnforceFlow.d.ts

@@ -1,6 +1,6 @@
 import { IConfiguration } from '../config';
 import { EnforcerOptions } from '../enforcer';
 import { Flow } from './Flow';
-export declare class PostEnforceFlow<Req, Res, Added, Removed> extends Flow<Req, Res> {
-    constructor(config: IConfiguration<Req, Res, Added, Removed>, { products, snippetRetriever, snippetInjector, }: Pick<Required<EnforcerOptions<Req, Res, Added, Removed>>, 'products' | 'snippetRetriever' | 'snippetInjector'>);
+export declare class PostEnforceFlow<Req, Res, Supported extends string, Added> extends Flow<Req, Res> {
+    constructor(config: IConfiguration<Req, Res, Supported, Added>, { products, snippetRetriever, snippetInjector, }: Pick<Required<EnforcerOptions<Req, Res, Supported, Added>>, 'products' | 'snippetRetriever' | 'snippetInjector'>);
 }

package/lib/types/graphql/DefaultGraphQLParser.d.ts

@@ -4,11 +4,11 @@ import { IIncomingRequest } from '../http';
 import { IGraphQLParser } from './IGraphQLParser';
 import { GraphQLData, GraphQLOperation, GraphQLOperationType } from './model';
 import { ExtractGraphQLKeywordsFunction } from './ExtractGraphQLKeywordsFunction';
-export declare class DefaultGraphQLParser<Req, Res, Added, Removed> implements IGraphQLParser<Req, Res> {
-    protected readonly config: IConfiguration<Req, Res, Added, Removed>;
+export declare class DefaultGraphQLParser<Req, Res, Supported extends string, Added> implements IGraphQLParser<Req, Res> {
+    protected readonly config: IConfiguration<Req, Res, Supported, Added>;
     protected readonly maxCharactersInGraphqlKeyword: number;
     protected readonly maxGraphqlKeywordCount: number;
-    constructor(config: IConfiguration<Req, Res, Added, Removed>);
+    constructor(config: IConfiguration<Req, Res, Supported, Added>);
     isGraphQLRequest({ requestData }: ReadonlyContext<Req, Res>): boolean;
     parseGraphQLRequest(context: ReadonlyContext<Req, Res>): Promise<GraphQLData[] | null>;
     protected getGraphQLOperationsFromBody(request: IIncomingRequest<Req>, context: ReadonlyContext<Req, Res>): Promise<Array<GraphQLOperation> | null>;

package/lib/types/logger/HttpLogServiceClient.d.ts

@@ -3,10 +3,10 @@ import { ReadonlyContext } from '../context';
 import { IConfiguration } from '../config';
 import { IHttpClient } from '../http';
 import { ILogServiceClient } from './ILogServiceClient';
-export declare class HttpLogServiceClient<Req, Res, Added, Removed> implements ILogServiceClient<Req, Res> {
-    protected readonly config: IConfiguration<Req, Res, Added, Removed>;
+export declare class HttpLogServiceClient<Req, Res, Supported extends string, Added> implements ILogServiceClient<Req, Res> {
+    protected readonly config: IConfiguration<Req, Res, Supported, Added>;
     protected readonly httpClient: IHttpClient;
-    constructor(config: IConfiguration<Req, Res, Added, Removed>, httpClient: IHttpClient);
+    constructor(config: IConfiguration<Req, Res, Supported, Added>, httpClient: IHttpClient);
     sendLogs(context: ReadonlyContext<Req, Res>): Promise<void>;
     protected getLogMetadata(context: ReadonlyContext<Req, Res>): LogMetadata;
     protected enrichLogRecord(log: LogRecord, logMetadata: LogMetadata): EnrichedLogRecord;

package/lib/types/monitored_request/MonitoredRequestUtils.d.ts

@@ -3,10 +3,10 @@ import { ReadonlyContext } from '../context';
 import { IIncomingRequest } from '../http';
 import { IUrl } from '../utils';
 export declare namespace MonitoredRequestUtils {
-    const isMonitoredRequest: <Req, Res, Added, Removed>(config: IConfiguration<Req, Res, Added, Removed>, context: ReadonlyContext<Req, Res>) => Promise<boolean>;
+    const isMonitoredRequest: <Req, Res, Supported extends string, Added>(config: IConfiguration<Req, Res, Supported, Added>, context: ReadonlyContext<Req, Res>) => Promise<boolean>;
     const isMonitoredRoute: (url: IUrl, isMonitoredRoute: Array<string | RegExp>) => boolean;
     const isEnforcedRoute: (url: IUrl, enforcedRoutes: Array<string | RegExp>) => boolean;
-    const invokeCustomIsEnforcedRequest: <Req, Res, Added, Removed>(config: IConfiguration<Req, Res, Added, Removed>, context: ReadonlyContext<Req, Res>) => Promise<boolean>;
-    const invokeCustomIsMonitoredRequest: <Req, Res, Added, Removed>(config: IConfiguration<Req, Res, Added, Removed>, context: ReadonlyContext<Req, Res>) => Promise<boolean>;
+    const invokeCustomIsEnforcedRequest: <Req, Res, Supported extends string, Added>(config: IConfiguration<Req, Res, Supported, Added>, context: ReadonlyContext<Req, Res>) => Promise<boolean>;
+    const invokeCustomIsMonitoredRequest: <Req, Res, Supported extends string, Added>(config: IConfiguration<Req, Res, Supported, Added>, context: ReadonlyContext<Req, Res>) => Promise<boolean>;
     const isAllowedToBypassMonitor: <Req>(bypassMonitorHeader: string, request: IIncomingRequest<Req>) => boolean;
 }

package/lib/types/phase/impl/AdditionalActivityHandlerPhase.d.ts

@@ -5,8 +5,8 @@ import { PhaseResult } from '../PhaseResult';
 /**
  * The `AdditionalActivityHandlerPhase` invokes the additional activity handler defined in the configuration.
  */
-export declare class AdditionalActivityHandlerPhase<Req, Res, Added, Removed> implements IPhase<Req, Res> {
-    protected config: IConfiguration<Req, Res, Added, Removed>;
-    constructor(config: IConfiguration<Req, Res, Added, Removed>);
+export declare class AdditionalActivityHandlerPhase<Req, Res, Supported extends string, Added> implements IPhase<Req, Res> {
+    protected config: IConfiguration<Req, Res, Supported, Added>;
+    constructor(config: IConfiguration<Req, Res, Supported, Added>);
     execute(context: IContext<Req, Res>): Promise<PhaseResult>;
 }

package/lib/types/phase/impl/BlockByHeaderPhase.d.ts

@@ -0,0 +1,40 @@
+import { IContext } from '../../context';
+import { IPhase } from '../IPhase';
+import { PhaseResult } from '../PhaseResult';
+import { IConfiguration } from '../../config';
+import { IBase64Utils } from '../../utils';
+/**
+ * `BlockByHeaderPhase` checks for the presence of the x-px-block-by-header header.
+ * If the header is present with a truthy value ("1", "true", "TRUE"), the request is immediately
+ * blocked with a captcha response and the flow is terminated. This feature overrides all other
+ * enforcer logic including monitor mode and whitelisting.
+ */
+export declare class BlockByHeaderPhase<Req, Res, Supported extends string, Added> implements IPhase<Req, Res> {
+    protected readonly config: IConfiguration<Req, Res, Supported, Added>;
+    protected readonly base64Utils: IBase64Utils;
+    constructor(config: IConfiguration<Req, Res, Supported, Added>, base64Utils: IBase64Utils);
+    execute(context: IContext<Req, Res>): PhaseResult;
+    /**
+     * Creates a captcha block response for the block-by-header feature.
+     * @param context - The request context.
+     * @returns The block response.
+     */
+    private createBlockResponse;
+    /**
+     * Gets the value of the x-px-block-by-header header from the request.
+     * @param context - The request context.
+     * @returns The header value or null if not present.
+     */
+    private getBlockByHeaderValue;
+    /**
+     * Checks if the header value is considered truthy for blocking.
+     * @param value - The header value to check.
+     * @returns True if the value should trigger blocking.
+     */
+    private isTruthyValue;
+    /**
+     * Sets the context properties needed for proper activity reporting.
+     * @param context - The request context to modify.
+     */
+    private setBlockingContext;
+}

package/lib/types/phase/impl/CreateBlockResponsePhase.d.ts

@@ -10,11 +10,11 @@ import { PhaseResult } from '../PhaseResult';
  * `CreateBlockResponsePhase` is a phase that creates a block response for the product that recommended a block action.
  * If multiple products recommended block, it will return the block response for the highest priority product.
  */
-export declare class CreateBlockResponsePhase<Req, Res, Added, Removed> implements IPhase<Req, Res> {
-    protected readonly config: IConfiguration<Req, Res, Added, Removed>;
+export declare class CreateBlockResponsePhase<Req, Res, Supported extends string, Added> implements IPhase<Req, Res> {
+    protected readonly config: IConfiguration<Req, Res, Supported, Added>;
     protected readonly blockers: Partial<Record<ProductName, IConditionalBlocker<Req, Res>>>;
     protected readonly cors?: ICors<Req, Res>;
-    constructor(config: IConfiguration<Req, Res, Added, Removed>, blockers: Partial<Record<ProductName, IConditionalBlocker<Req, Res>>>, cors?: ICors<Req, Res>);
+    constructor(config: IConfiguration<Req, Res, Supported, Added>, blockers: Partial<Record<ProductName, IConditionalBlocker<Req, Res>>>, cors?: ICors<Req, Res>);
     /**
      * A static method that identifies those products that can block incoming requests and returns a map of the product name to the product instance.
      * @param products - All supported products.

package/lib/types/phase/impl/EnrichContextFromRequestPhase.d.ts

@@ -14,12 +14,12 @@ import { DecideActionPhase } from './DecideActionPhase';
  *
  * Note: This phase should come after the `ParseTokenPhase`, since the Bot Defender product uses the parsed token to determine its recommended action.
  */
-export declare class EnrichContextFromRequestPhase<Req, Res, Added, Removed> extends DecideActionPhase<Req, Res> {
-    protected readonly config: IConfiguration<Req, Res, Added, Removed>;
+export declare class EnrichContextFromRequestPhase<Req, Res, Supported extends string, Added> extends DecideActionPhase<Req, Res> {
+    protected readonly config: IConfiguration<Req, Res, Supported, Added>;
     protected readonly products: Products<Req, Res>;
     protected readonly dataEnrichment: IDataEnrichment<Req, Res>;
     protected readonly graphQLParser: IGraphQLParser<Req, Res>;
-    constructor(config: IConfiguration<Req, Res, Added, Removed>, products: Products<Req, Res>, dataEnrichment: IDataEnrichment<Req, Res>, graphQLParser: IGraphQLParser<Req, Res>);
+    constructor(config: IConfiguration<Req, Res, Supported, Added>, products: Products<Req, Res>, dataEnrichment: IDataEnrichment<Req, Res>, graphQLParser: IGraphQLParser<Req, Res>);
     execute(context: IContext<Req, Res>): Promise<PhaseResult>;
     protected addPxdeToContext(context: IContext<Req, Res>): Promise<void>;
     protected addGraphQLDataToContext(context: IContext<Req, Res>): Promise<void>;