perimeterx-js-core 0.37.2 → 1.0.0

package/README.md

@@ -96,8 +96,8 @@ When developing your JavaScript/TypeScript enforcer with this library, you will
 objects such that they conform to these interfaces. Of course, you are free to extend these interfaces as needed.
 
 You will also need to implement an HTTP client. You can do this however you see fit: use the platform's built-in API
-or use an external library if needed. This library includes implementations using `phin` (`PhinHttpClient` and `PhinIncomingResponse`)
-for Node.js-based enforcers.
+or use an external library if needed. This library includes implementations using `undici` (`UndiciHttpClient`,
+`UndiciHttpProxyClient`, and `UndiciIncomingResponse`) for Node.js-based enforcers.
 
 ### Crypto
 
@@ -131,13 +131,13 @@ are provided:
 All dependencies in this library have been encapsulated into specific implementations with a defined interface and therefore
 can be swapped with other implementations. These classes are:
 
-| **Library**       | **Implementation**                       | **Used For**                       |
-| :---              |:-----------------------------------------|:-----------------------------------|
-| `crypto-js`       | `CryptoJSHmacUtils`                      | PXDE, telemetry, token V2/V3, etc. |
-| `js-base64`       | `JSBase64Base64Utils`                    | PXDE, telemetry, token V2, etc.    |
-| `uuid`            | `UuidRequestIdGenerator`                 | `DefaultContext`                   |
-| `ip-range-check`  | `DefaultIpRangeChecker`                  | `DefaultBotDefenderFilter`         |
-| `phin`            | `PhinHttpClient`, `PhinIncomingResponse` | First party, Risk API, Activities  |
+| **Library**       | **Implementation**                                                    | **Used For**                       |
+| :---              |:----------------------------------------------------------------------|:-----------------------------------|
+| `crypto-js`       | `CryptoJSHmacUtils`                                                   | PXDE, telemetry, token V2/V3, etc. |
+| `js-base64`       | `JSBase64Base64Utils`                                                 | PXDE, telemetry, token V2, etc.    |
+| `uuid`            | `UuidRequestIdGenerator`                                              | `DefaultContext`                   |
+| `ip-range-check`  | `DefaultIpRangeChecker`                                               | `DefaultBotDefenderFilter`         |
+| `undici`          | `UndiciHttpClient`, `UndiciHttpProxyClient`, `UndiciIncomingResponse` | First party, Risk API, Activities  |
 
 ## For Contributors
 

package/lib/cjs/activities/utils.js

@@ -260,7 +260,7 @@ var addTokenDataToDetails = function (details, _a) {
 exports.addTokenDataToDetails = addTokenDataToDetails;
 var addRiskApiDataToAsyncActivityCommonDetails = function (details, context) {
     var _a;
-    if (context.riskApiData.riskRtt) {
+    if (context.riskApiData.riskRtt !== undefined) {
         details.risk_rtt = context.riskApiData.riskRtt;
     }
     if (context.riskApiData.s2sCallReason) {

package/lib/cjs/impl/cipher/SubtleCryptoCipherUtils.js

@@ -83,11 +83,12 @@ var SubtleCryptoCipherUtils = /** @class */ (function () {
     SubtleCryptoCipherUtils.prototype.base64ToArrayBuffer = function (base64String) {
         var binaryString = this.base64Utils.base64Decode(base64String);
         var length = binaryString.length;
-        var bytes = new Uint8Array(length);
+        var buffer = new ArrayBuffer(length);
+        var bytes = new Uint8Array(buffer);
         binaryString.split('').forEach(function (char, index) {
             bytes[index] = char.charCodeAt(0);
         });
-        return bytes.buffer;
+        return buffer;
     };
     return SubtleCryptoCipherUtils;
 }());

package/lib/cjs/impl/http/{phin/PhinHttpClient.js → undici/UndiciHttpClient.js}

@@ -1,4 +1,15 @@
 "use strict";
+var __assign = (this && this.__assign) || function () {
+    __assign = Object.assign || function(t) {
+        for (var s, i = 1, n = arguments.length; i < n; i++) {
+            s = arguments[i];
+            for (var p in s) if (Object.prototype.hasOwnProperty.call(s, p))
+                t[p] = s[p];
+        }
+        return t;
+    };
+    return __assign.apply(this, arguments);
+};
 var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, generator) {
     function adopt(value) { return value instanceof P ? value : new P(function (resolve) { resolve(value); }); }
     return new (P || (P = Promise))(function (resolve, reject) {
@@ -35,61 +46,61 @@ var __generator = (this && this.__generator) || function (thisArg, body) {
         if (op[0] & 5) throw op[1]; return { value: op[0] ? op[1] : void 0, done: true };
     }
 };
-var __importDefault = (this && this.__importDefault) || function (mod) {
-    return (mod && mod.__esModule) ? mod : { "default": mod };
-};
 Object.defineProperty(exports, "__esModule", { value: true });
-exports.PhinHttpClient = void 0;
-var http_1 = require("http");
-var https_1 = require("https");
-var phin_1 = __importDefault(require("phin"));
+exports.UndiciHttpClient = void 0;
+var undici_1 = require("undici");
+var http_1 = require("../../../http/index.js");
 var utils_1 = require("../../../utils/index.js");
-var http_2 = require("../../../http/index.js");
-var PhinIncomingResponse_1 = require("./PhinIncomingResponse.js");
-var PhinHttpClient = /** @class */ (function () {
-    function PhinHttpClient(options) {
+var UndiciIncomingResponse_1 = require("./UndiciIncomingResponse.js");
+var UndiciHttpClient = /** @class */ (function () {
+    function UndiciHttpClient(options) {
         var _a, _b;
-        this.httpAgent = (_a = options === null || options === void 0 ? void 0 : options.httpAgent) !== null && _a !== void 0 ? _a : null;
-        this.httpsAgent = (_b = options === null || options === void 0 ? void 0 : options.httpsAgent) !== null && _b !== void 0 ? _b : new https_1.Agent({ keepAlive: true });
+        this.httpDispatcher = (_a = options === null || options === void 0 ? void 0 : options.httpDispatcher) !== null && _a !== void 0 ? _a : null;
+        this.httpsDispatcher = (_b = options === null || options === void 0 ? void 0 : options.httpsDispatcher) !== null && _b !== void 0 ? _b : new undici_1.Agent();
     }
-    PhinHttpClient.prototype.send = function (request, options) {
+    UndiciHttpClient.prototype.send = function (request, options) {
         return __awaiter(this, void 0, void 0, function () {
-            var res, e_1, isTimeout;
-            return __generator(this, function (_a) {
-                switch (_a.label) {
+            var response, _a, _b, _c, _d, e_1, isTimeout;
+            var _e;
+            var _f, _g, _h;
+            return __generator(this, function (_j) {
+                switch (_j.label) {
                     case 0:
-                        _a.trys.push([0, 2, , 3]);
-                        return [4 /*yield*/, phin_1.default.promisified({
-                                url: request.url,
+                        _j.trys.push([0, 3, , 4]);
+                        return [4 /*yield*/, (0, undici_1.request)(request.url, {
                                 method: request.method,
-                                headers: (0, http_2.joinHeaderValues)(request.headers),
-                                data: request.body,
-                                timeout: options === null || options === void 0 ? void 0 : options.timeoutMs,
-                                core: {
-                                    agent: this.getAgent(request),
-                                },
+                                headers: (0, http_1.joinHeaderValues)(request.headers),
+                                body: request.body,
+                                headersTimeout: options === null || options === void 0 ? void 0 : options.timeoutMs,
+                                bodyTimeout: options === null || options === void 0 ? void 0 : options.timeoutMs,
+                                dispatcher: this.getDispatcher(request),
                             })];
                     case 1:
-                        res = _a.sent();
-                        return [2 /*return*/, new PhinIncomingResponse_1.PhinIncomingResponse(res)];
-                    case 2:
-                        e_1 = _a.sent();
-                        isTimeout = e_1 === null || e_1 === void 0 ? void 0 : e_1.toString().toLowerCase().includes('timeout');
+                        response = _j.sent();
+                        _a = UndiciIncomingResponse_1.UndiciIncomingResponse.bind;
+                        _b = [__assign({}, response)];
+                        _e = {};
+                        _d = (_c = Buffer).from;
+                        return [4 /*yield*/, response.body.arrayBuffer()];
+                    case 2: return [2 /*return*/, new (_a.apply(UndiciIncomingResponse_1.UndiciIncomingResponse, [void 0, __assign.apply(void 0, _b.concat([(_e.body = _d.apply(_c, [_j.sent()]), _e)]))]))()];
+                    case 3:
+                        e_1 = _j.sent();
+                        isTimeout = (_h = (_g = (_f = e_1 === null || e_1 === void 0 ? void 0 : e_1.toString()) === null || _f === void 0 ? void 0 : _f.toLowerCase()) === null || _g === void 0 ? void 0 : _g.includes('timeout')) !== null && _h !== void 0 ? _h : false;
                         throw isTimeout ? new utils_1.EnforcerTimeoutError(options === null || options === void 0 ? void 0 : options.timeoutMs) : e_1;
-                    case 3: return [2 /*return*/];
+                    case 4: return [2 /*return*/];
                 }
             });
         });
     };
-    PhinHttpClient.prototype.getAgent = function (request) {
+    UndiciHttpClient.prototype.getDispatcher = function (request) {
         if (request.url.startsWith('https://')) {
-            return this.httpsAgent;
+            return this.httpsDispatcher;
         }
-        if (this.httpAgent) {
-            return this.httpAgent;
+        if (this.httpDispatcher) {
+            return this.httpDispatcher;
         }
-        return new http_1.Agent();
+        return new undici_1.Agent();
     };
-    return PhinHttpClient;
+    return UndiciHttpClient;
 }());
-exports.PhinHttpClient = PhinHttpClient;
+exports.UndiciHttpClient = UndiciHttpClient;

package/lib/cjs/impl/http/{phin/PhinHttpProxyClient.js → undici/UndiciHttpProxyClient.js}

@@ -15,17 +15,16 @@ var __extends = (this && this.__extends) || (function () {
     };
 })();
 Object.defineProperty(exports, "__esModule", { value: true });
-exports.PhinHttpProxyClient = void 0;
-var PhinHttpClient_1 = require("./PhinHttpClient.js");
-var http_proxy_agent_1 = require("http-proxy-agent");
-var https_proxy_agent_1 = require("https-proxy-agent");
-var PhinHttpProxyClient = /** @class */ (function (_super) {
-    __extends(PhinHttpProxyClient, _super);
-    function PhinHttpProxyClient(proxyUrl) {
-        var httpAgent = new http_proxy_agent_1.HttpProxyAgent(proxyUrl, { keepAlive: true });
-        var httpsAgent = new https_proxy_agent_1.HttpsProxyAgent(proxyUrl, { keepAlive: true });
-        return _super.call(this, { httpsAgent: httpsAgent, httpAgent: httpAgent }) || this;
+exports.UndiciHttpProxyClient = void 0;
+var undici_1 = require("undici");
+var UndiciHttpClient_1 = require("./UndiciHttpClient.js");
+var UndiciHttpProxyClient = /** @class */ (function (_super) {
+    __extends(UndiciHttpProxyClient, _super);
+    function UndiciHttpProxyClient(proxyUrl) {
+        var httpDispatcher = new undici_1.ProxyAgent(proxyUrl);
+        var httpsDispatcher = new undici_1.ProxyAgent(proxyUrl);
+        return _super.call(this, { httpDispatcher: httpDispatcher, httpsDispatcher: httpsDispatcher }) || this;
     }
-    return PhinHttpProxyClient;
-}(PhinHttpClient_1.PhinHttpClient));
-exports.PhinHttpProxyClient = PhinHttpProxyClient;
+    return UndiciHttpProxyClient;
+}(UndiciHttpClient_1.UndiciHttpClient));
+exports.UndiciHttpProxyClient = UndiciHttpProxyClient;

package/lib/cjs/impl/http/{phin/PhinIncomingResponse.js → undici/UndiciIncomingResponse.js}

@@ -36,14 +36,13 @@ var __generator = (this && this.__generator) || function (thisArg, body) {
     }
 };
 Object.defineProperty(exports, "__esModule", { value: true });
-exports.PhinIncomingResponse = void 0;
+exports.UndiciIncomingResponse = void 0;
 var http_1 = require("../../../http/index.js");
 var utils_1 = require("../../../utils/index.js");
 var DefaultUrlUtils_1 = require("../../url/DefaultUrlUtils.js");
-var PhinIncomingResponse = /** @class */ (function () {
-    function PhinIncomingResponse(response) {
-        var _a;
-        this.status = (_a = response.statusCode) !== null && _a !== void 0 ? _a : 0;
+var UndiciIncomingResponse = /** @class */ (function () {
+    function UndiciIncomingResponse(response) {
+        this.status = response.statusCode;
         this.body = response.body;
         this.headers = Object.fromEntries(Object.entries(response.headers)
             .map(function (_a) {
@@ -55,7 +54,7 @@ var PhinIncomingResponse = /** @class */ (function () {
             return !(0, utils_1.isNullOrUndefined)(value);
         }));
     }
-    PhinIncomingResponse.prototype.formData = function () {
+    UndiciIncomingResponse.prototype.formData = function () {
         return __awaiter(this, void 0, void 0, function () {
             var contentType, formData, _a, _b;
             var _c;
@@ -78,7 +77,7 @@ var PhinIncomingResponse = /** @class */ (function () {
             });
         });
     };
-    PhinIncomingResponse.prototype.formUrlEncoded = function () {
+    UndiciIncomingResponse.prototype.formUrlEncoded = function () {
         return __awaiter(this, void 0, void 0, function () {
             var _a, _b;
             return __generator(this, function (_c) {
@@ -86,14 +85,12 @@ var PhinIncomingResponse = /** @class */ (function () {
                     case 0:
                         _b = (_a = new DefaultUrlUtils_1.DefaultUrlUtils()).createUrlSearchParams;
                         return [4 /*yield*/, this.text()];
-                    case 1: 
-                    // Using DefaultUrlUtils since Phin safely assumes Node.js environment
-                    return [2 /*return*/, _b.apply(_a, [_c.sent()])];
+                    case 1: return [2 /*return*/, _b.apply(_a, [_c.sent()])];
                 }
             });
         });
     };
-    PhinIncomingResponse.prototype.json = function () {
+    UndiciIncomingResponse.prototype.json = function () {
         return __awaiter(this, void 0, void 0, function () {
             var _a, _b;
             return __generator(this, function (_c) {
@@ -106,13 +103,13 @@ var PhinIncomingResponse = /** @class */ (function () {
             });
         });
     };
-    PhinIncomingResponse.prototype.text = function () {
+    UndiciIncomingResponse.prototype.text = function () {
         return __awaiter(this, void 0, void 0, function () {
             return __generator(this, function (_a) {
                 return [2 /*return*/, this.body.toString()];
             });
         });
     };
-    return PhinIncomingResponse;
+    return UndiciIncomingResponse;
 }());
-exports.PhinIncomingResponse = PhinIncomingResponse;
+exports.UndiciIncomingResponse = UndiciIncomingResponse;

package/lib/cjs/impl/http/{phin → undici}/index.js

@@ -14,6 +14,6 @@ var __exportStar = (this && this.__exportStar) || function(m, exports) {
     for (var p in m) if (p !== "default" && !Object.prototype.hasOwnProperty.call(exports, p)) __createBinding(exports, m, p);
 };
 Object.defineProperty(exports, "__esModule", { value: true });
-__exportStar(require("./PhinIncomingResponse.js"), exports);
-__exportStar(require("./PhinHttpClient.js"), exports);
-__exportStar(require("./PhinHttpProxyClient.js"), exports);
+__exportStar(require("./UndiciIncomingResponse.js"), exports);
+__exportStar(require("./UndiciHttpClient.js"), exports);
+__exportStar(require("./UndiciHttpProxyClient.js"), exports);

package/lib/cjs/products/account_defender/AccountDefender.js

@@ -127,18 +127,15 @@ var AccountDefender = /** @class */ (function () {
             : null;
     };
     AccountDefender.prototype.extractJwtData = function (jwt, userIdFieldName, additionalFieldNames, context) {
+        var _this = this;
         try {
             var decodedJwt_1 = this.getDecodedJwt(jwt, context);
             if (decodedJwt_1) {
-                var appUserId = utils_1.getPropertyFromObject.apply(void 0, __spreadArray([decodedJwt_1], userIdFieldName.split('.'), false));
+                var appUserId = this.lookupJwtField(decodedJwt_1, userIdFieldName).value;
                 var additionalFields = additionalFieldNames.reduce(function (matchedFields, fieldName) {
-                    var fieldNameParts = fieldName.split('.');
-                    var value = utils_1.getPropertyFromObject.apply(void 0, __spreadArray([decodedJwt_1], fieldNameParts, false));
+                    var _a = _this.lookupJwtField(decodedJwt_1, fieldName), value = _a.value, key = _a.key;
                     if (value) {
-                        var key = fieldNameParts[fieldNameParts.length - 1];
-                        if (key !== undefined) {
-                            matchedFields[key] = value;
-                        }
+                        matchedFields[key] = value;
                     }
                     return matchedFields;
                 }, {});
@@ -150,6 +147,14 @@ var AccountDefender = /** @class */ (function () {
         }
         return null;
     };
+    AccountDefender.prototype.lookupJwtField = function (decodedJwt, fieldName) {
+        if (Object.prototype.hasOwnProperty.call(decodedJwt, fieldName)) {
+            return { value: decodedJwt[fieldName], key: fieldName };
+        }
+        var parts = fieldName.split('.');
+        var value = utils_1.getPropertyFromObject.apply(void 0, __spreadArray([decodedJwt], parts, false));
+        return { value: value, key: fieldName };
+    };
     AccountDefender.prototype.getDecodedJwt = function (jwt, context) {
         var _a, _b;
         try {

package/lib/cjs/risk_api/client/abstract/RiskApiClientBase.js

@@ -54,7 +54,7 @@ var RiskApiClientBase = /** @class */ (function () {
      */
     RiskApiClientBase.prototype.executeRiskApi = function (context) {
         return __awaiter(this, void 0, void 0, function () {
-            var response, riskResponse, riskApiData, riskRequest, err_1;
+            var response, riskResponse, riskApiData, riskRequestStartTime, riskRequest, err_1;
             return __generator(this, function (_a) {
                 switch (_a.label) {
                     case 0:
@@ -63,7 +63,8 @@ var RiskApiClientBase = /** @class */ (function () {
                     case 1:
                         _a.trys.push([1, 8, , 10]);
                         riskRequest = this.createRiskRequest(context);
-                        return [4 /*yield*/, this.sendRiskActivity(riskRequest, riskApiData, context)];
+                        riskRequestStartTime = Date.now();
+                        return [4 /*yield*/, this.sendRiskActivity(riskRequest, riskApiData, context, riskRequestStartTime)];
                     case 2:
                         response = _a.sent();
                         if (!((response === null || response === void 0 ? void 0 : response.status) !== 200)) return [3 /*break*/, 4];
@@ -83,7 +84,7 @@ var RiskApiClientBase = /** @class */ (function () {
                     case 8:
                         err_1 = _a.sent();
                         if ((0, exports.isEnforcerTimeoutError)(err_1)) {
-                            return [2 /*return*/, this.handleS2STimeout(riskApiData)];
+                            return [2 /*return*/, this.handleS2STimeout(riskApiData, riskRequestStartTime)];
                         }
                         context.logger.error("caught error in risk api: ".concat(err_1, " - ").concat(JSON.stringify(context.requestData.url)));
                         return [4 /*yield*/, this.handleS2SError(riskApiData, context, response, err_1)];
@@ -97,14 +98,14 @@ var RiskApiClientBase = /** @class */ (function () {
         var headersWithoutSensitive = (0, utils_1.removeSensitiveHeaders)(headers, this.config.sensitiveHeaders);
         return (0, activities_1.toHeaderEntryArray)(headersWithoutSensitive);
     };
-    RiskApiClientBase.prototype.sendRiskActivity = function (riskRequest, riskApiData, context) {
-        return __awaiter(this, void 0, void 0, function () {
-            var startTime, response, endTime;
+    RiskApiClientBase.prototype.sendRiskActivity = function (riskRequest_1, riskApiData_1, context_1) {
+        return __awaiter(this, arguments, void 0, function (riskRequest, riskApiData, context, startTime) {
+            var response, endTime;
+            if (startTime === void 0) { startTime = Date.now(); }
             return __generator(this, function (_a) {
                 switch (_a.label) {
                     case 0:
                         context.logger.debug("sending risk api to ".concat(riskRequest.url));
-                        startTime = Date.now();
                         return [4 /*yield*/, this.httpClient.send(riskRequest, { timeoutMs: this.config.s2sTimeout })];
                     case 1:
                         response = _a.sent();
@@ -125,8 +126,11 @@ var RiskApiClientBase = /** @class */ (function () {
             _a[http_1.AUTHORIZATION_HEADER_NAME] = [(0, utils_1.getAuthorizationHeader)(this.config.authToken)],
             _a;
     };
-    RiskApiClientBase.prototype.handleS2STimeout = function (riskApiData) {
+    RiskApiClientBase.prototype.handleS2STimeout = function (riskApiData, startTime) {
         riskApiData.riskApiCallResult = model_1.RiskApiCallResult.TIMEOUT;
+        if (startTime !== undefined) {
+            riskApiData.riskRtt = Date.now() - startTime;
+        }
         return riskApiData;
     };
     RiskApiClientBase.prototype.handleS2SError = function (riskApiData, context, response, error) {

package/lib/cjs/utils/constants.js

@@ -15,4 +15,4 @@ exports.PUSH_DATA_FEATURE_HEADER_NAME = 'x-px-feature';
 exports.EMAIL_ADDRESS_REGEX = /^[a-zA-Z0-9_+&*-]+(?:\.[a-zA-Z0-9_+&*-]+)*@(?:[a-zA-Z0-9-]+\.)+[a-zA-Z]{2,7}$/;
 exports.URL_REGEX = /^(https?:)\/\/(([^@\s:\/]+):?([^@\s\/]*)@)?(([^:\/?#]*)(?:\:([0-9]+))?)(\/?[^?#]*)(\?[^#]*|)(#.*|)$/;
 exports.REGEX_STRUCTURE = /^\/(.+?)\/([gimsuyvd]*)$/;
-exports.CORE_MODULE_VERSION = 'JS Core 0.37.2';
+exports.CORE_MODULE_VERSION = 'JS Core 1.0.0';

package/lib/esm/activities/utils.js

@@ -240,7 +240,7 @@ export const addTokenDataToDetails = (details, { token, mobileData }) => {
     }
 };
 export const addRiskApiDataToAsyncActivityCommonDetails = (details, context) => {
-    if (context.riskApiData.riskRtt) {
+    if (context.riskApiData.riskRtt !== undefined) {
         details.risk_rtt = context.riskApiData.riskRtt;
     }
     if (context.riskApiData.s2sCallReason) {

package/lib/esm/impl/cipher/SubtleCryptoCipherUtils.js

@@ -29,10 +29,11 @@ export class SubtleCryptoCipherUtils {
     base64ToArrayBuffer(base64String) {
         const binaryString = this.base64Utils.base64Decode(base64String);
         const length = binaryString.length;
-        const bytes = new Uint8Array(length);
+        const buffer = new ArrayBuffer(length);
+        const bytes = new Uint8Array(buffer);
         binaryString.split('').forEach((char, index) => {
             bytes[index] = char.charCodeAt(0);
         });
-        return bytes.buffer;
+        return buffer;
     }
 }

package/lib/esm/impl/http/undici/UndiciHttpClient.js

@@ -0,0 +1,41 @@
+import { Agent, request as undiciRequest } from 'undici';
+import { joinHeaderValues } from '../../../http/index.js';
+import { EnforcerTimeoutError } from '../../../utils/index.js';
+import { UndiciIncomingResponse } from './UndiciIncomingResponse.js';
+export class UndiciHttpClient {
+    httpDispatcher;
+    httpsDispatcher;
+    constructor(options) {
+        this.httpDispatcher = options?.httpDispatcher ?? null;
+        this.httpsDispatcher = options?.httpsDispatcher ?? new Agent();
+    }
+    async send(request, options) {
+        try {
+            const response = await undiciRequest(request.url, {
+                method: request.method,
+                headers: joinHeaderValues(request.headers),
+                body: request.body,
+                headersTimeout: options?.timeoutMs,
+                bodyTimeout: options?.timeoutMs,
+                dispatcher: this.getDispatcher(request),
+            });
+            return new UndiciIncomingResponse({
+                ...response,
+                body: Buffer.from(await response.body.arrayBuffer()),
+            });
+        }
+        catch (e) {
+            const isTimeout = e?.toString()?.toLowerCase()?.includes('timeout') ?? false;
+            throw isTimeout ? new EnforcerTimeoutError(options?.timeoutMs) : e;
+        }
+    }
+    getDispatcher(request) {
+        if (request.url.startsWith('https://')) {
+            return this.httpsDispatcher;
+        }
+        if (this.httpDispatcher) {
+            return this.httpDispatcher;
+        }
+        return new Agent();
+    }
+}

package/lib/esm/impl/http/undici/UndiciHttpProxyClient.js

@@ -0,0 +1,9 @@
+import { ProxyAgent } from 'undici';
+import { UndiciHttpClient } from './UndiciHttpClient.js';
+export class UndiciHttpProxyClient extends UndiciHttpClient {
+    constructor(proxyUrl) {
+        const httpDispatcher = new ProxyAgent(proxyUrl);
+        const httpsDispatcher = new ProxyAgent(proxyUrl);
+        super({ httpDispatcher, httpsDispatcher });
+    }
+}

package/lib/esm/impl/http/{phin/PhinIncomingResponse.js → undici/UndiciIncomingResponse.js}

@@ -1,12 +1,12 @@
 import { CONTENT_TYPE_HEADER_NAME, MultipartFormDataUtils, } from '../../../http/index.js';
 import { EnforcerError, isNullOrUndefined } from '../../../utils/index.js';
 import { DefaultUrlUtils } from '../../url/DefaultUrlUtils.js';
-export class PhinIncomingResponse {
+export class UndiciIncomingResponse {
     status;
     headers;
     body;
     constructor(response) {
-        this.status = response.statusCode ?? 0;
+        this.status = response.statusCode;
         this.body = response.body;
         this.headers = Object.fromEntries(Object.entries(response.headers)
             .map(([key, val]) => [key, typeof val === 'string' ? [val] : val])
@@ -24,7 +24,6 @@ export class PhinIncomingResponse {
         return formData;
     }
     async formUrlEncoded() {
-        // Using DefaultUrlUtils since Phin safely assumes Node.js environment
         return new DefaultUrlUtils().createUrlSearchParams(await this.text());
     }
     async json() {

package/lib/esm/impl/http/undici/index.js

@@ -0,0 +1,3 @@
+export * from './UndiciIncomingResponse.js';
+export * from './UndiciHttpClient.js';
+export * from './UndiciHttpProxyClient.js';

package/lib/esm/products/account_defender/AccountDefender.js

@@ -51,15 +51,11 @@ export class AccountDefender {
         try {
             const decodedJwt = this.getDecodedJwt(jwt, context);
             if (decodedJwt) {
-                const appUserId = getPropertyFromObject(decodedJwt, ...userIdFieldName.split('.'));
+                const { value: appUserId } = this.lookupJwtField(decodedJwt, userIdFieldName);
                 const additionalFields = additionalFieldNames.reduce((matchedFields, fieldName) => {
-                    const fieldNameParts = fieldName.split('.');
-                    const value = getPropertyFromObject(decodedJwt, ...fieldNameParts);
+                    const { value, key } = this.lookupJwtField(decodedJwt, fieldName);
                     if (value) {
-                        const key = fieldNameParts[fieldNameParts.length - 1];
-                        if (key !== undefined) {
-                            matchedFields[key] = value;
-                        }
+                        matchedFields[key] = value;
                     }
                     return matchedFields;
                 }, {});
@@ -71,6 +67,14 @@ export class AccountDefender {
         }
         return null;
     }
+    lookupJwtField(decodedJwt, fieldName) {
+        if (Object.prototype.hasOwnProperty.call(decodedJwt, fieldName)) {
+            return { value: decodedJwt[fieldName], key: fieldName };
+        }
+        const parts = fieldName.split('.');
+        const value = getPropertyFromObject(decodedJwt, ...parts);
+        return { value, key: fieldName };
+    }
     getDecodedJwt(jwt, context) {
         try {
             const encodedPayload = jwt.split('.')?.[1];

package/lib/esm/risk_api/client/abstract/RiskApiClientBase.js

@@ -19,9 +19,11 @@ export class RiskApiClientBase {
         let response;
         let riskResponse;
         const riskApiData = { riskApiCallResult: RiskApiCallResult.NONE };
+        let riskRequestStartTime;
         try {
             const riskRequest = this.createRiskRequest(context);
-            response = await this.sendRiskActivity(riskRequest, riskApiData, context);
+            riskRequestStartTime = Date.now();
+            response = await this.sendRiskActivity(riskRequest, riskApiData, context, riskRequestStartTime);
             if (response?.status !== 200) {
                 return await this.handleS2SError(riskApiData, context, response);
             }
@@ -35,7 +37,7 @@ export class RiskApiClientBase {
         }
         catch (err) {
             if (isEnforcerTimeoutError(err)) {
-                return this.handleS2STimeout(riskApiData);
+                return this.handleS2STimeout(riskApiData, riskRequestStartTime);
             }
             context.logger.error(`caught error in risk api: ${err} - ${JSON.stringify(context.requestData.url)}`);
             return await this.handleS2SError(riskApiData, context, response, err);
@@ -45,9 +47,8 @@ export class RiskApiClientBase {
         const headersWithoutSensitive = removeSensitiveHeaders(headers, this.config.sensitiveHeaders);
         return toHeaderEntryArray(headersWithoutSensitive);
     }
-    async sendRiskActivity(riskRequest, riskApiData, context) {
+    async sendRiskActivity(riskRequest, riskApiData, context, startTime = Date.now()) {
         context.logger.debug(`sending risk api to ${riskRequest.url}`);
-        const startTime = Date.now();
         const response = await this.httpClient.send(riskRequest, { timeoutMs: this.config.s2sTimeout });
         const endTime = Date.now();
         riskApiData.riskApiCallResult = RiskApiCallResult.SUCCESSFUL;
@@ -62,8 +63,11 @@ export class RiskApiClientBase {
             [AUTHORIZATION_HEADER_NAME]: [getAuthorizationHeader(this.config.authToken)],
         };
     }
-    handleS2STimeout(riskApiData) {
+    handleS2STimeout(riskApiData, startTime) {
         riskApiData.riskApiCallResult = RiskApiCallResult.TIMEOUT;
+        if (startTime !== undefined) {
+            riskApiData.riskRtt = Date.now() - startTime;
+        }
         return riskApiData;
     }
     async handleS2SError(riskApiData, context, response, error) {

package/lib/esm/utils/constants.js

@@ -12,4 +12,4 @@ export const PUSH_DATA_FEATURE_HEADER_NAME = 'x-px-feature';
 export const EMAIL_ADDRESS_REGEX = /^[a-zA-Z0-9_+&*-]+(?:\.[a-zA-Z0-9_+&*-]+)*@(?:[a-zA-Z0-9-]+\.)+[a-zA-Z]{2,7}$/;
 export const URL_REGEX = /^(https?:)\/\/(([^@\s:\/]+):?([^@\s\/]*)@)?(([^:\/?#]*)(?:\:([0-9]+))?)(\/?[^?#]*)(\?[^#]*|)(#.*|)$/;
 export const REGEX_STRUCTURE = /^\/(.+?)\/([gimsuyvd]*)$/;
-export const CORE_MODULE_VERSION = 'JS Core 0.37.2';
+export const CORE_MODULE_VERSION = 'JS Core 1.0.0';

package/lib/types/impl/http/undici/UndiciHttpClient.d.ts

@@ -0,0 +1,13 @@
+import { Dispatcher } from 'undici';
+import { HttpSendOptions, IHttpClient, IIncomingResponse, IOutgoingRequest } from '../../../http';
+export type UndiciHttpClientOptions = {
+    httpDispatcher?: Dispatcher;
+    httpsDispatcher?: Dispatcher;
+};
+export declare class UndiciHttpClient implements IHttpClient {
+    private readonly httpDispatcher;
+    private readonly httpsDispatcher;
+    constructor(options?: UndiciHttpClientOptions);
+    send(request: IOutgoingRequest, options?: HttpSendOptions): Promise<IIncomingResponse>;
+    protected getDispatcher(request: IOutgoingRequest): Dispatcher;
+}

package/lib/types/impl/http/undici/UndiciHttpProxyClient.d.ts

@@ -0,0 +1,4 @@
+import { UndiciHttpClient } from './UndiciHttpClient';
+export declare class UndiciHttpProxyClient extends UndiciHttpClient {
+    constructor(proxyUrl: string);
+}

package/lib/types/impl/http/{phin/PhinIncomingResponse.d.ts → undici/UndiciIncomingResponse.d.ts}

@@ -1,11 +1,16 @@
-import { IResponse } from 'phin';
+import { IncomingHttpHeaders } from 'undici/types/header';
 import { IFormData, IIncomingResponse, ReadonlyHeaders } from '../../../http';
 import { IUrlSearchParams } from '../../../utils';
-export declare class PhinIncomingResponse implements IIncomingResponse {
+export type UndiciIncomingResponseData = {
+    statusCode: number;
+    headers: IncomingHttpHeaders;
+    body: Buffer;
+};
+export declare class UndiciIncomingResponse implements IIncomingResponse {
     readonly status: number;
     readonly headers: ReadonlyHeaders;
     readonly body: Buffer;
-    constructor(response: IResponse);
+    constructor(response: UndiciIncomingResponseData);
     formData(): Promise<IFormData>;
     formUrlEncoded(): Promise<IUrlSearchParams>;
     json(): Promise<any>;

package/lib/types/impl/http/undici/index.d.ts

@@ -0,0 +1,3 @@
+export * from './UndiciIncomingResponse';
+export * from './UndiciHttpClient';
+export * from './UndiciHttpProxyClient';

package/lib/types/products/account_defender/AccountDefender.d.ts

@@ -18,5 +18,9 @@ export declare class AccountDefender<Req, Res, Supported extends string, Added>
     modifyOutgoingResponse(_context: ReadonlyContext<Req, Res>): Promise<void>;
     protected getJwtData(context: ReadonlyContext<Req, Res>): JwtData | null;
     protected extractJwtData(jwt: string, userIdFieldName: string, additionalFieldNames: string[], context: ReadonlyContext<Req, Res>): JwtData | null;
+    protected lookupJwtField(decodedJwt: any, fieldName: string): {
+        value: any;
+        key: string;
+    };
     protected getDecodedJwt(jwt: string, context: ReadonlyContext<Req, Res>): any | null;
 }

package/lib/types/risk_api/client/abstract/RiskApiClientBase.d.ts

@@ -17,10 +17,10 @@ export declare abstract class RiskApiClientBase<Req, Res, Supported extends stri
      */
     executeRiskApi(context: ReadonlyContext<Req, Res>): Promise<RiskApiData>;
     protected formatRiskHeadersField(headers: ReadonlyHeaders): HeaderEntry[];
-    protected sendRiskActivity(riskRequest: OutgoingRequestImpl, riskApiData: RiskApiData, context: ReadonlyContext<Req, Res>): Promise<IIncomingResponse>;
+    protected sendRiskActivity(riskRequest: OutgoingRequestImpl, riskApiData: RiskApiData, context: ReadonlyContext<Req, Res>, startTime?: number): Promise<IIncomingResponse>;
     protected getRiskUrl(): string;
     protected getRiskHeaders(): ReadonlyHeaders;
-    protected handleS2STimeout(riskApiData: RiskApiData): RiskApiData;
+    protected handleS2STimeout(riskApiData: RiskApiData, startTime?: number): RiskApiData;
     protected handleS2SError(riskApiData: RiskApiData, context: ReadonlyContext<Req, Res>, response?: IIncomingResponse, error?: unknown): Promise<RiskApiData>;
 }
 export declare const isEnforcerTimeoutError: (err: unknown) => boolean;

package/lib/types/utils/constants.d.ts

@@ -12,4 +12,4 @@ export declare const PUSH_DATA_FEATURE_HEADER_NAME = "x-px-feature";
 export declare const EMAIL_ADDRESS_REGEX: RegExp;
 export declare const URL_REGEX: RegExp;
 export declare const REGEX_STRUCTURE: RegExp;
-export declare const CORE_MODULE_VERSION = "JS Core 0.37.2";
+export declare const CORE_MODULE_VERSION = "JS Core 1.0.0";

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "perimeterx-js-core",
-  "version": "0.37.2",
+  "version": "1.0.0",
   "description": "",
   "type": "module",
   "typesVersions": {
@@ -44,25 +44,23 @@
   },
   "dependencies": {
     "crypto-js": "^4.1.1",
-    "http-proxy-agent": "^7.0.2",
-    "https-proxy-agent": "^7.0.6",
     "ip-range-check": "^0.2.0",
     "js-base64": "^3.7.2",
-    "phin": "^3.7.0",
     "ts-essentials": "^10.0.0",
-    "uuid": "^11.1.0"
+    "undici": "^6.26.0",
+    "uuid": "^11.1.1"
   },
   "devDependencies": {
     "@types/chai": "^5.2.1",
     "@types/chai-as-promised": "^8.0.2",
     "@types/crypto-js": "^4.1.1",
-    "@types/mocha": "^10.0.0",
+    "@types/mocha": "^10.0.10",
     "@types/node": "^18.19.50 || ^20.6.0 || ^22.0.0",
-    "@types/sinon": "^17.0.1",
+    "@types/sinon": "^21.0.1",
     "@types/uuid": "^10.0.0",
-    "@typescript-eslint/eslint-plugin": "^8.38.0",
-    "@typescript-eslint/parser": "^8.26.0",
-    "c8": "^10.1.3",
+    "@typescript-eslint/eslint-plugin": "^8.61.0",
+    "@typescript-eslint/parser": "^8.61.0",
+    "c8": "^11.0.0",
     "chai": "^6.2.0",
     "chai-as-promised": "^8.0.0",
     "core-js": "^3.19.1",
@@ -71,10 +69,10 @@
     "eslint-plugin-prettier": "^5.2.3",
     "husky": "^9.1.7",
     "lint-staged": "^16.0.0",
-    "mocha": "^11.4.0",
+    "mocha": "^11.7.6",
     "prettier": "^3.5.3",
-    "sinon": "^21.0.0",
-    "ts-loader": "^9.4.1",
+    "sinon": "^22.0.0",
+    "ts-loader": "^9.6.0",
     "ts-node": "^10.9.1",
     "tsc-alias": "^1.8.11",
     "typescript": "^5.1.6"

package/lib/esm/impl/http/phin/PhinHttpClient.js

@@ -1,42 +0,0 @@
-import { Agent as HttpAgent } from 'http';
-import { Agent as HttpsAgent } from 'https';
-import phin from 'phin';
-import { EnforcerTimeoutError } from '../../../utils/index.js';
-import { joinHeaderValues } from '../../../http/index.js';
-import { PhinIncomingResponse } from './PhinIncomingResponse.js';
-export class PhinHttpClient {
-    httpAgent;
-    httpsAgent;
-    constructor(options) {
-        this.httpAgent = options?.httpAgent ?? null;
-        this.httpsAgent = options?.httpsAgent ?? new HttpsAgent({ keepAlive: true });
-    }
-    async send(request, options) {
-        try {
-            const res = await phin.promisified({
-                url: request.url,
-                method: request.method,
-                headers: joinHeaderValues(request.headers),
-                data: request.body,
-                timeout: options?.timeoutMs,
-                core: {
-                    agent: this.getAgent(request),
-                },
-            });
-            return new PhinIncomingResponse(res);
-        }
-        catch (e) {
-            const isTimeout = e?.toString().toLowerCase().includes('timeout');
-            throw isTimeout ? new EnforcerTimeoutError(options?.timeoutMs) : e;
-        }
-    }
-    getAgent(request) {
-        if (request.url.startsWith('https://')) {
-            return this.httpsAgent;
-        }
-        if (this.httpAgent) {
-            return this.httpAgent;
-        }
-        return new HttpAgent();
-    }
-}

package/lib/esm/impl/http/phin/PhinHttpProxyClient.js

@@ -1,10 +0,0 @@
-import { PhinHttpClient } from './PhinHttpClient.js';
-import { HttpProxyAgent } from 'http-proxy-agent';
-import { HttpsProxyAgent } from 'https-proxy-agent';
-export class PhinHttpProxyClient extends PhinHttpClient {
-    constructor(proxyUrl) {
-        const httpAgent = new HttpProxyAgent(proxyUrl, { keepAlive: true });
-        const httpsAgent = new HttpsProxyAgent(proxyUrl, { keepAlive: true });
-        super({ httpsAgent, httpAgent });
-    }
-}

package/lib/esm/impl/http/phin/index.js

@@ -1,3 +0,0 @@
-export * from './PhinIncomingResponse.js';
-export * from './PhinHttpClient.js';
-export * from './PhinHttpProxyClient.js';

package/lib/types/impl/http/phin/PhinHttpClient.d.ts

@@ -1,14 +0,0 @@
-import { Agent as HttpAgent } from 'http';
-import { Agent as HttpsAgent } from 'https';
-import { HttpSendOptions, IHttpClient, IIncomingResponse, IOutgoingRequest } from '../../../http';
-export type PhinHttpClientOptions = {
-    httpAgent?: HttpAgent;
-    httpsAgent?: HttpsAgent;
-};
-export declare class PhinHttpClient implements IHttpClient {
-    private readonly httpAgent;
-    private readonly httpsAgent;
-    constructor(options?: PhinHttpClientOptions);
-    send(request: IOutgoingRequest, options?: HttpSendOptions): Promise<IIncomingResponse>;
-    protected getAgent(request: IOutgoingRequest): HttpAgent;
-}

package/lib/types/impl/http/phin/PhinHttpProxyClient.d.ts

@@ -1,4 +0,0 @@
-import { PhinHttpClient } from './PhinHttpClient';
-export declare class PhinHttpProxyClient extends PhinHttpClient {
-    constructor(proxyUrl: string);
-}

package/lib/types/impl/http/phin/index.d.ts

@@ -1,3 +0,0 @@
-export * from './PhinIncomingResponse';
-export * from './PhinHttpClient';
-export * from './PhinHttpProxyClient';