upgraded expressjs, added module version to risk calls, added cookie …

…value when relevant, change s2scallreson to new enums
PerimeterX · Sep 20, 2016 · 47290e5 · 47290e5
1 parent dda2b19
commit 47290e5
Show file tree

Hide file tree

Showing 4 changed files with 13 additions and 6 deletions.
diff --git a/lib/pxconfig.js b/lib/pxconfig.js
@@ -8,6 +8,7 @@ let PX_CONF = {};
 exports.init = init;
 exports.conf = conf;
 
+PX_INTERNAL.MODULE_VERSION= 'NodeJS Module v1.6.3';
 /* internal configurations */
 PX_INTERNAL.SERVER_HOST = 'https://sapi.perimeterx.net';
 PX_INTERNAL.SERVER_TO_SERVER_API_URI = '/api/v1/risk';

diff --git a/lib/utils/pxapi.js b/lib/utils/pxapi.js
@@ -31,9 +31,14 @@ function callServer(pxCtx, callback) {
         additional: {
             s2s_call_reason: pxCtx.s2s_call_reason,
             http_version: http_version,
-            http_method: pxCtx.http_method
+            http_method: pxCtx.http_method,
+            module_version: pxconfig.MODULE_VERSION
         }
     };
+    if (pxCtx.s2s_call_reason == 'cookie_expired' || pxCtx.s2s_call_reason == 'cookie_verification_failed') {
+        data.additional.px_cookie = JSON.stringify(pxCtx.decrypted_px_cookie);
+    }
+
     const reqHeaders = {
         Authorization: 'Bearer ' + pxconfig.AUTH_TOKEN,
         'Content-Type': 'application/json'

diff --git a/lib/utils/pxcookie.js b/lib/utils/pxcookie.js
@@ -170,7 +170,7 @@ function evalCookie(pxCtx) {
         }
 
         if (!decryptedCookie) {
-            pxCtx.s2s_call_reason = 'cookie_invalid';
+            pxCtx.s2s_call_reason = 'cookie_decryption_failed';
             return pxconfig.SCORE_EVALUATE_ACTION.COOKIE_INVALID;
         }
 
@@ -181,10 +181,11 @@ function evalCookie(pxCtx) {
             return pxconfig.SCORE_EVALUATE_ACTION.BAD_SCORE;
         }
 
+        pxCtx.decrypted_px_cookie = decryptedCookie;
         /* risk score is not a bad score, need to validate the cookie and its expiry */
         if (!isCookieValid(decryptedCookie, cookieKey, ip, ua)) {
             pxlogger.debug('cookie invalid ' + JSON.stringify(decryptedCookie));
-            pxCtx.s2s_call_reason = 'cookie_invalid';
+            pxCtx.s2s_call_reason = 'cookie_verification_failed';
             return pxconfig.SCORE_EVALUATE_ACTION.COOKIE_INVALID;
         }
 
@@ -198,7 +199,7 @@ function evalCookie(pxCtx) {
         return pxconfig.SCORE_EVALUATE_ACTION.GOOD_SCORE;
     } catch (e) {
         pxlogger.error('Error while evaluate perimeterx cookie. ' + e.message);
-        pxCtx.s2s_call_reason = 'cookie_invalid';
+        pxCtx.s2s_call_reason = 'cookie_verification_failed';
         return pxconfig.SCORE_EVALUATE_ACTION.UNEXPECTED_RESULT;
     }
 }
diff --git a/package.json b/package.json
@@ -1,6 +1,6 @@
 {
   "name": "perimeterx-node-express",
-  "version": "1.6.2",
+  "version": "1.6.3",
   "description": "PerimeterX Express.js middleware to monitor and block traffic according to PerimeterX risk score",
   "main": "index.js",
   "directories": {
@@ -29,7 +29,7 @@
   "dependencies": {
     "agentkeepalive": "^2.1.1",
     "cookie-parser": "1.4.1",
-    "express": "4.13.4",
+    "express": "4.14.0",
     "htmlencode": "0.0.4",
     "lodash": "4.11.1",
     "moment": "2.13.0",