Version 2.6.0 (#44)

* APP-834 Added Captcha v2 support (#43)

* captcha v2 phase 1

* Captcha v2 phase 2

* Updated templateFactory

* Update README.md

* Version 2.6.0

CHANGELOG.md

@@ -3,6 +3,9 @@
 All notable changes to this project will be documented in this file.
 The format is based on [Keep a Changelog](http://keepachangelog.com/)
 
+##[2.6.0] - 2018-08-07
+### Added
+	- Support for captcha v2
 
 ##[2.5.1] - 2018-11-06
 ### Fixed

PerimeterXModule/DataContracts/Requests/Request.cs

@@ -30,24 +30,4 @@ public static Request CreateRequestFromContext(PxContext pxContext)
 			};
 		}
 	}
-
-	[DataContract]
-	[Serializable]
-	public class CaptchaRequest : Request
-	{
-		[DataMember(Name = "captchaType")]
-		public string CaptchaType { get; set; }
-
-		public static CaptchaRequest CreateCaptchaRequestFromContext(PxContext pxContext, string captchaType)
-		{
-			return new CaptchaRequest
-			{
-				IP = pxContext.Ip,
-				URL = pxContext.FullUrl,
-				URI = pxContext.Uri,
-				Headers = pxContext.Headers.ToArray(),
-				CaptchaType = captchaType
-			};
-		}
-	}
 }

PerimeterXModule/Internals/Enums/PassReasonEnum.cs

@@ -15,10 +15,6 @@ public enum PassReasonEnum
 		S2S,
 		[EnumMember(Value = "s2s_timeout")]
 		S2S_TIMEOUT,
-		[EnumMember(Value = "captcha")]
-		CAPTCHA,
-		[EnumMember(Value = "captcha_timeout")]
-		CAPTCHA_TIMEOUT,
 		[EnumMember(Value = "error")]
 		ERROR
 	}

PerimeterXModule/Internals/Helpers/PxConstants.cs

@@ -16,7 +16,6 @@ public static class PxConstants
 		public const string COOKIE_V3_PREFIX = "_px3";
 		public const string TOKEN_V1_PREFIX = "1";
 		public const string TOKEN_V3_PREFIX = "3";
-		public static readonly string COOKIE_CAPTCHA_PREFIX = "_pxCaptcha";
 		public static readonly string PX_VALIDATED_HEADER = "X-PX-VALIDATED";
 		public static readonly string MOBILE_HEADER = "X-PX-AUTHORIZATION";
 		public static readonly string ORIGINAL_TOKEN = "X-PX-ORIGINAL-TOKEN";
@@ -31,7 +30,6 @@ public static class PxConstants
 
 		// Endpoints
 		public const string RISK_API_V2 = "/api/v2/risk";
-		public const string CAPTCHA_API_PATH = "/api/v2/risk/captcha";
 		public const string ACTIVITIES_API_PATH = "/api/v1/collector/s2s";
 		public const string ENFORCER_TELEMETRY_API_PATH = "/api/v2/risk/telemetry";
 

PerimeterXModule/Internals/PxContext.cs

@@ -14,7 +14,6 @@ public class PxContext
 		public Dictionary<string, string> PxCookies { get; set; }
 		public object DecodedPxCookie { get; set; }
 		public string PxCookieHmac { get; set; }
-		public string PxCaptcha { get; set; }
 		public string Ip { get; set; }
 		public string HttpVersion { get; set; }
 		public string HttpMethod { get; set; }
@@ -142,10 +141,6 @@ public PxContext(HttpContext context, PxModuleConfigurationSection pxConfigurati
 					{
 						PxCookies[key] = contextCookie.Get(key).Value;
 					}
-					else if (key.Equals(PxConstants.COOKIE_CAPTCHA_PREFIX))
-					{
-						PxCaptcha = contextCookie.Get(key).Value;
-					}
 				}
 			}
 

PerimeterXModule/Internals/ReverseProxy.cs

@@ -12,8 +12,10 @@ public interface IReverseProxy
 	{
 		void ReversePxClient(HttpContext context);
 		void ReversePxXhr(HttpContext context);
+		void ReversePxCaptcha(HttpContext context);
 		bool ShouldReverseClient(HttpContext context);
 		bool ShouldReverseXhr(HttpContext context);
+		bool ShouldReverseCaptcha(HttpContext context);
 	}
 
 	public class ReverseProxy : IReverseProxy
@@ -30,9 +32,11 @@ public class ReverseProxy : IReverseProxy
 		private readonly string XHR_PATH = "/xhr";
 		private readonly string CLIENT_FP_PATH = "/init.js";
 		private readonly string CLIENT_TP_PATH = "/main.min.js";
+		private readonly string CAPTCHA_FP_PATH = "/captcha";
 
 		private string ClientReversePrefix;
 		private string XhrReversePrefix;
+		private string CaptchaReversePrefix;
 		private string CollectorUrl;
 
 		public bool IsReusable
@@ -48,6 +52,7 @@ public ReverseProxy(PxModuleConfigurationSection pxConfig)
 			string appIdPrefix = pxConfig.AppId.Substring(2);
 			ClientReversePrefix = "/" + appIdPrefix + CLIENT_FP_PATH;
 			XhrReversePrefix = "/" + appIdPrefix + XHR_PATH;
+			CaptchaReversePrefix = "/" + appIdPrefix + CAPTCHA_FP_PATH ;
 			CollectorUrl = string.Format(pxConfig.CollectorUrl, PxConfig.AppId);
 		}
 
@@ -129,6 +134,35 @@ public void ReversePxClient(HttpContext context)
 
 		}
 
+		/**
+		 * <summary>
+		 * Reverse requests for PerimeterX captcha client
+		 * </summary>
+		 * <param name="context">The original request context</param>
+		 */
+		public void ReversePxCaptcha(HttpContext context)
+		{
+			Debug.WriteLine("Fetching Captcha client", PxConstants.LOG_CATEGORY);
+			if (!PxConfig.FirstPartyEnabled)
+			{
+				Debug.WriteLine("First party is disabled, rendering default captcha client response", PxConstants.LOG_CATEGORY);
+				RenderPredefinedResponse(context, CONTENT_TYPE_JAVASCRIPT, DEFAULT_CLIENT_VALUE);
+				return;
+			}
+
+			string uri = "/" + PxConfig.AppId + context.Request.RawUrl.Replace(CaptchaReversePrefix, "");
+
+
+			bool success = ProcessRequest(context, PxConfig.CaptchaHostUrl, uri);
+
+			if (!success)
+			{
+				Debug.WriteLine("Redirect JS client returned bad status, rendering default response", PxConstants.LOG_CATEGORY);
+				RenderPredefinedResponse(context, CONTENT_TYPE_JAVASCRIPT, DEFAULT_CLIENT_VALUE);
+			}
+
+		}
+
 		/**
 		 * <summary>
 		 * Reverse proxy any sensor activities back to PerimeterX servers
@@ -204,7 +238,25 @@ public bool ShouldReverseClient(HttpContext context)
 				return true;
 			}
 			return false;
-
+		}
+
+		/**
+		 * <summary>
+		 * Checks if this is a first party route for the Captcha js file.
+		 * If the route matches the prefix, the module will redirect the request
+		 * </summary>
+		 * <param name="context">The original request context</param>
+		 * <returns>boolean</returns>
+		 */
+		public bool ShouldReverseCaptcha(HttpContext context)
+		{
+			if (context.Request.Url.AbsolutePath.StartsWith(CaptchaReversePrefix))
+			{
+				ReversePxCaptcha(context);
+				context.ApplicationInstance.CompleteRequest();
+				return true;
+			}
+			return false;
 		}
 
 		/**
@@ -244,5 +296,7 @@ private void RenderPredefinedResponse(HttpContext context, string contentType, s
 
 			context.Response.End();
 		}
+
+
 	}
 }

PerimeterXModule/Internals/TemplateFactory.cs

@@ -12,16 +12,17 @@ abstract class TemplateFactory
 	{
 		private static readonly string CLIENT_SRC_FP = "/{0}/init.js";
 		private static readonly string CLIENT_SRC_TP = "{0}/{1}/main.min.js";
+		private static readonly string CAPTCHA_QUERY_PARAMS = "?a={0}&u={1}&v={2}&m={3}";
+		private static readonly string CAPTCHA_SRC_FP = "/{0}/captcha/captcha.js{1}";
+		private static readonly string CAPTCHA_SRC_TP = "{0}/{1}/captcha.js{2}";
+		private static readonly string HOST_FP = "/{0}/xhr";
 
-		public static string getTemplate(string template, PxModuleConfigurationSection pxConfiguration, string uuid, string vid, bool isMobileRequest)
+
+		public static string getTemplate(string template, PxModuleConfigurationSection pxConfiguration, string uuid, string vid, bool isMobileRequest,string action)
 		{
-			if (isMobileRequest)
-			{
-				template = string.Format("{0}Mobile", template);
-			}
 			Debug.WriteLine(string.Format("Using {0} template", template), PxConstants.LOG_CATEGORY);
 			string templateStr = getTemplateString(template);
-			return Render.StringToString(templateStr, getProps(pxConfiguration, uuid, vid));
+			return Render.StringToString(templateStr, getProps(pxConfiguration, uuid, vid, isMobileRequest, action));
 
 		}
 
@@ -43,9 +44,10 @@ private static string getTemplateString(string template)
 			return templateStr;
 		}
 
-		private static IDictionary<String, String> getProps(PxModuleConfigurationSection pxConfiguration, string uuid, string vid)
+		private static IDictionary<String, String> getProps(PxModuleConfigurationSection pxConfiguration, string uuid, string vid, bool isMobileRequest, string action)
 		{
 			IDictionary<String, String> props = new Dictionary<String, String>();
+			string captchaParams = string.Format(CAPTCHA_QUERY_PARAMS, action, uuid, vid, isMobileRequest ? "1" : "0"); 
 			props.Add("refId", uuid);
 			props.Add("appId", pxConfiguration.AppId);
 			props.Add("vid", vid);
@@ -54,17 +56,19 @@ private static IDictionary<String, String> getProps(PxModuleConfigurationSection
 			props.Add("cssRef", pxConfiguration.CssRef);
 			props.Add("jsRef", pxConfiguration.JsRef);
 			props.Add("logoVisibility", string.IsNullOrEmpty(pxConfiguration.CustomLogo) ? "hidden" : "visible");
-			props.Add("hostUrl", string.Format(pxConfiguration.CollectorUrl, pxConfiguration.AppId));
-			props.Add("captchaType", pxConfiguration.CaptchaProvider);
 
-			if (pxConfiguration.FirstPartyEnabled)
+			if (pxConfiguration.FirstPartyEnabled && !isMobileRequest)
 			{
 				props.Add("jsClientSrc", string.Format(CLIENT_SRC_FP, pxConfiguration.AppId.Substring(2)));
+				props.Add("blockScript", string.Format(CAPTCHA_SRC_FP, pxConfiguration.AppId.Substring(2), captchaParams));
+				props.Add("hostUrl", string.Format(HOST_FP, pxConfiguration.AppId.Substring(2)));
 				props.Add("firstPartyEnabled", "1");
 			}
 			else
 			{
 				props.Add("jsClientSrc", string.Format(CLIENT_SRC_TP, Regex.Replace(pxConfiguration.ClientHostUrl, "https?:", ""), pxConfiguration.AppId));
+				props.Add("hostUrl", string.Format(pxConfiguration.CollectorUrl, pxConfiguration.AppId));
+				props.Add("blockScript", string.Format(CAPTCHA_SRC_TP, pxConfiguration.CaptchaHostUrl,  pxConfiguration.AppId, captchaParams));
 			}
 			return props;
 		}