HumanSecurity · ilaipx · Mar 13, 2019 · Mar 11, 2019 · Mar 11, 2019 · Mar 12, 2019
diff --git a/CHANGELOG.md b/CHANGELOG.md
@@ -5,7 +5,17 @@ All notable changes to this project will be documented in this file.
 The format is based on [Keep a Changelog](http://keepachangelog.com/)
 and this project adheres to [Semantic Versioning](http://semver.org/).
 
-## [1.8.0] - 2018-02-25
+## [2.0.0] - 2019-03-14
+### Added
+- Support for multiple instances of PxEnforcer (for multi px-app in same web app)
+
+### Refactored
+- Major parts of the code to inject an instance of PxLogger and PX config.
+
+### Changed
+- Changed PxClient.submitActivities() signature to receive a config object.
+
+## [1.8.0] - 2019-02-25
 ### Added
 - Support for testing blocking flow in monitor mode
 

diff --git a/README.md b/README.md
@@ -5,7 +5,7 @@
 [PerimeterX](http://www.perimeterx.com) Shared base for NodeJS enforcers
 =============================================================
 
-> Latest stable version: [v1.8.0](https://www.npmjs.com/package/perimeterx-node-core)
+> Latest stable version: [v2.0.0](https://www.npmjs.com/package/perimeterx-node-core)
 
 This is a shared base implementation for PerimeterX Express enforcer and future NodeJS enforcers. For a fully functioning implementation example, see the [Node-Express enforcer](https://github.com/PerimeterX/perimeterx-node-express/) implementation.
 
@@ -28,9 +28,9 @@ Table of Contents
 ### <a name="basic-usage"></a> Basic Usage Example
 To integrate this module into an enforcer, users should initialize the enforcer.
 ```javascript
-function initPXModule(params) {
+function initPXModule(params, client) {
     params.moduleVersion = '<your module version>';
-    enforcer = new PxEnforcer(params);
+    enforcer = new PxEnforcer(params, client);
     //if dynamic configurations is configured
     if (enforcer.config.conf.DYNAMIC_CONFIGURATIONS) {
         setInterval(enforcer.config.confManager.loadData.bind(enforcer.config.confManager), enforcer.config.conf.CONFIGURATION_LOAD_INTERVAL);
@@ -64,9 +64,9 @@ Extend the `PxClient` class to send activities to PerimeterX.
 ```javascript
 const PxClient = require('perimeterx-node-core').PxClient;
 class MyClient extends PxClient {
-    init() {
+    init(config) {
         setInterval(() => {
-            this.submitActivities();
+            this.submitActivities(config);
         }, 1000);
     }
 }
@@ -77,7 +77,7 @@ Make sure to pass the client instance when initializing the enforcer.
 ```javascript
 function initPXModule(params) {
     params.moduleVersion = '<your module version>';
-    let pxClient = new MyClient();
+    const pxClient = new MyClient();
     enforcer = new PxEnforcer(params, pxClient);
     //if dynamic configurations is configured
     if (enforcer.config.conf.DYNAMIC_CONFIGURATIONS) {

diff --git a/index.js b/index.js
@@ -26,5 +26,4 @@
 module.exports = {
     PxEnforcer: require('./lib/pxenforcer'),
     PxClient: require('./lib/pxclient'),
-    request: require('./lib/request')
 };
diff --git a/lib/configloader.js b/lib/configloader.js
@@ -1,10 +1,10 @@
-
-const logger = require('./pxlogger');
+const request = require('./request');
 
 class ConfigLoader {
 
-    constructor(config, pxClient) {
-        this.config = config;
+    constructor(pxConfig, pxClient) {
+        this.pxConfig = pxConfig;
+        this.config = pxConfig.conf;
         this.pxClient = pxClient;
     }
 
@@ -13,18 +13,17 @@ class ConfigLoader {
     }
 
     loadData() {
-        const request = require('./request');
         const checksum = this.config.checksum;
         const callData = {
             'url': `https://${this.config.CONFIGURATIONS_HOST}${this.config.CONFIGURATIONS_URI + (checksum ? `?checksum=${checksum}` : '')}`,
             'headers': {Authorization: 'Bearer ' + this.config.AUTH_TOKEN},
             'timeout': this.config.API_TIMEOUT_MS
         };
-        request.get(callData, (error, response) => {
+        request.get(callData, this.config, (error, response) => {
             if (error || !response || !(response.statusCode === 200 || response.statusCode === 204)) {
-                logger.error(`Failed to get configurations: ${error}`);
+                this.config.logger.error(`Failed to get configurations: ${error}`);
                 if (!checksum) { //no configuration loaded and we can't get configuration - disable module
-                    logger.debug('Failed to pull initial config, switching module to disable until remote configuration found');
+                    this.config.logger.debug('Failed to pull initial config, switching module to disable until remote configuration found');
                     this.config.ENABLE_MODULE = false;
                 }
                 return;
@@ -33,7 +32,7 @@ class ConfigLoader {
             // new configuration available
             if (response.statusCode === 200) {
                 const body = JSON.parse(response.body.toString());
-                logger.debug(`Found new configuration - checksum: ${body.checksum}, new configuration: ${JSON.stringify(body)}`);
+                this.config.logger.debug(`Found new configuration - checksum: ${body.checksum}, new configuration: ${JSON.stringify(body)}`);
                 this.config.checksum = body.checksum;
                 this.config.COOKIE_SECRET_KEY = body.cookieKey;
                 this.config.PX_APP_ID = body.appId;
@@ -47,7 +46,7 @@ class ConfigLoader {
                 this.config.MODULE_MODE = body.moduleMode === 'blocking' ? this.config.MONITOR_MODE.BLOCK : this.config.MONITOR_MODE.MONITOR;
                 this.config.FIRST_PARTY_ENABLED = body.firstPartyEnabled;
                 this.config.FIRST_PARTY_XHR_ENABLED = body.firstPartyXhrEnabled;
-                this.pxClient.sendEnforcerTelemetry('remote_config');
+                this.pxClient.sendEnforcerTelemetry('remote_config', this.config);
             }
         });
     }

diff --git a/lib/cookie/cookieV1.js b/lib/cookie/cookieV1.js
@@ -5,10 +5,9 @@ const Payload = require('../pxpayload');
 class CookieV1 extends Payload {
 
     constructor(ctx, config) {
-        super();
+        super(config);
         this.pxCookie = ctx.cookies['_px'];
-        this.pxConfig = config;
-        this.pxContext = ctx;
+        this.ctx = ctx;
         this.cookieSecret = config.COOKIE_SECRET_KEY;
     }
 
@@ -33,10 +32,10 @@ class CookieV1 extends Payload {
         const baseHmacStr = '' + this.getTime() + this.decodedCookie.s.a + this.getScore() + this.getUuid() + this.getVid();
 
         // hmac string with IP - for backward support
-        const hmacWithIp = baseHmacStr + this.pxContext.ip + this.pxContext.userAgent;
+        const hmacWithIp = baseHmacStr + this.ctx.ip + this.ctx.userAgent;
 
         // hmac string without IP
-        const hmacWithoutIp = baseHmacStr + this.pxContext.userAgent;
+        const hmacWithoutIp = baseHmacStr + this.ctx.userAgent;
 
         return this.isHmacValid(hmacWithoutIp, this.getHmac()) || this.isHmacValid(hmacWithIp, this.getHmac());
     }

diff --git a/lib/cookie/cookieV3.js b/lib/cookie/cookieV3.js
@@ -4,13 +4,12 @@ const Payload = require('../pxpayload');
 
 class CookieV3 extends Payload {
     constructor(ctx, config) {
-        super();
+        super(config);
         let [hash, ...cookie] = ctx.cookies['_px3'].split(':');
         cookie = cookie.join(':');
         this.pxCookie = cookie;
         this.cookieHash = hash;
-        this.pxConfig = config;
-        this.pxContext = ctx;
+        this.ctx = ctx;
         this.cookieSecret = config.COOKIE_SECRET_KEY;
     }
 
@@ -31,7 +30,7 @@ class CookieV3 extends Payload {
     }
 
     isSecure() {
-        const hmacStr = this.pxCookie + this.pxContext.userAgent;
+        const hmacStr = this.pxCookie + this.ctx.userAgent;
         return this.isHmacValid(hmacStr, this.getHmac());
     }
 }

diff --git a/lib/cookie/tokenV1.js b/lib/cookie/tokenV1.js
@@ -5,10 +5,9 @@ const Payload = require('../pxpayload');
 class TokenV1 extends Payload {
 
     constructor(ctx, config, token) {
-        super();
+        super(config);
         this.pxCookie = token;
-        this.pxConfig = config;
-        this.pxContext = ctx;
+        this.ctx = ctx;
         this.cookieSecret = config.COOKIE_SECRET_KEY;
     }
 
@@ -33,7 +32,7 @@ class TokenV1 extends Payload {
         const baseHmacStr = '' + this.getTime() + this.decodedCookie.s.a + this.getScore() + this.getUuid() + this.getVid();
 
         // hmac string with IP - for backward support
-        const hmacWithIp = baseHmacStr + this.pxContext.ip;
+        const hmacWithIp = baseHmacStr + this.ctx.ip;
 
         // hmac string without IP
         const hmacWithoutIp = baseHmacStr;

diff --git a/lib/cookie/tokenV3.js b/lib/cookie/tokenV3.js
@@ -4,13 +4,12 @@ const Payload = require('../pxpayload');
 
 class TokenV3 extends Payload {
     constructor(ctx, config, token) {
-        super();
+        super(config);
         let [hash, ...cookie] = token.split(':');
         cookie = cookie.join(':');
         this.pxCookie = cookie;
         this.cookieHash = hash;
-        this.pxConfig = config;
-        this.pxContext = ctx;
+        this.ctx = ctx;
         this.cookieSecret = config.COOKIE_SECRET_KEY;
     }