Merge pull request #296 from PerimeterX/release/v6.7.0

Release/v6.7.0 -> master

CHANGELOG.md

@@ -1,4 +1,9 @@
 # Change Log
+## [v6.7.0](https://github.com/PerimeterX/perimeterx-java-sdk/compare/v6.7.0...HEAD) (2023-11-05)
+- Added feature custom cookie header
+- Changed `getTelemetryConfig` is now using builder.
+- Bugfix `NullPointerException` when using `ConsoleLogger`.
+
 ## [v6.6.0](https://github.com/PerimeterX/perimeterx-java-sdk/compare/v6.6.0...HEAD) (2023-27-04)
 - Updating readme with `customIsSensitve`, `customParametersExtraction`
 - Added an option to configure logger without slf4j using `PXConfiguration.setPxLoggerSeverity(<loggerSeverity>)`

README.md

@@ -4,7 +4,7 @@
 
 # [PerimeterX](http://www.perimeterx.com) Java SDK
 
-> Latest stable version: [v6.6.0](https://search.maven.org/#artifactdetails%7Ccom.perimeterx%7Cperimeterx-sdk%7C6.6.0%7Cjar)
+> Latest stable version: [v6.7.0](https://search.maven.org/#artifactdetails%7Ccom.perimeterx%7Cperimeterx-sdk%7C6.7.0%7Cjar)
 
 ## Table of Contents
 

pom.xml

@@ -7,7 +7,7 @@
     <name>PerimeterX JAVA SDK</name>
     <groupId>com.perimeterx</groupId>
     <artifactId>perimeterx-sdk</artifactId>
-    <version>6.6.0</version>
+    <version>6.7.0</version>
 
     <packaging>jar</packaging>
     <description>PerimeterX Java SDK</description>

px_metadata.json

@@ -1,5 +1,5 @@
 {
-  "version": "6.6.0",
+  "version": "6.7.0",
   "supported_features": [
     "additional_activity_handler",
     "advanced_blocking_response",
@@ -30,6 +30,7 @@
     "pxde",
     "vid_extraction",
     "risk_api",
+    "custom_cookie_header",
     "sensitive_routes",
     "telemetry_command",
     "enforcer_error"

src/main/java/com/perimeterx/internals/PXS2SValidator.java

@@ -15,6 +15,8 @@
 import com.perimeterx.utils.PXLogger;
 import org.apache.http.conn.ConnectTimeoutException;
 
+import static org.apache.commons.lang3.StringUtils.*;
+
 /**
  * High level Abstracted interface for calling PerimeterX servers
  * <p>
@@ -99,6 +101,9 @@ private void updateContextFromResponse(PXContext pxContext, RiskResponse respons
         DataEnrichmentCookie dataEnrichment = new DataEnrichmentCookie(response.getDataEnrichment(), true);
         pxContext.setPxde(dataEnrichment.getJsonPayload());
         pxContext.setPxdeVerified(dataEnrichment.isValid());
+        if(isNoneBlank(response.getPxhd())) {
+            pxContext.setPxhd(response.getPxhd());
+        }
     }
 
     private boolean isResponseValid(RiskResponse response) {

src/main/java/com/perimeterx/internals/cookie/cookieparsers/HeaderParser.java

@@ -11,9 +11,10 @@
 import org.apache.commons.lang3.StringUtils;
 
 import java.io.IOException;
-import java.util.ArrayList;
-import java.util.Collections;
-import java.util.List;
+import java.util.*;
+import java.util.stream.Stream;
+
+import static java.util.stream.Collectors.toList;
 
 public abstract class HeaderParser {
 
@@ -29,19 +30,15 @@ public abstract class HeaderParser {
      * @param cookieHeader Should contain the cookie(or cookies) that needs to be parsed into RawCookieData, can be null or empty
      * @return All px cookies available from the header.
      */
-    public List<RawCookieData> createRawCookieDataList(String cookieHeader) {
-        List<RawCookieData> cookieList = new ArrayList<>();
-        if (!StringUtils.isEmpty(cookieHeader)) {
-            String[] cookies = splitHeader(cookieHeader);
-            for (String cookie : cookies) {
-                RawCookieData rawCookie = createCookie(cookie);
-                if (rawCookie != null) {
-                    cookieList.add(rawCookie);
-                }
-            }
-        }
-        Collections.sort(cookieList);
-        return cookieList;
+    public List<RawCookieData> createRawCookieDataList(String... cookieHeaders) {
+        return Stream.of(cookieHeaders)
+                .filter(StringUtils::isNoneEmpty)
+                .map(this::splitHeader)
+                .flatMap(Stream::of)
+                .map(this::createCookie)
+                .filter(Objects::nonNull)
+                .sorted()
+                .collect(toList());
     }
 
     public DataEnrichmentCookie getRawDataEnrichmentCookie(List<RawCookieData> rawCookies, String cookieKey) {

src/main/java/com/perimeterx/models/PXContext.java

@@ -32,6 +32,7 @@
 import java.util.regex.Pattern;
 
 import static com.perimeterx.utils.Constants.BREACHED_ACCOUNT_KEY_NAME;
+import static com.perimeterx.utils.PXCommonUtils.cookieHeadersNames;
 
 /**
  * PXContext - Populate relevant data from HttpRequest
@@ -350,10 +351,13 @@ private void parseCookies(HttpServletRequest request, boolean isMobileToken) {
             this.pxdeVerified = true;
         } else {
             Cookie[] cookies = request.getCookies();
-            String cookieHeader = request.getHeader(Constants.COOKIE_HEADER_NAME);
+            String[] cookieHeaders = cookieHeadersNames(getPxConfiguration())
+                    .stream()
+                    .map(request::getHeader)
+                    .toArray(String[]::new);
             this.requestCookieNames = CookieNamesExtractor.extractCookieNames(cookies);
             setVidAndPxhd(cookies);
-            tokens.addAll(headerParser.createRawCookieDataList(cookieHeader));
+            tokens.addAll(headerParser.createRawCookieDataList(cookieHeaders));
             this.tokens = tokens;
             DataEnrichmentCookie deCookie = headerParser.getRawDataEnrichmentCookie(this.tokens, this.pxConfiguration.getCookieKey());
             this.pxde = deCookie.getJsonPayload();

src/main/java/com/perimeterx/models/configuration/PXConfiguration.java

@@ -41,7 +41,7 @@
  * <p>
  * Created by shikloshi on 03/07/2016.
  */
-@Builder
+@Builder(toBuilder = true)
 @AllArgsConstructor
 @NoArgsConstructor
 @Getter
@@ -269,22 +269,14 @@ public static void setPxLoggerSeverity(LoggerSeverity severity) {
     @Builder.Default
     private Function<? super HttpServletRequest, ? extends CustomParameters> customParametersExtraction = null;
 
+    @Builder.Default
+    private String customCookieHeader = "x-px-cookies";
+
     /**
      * @return Configuration Object clone without cookieKey and authToken
      **/
     public PXConfiguration getTelemetryConfig() {
-        return new PXConfiguration(appId, null, null, moduleEnabled, encryptionEnabled,
-                blockingScore, sensitiveHeaders, maxBufferLen, apiTimeout, connectionTimeout, sendPageActivities,
-                signedWithIP, serverURL, customLogo, cssRef, jsRef, sensitiveRoutes, sensitiveRoutesRegex, ipHeaders, checksum,
-                remoteConfigurationEnabled, moduleMode, remoteConfigurationInterval, remoteConfigurationDelay,
-                maxConnections, maxConnectionsPerRoute, remoteConfigurationUrl, customParametersProvider, blockHandler,
-                collectorUrl, clientHost, firstPartyEnabled, xhrFirstPartyEnabled, useProxy, proxyHost, proxyPort,
-                testingMode, validateRequestQueueInterval, bypassMonitorHeader, configFilePath, advancedBlockingResponse,
-                enforcedRoutes, monitoredRoutes, loginCredentialsExtractionEnabled, loginCredentialsExtractionDetails, ciProtocol,
-                pxCompromisedCredentialsHeader, addRawUsernameOnAdditionalS2SActivity, additionalS2SActivityHeaderEnabled,
-                loginResponseValidationReportingMethod, regexPatternToValidateLoginResponseBody, headerNameToValidateLoginResponse,
-                headerValueToValidateLoginResponse, loginResponseValidationStatusCode, customLoginResponseValidator,
-                credentialsCustomExtractor, staticFilesExt, (req) -> false, null);
+        return this.toBuilder().cookieKey(null).authToken(null).build();
     }
 
     public void disableModule() {

src/main/java/com/perimeterx/utils/ConsoleLogger.java

@@ -13,7 +13,7 @@ private void log(PrintStream out, String prefix, Object msg, Object... additiona
         builder.append(prefix);
         builder.append(msg);
         for (Object arg : additional) {
-            builder.append(" ").append(arg.toString());
+            builder.append(" ").append(arg);
         }
         out.println(builder);
     }

src/main/java/com/perimeterx/utils/PXCommonUtils.java

@@ -10,6 +10,9 @@
 import javax.servlet.http.HttpServletRequest;
 import java.util.*;
 
+import static com.perimeterx.utils.Constants.COOKIE_HEADER_NAME;
+import static org.apache.commons.lang3.StringUtils.isNoneEmpty;
+
 /**
  * Created by nitzangoldfeder on 16/07/2017.
  */
@@ -45,4 +48,15 @@ public static Map<String, String> getHeadersFromRequest(HttpServletRequest reque
         }
         return headers;
     }
+
+    public static List<String> cookieHeadersNames(PXConfiguration configuration) {
+        List<String> lst = new LinkedList<>();
+
+        if (isNoneEmpty(configuration.getCustomCookieHeader())) {
+            lst.add(configuration.getCustomCookieHeader());
+        }
+        lst.add(COOKIE_HEADER_NAME);
+
+        return lst;
+    }
 }

web/pom.xml

@@ -25,7 +25,7 @@
         <dependency>
             <groupId>com.perimeterx</groupId>
             <artifactId>perimeterx-sdk</artifactId>
-            <version>6.6.0</version>
+            <version>6.7.0</version>
             <scope>compile</scope>
         </dependency>
         <dependency>