@aikidosec/firewall
Version:
Zen by Aikido is an embedded Application Firewall that autonomously protects Node.js apps against common and critical attacks, provides rate limiting, detects malicious traffic (including bots), and more.
112 lines (111 loc) • 4.08 kB
TypeScript
import { RateLimiter } from "../ratelimiting/RateLimiter";
import { ReportingAPI, ReportingAPIResponse } from "./api/ReportingAPI";
import { Token } from "./api/Token";
import { Kind } from "./Attack";
import { Endpoint } from "./Config";
import { Context } from "./Context";
import { Hostnames } from "./Hostnames";
import { InspectionStatistics } from "./InspectionStatistics";
import { Logger } from "./logger/Logger";
import { Routes } from "./Routes";
import { ServiceConfig } from "./ServiceConfig";
import { Source } from "./Source";
import { Users } from "./Users";
import { Wrapper } from "./Wrapper";
import { AIStatistics } from "./AIStatistics";
type WrappedPackage = {
version: string | null;
supported: boolean;
};
export declare class Agent {
private block;
private readonly logger;
private readonly api;
private readonly token;
private readonly serverless;
private started;
private sendHeartbeatEveryMS;
private checkIfHeartbeatIsNeededEveryMS;
private lastHeartbeat;
private sentHeartbeatCounter;
private interval;
private preventedPrototypePollution;
private incompatiblePackages;
private wrappedPackages;
private packages;
private timeoutInMS;
private hostnames;
private users;
private serviceConfig;
private routes;
private rateLimiter;
private statistics;
private aiStatistics;
private middlewareInstalled;
private attackLogger;
constructor(block: boolean, logger: Logger, api: ReportingAPI, token: Token | undefined, serverless: string | undefined);
shouldBlock(): boolean;
getHostnames(): Hostnames;
getInspectionStatistics(): InspectionStatistics;
getAIStatistics(): AIStatistics;
unableToPreventPrototypePollution(incompatiblePackages: Record<string, string>): void;
onPrototypePollutionPrevented(): void;
/**
* Reports to the API that this agent has started
*/
onStart(): Promise<void>;
checkForReportingAPIError(result: ReportingAPIResponse): void;
onErrorThrownByInterceptor({ error, module, method, }: {
error: Error;
module: string;
method: string;
}): void;
/**
* This function gets called when an attack is detected, it reports this attack to the API
*/
onDetectedAttack({ module, operation, kind, blocked, source, request, stack, paths, metadata, payload, }: {
module: string;
operation: string;
kind: Kind;
blocked: boolean;
source: Source;
request: Context;
stack: string;
paths: string[];
metadata: Record<string, string>;
payload: unknown;
}): void;
/**
* Sends a heartbeat via the API to the server (only when not in serverless mode)
*/
private heartbeat;
getUsers(): Users;
getConfig(): ServiceConfig;
private updateServiceConfig;
private sendHeartbeat;
/**
* Starts a heartbeat when not in serverless mode : Make contact with api every x seconds.
*/
private startHeartbeats;
private updateBlockedLists;
private startPollingForConfigChanges;
private getAgentInfo;
start(wrappers: Wrapper[]): void;
onFailedToWrapMethod(module: string, name: string, error: Error): void;
onFailedToWrapModule(module: string, error: Error): void;
onPackageRequired(name: string, version: string): void;
onPackageWrapped(name: string, details: WrappedPackage): void;
onConnectHostname(hostname: string, port: number): void;
onRouteExecute(context: Context): void;
hasGraphQLSchema(method: string, path: string): boolean;
onGraphQLSchema(method: string, path: string, schema: string): void;
onGraphQLExecute(method: string, path: string, type: "query" | "mutation", topLevelFields: string[]): void;
onRouteRateLimited(match: Endpoint): void;
getRoutes(): Routes;
log(message: string): void;
flushStats(timeoutInMS: number): Promise<void>;
getRateLimiter(): RateLimiter;
onMiddlewareExecuted(): void;
private getHeartbeatInterval;
}
export {};