@aikidosec/firewall
Version:
Zen by Aikido is an embedded Web Application Firewall that autonomously protects Node.js apps against common and critical attacks
111 lines (110 loc) • 4.05 kB
TypeScript
import { RateLimiter } from "../ratelimiting/RateLimiter";
import { ReportingAPI, ReportingAPIResponse } from "./api/ReportingAPI";
import { Token } from "./api/Token";
import { Kind } from "./Attack";
import { Endpoint } from "./Config";
import { Context } from "./Context";
import { Hostnames } from "./Hostnames";
import { InspectionStatistics } from "./InspectionStatistics";
import { Logger } from "./logger/Logger";
import { Routes } from "./Routes";
import { ServiceConfig } from "./ServiceConfig";
import { Source } from "./Source";
import { Users } from "./Users";
import { Wrapper } from "./Wrapper";
import { AIStatistics } from "./AIStatistics";
type WrappedPackage = {
version: string | null;
supported: boolean;
};
export declare class Agent {
private block;
private readonly logger;
private readonly api;
private readonly token;
private readonly serverless;
private started;
private sendHeartbeatEveryMS;
private checkIfHeartbeatIsNeededEveryMS;
private lastHeartbeat;
private reportedInitialStats;
private interval;
private preventedPrototypePollution;
private incompatiblePackages;
private wrappedPackages;
private packages;
private timeoutInMS;
private hostnames;
private users;
private serviceConfig;
private routes;
private rateLimiter;
private statistics;
private aiStatistics;
private middlewareInstalled;
private attackLogger;
constructor(block: boolean, logger: Logger, api: ReportingAPI, token: Token | undefined, serverless: string | undefined);
shouldBlock(): boolean;
getHostnames(): Hostnames;
getInspectionStatistics(): InspectionStatistics;
getAIStatistics(): AIStatistics;
unableToPreventPrototypePollution(incompatiblePackages: Record<string, string>): void;
onPrototypePollutionPrevented(): void;
/**
* Reports to the API that this agent has started
*/
onStart(): Promise<void>;
checkForReportingAPIError(result: ReportingAPIResponse): void;
onErrorThrownByInterceptor({ error, module, method, }: {
error: Error;
module: string;
method: string;
}): void;
/**
* This function gets called when an attack is detected, it reports this attack to the API
*/
onDetectedAttack({ module, operation, kind, blocked, source, request, stack, paths, metadata, payload, }: {
module: string;
operation: string;
kind: Kind;
blocked: boolean;
source: Source;
request: Context;
stack: string;
paths: string[];
metadata: Record<string, string>;
payload: unknown;
}): void;
/**
* Sends a heartbeat via the API to the server (only when not in serverless mode)
*/
private heartbeat;
getUsers(): Users;
getConfig(): ServiceConfig;
private updateServiceConfig;
private sendHeartbeat;
/**
* Starts a heartbeat when not in serverless mode : Make contact with api every x seconds.
*/
private startHeartbeats;
private updateBlockedLists;
private startPollingForConfigChanges;
private getAgentInfo;
start(wrappers: Wrapper[]): void;
onFailedToWrapMethod(module: string, name: string, error: Error): void;
onFailedToWrapModule(module: string, error: Error): void;
onPackageRequired(name: string, version: string): void;
onPackageWrapped(name: string, details: WrappedPackage): void;
onConnectHostname(hostname: string, port: number): void;
onRouteExecute(context: Context): void;
hasGraphQLSchema(method: string, path: string): boolean;
onGraphQLSchema(method: string, path: string, schema: string): void;
onGraphQLExecute(method: string, path: string, type: "query" | "mutation", topLevelFields: string[]): void;
onRouteRateLimited(match: Endpoint): void;
getRoutes(): Routes;
log(message: string): void;
flushStats(timeoutInMS: number): Promise<void>;
getRateLimiter(): RateLimiter;
onMiddlewareExecuted(): void;
}
export {};