From 0a60011f5a0208b44f232d3efb5edb89669fc35e Mon Sep 17 00:00:00 2001 From: eldarlandman Date: Tue, 30 Jul 2024 13:08:40 +0300 Subject: [PATCH] Added new template for combined firstParty and Enforcer lambdas --- run-package.sh | 2 +- src/PXCombined_Enforcer_FirstParty.ts | 45 +++++++++++++++++++++++++++ 2 files changed, 46 insertions(+), 1 deletion(-) create mode 100644 src/PXCombined_Enforcer_FirstParty.ts diff --git a/run-package.sh b/run-package.sh index 7ec107f..4589f5e 100755 --- a/run-package.sh +++ b/run-package.sh @@ -3,7 +3,7 @@ set -e # variable declarations build_dir=dist -lambdas=( PXEnforcer PXFirstParty PXActivities ) +lambdas=( PXEnforcer PXFirstParty PXActivities PXCombined_Enforcer_FirstParty) # clear previous zips rm -f *.zip diff --git a/src/PXCombined_Enforcer_FirstParty.ts b/src/PXCombined_Enforcer_FirstParty.ts new file mode 100644 index 0000000..f0e8590 --- /dev/null +++ b/src/PXCombined_Enforcer_FirstParty.ts @@ -0,0 +1,45 @@ +import { CloudFrontRequest, CloudFrontRequestEvent, CloudFrontResponseResult, Context } from 'aws-lambda'; +import { HumanSecurityEnforcer, HumanSecurityFirstParty } from './px/humansecurity'; +import { getConfigAsync } from './custom/config'; + + +// define and export a handler +export async function handler( + event: CloudFrontRequestEvent, + context: Context +): Promise { + // extract request from event + const request = event.Records[0].cf.request; + + // retrieve and await the configuration + const config = await getConfigAsync(); + + // initialize enforcer and first party + const enforcer = HumanSecurityEnforcer.initialize(config); + const firstParty = HumanSecurityFirstParty.initialize(config); + + + // handle first party before calling enforce or other custom logic + const firstPartyResult = await firstParty.handleFirstParty(request, context); + + // if the result exists, the incoming request is a HUMAN first party request + // the result should be returned from the handler + if (firstPartyResult) { + return firstPartyResult; + } + + // if the request is not first party, we should enforce the incoming request + const blockResponse = await enforcer.enforce(request); + + // if we received a response, we should return it from the handler + // this will return the block response to the end user and prevent the + // request from reaching the origin server + if (blockResponse) { + return blockResponse; + } + + // if we did not receive a block response, the request can be processed + // using custom logic as desired and eventually returned from the handler + // to pass it along to the origin server + return request; +} \ No newline at end of file