API | HUMAN Documentation

createDefaultHttpTrigger

Uses the provided configuration and secret key to produce the default HTTP trigger Azure Function required for a Front Door + Function App integration.

1 createDefaultHttpTrigger(params: ConfigurationParams, secretKey: string) => AzureFunction

Parameters
- params: ConfigurationParams
- secretKey: string
Returns an AzureFunction

The secretKey is the value that should be present on the x-enforcer-auth header, which indicates to the Front Door service that the enforcer has already processed the request. See installing the Front Door for more information.

In the event that the request should be passed to the origin, the default HTTP trigger proxies the request to the value present in the x-forwarded-host request header, which is the domain associated with the Front Door service.

Sample Usage:

1 import { createDefaultHttpTrigger } from 'perimeterx-azure-js-sdk';
2 
3 // create an enforcer configuration
4 const config = {
5     px_app_id: '<APP_ID>',
6     px_auth_token: process.env['PX_AUTH_TOKEN'],
7     px_cookie_secret: process.env['PX_COOKIE_SECRET']
8 };
9 
10 // create a default HTTP trigger with the config and the Front Door secret key
11 const httpTrigger = createDefaultHttpTrigger(config, process.env['SECRET_KEY']);
12 
13 // export the trigger function
14 export default httpTrigger;

Enforcer

The entity responsible for performing HUMAN enforcement.

Sample Usage:

1 import { Enforcer } from 'perimeterx-azure-js-sdk';
2 
3 // create an enforcer configuration
4 const config = {
5     px_app_id: "<APP_ID>",
6     px_auth_token: "<AUTH_TOKEN>",
7     px_cookie_secret: "<COOKIE_SECRET>"
8 };
9 
10 // create a new enforcer
11 const enforcer = new Enforcer(config);
12 
13 // define an HTTP trigger function
14 const httpTrigger = async (context: Context, req: HttpRequest) => {
15     // call enforce
16     const res = await enforcer.enforce(context, req);
17     if (res) {
18         // set response and exit if it exists
19         context.res = res;
20         return;
21     }
22 
23     // proxy request to origin, uses provided host and additional headers
24     // using 'x-forwarded-host' as host proxies the request back to Front Door
25     // setting 'x-enforcer-auth' to Front Door secret key bypasses enforcer
26     const response = await enforcer.proxyRequestToOrigin(req, req.headers['x-forwarded-host'], { 'x-enforcer-auth': process.env['SECRET_KEY'] });
27 
28     // call postEnforce and set the response
29     await enforcer.postEnforce(context, response);
30     context.res = response;
31 };
32 
33 export default httpTrigger;

constructor

Creates a new instance of the Enforcer class from a ConfigurationParams object.

1 constructor(params: ConfigurationParams) => Enforcer

Parameters
- params: ConfigurationParams
Returns a new instance of the Enforcer class

enforce

Executes the enforcement functionality, returning either null when the request should be passed to the origin, or an HttpResponse in the case of blocked or first-party requests.

1 enforce(context: Context, request: HttpRequest) => Promise<null | HttpResponse>

Parameters
- context: Context
- request: HttpRequest
Returns a Promise resolving to null or an HttpResponse

proxyRequestToOrigin

Sends the provided HttpRequest to the given origin and returns the response. The function automatically switches the Host header for the provided originHost value, and adds the other provided headers onto the request.

1 proxyRequestToOrigin(request: HttpRequest, originHost: string, headers?: Record<string, string>) => Promise<HttpResponse>

Parameters
- request: HttpRequest
- originHost: string
- headers?: Record<string, string>
Returns a Promise resolving to an HttpResponse

In the default HTTP trigger, the originHost is taken from the x-forwarded-host header since the request is sent back to the Front Door domain. The x-enforcer-auth header, signifying that the enforcer has validated the request, is added here as well.

postEnforce

Performs any post-enforcement processing actions and final modifications to (i.e., setting cookies or headers on) the response if needed.

1 postEnforce(context: Context, response: HttpResponse) => Promise<void>

Parameters
- context: Context
- response: HttpResponse
Returns a Promise that resolves to void

Azure API

See the following links for more specific information about the Azure JavaScript Functions API.