Merge pull request #176 from PerimeterX/feature/graphql-data-on-all-a…

…ctivities adding graphql fields to all activities, not just risk
PerimeterX · Jan 7, 2022 · 9ffd7f4 · 9ffd7f4
2 parents 32685bc + 084186e
commit 9ffd7f4
Show file tree

Hide file tree

Showing 3 changed files with 45 additions and 27 deletions.
diff --git a/CHANGELOG.md b/CHANGELOG.md
@@ -13,7 +13,7 @@ and this project adheres to [Semantic Versioning](http://semver.org/).
 
 ### Added
 
--   Sending graphql operation type and name on risk_api activity
+-   Sending graphql operation type and name on activities
 
 ## [3.7.5] - 2021-12-22
 

diff --git a/src/Perimeterx.php b/src/Perimeterx.php
@@ -139,11 +139,9 @@ public function pxVerify()
                 return 1;
             }
 
-            if (!is_null($this->pxFieldExtractorManager)) {
-                $extractedCredentials = $this->pxFieldExtractorManager->extractFields();
-            }
+            $additionalFields = $this->createAdditionalFields();
 
-            $pxCtx = new PerimeterxContext($this->pxConfig, $extractedCredentials);
+            $pxCtx = new PerimeterxContext($this->pxConfig, $additionalFields);
             $this->pxConfig['logger']->debug('Request context created successfully');
 
             $validator = new PerimeterxCookieValidator($pxCtx, $this->pxConfig);
@@ -399,11 +397,51 @@ public function getPxConfig()
      * @return PerimeterxFieldExtractorManager
      */
 
-     private function createFieldExtractorManager() {
+    private function createFieldExtractorManager() {
         if (empty($this->pxConfig['px_enable_login_creds_extraction']) || empty($this->pxConfig['px_login_creds_extraction'])) {
             return null;
         }
         $extractorMap = PerimeterxFieldExtractorManager::createExtractorMap($this->pxConfig['px_login_creds_extraction']);
         return new PerimeterxFieldExtractorManager($extractorMap, $this->pxConfig['logger']);
-     }
+    }
+
+    private function createAdditionalFields() {
+        $additionalFields = array();
+
+        if (!is_null($this->pxFieldExtractorManager)) {
+            $extractedCredentials = $this->pxFieldExtractorManager->extractFields();
+            if (isset($extractedCredentials)) {
+                $additionalFields = array_merge($additionalFields, $extractedCredentials);
+            }
+        }
+
+        if (strpos($_SERVER['REQUEST_URI'], "graphql") !== false) {
+            $graphqlFields = $this->extractGraphqlFields();
+            if (isset($graphqlFields)) {
+                $additionalFields = array_merge($additionalFields, [
+                    'graphql_operation_type' => $graphqlFields->getOperationType(),
+                    'graphql_operation_name' => $graphqlFields->getOperationName()
+                ]);
+            }
+        }
+
+        return $additionalFields;
+    }
+
+    private function extractGraphqlFields() {
+        try {
+            $this->pxConfig['logger']->debug("GraphQL endpoint identified");
+            $graphqlFields = GraphqlExtractor::ExtractGraphqlFields();
+            if (!is_null($graphqlFields)) {
+                $this->pxConfig['logger']->debug('Successfully extracted graphql fields');
+                return $graphqlFields;
+            } else {
+                $this->pxConfig['logger']->debug("Unable to extract graphql fields");
+                return null;
+            }
+        } catch (\Exception $e) {
+            $this->pxConfig['logger']->error('Exception while handling graphql body: ' . $e->getMessage());
+            return null;
+        }
+    }
 }
diff --git a/src/PerimeterxS2SValidator.php b/src/PerimeterxS2SValidator.php
@@ -70,10 +70,6 @@ private function prepareRiskRequestBody() {
             ]
         ];
 
-        if (strpos($this->pxCtx->getUri(), "graphql") !== false) {
-            $this->handleGraphqlRequest($requestBody);
-        }
-
         $pxvid = $this->pxCtx->getPxVidCookie();
         $vid = $this->pxCtx->getVid();
         $vid_source = "none";
@@ -143,22 +139,6 @@ private function prepareRiskRequestBody() {
         return $requestBody;
     }
 
-    private function handleGraphqlRequest(&$riskBody) {
-        try {
-            $this->pxConfig['logger']->debug("GraphQL endpoint identified");
-            $graphqlFields = GraphqlExtractor::ExtractGraphqlFields();
-            if (!is_null($graphqlFields)) {
-                $this->pxConfig['logger']->debug('Adding graphql fields to risk request');
-                $riskBody['additional']['graphql_operation_type'] = $graphqlFields->getOperationType();
-                $riskBody['additional']['graphql_operation_name'] = $graphqlFields->getOperationName();
-            } else {
-                $this->pxConfig['logger']->debug("Unable to extract graphql fields");
-            }
-        } catch (\Exception $e) {
-            $this->pxConfig['logger']->error('Exception while handling graphql body: ' . $e->getMessage());
-        }
-    }
-
     private function handle_valid_risk_response($response) 
     {
         $this->pxConfig['logger']->debug("Risk API response returned successfully, risk score: {$response->score}, round_trip_time: {$this->pxCtx->getRiskRtt()}");