Added monitor mode

perimeterx/middleware.py

@@ -6,7 +6,7 @@
 import px_blocker
 import px_api
 import Cookie
-
+import px_constants
 
 class PerimeterX(object):
     def __init__(self, app, config=None):
@@ -15,8 +15,7 @@ def __init__(self, app, config=None):
         self.config = {
             'blocking_score': 60,
             'debug_mode': False,
-            'module_version': 'Python SDK v1.0.3',
-            'module_mode': 'active_monitoring',
+            'module_mode': 'monitor',
             'perimeterx_server_host': 'sapi.perimeterx.net',
             'captcha_enabled': True,
             'server_calls_enabled': True,
@@ -27,15 +26,15 @@ def __init__(self, app, config=None):
             'custom_logo': None,
             'css_ref': None,
             'js_ref': None,
-            'is_mobile': False
-        }
+            'is_mobile': False,
+            'monitor_mode': px_constants.MODULE_MODE_MONITORING,
+            }
 
         self.config = dict(self.config.items() + config.items())
         self.config['logger'] = logger = Logger(self.config['debug_mode'])
         if not config['app_id']:
             logger.error('PX App ID is missing')
             raise ValueError('PX App ID is missing')
-
         # if APP_ID is not set, use the deafult perimeterx server - else, use the appid specific sapi.
         self.config['perimeterx_server_host'] = 'sapi.perimeterx.net' if self.config['app_id'] == 'PX_APP_ID' else 'sapi-' + self.config['app_id'].lower() + '.perimeterx.net'
         if not config['auth_token']:
@@ -92,7 +91,7 @@ def handle_verification(self, ctx, config, environ, start_response):
         if config.get('custom_block_handler', False):
             px_activities_client.send_block_activity(ctx, config)
             return config['custom_block_handler'](ctx, start_response)
-        elif config.get('module_mode', 'active_monitoring') == 'active_blocking':
+        elif config.get('module_mode') == px_constants.MODULE_MODE_BLOCKING:
             return self.PXBlocker.handle_blocking(ctx=ctx, config=config, start_response=start_response)
         else:
             return self.pass_traffic(environ, start_response, ctx)

perimeterx/px_activities_client.py

@@ -2,6 +2,7 @@
 import px_httpc
 import threading
 import traceback, sys
+import px_constants
 
 ACTIVITIES_BUFFER = []
 CONFIG = {}
@@ -66,5 +67,13 @@ def send_block_activity(ctx, config):
     send_to_perimeterx('block', ctx, config, {
         'block_score': ctx.get('risk_score'),
         'client_uuid': ctx.get('uuid'),
-        'block_reason': ctx.get('block_reason')
+        'block_reason': ctx.get('block_reason'),
+        'http_method' : ctx.get('http_method'),
+        'http_version': ctx.get('http_version'),
+        'px_cookie': ctx.get('decoded_cookie'),
+        'risk_rtt': ctx.get('risk_rtt'),
+        #'cookie_origin':,
+        'module_version': px_constants.MODULE_VERSION,
+        'simulated_block': config.get('monitor_mode') is px_constants.MODULE_MODE_MONITORING
+
     })

perimeterx/px_api.py

@@ -1,5 +1,7 @@
 import sys
 import px_httpc
+import time
+
 
 
 def send_risk_request(ctx, config):
@@ -11,12 +13,17 @@ def verify(ctx, config):
     logger = config['logger']
     logger.debug("PXVerify")
     try:
+        start = time.time()
         response = send_risk_request(ctx, config)
+        risk_rtt = time.time() - start
+        logger.debug('Risk call took ' + str(risk_rtt) + 'ms')
+
         if response:
             score = response['score']
             ctx['score'] = score
             ctx['uuid'] = response['uuid']
             ctx['block_action'] = response['action']
+            ctx['risk_rtt'] = risk_rtt
             if score >= config['blocking_score']:
                 logger.debug("PXVerify block score threshold reached, will initiate blocking")
                 ctx['block_reason'] = 's2s_high_score'

perimeterx/px_constants.py

@@ -16,4 +16,7 @@
 CLIENT_FP_PATH = 'init.js'
 CAPTCHA_FP_PATH = 'captcha'
 XHR_FP_PATH = 'xhr'
+MODULE_MODE_BLOCKING = 'active_blocking'
+MODULE_MODE_MONITORING = 'monitor'
 
+MODULE_VERSION = 'Python WSGI Module v2.0.0'

perimeterx/px_context.py

@@ -57,6 +57,7 @@ def build_context(environ, config):
         'uri': uri,
         'hostname': hostname,
         'px_cookies': px_cookies,
-        'cookie_names': request_cookie_names
+        'cookie_names': request_cookie_names,
+        'risk_rtt': 0
     }
     return ctx

perimeterx/px_httpc.py

@@ -1,6 +1,5 @@
 import httplib
 import json
-import time
 
 http_client = None
 
@@ -17,17 +16,12 @@ def send(uri, body, config):
         'Content-Type': 'application/json'
     }
     try:
-        start = time.time()
         http_client.request('POST', uri, body=json.dumps(body), headers=headers)
         r = http_client.getresponse()
-
         if r.status != 200:
             logger.error('error posting server to server call ' + r.reason)
             return False
-
-        logger.debug('Server call took ' + str(time.time() - start) + 'ms')
         response_body = r.read()
-
         return json.loads(response_body)
     except httplib.HTTPException:
         init(config)