Documentation
¶
Index ¶
- Variables
- func IsCookieInvalidated(cookie string) bool
- func IsCookieValid(cookie string, requestCount int) bool
- func ParsePixelHtmlVar(reader io.Reader) (int, error)
- func ParsePixelScriptURL(reader io.Reader) (string, string, error)
- func ParsePixelScriptVar(reader io.Reader) (string, error)
- func ParseScriptPath(reader io.Reader) (string, error)
- type SecCptChallenge
Constants ¶
This section is empty.
Variables ¶
var ( ErrPixelHtmlVarNotFound = errors.New("hyper-sdk: pixel HTML var not found") ErrPixelScriptUrlNotFound = errors.New("hyper-sdk: script URL not found") ErrPixelScriptVarNotFound = errors.New("hyper-sdk: script var not found") )
var ( ErrSecCptParsing = errors.New("hyper-sdk: error parsing sec-cpt") ErrSecCptInvalidCookie = errors.New("hyper-sdk: malformed sec_cpt cookie") )
var (
ErrScriptPathNotFound = errors.New("hyper-sdk: script path not found")
)
Functions ¶
func IsCookieInvalidated ¶
IsCookieInvalidated determines if the current session requires more sensors to be sent.
Protected endpoints can invalidate a session by setting a new _abck cookie that ends in '~0~-1~-1' or similar. This function returns if such an invalidated cookie is present, if it is present you should be able to make the cookie valid again with only 1 sensor post.
func IsCookieValid ¶
IsCookieValid determines if the provided _abck cookie value is valid, based on Akamai Bot Manager's client-side stop signal mechanism using the given request count. If the result is true, the client is ADVISED to halt further sensor data submissions. Submitting further would still produce a valid cookie but is unnecessary.
The stop signal mechanism in the Akamai Bot Manager's client-side script informs a client that the cookie received is valid and that any additional submissions are superfluous.
However, some applications do not activate the stop signal feature. In such scenarios, the client will continue submitting data whenever a trigger event occurs. Under these circumstances, verifying the authenticity of a cookie without sending it to a secured endpoint becomes challenging.
func ParsePixelHtmlVar ¶
ParsePixelHtmlVar gets the required pixel challenge variable from the given HTML code src.
func ParsePixelScriptURL ¶
ParsePixelScriptURL gets the script URL of the pixel challenge script and the URL to post a generated payload to from the given HTML code src.
func ParsePixelScriptVar ¶
ParsePixelScriptVar gets the dynamic value from the pixel script
Types ¶
type SecCptChallenge ¶
type SecCptChallenge struct {
ChallengePath string
// contains filtered or unexported fields
}
func ParseSecCptChallenge ¶
func ParseSecCptChallenge(html io.Reader) (*SecCptChallenge, error)
ParseSecCptChallenge parses a sec-cpt challenge from an io.Reader.
The function extracts the challenge data, duration, and challenge path from the provided HTML content. It returns a *SecCptChallenge struct containing the parsed information and any error encountered during parsing.
Example usage:
html := `<iframe id="sec-cpt-if" provider="crypto" class="crypto" challenge="..." data-key="" data-duration=5 src="/_sec/cp_challenge/ak-challenge-4-3.htm"></iframe>`
challenge, err := ParseSecCptChallenge(strings.NewReader(html))
if err != nil {
// Handle the error
}
Parameters:
- reader: An io.Reader containing the HTML content with the sec-cpt challenge.
Returns:
- *SecCptChallenge: A pointer to a SecCptChallenge struct containing the parsed challenge data, duration, and challenge path.
- error: An error encountered during parsing, or nil if parsing was successful.
Errors:
- ErrSecCptParsing: Returned when there is an error parsing the sec-cpt challenge data.
- Other errors may be returned by the underlying io.Reader or JSON unmarshaling.
func ParseSecCptChallengeFromJson ¶ added in v1.0.1
func ParseSecCptChallengeFromJson(payload io.Reader) (*SecCptChallenge, error)
ParseSecCptChallengeFromJson parses a sec-cpt challenge from a JSON payload.
The function takes an io.Reader containing the JSON payload of the sec-cpt challenge and unmarshals it into a secCptApiResponse struct. It then extracts the necessary information from the struct to create a SecCptChallenge struct.
Example usage:
jsonPayload := `{"sec-cp-challenge":"true","provider":"crypto","branding_url_content":"/_sec/cp_challenge/crypto_message-4-3.htm","chlg_duration":30,"token":"AAQAAAAJ____9z_ZPsdHbk36hg2f6np2sGJDXmkwGmBiMBr_DDEmSWfi8Zt7BdtjWrNd9KD4DS_vim0VnK2wsa8tIC7XWsCshkvDF9J9Rf5EFwBU00c6SMXTaSNSTcDR-HVFGp3uAa67Mb3I6HeifXbjALcEomjcnwa9ZNQdDWuTAUTgNGbYw09A8AXIuP9DNv3QktUx488FV38Rm6xBXr66-MmD05hsBhucIYpLS_VCJVs9OFPnWsksPJ19ibw2K3fabfJbzIdB3Xv3J0kzLQ0gY7bpLRXK1oAcUTxNNsy-LQGe_lyV6INQ4ojPLGJpOTk","timestamp":1713283747,"nonce":"ebccdb479fcb92636fbc","difficulty":15000,"timeout":1000,"cpu":false}`
challenge, err := ParseSecCptChallengeFromJson(strings.NewReader(jsonPayload))
if err != nil {
// Handle the error
}
Parameters:
- payload: An io.Reader containing the JSON payload of the sec-cpt challenge.
Returns:
- *SecCptChallenge: A pointer to a SecCptChallenge struct containing the parsed challenge data, duration, and challenge path.
- error: An error encountered during parsing, or nil if parsing was successful.
Errors:
- Any error returned by the JSON unmarshaling process.
func (*SecCptChallenge) GenerateSecCptPayload ¶
func (s *SecCptChallenge) GenerateSecCptPayload(secCptCookie string) ([]byte, error)
GenerateSecCptPayload generates the payload for the sec-cpt challenge.
The function takes the sec_cpt cookie value as input and extracts the necessary information to generate the payload. It generates the answers for the challenge using the `generateSecCptAnswers` function and creates an ordered object containing the token and answers.
Example usage:
secCptCookie := "..."
payload, err := challenge.GenerateSecCptPayload(secCptCookie)
if err != nil {
// Handle the error
}
// Use the generated payload
fmt.Println(string(payload))
Parameters:
- secCptCookie: A string representing the value of the sec_cpt cookie.
Returns:
- []byte: The generated payload as a byte slice.
- error: An error encountered during payload generation, or nil if generation was successful.
Errors:
- errors.New("error parsing sec_cpt cookie"): Returned when the sec_cpt cookie is not in the expected format.
- Other errors may be returned by the underlying JSON marshaling.
func (*SecCptChallenge) Sleep ¶ added in v1.0.1
func (s *SecCptChallenge) Sleep()
Sleep sleeps for the duration specified in the sec-cpt challenge.
The function uses the `duration` field of the `SecCptChallenge` struct to determine the number of seconds to sleep. It blocks the current goroutine for the specified duration.
Example usage:
challenge, err := ParseSecCptChallenge(html)
if err != nil {
// Handle the error
}
challenge.Sleep()
Parameters:
- None
Returns:
- None
func (*SecCptChallenge) SleepWithContext ¶ added in v1.0.1
func (s *SecCptChallenge) SleepWithContext(ctx context.Context)
SleepWithContext sleeps for the duration specified in the sec-cpt challenge or until the provided context is done.
The function uses the `duration` field of the `SecCptChallenge` struct to determine the number of seconds to sleep. It creates a timer with the specified duration and waits for either the timer to expire or the provided context to be done. If the context is done before the timer expires, the timer is stopped to prevent it from firing.
Example usage:
challenge, err := ParseSecCptChallenge(html)
if err != nil {
// Handle the error
}
ctx, cancel := context.WithTimeout(context.Background(), 10*time.Second)
defer cancel()
challenge.SleepWithContext(ctx)
Parameters:
- ctx: A context.Context that can be used to cancel the sleep operation.
Returns:
- None
Source Files
Directories