2.2.2 • Published 6 years ago

akamaibmp-cordova-plugin v2.2.2

Weekly downloads
8
License
ISC
Repository
-
Last release
6 years ago

Akamai Bot Manager Premier Plugin for Cordova and Ionic

Akamai Bot Manager Premier (BMP) plugin for Cordova is a service to detect traffic generated by bots. For more information please refer Akamai BMP developer website

Installation

Prerequisites

Akamai BMP plugin requires the following minimum versions for Android and iOS

  • Android API 15 (Android 4.0.4) and above
  • iOS version 8.0 and above
  • Cordova version 6.5.0 and above
  • Ionic version 4.0 and above

Adding the plugin

To add the Akamai BMP plugin to your Cordova or Ionic app specify the npm package name akamaibmp-cordova-plugin of the plugin:

Cordova:

cordova plugin add akamaibmp-cordova-plugin

Ionic:

ionic cordova plugin add akamaibmp-cordova-plugin

Updating the plugin

To update the Akamai BMP plugin to the latest released version easily via the following command:

Cordova:

cordova plugin update

Ionic:

ionic cordova plugin update

For Ionic apps declare the plugin at the begining of your source file as:

declare var AkamaiBMP: any;

Integration

The BMP SDK collects behavioral data while the user is interacting with the application. The behavioral data, also known as sensor data, includes the device characteristics, device orientation, accelerometer data, touch events, etc. Akamai BMP SDK provides a simple API to detect bot activities and defend against malicious bot and account takeover.

Collect Sensor Data

The BMP SDK’s sensor data contains serialized user behavioral data and device information. However, the device information doesn’t contain any information that will identify this device uniquely. You can retrieve sensor data from the plugin by calling the AkamaiBMP.getSensorData method. Sensor data should be sent in the REST API request as detailed below.

Cordova:

// Get the BMP sensor data
AkamaiBMP.getSensorData(function (sd) {
	// send the sensor data in the API request
	});

Ionic:

// Get the BMP sensor data
AkamaiBMP.getSensorData(function (sd : String) {
	// send the sensor data in the API request
	});

Important: Call the getSensorData method only on REST API requests to URLs that will be configured for protection in Bot Manager Premier Mobile. Do not call the getSensorData method for non-protected URLs.

Send Sensor Data

After the sensor data is retrieved from the plugin, it should be sent in X-acf-sensor-data HTTP header as part your applications REST API (HTTP/S) request. We recommend using HTTPS for the REST API request to ensure the integrity of sensor data and prevent eavesdropping. Send the X-acf-sensor-data header ONLY on HTTP requests to URLs configured for protection in Bot Manager Premier Mobile. Do not send the header and sensor data on every HTTP request the app makes.

// Get the BMP sensor data
AkamaiBMP.getSensorData(function (sd) {
	// Set the sensor data header
	cordova.plugin.http.setHeader("X-acf-sensor-data", sd);
	});

Evaluate the Akamai Edge Response

Akamai edge server inspects sensor data and takes the predefined action on the request if the request is classified as BOT, otherwise Akamai sends the request to the origin server.

When the app makes a request, Akamai evaluates the sensor data at the edge. If the request is classified as human, the traffic continues to the origin server and the response is sent back to the app. If the request is BOT, there are two possible actions, monitor and deny.

  • If the action is monitor, the traffic is allowed and the request is sent to the origin server.
  • If the action is deny, a 403 HTTP response is sent back to the app, and the app should handle the situation and take appropriate action.

Logging

Akamai BMP plugin logs some messages at all log levels to verify the SDK initialization. These messages are helpful in identifying any integration issue and ensure the plugin is initialized successfully.

In addition to these messages, the plugin logs additional messages at info, warn and error levels, to verify and debug that the SDK is working correctly. The default log level for the plugin is set to log ​warning​ and ​error​ messages only.​ This behavior can be changed by calling setLogLevel API.

To set the log level, call AkamaiBMP.setLogLevel API with one of the log levels specified below:

  • AkamaiBMP.LOG_LEVEL_INFO - Print all messages
  • AkamaiBMP.LOG_LEVEL_WARN - (Default)​ Print warning and error messages only
  • AkamaiBMP.LOG_LEVEL_ERROR - Print error messages only
  • AkamaiBMP.LOG_LEVEL_NONE - Turn off all log messages from the SDK

For example, to see all messages:

// Set the log level to Info
AkamaiBMP.​setLogLevel(​AkamaiBMP.​INFO);

For further information please refer Akamai BMP SDK Documentation