From fd3ae490e0141cb9cc5255ae34fec37370b7a31f Mon Sep 17 00:00:00 2001 From: Lakshan Date: Fri, 8 Sep 2023 09:25:25 +0530 Subject: [PATCH] Changes based on comments in recaptcha enterprise --- .../endpoint/impl/CaptchaApiServiceImpl.java | 32 +++----- .../conf/identity/captcha-config.properties | 3 - .../captcha/util/CaptchaConstants.java | 2 +- .../identity/captcha/util/CaptchaUtil.java | 80 +++++++++---------- .../captcha/util/CaptchaUtilTest.java | 4 +- 5 files changed, 52 insertions(+), 69 deletions(-) diff --git a/components/org.wso2.carbon.identity.api.user.recovery/src/main/java/org/wso2/carbon/identity/recovery/endpoint/impl/CaptchaApiServiceImpl.java b/components/org.wso2.carbon.identity.api.user.recovery/src/main/java/org/wso2/carbon/identity/recovery/endpoint/impl/CaptchaApiServiceImpl.java index 50d928c8ba..59dbef0170 100644 --- a/components/org.wso2.carbon.identity.api.user.recovery/src/main/java/org/wso2/carbon/identity/recovery/endpoint/impl/CaptchaApiServiceImpl.java +++ b/components/org.wso2.carbon.identity.api.user.recovery/src/main/java/org/wso2/carbon/identity/recovery/endpoint/impl/CaptchaApiServiceImpl.java @@ -20,7 +20,6 @@ import com.google.gson.JsonObject; import com.google.gson.JsonParser; import org.apache.commons.io.IOUtils; -import org.apache.commons.lang.StringUtils; import org.apache.commons.logging.Log; import org.apache.commons.logging.LogFactory; import org.apache.http.HttpEntity; @@ -90,34 +89,22 @@ public Response verifyCaptcha(ReCaptchaResponseTokenDTO reCaptchaResponse, Strin HttpEntity entity = response.getEntity(); ReCaptchaVerificationResponseDTO reCaptchaVerificationResponseDTO = new ReCaptchaVerificationResponseDTO(); - if (CaptchaConstants.RE_CAPTCHA_TYPE_ENTERPRISE.equals(reCaptchaType)) { - // For ReCaptcha Enterprise. + if (entity == null) { - RecoveryUtil.handleBadRequest("ReCaptcha Enterprise verification response is not received.", + RecoveryUtil.handleBadRequest("ReCaptcha verification response is not received.", Constants.STATUS_INTERNAL_SERVER_ERROR_MESSAGE_DEFAULT); } - try { - try (InputStream in = entity.getContent()) { - JsonObject verificationResponse = new JsonParser().parse(IOUtils.toString(in)).getAsJsonObject(); + try (InputStream in = entity.getContent()) { + JsonObject verificationResponse = new JsonParser().parse(IOUtils.toString(in)).getAsJsonObject(); + + if (CaptchaConstants.RE_CAPTCHA_TYPE_ENTERPRISE.equals(reCaptchaType)) { + // For Recaptcha Enterprise JsonObject tokenProperties = verificationResponse.get(CaptchaConstants.CAPTCHA_TOKEN_PROPERTIES) .getAsJsonObject(); boolean success = tokenProperties.get(CaptchaConstants.CAPTCHA_VALID).getAsBoolean(); reCaptchaVerificationResponseDTO.setSuccess(success); - } - } catch (IOException e) { - log.error("Unable to read the verification response.", e); - RecoveryUtil.handleBadRequest("Unable to read the verification response.", - Constants.STATUS_INTERNAL_SERVER_ERROR_MESSAGE_DEFAULT); - } - } else { - // For ReCaptcha v2 and v3. - try { - if (entity == null) { - RecoveryUtil.handleBadRequest("ReCaptcha verification response is not received.", - Constants.STATUS_INTERNAL_SERVER_ERROR_MESSAGE_DEFAULT); - } - try (InputStream in = entity.getContent()) { - JsonObject verificationResponse = new JsonParser().parse(IOUtils.toString(in)).getAsJsonObject(); + } else { + // For ReCaptcha v2 and v3. reCaptchaVerificationResponseDTO.setSuccess(verificationResponse.get( CaptchaConstants.CAPTCHA_SUCCESS).getAsBoolean()); } @@ -126,7 +113,6 @@ public Response verifyCaptcha(ReCaptchaResponseTokenDTO reCaptchaResponse, Strin RecoveryUtil.handleBadRequest("Unable to read the verification response.", Constants.STATUS_INTERNAL_SERVER_ERROR_MESSAGE_DEFAULT); } - } return Response.ok(reCaptchaVerificationResponseDTO).build(); } diff --git a/components/org.wso2.carbon.identity.api.user.recovery/src/test/resources/repository/conf/identity/captcha-config.properties b/components/org.wso2.carbon.identity.api.user.recovery/src/test/resources/repository/conf/identity/captcha-config.properties index b920c175db..7980a19a37 100644 --- a/components/org.wso2.carbon.identity.api.user.recovery/src/test/resources/repository/conf/identity/captcha-config.properties +++ b/components/org.wso2.carbon.identity.api.user.recovery/src/test/resources/repository/conf/identity/captcha-config.properties @@ -21,9 +21,6 @@ # Enable Google reCAPTCHA recaptcha.enabled=true -# Google reCAPTCHA type -recaptcha.type=default - # reCaptcha API URL recaptcha.api.url=https://www.google.com/recaptcha/api.js diff --git a/components/org.wso2.carbon.identity.captcha/src/main/java/org/wso2/carbon/identity/captcha/util/CaptchaConstants.java b/components/org.wso2.carbon.identity.captcha/src/main/java/org/wso2/carbon/identity/captcha/util/CaptchaConstants.java index fd9f284922..742865a234 100644 --- a/components/org.wso2.carbon.identity.captcha/src/main/java/org/wso2/carbon/identity/captcha/util/CaptchaConstants.java +++ b/components/org.wso2.carbon.identity.captcha/src/main/java/org/wso2/carbon/identity/captcha/util/CaptchaConstants.java @@ -76,7 +76,7 @@ public class CaptchaConstants { public static final String CAPTCHA_TOKEN_PROPERTIES = "tokenProperties"; public static final String CAPTCHA_RISK_ANALYSIS = "riskAnalysis"; // Captcha Types. - public static final String RE_CAPTCHA_TYPE_ENTERPRISE = "enterprise"; + public static final String RE_CAPTCHA_TYPE_ENTERPRISE = "recaptcha-enterprise"; // Default value for threshold for score in reCAPTCHA v3. public static final double CAPTCHA_V3_DEFAULT_THRESHOLD = 0.5; diff --git a/components/org.wso2.carbon.identity.captcha/src/main/java/org/wso2/carbon/identity/captcha/util/CaptchaUtil.java b/components/org.wso2.carbon.identity.captcha/src/main/java/org/wso2/carbon/identity/captcha/util/CaptchaUtil.java index 875b1e9e6f..3d005725f3 100644 --- a/components/org.wso2.carbon.identity.captcha/src/main/java/org/wso2/carbon/identity/captcha/util/CaptchaUtil.java +++ b/components/org.wso2.carbon.identity.captcha/src/main/java/org/wso2/carbon/identity/captcha/util/CaptchaUtil.java @@ -272,6 +272,46 @@ public static Map getClaimValues(User user, int tenantId, return claimValues; } + public static boolean isValidCaptcha(String reCaptchaResponse) throws CaptchaException { + + CloseableHttpClient httpclient = HttpClientBuilder.create().useSystemProperties().build(); + String reCaptchaType = CaptchaDataHolder.getInstance().getReCaptchaType(); + + HttpPost httpPost; + + // If the reCaptcha type is defined and, it is enterprise, the enterprise process will be done. Otherwise, + // the reCaptcha v2/v3 process will be done. + if (CaptchaConstants.RE_CAPTCHA_TYPE_ENTERPRISE.equals(reCaptchaType)) { + // For ReCaptcha Enterprise. + httpPost = createReCaptchaEnterpriseVerificationHttpPost(reCaptchaResponse); + } else { + // For ReCaptcha v2 and v3. + httpPost = createReCaptchaVerificationHttpPost(reCaptchaResponse); + } + + HttpResponse response; + try { + response = httpclient.execute(httpPost); + } catch (IOException e) { + throw new CaptchaServerException("Unable to get the verification response.", e); + } + + HttpEntity entity = response.getEntity(); + if (entity == null) { + throw new CaptchaServerException("reCaptcha verification response is not received."); + } + + if (CaptchaConstants.RE_CAPTCHA_TYPE_ENTERPRISE.equals(reCaptchaType)) { + // For ReCaptcha Enterprise. + verifyReCaptchaEnterpriseResponse(entity); + } else { + // For Recaptcha v2 and v3. + verifyReCaptchaResponse(entity); + } + + return true; + } + private static HttpPost createReCaptchaEnterpriseVerificationHttpPost(String reCaptchaResponse) { HttpPost httpPost; @@ -394,46 +434,6 @@ private static void verifyReCaptchaResponse(HttpEntity entity) } } - public static boolean isValidCaptcha(String reCaptchaResponse) throws CaptchaException { - - CloseableHttpClient httpclient = HttpClientBuilder.create().useSystemProperties().build(); - String reCaptchaType = CaptchaDataHolder.getInstance().getReCaptchaType(); - - HttpPost httpPost; - - // If the reCaptcha type is defined and, it is enterprise, the enterprise process will be done. Otherwise, - // the reCaptcha v2/v3 process will be done. - if (CaptchaConstants.RE_CAPTCHA_TYPE_ENTERPRISE.equals(reCaptchaType)) { - // For ReCaptcha Enterprise. - httpPost = createReCaptchaEnterpriseVerificationHttpPost(reCaptchaResponse); - } else { - // For ReCaptcha v2 and v3. - httpPost = createReCaptchaVerificationHttpPost(reCaptchaResponse); - } - - HttpResponse response; - try { - response = httpclient.execute(httpPost); - } catch (IOException e) { - throw new CaptchaServerException("Unable to get the verification response.", e); - } - - HttpEntity entity = response.getEntity(); - if (entity == null) { - throw new CaptchaServerException("reCaptcha verification response is not received."); - } - - if (CaptchaConstants.RE_CAPTCHA_TYPE_ENTERPRISE.equals(reCaptchaType)) { - // For ReCaptcha Enterprise. - verifyReCaptchaEnterpriseResponse(entity); - } else { - // For Recaptcha v2 and v3. - verifyReCaptchaResponse(entity); - } - - return true; - } - public static boolean isMaximumFailedLoginAttemptsReached(String usernameWithDomain, String tenantDomain) throws CaptchaException { diff --git a/components/org.wso2.carbon.identity.captcha/src/test/java/org/wso2/carbon/identity/captcha/util/CaptchaUtilTest.java b/components/org.wso2.carbon.identity.captcha/src/test/java/org/wso2/carbon/identity/captcha/util/CaptchaUtilTest.java index 5d6ee46624..a96cbe0c5d 100644 --- a/components/org.wso2.carbon.identity.captcha/src/test/java/org/wso2/carbon/identity/captcha/util/CaptchaUtilTest.java +++ b/components/org.wso2.carbon.identity.captcha/src/test/java/org/wso2/carbon/identity/captcha/util/CaptchaUtilTest.java @@ -22,7 +22,6 @@ import org.mockito.Mockito; import org.mockito.MockitoAnnotations; import org.testng.Assert; -import org.testng.annotations.AfterMethod; import org.testng.annotations.BeforeMethod; import org.testng.annotations.Test; import org.wso2.carbon.identity.captcha.internal.CaptchaDataHolder; @@ -32,7 +31,8 @@ import java.lang.reflect.InvocationTargetException; import java.lang.reflect.Method; -import static org.testng.Assert.*; + +import static org.testng.Assert.assertThrows; /** * Unit tests for CaptchaUtil.java