Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Add reCaptcha enterprise support #684

Closed
wants to merge 11 commits into from
Closed

Add reCaptcha enterprise support #684

Show file tree
Hide file tree
Changes from 8 commits
Commits
Show all changes
11 commits
Select commit Hold shift + click to select a range
702ff81
add recaptcha-enterprise support
AwesomeNipun Apr 10, 2023
066439e
merge changes from wso2:master
AwesomeNipun Apr 19, 2023
419168c
add recaptcha-enterprise support
AwesomeNipun Apr 20, 2023
695cd10
Refactor code
AwesomeNipun Apr 24, 2023
aaa8aec
Merge branch 'wso2-extensions:master' into test-recaptcha
AwesomeNipun May 23, 2023
27a285a
Refactor code
AwesomeNipun May 29, 2023
0416a18
Merge branch 'wso2-extensions:master' into test-recaptcha
AwesomeNipun Jun 2, 2023
588fd18
Change code logic using reCaptcha type
AwesomeNipun Jun 5, 2023
6e70fe8
Add unit tests for CaptchaUtil and CaptchaApiServiceImpl
AwesomeNipun Jun 29, 2023
bf4d839
Remove default recaptcha type
AwesomeNipun Jun 29, 2023
1131829
Fix for CaptchaApiServiceImplTest failure
AwesomeNipun Jun 29, 2023
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
40 changes: 28 additions & 12 deletions ...y/src/gen/java/org/wso2/carbon/identity/recovery/endpoint/dto/ReCaptchaPropertiesDTO.java
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -10,18 +10,21 @@

@ApiModel(description = "")
public class ReCaptchaPropertiesDTO {



private Boolean reCaptchaEnabled = null;




private String reCaptchaType = null;


private String reCaptchaKey = null;


private String reCaptchaAPI = null;


/**
**/
@ApiModelProperty(value = "")
Expand All @@ -33,7 +36,19 @@ public void setReCaptchaEnabled(Boolean reCaptchaEnabled) {
this.reCaptchaEnabled = reCaptchaEnabled;
}



/**
**/
@ApiModelProperty(value = "")
@JsonProperty("reCaptchaType")
public String getReCaptchaType() {
return reCaptchaType;
}
public void setReCaptchaType(String reCaptchaType) {
this.reCaptchaType = reCaptchaType;
}


/**
**/
@ApiModelProperty(value = "")
Expand All @@ -45,7 +60,7 @@ public void setReCaptchaKey(String reCaptchaKey) {
this.reCaptchaKey = reCaptchaKey;
}


/**
**/
@ApiModelProperty(value = "")
Expand All @@ -57,14 +72,15 @@ public void setReCaptchaAPI(String reCaptchaAPI) {
this.reCaptchaAPI = reCaptchaAPI;
}



@Override
public String toString() {
StringBuilder sb = new StringBuilder();
sb.append("class ReCaptchaPropertiesDTO {\n");

sb.append(" reCaptchaEnabled: ").append(reCaptchaEnabled).append("\n");
sb.append(" reCaptchaEnterpriseEnabled: ").append(reCaptchaType).append("\n");
AwesomeNipun marked this conversation as resolved.
Show resolved Hide resolved
sb.append(" reCaptchaKey: ").append(reCaptchaKey).append("\n");
sb.append(" reCaptchaAPI: ").append(reCaptchaAPI).append("\n");
sb.append("}\n");
Expand Down
6 changes: 6 additions & 0 deletions ...recovery/src/main/java/org/wso2/carbon/identity/recovery/endpoint/Utils/RecoveryUtil.java
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -452,6 +452,7 @@ public static Properties getValidatedCaptchaConfigs() {
private static Properties validateCaptchaConfigs(Properties properties) {

boolean reCaptchaEnabled = Boolean.valueOf(properties.getProperty(CaptchaConstants.RE_CAPTCHA_ENABLED));
String reCaptchaType = properties.getProperty(CaptchaConstants.RE_CAPTCHA_TYPE);

if (reCaptchaEnabled && StringUtils.isBlank(properties.getProperty(CaptchaConstants.RE_CAPTCHA_SITE_KEY))) {
RecoveryUtil.handleBadRequest(String.format("%s is not found ", CaptchaConstants.RE_CAPTCHA_SITE_KEY),
Expand All @@ -469,6 +470,11 @@ private static Properties validateCaptchaConfigs(Properties properties) {
RecoveryUtil.handleBadRequest(String.format("%s is not found ", CaptchaConstants.RE_CAPTCHA_VERIFY_URL),
Constants.STATUS_INTERNAL_SERVER_ERROR_MESSAGE_DEFAULT);
}
if (!StringUtils.isBlank(reCaptchaType) && reCaptchaType.equals(CaptchaConstants.RE_CAPTCHA_TYPE_ENTERPRISE) &&
AwesomeNipun marked this conversation as resolved.
Show resolved Hide resolved
StringUtils.isBlank(properties.getProperty(CaptchaConstants.RE_CAPTCHA_PROJECT_ID))) {
RecoveryUtil.handleBadRequest(String.format("%s is not found ", CaptchaConstants
.RE_CAPTCHA_PROJECT_ID), Constants.STATUS_INTERNAL_SERVER_ERROR_MESSAGE_DEFAULT);
}
return properties;
}

Expand Down
46 changes: 37 additions & 9 deletions .../src/main/java/org/wso2/carbon/identity/recovery/endpoint/impl/CaptchaApiServiceImpl.java
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -20,6 +20,7 @@
import com.google.gson.JsonObject;
import com.google.gson.JsonParser;
import org.apache.commons.io.IOUtils;
import org.apache.commons.lang.StringUtils;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.apache.http.HttpEntity;
Expand All @@ -42,7 +43,6 @@
*/
public class CaptchaApiServiceImpl extends CaptchaApiService {

private static final String SUCCESS = "success";
private static final Log log = LogFactory.getLog(CaptchaApiServiceImpl.class);
private final String RECAPTCHA = "ReCaptcha";

Expand All @@ -55,6 +55,7 @@ public Response getCaptcha(String captchaType, String recoveryType, String tenan

Properties properties = RecoveryUtil.getValidatedCaptchaConfigs();
boolean reCaptchaEnabled = Boolean.valueOf(properties.getProperty(CaptchaConstants.RE_CAPTCHA_ENABLED));
String reCaptchaType = properties.getProperty(CaptchaConstants.RE_CAPTCHA_TYPE);
boolean forcefullyEnabledRecaptchaForAllTenants =
Boolean.valueOf(properties.getProperty(CaptchaConstants.FORCEFULLY_ENABLED_RECAPTCHA_FOR_ALL_TENANTS));
ReCaptchaPropertiesDTO reCaptchaPropertiesDTO = new ReCaptchaPropertiesDTO();
Expand All @@ -64,6 +65,9 @@ public Response getCaptcha(String captchaType, String recoveryType, String tenan
reCaptchaPropertiesDTO.setReCaptchaEnabled(true);
reCaptchaPropertiesDTO.setReCaptchaKey(properties.getProperty(CaptchaConstants.RE_CAPTCHA_SITE_KEY));
reCaptchaPropertiesDTO.setReCaptchaAPI(properties.getProperty(CaptchaConstants.RE_CAPTCHA_API_URL));
if (!StringUtils.isBlank(reCaptchaType)) {
AwesomeNipun marked this conversation as resolved.
Show resolved Hide resolved
reCaptchaPropertiesDTO.setReCaptchaType(reCaptchaType);
}
return Response.ok(reCaptchaPropertiesDTO).build();
} else {
reCaptchaPropertiesDTO.setReCaptchaEnabled(false);
Expand All @@ -80,6 +84,7 @@ public Response verifyCaptcha(ReCaptchaResponseTokenDTO reCaptchaResponse, Strin

Properties properties = RecoveryUtil.getValidatedCaptchaConfigs();
boolean reCaptchaEnabled = Boolean.valueOf(properties.getProperty(CaptchaConstants.RE_CAPTCHA_ENABLED));
String reCaptchaType = properties.getProperty(CaptchaConstants.RE_CAPTCHA_TYPE);

if (!reCaptchaEnabled) {
RecoveryUtil.handleBadRequest("ReCaptcha is disabled", Constants.INVALID);
Expand All @@ -89,20 +94,43 @@ public Response verifyCaptcha(ReCaptchaResponseTokenDTO reCaptchaResponse, Strin
HttpEntity entity = response.getEntity();
ReCaptchaVerificationResponseDTO reCaptchaVerificationResponseDTO = new ReCaptchaVerificationResponseDTO();

try {
if (StringUtils.isBlank(reCaptchaType) || reCaptchaType.equals(CaptchaConstants.
RE_CAPTCHA_TYPE_DEFAULT)){
AwesomeNipun marked this conversation as resolved.
Show resolved Hide resolved
// For ReCaptcha v2 and v3.
try {
if (entity == null) {
RecoveryUtil.handleBadRequest("ReCaptcha verification response is not received.",
Constants.STATUS_INTERNAL_SERVER_ERROR_MESSAGE_DEFAULT);
}
try (InputStream in = entity.getContent()) {
JsonObject verificationResponse = new JsonParser().parse(IOUtils.toString(in)).getAsJsonObject();
reCaptchaVerificationResponseDTO.setSuccess(verificationResponse.get(
CaptchaConstants.CAPTCHA_SUCCESS).getAsBoolean());
}
} catch (IOException e) {
log.error("Unable to read the verification response.", e);
RecoveryUtil.handleBadRequest("Unable to read the verification response.",
Constants.STATUS_INTERNAL_SERVER_ERROR_MESSAGE_DEFAULT);
}
} else if (reCaptchaType.equals(CaptchaConstants.RE_CAPTCHA_TYPE_ENTERPRISE)) {
// For ReCaptcha Enterprise.
if (entity == null) {
RecoveryUtil.handleBadRequest("ReCaptcha verification response is not received.",
RecoveryUtil.handleBadRequest("ReCaptcha Enterprise verification response is not received.",
Constants.STATUS_INTERNAL_SERVER_ERROR_MESSAGE_DEFAULT);
} else {
}
try {
try (InputStream in = entity.getContent()) {
JsonObject verificationResponse = new JsonParser().parse(IOUtils.toString(in)).getAsJsonObject();
reCaptchaVerificationResponseDTO.setSuccess(verificationResponse.get(SUCCESS).getAsBoolean());
JsonObject tokenProperties = verificationResponse.get(CaptchaConstants.CAPTCHA_TOKEN_PROPERTIES)
.getAsJsonObject();
boolean success = tokenProperties.get(CaptchaConstants.CAPTCHA_VALID).getAsBoolean();
reCaptchaVerificationResponseDTO.setSuccess(success);
}
} catch (IOException e) {
log.error("Unable to read the verification response.", e);
RecoveryUtil.handleBadRequest("Unable to read the verification response.",
Constants.STATUS_INTERNAL_SERVER_ERROR_MESSAGE_DEFAULT);
}
} catch (IOException e) {
log.error("Unable to read the verification response.", e);
RecoveryUtil.handleBadRequest("Unable to read the verification response.",
Constants.STATUS_INTERNAL_SERVER_ERROR_MESSAGE_DEFAULT);
}
return Response.ok(reCaptchaVerificationResponseDTO).build();
}
Expand Down
2 changes: 2 additions & 0 deletions .../org.wso2.carbon.identity.api.user.recovery/src/main/resources/api.identity.recovery.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -790,6 +790,8 @@ definitions:
properties:
reCaptchaEnabled:
type: boolean
reCaptchaType:
type: string
reCaptchaKey:
type: string
reCaptchaAPI:
Expand Down
3 changes: 3 additions & 0 deletions ...y.api.user.recovery/src/test/resources/repository/conf/identity/captcha-config.properties
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -21,6 +21,9 @@
# Enable Google reCAPTCHA
recaptcha.enabled=true

# Google reCAPTCHA type
recaptcha.type=default
AwesomeNipun marked this conversation as resolved.
Show resolved Hide resolved

# reCaptcha API URL
recaptcha.api.url=https://www.google.com/recaptcha/api.js

Expand Down
24 changes: 24 additions & 0 deletions ...ty.captcha/src/main/java/org/wso2/carbon/identity/captcha/internal/CaptchaDataHolder.java
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -37,6 +37,8 @@ public class CaptchaDataHolder {

private boolean reCaptchaEnabled;

private String reCaptchaType;

private String reCaptchaAPIUrl;

private String reCaptchaVerifyUrl;
Expand All @@ -45,6 +47,8 @@ public class CaptchaDataHolder {

private String reCaptchaSecretKey;

private String reCaptchaProjectID;

private String reCaptchaErrorRedirectUrls;

private String reCaptchaRequestWrapUrls;
Expand Down Expand Up @@ -84,6 +88,26 @@ public void setReCaptchaEnabled(boolean reCaptchaEnabled) {
this.reCaptchaEnabled = reCaptchaEnabled;
}

public String getReCaptchaType() {

return reCaptchaType;
}

public void setReCaptchaType(String reCaptchaType) {

this.reCaptchaType = reCaptchaType;
}

public String getReCaptchaProjectID() {

return reCaptchaProjectID;
}

public void setReCaptchaProjectID(String reCaptchaProjectID) {

this.reCaptchaProjectID = reCaptchaProjectID;
}

public String getReCaptchaAPIUrl() {
return reCaptchaAPIUrl;
}
Expand Down
10 changes: 10 additions & 0 deletions ...dentity.captcha/src/main/java/org/wso2/carbon/identity/captcha/util/CaptchaConstants.java
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -34,6 +34,8 @@ public class CaptchaConstants {

public static final String RE_CAPTCHA_ENABLED = "recaptcha.enabled";

public static final String RE_CAPTCHA_TYPE = "recaptcha.type";

public static final String FORCEFULLY_ENABLED_RECAPTCHA_FOR_ALL_TENANTS = "recaptcha" +
".forcefullyEnabledForAllTenants";

Expand All @@ -43,6 +45,8 @@ public class CaptchaConstants {

public static final String RE_CAPTCHA_SITE_KEY = "recaptcha.site.key";

public static final String RE_CAPTCHA_PROJECT_ID = "recaptcha.project.id";

public static final String RE_CAPTCHA_SECRET_KEY = "recaptcha.secret.key";

public static final String RE_CAPTCHA_REQUEST_WRAP_URLS = "recaptcha.request.wrap.urls";
Expand All @@ -66,6 +70,12 @@ public class CaptchaConstants {
public static final String AUTH_FAILURE_MSG = "authFailureMsg";
public static final String RECAPTCHA_FAIL_MSG_KEY = "recaptcha.fail.message";
public static final String TRUE = "true";
public static final String CAPTCHA_VALID = "valid";
public static final String CAPTCHA_TOKEN_PROPERTIES = "tokenProperties";
public static final String CAPTCHA_RISK_ANALYSIS = "riskAnalysis";
// Captcha Types.
public static final String RE_CAPTCHA_TYPE_DEFAULT = "default";
public static final String RE_CAPTCHA_TYPE_ENTERPRISE = "enterprise";

// Default value for threshold for score in reCAPTCHA v3.
public static final double CAPTCHA_V3_DEFAULT_THRESHOLD = 0.5;
Expand Down
Loading