embed google recaptcha lib (#83)

embed google recaptcha lib with php 8.4 support

Author: karser

.github/workflows/code_checks.yaml

@@ -43,7 +43,7 @@ jobs:
     runs-on: ubuntu-latest
     strategy:
       matrix:
-        php: ['7.1', '7.2', '7.4', '8.0', '8.1', '8.2', '8.3']
+        php: ['7.4', '8.0', '8.1', '8.2', '8.3', '8.4']
         symfony: ['^3.4', '^4.0', '^5.0', '^6.0', '^7.0']
         exclude:
           - symfony: ^3.4
@@ -52,26 +52,18 @@ jobs:
             php: 8.2
           - symfony: ^3.4
             php: 8.3
+          - symfony: ^3.4
+            php: 8.4
           - symfony: ^4.0
             php: 8.1
           - symfony: ^4.0
             php: 8.2
           - symfony: ^4.0
             php: 8.3
-          - symfony: ^5.0
-            php: 7.1
-          - symfony: ^6.0
-            php: 7.1
-          - symfony: ^6.0
-            php: 7.2
+          - symfony: ^4.0
+            php: 8.4
           - symfony: ^6.0
             php: 7.4
-          - symfony: ^6.0
-            php: 8.3
-          - symfony: ^7.0
-            php: 7.1
-          - symfony: ^7.0
-            php: 7.2
           - symfony: ^7.0
             php: 7.4
           - symfony: ^7.0

README.md

@@ -22,10 +22,7 @@ With [composer](https://getcomposer.org), require:
 
 `composer require karser/karser-recaptcha3-bundle`
 
-You can quickly configure this bundle by using symfony/flex:
-- answer **no** for `google/recaptcha` 
-- answer **yes** for `karser/karser-recaptcha3-bundle`
-![image](https://user-images.githubusercontent.com/1675033/73133604-d5a39a00-4033-11ea-9ef1-0fed12a8763b.png)
+You can quickly configure this bundle by using symfony/flex.
 
 Configuration without symfony/flex: 
 --------------------
@@ -265,7 +262,7 @@ App\Services\YourService:
 ```php
 #App/Services/YourService.php
 
-use ReCaptcha\ReCaptcha;
+use Karser\Recaptcha3Bundle\ReCaptcha\ReCaptcha;
 
 class YourService {
     private $reCaptcha;

ReCaptcha/ReCaptcha.php

@@ -0,0 +1,274 @@
+<?php
+/**
+ * This is a PHP library that handles calling reCAPTCHA.
+ *
+ * BSD 3-Clause License
+ * @copyright (c) 2019, Google Inc.
+ * @link https://www.google.com/recaptcha
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions are met:
+ * 1. Redistributions of source code must retain the above copyright notice, this
+ *    list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright notice,
+ *    this list of conditions and the following disclaimer in the documentation
+ *    and/or other materials provided with the distribution.
+ *
+ * 3. Neither the name of the copyright holder nor the names of its
+ *    contributors may be used to endorse or promote products derived from
+ *    this software without specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
+ * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
+ * DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
+ * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER
+ * CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
+ * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+ * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+namespace Karser\Recaptcha3Bundle\ReCaptcha;
+
+/**
+ * reCAPTCHA client.
+ */
+class ReCaptcha
+{
+    /**
+     * Version of this client library.
+     * @const string
+     */
+    public const VERSION = 'php_1.3.0';
+
+    /**
+     * URL for reCAPTCHA siteverify API
+     * @const string
+     */
+    public const SITE_VERIFY_URL = 'https://www.google.com/recaptcha/api/siteverify';
+
+    /**
+     * Invalid JSON received
+     * @const string
+     */
+    public const E_INVALID_JSON = 'invalid-json';
+
+    /**
+     * Could not connect to service
+     * @const string
+     */
+    public const E_CONNECTION_FAILED = 'connection-failed';
+
+    /**
+     * Did not receive a 200 from the service
+     * @const string
+     */
+    public const E_BAD_RESPONSE = 'bad-response';
+
+    /**
+     * Not a success, but no error codes received!
+     * @const string
+     */
+    public const E_UNKNOWN_ERROR = 'unknown-error';
+
+    /**
+     * ReCAPTCHA response not provided
+     * @const string
+     */
+    public const E_MISSING_INPUT_RESPONSE = 'missing-input-response';
+
+    /**
+     * Expected hostname did not match
+     * @const string
+     */
+    public const E_HOSTNAME_MISMATCH = 'hostname-mismatch';
+
+    /**
+     * Expected APK package name did not match
+     * @const string
+     */
+    public const E_APK_PACKAGE_NAME_MISMATCH = 'apk_package_name-mismatch';
+
+    /**
+     * Expected action did not match
+     * @const string
+     */
+    public const E_ACTION_MISMATCH = 'action-mismatch';
+
+    /**
+     * Score threshold not met
+     * @const string
+     */
+    public const E_SCORE_THRESHOLD_NOT_MET = 'score-threshold-not-met';
+
+    /**
+     * Challenge timeout
+     * @const string
+     */
+    public const E_CHALLENGE_TIMEOUT = 'challenge-timeout';
+
+    /**
+     * Shared secret for the site.
+     * @var string
+     */
+    private $secret;
+
+    /**
+     * Method used to communicate with service. Defaults to POST request.
+     * @var RequestMethod
+     */
+    private $requestMethod;
+
+    private $hostname;
+    private $apkPackageName;
+    private $action;
+    private $threshold;
+    private $timeoutSeconds;
+
+    /**
+     * Create a configured instance to use the reCAPTCHA service.
+     *
+     * @param ?string $secret The shared key between your site and reCAPTCHA.
+     * @param RequestMethod $requestMethod method used to send the request. Defaults to POST.
+     * @throws \RuntimeException if $secret is invalid
+     */
+    public function __construct(?string $secret, ?RequestMethod $requestMethod = null)
+    {
+        if (!is_string($secret)) {
+            throw new \RuntimeException('The provided secret must be a string');
+        }
+        if ('' === $secret) {
+            throw new \RuntimeException('No secret provided');
+        }
+
+        $this->secret = $secret;
+        $this->requestMethod = (is_null($requestMethod)) ? new RequestMethod\Post() : $requestMethod;
+    }
+
+    /**
+     * Calls the reCAPTCHA siteverify API to verify whether the user passes
+     * CAPTCHA test and additionally runs any specified additional checks
+     *
+     * @param string $response The user response token provided by reCAPTCHA, verifying the user on your site.
+     * @param string $remoteIp The end user's IP address.
+     * @return Response Response from the service.
+     */
+    public function verify(string $response, ?string $remoteIp = null)
+    {
+        // Discard empty solution submissions
+        if ('' === $response) {
+            $recaptchaResponse = new Response(false, array(self::E_MISSING_INPUT_RESPONSE));
+            return $recaptchaResponse;
+        }
+
+        $params = new RequestParameters($this->secret, $response, $remoteIp, self::VERSION);
+        $rawResponse = $this->requestMethod->submit($params);
+        $initialResponse = Response::fromJson($rawResponse);
+        $validationErrors = array();
+
+        if (isset($this->hostname) && strcasecmp($this->hostname, $initialResponse->getHostname()) !== 0) {
+            $validationErrors[] = self::E_HOSTNAME_MISMATCH;
+        }
+
+        if (isset($this->apkPackageName) && strcasecmp($this->apkPackageName, $initialResponse->getApkPackageName()) !== 0) {
+            $validationErrors[] = self::E_APK_PACKAGE_NAME_MISMATCH;
+        }
+
+        if (isset($this->action) && strcasecmp($this->action, $initialResponse->getAction()) !== 0) {
+            $validationErrors[] = self::E_ACTION_MISMATCH;
+        }
+
+        if (isset($this->threshold) && $this->threshold > $initialResponse->getScore()) {
+            $validationErrors[] = self::E_SCORE_THRESHOLD_NOT_MET;
+        }
+
+        if (isset($this->timeoutSeconds)) {
+            $challengeTs = strtotime($initialResponse->getChallengeTs());
+
+            if ($challengeTs > 0 && time() - $challengeTs > $this->timeoutSeconds) {
+                $validationErrors[] = self::E_CHALLENGE_TIMEOUT;
+            }
+        }
+
+        if ([] === $validationErrors) {
+            return $initialResponse;
+        }
+
+        return new Response(
+            false,
+            array_merge($initialResponse->getErrorCodes(), $validationErrors),
+            $initialResponse->getHostname(),
+            $initialResponse->getChallengeTs(),
+            $initialResponse->getApkPackageName(),
+            $initialResponse->getScore(),
+            $initialResponse->getAction()
+        );
+    }
+
+    /**
+     * Provide a hostname to match against in verify()
+     * This should be without a protocol or trailing slash, e.g. www.google.com
+     *
+     * @param string $hostname Expected hostname
+     * @return ReCaptcha Current instance for fluent interface
+     */
+    public function setExpectedHostname($hostname)
+    {
+        $this->hostname = $hostname;
+        return $this;
+    }
+
+    /**
+     * Provide an APK package name to match against in verify()
+     *
+     * @param string $apkPackageName Expected APK package name
+     * @return ReCaptcha Current instance for fluent interface
+     */
+    public function setExpectedApkPackageName($apkPackageName)
+    {
+        $this->apkPackageName = $apkPackageName;
+        return $this;
+    }
+
+    /**
+     * Provide an action to match against in verify()
+     * This should be set per page.
+     *
+     * @param string $action Expected action
+     * @return ReCaptcha Current instance for fluent interface
+     */
+    public function setExpectedAction($action)
+    {
+        $this->action = $action;
+        return $this;
+    }
+
+    /**
+     * Provide a threshold to meet or exceed in verify()
+     * Threshold should be a float between 0 and 1 which will be tested as response >= threshold.
+     *
+     * @param float $threshold Expected threshold
+     * @return ReCaptcha Current instance for fluent interface
+     */
+    public function setScoreThreshold($threshold)
+    {
+        $this->threshold = floatval($threshold);
+        return $this;
+    }
+
+    /**
+     * Provide a timeout in seconds to test against the challenge timestamp in verify()
+     *
+     * @param int $timeoutSeconds Expected hostname
+     * @return ReCaptcha Current instance for fluent interface
+     */
+    public function setChallengeTimeout($timeoutSeconds)
+    {
+        $this->timeoutSeconds = $timeoutSeconds;
+        return $this;
+    }
+}

ReCaptcha/RequestMethod.php

@@ -0,0 +1,49 @@
+<?php
+/**
+ * This is a PHP library that handles calling reCAPTCHA.
+ *
+ * BSD 3-Clause License
+ * @copyright (c) 2019, Google Inc.
+ * @link https://www.google.com/recaptcha
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions are met:
+ * 1. Redistributions of source code must retain the above copyright notice, this
+ *    list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright notice,
+ *    this list of conditions and the following disclaimer in the documentation
+ *    and/or other materials provided with the distribution.
+ *
+ * 3. Neither the name of the copyright holder nor the names of its
+ *    contributors may be used to endorse or promote products derived from
+ *    this software without specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
+ * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
+ * DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
+ * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER
+ * CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
+ * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+ * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+namespace Karser\Recaptcha3Bundle\ReCaptcha;
+
+/**
+ * Method used to send the request to the service.
+ */
+interface RequestMethod
+{
+    /**
+     * Submit the request with the specified parameters.
+     *
+     * @param RequestParameters $params Request parameters
+     * @return string Body of the reCAPTCHA response
+     */
+    public function submit(RequestParameters $params);
+}