From 2017381d37c93a844acb964c1e6ff927402638e8 Mon Sep 17 00:00:00 2001
From: Rod Simpson <rod@apigee.com>
Date: Wed, 26 Nov 2014 10:33:00 -0700
Subject: [PATCH] Fixed recaptcha - USERGRID-257

---
 .../rest/management/users/UsersResource.java  | 38 ++++++++++++-------
 1 file changed, 24 insertions(+), 14 deletions(-)

diff --git a/stack/rest/src/main/java/org/apache/usergrid/rest/management/users/UsersResource.java b/stack/rest/src/main/java/org/apache/usergrid/rest/management/users/UsersResource.java
index 89d5468911..144a6de0d5 100644
--- a/stack/rest/src/main/java/org/apache/usergrid/rest/management/users/UsersResource.java
+++ b/stack/rest/src/main/java/org/apache/usergrid/rest/management/users/UsersResource.java
@@ -179,27 +179,37 @@ public Viewable handlePasswordResetForm( @Context UriInfo ui, @FormParam( "email
                 return handleViewable( "resetpw_email_form", this );
             }
 
-            ReCaptchaImpl reCaptcha = new ReCaptchaImpl();
-            reCaptcha.setPrivateKey( properties.getRecaptchaPrivate() );
+            //we don't require recaptcha - only use it if it is present in the props file
+            boolean reCaptchaPassed = false;
+            if ( useReCaptcha() ) {
 
-            ReCaptchaResponse reCaptchaResponse =
-                    reCaptcha.checkAnswer( httpServletRequest.getRemoteAddr(), challenge, uresponse );
+                ReCaptchaImpl reCaptcha = new ReCaptchaImpl();
+                reCaptcha.setPrivateKey(properties.getRecaptchaPrivate());
 
-            if ( !useReCaptcha() || reCaptchaResponse.isValid() ) {
-                user = management.findAdminUser( email );
-                if ( user != null ) {
-                    management.startAdminUserPasswordResetFlow( user );
-                    return handleViewable( "resetpw_email_success", this );
+                ReCaptchaResponse reCaptchaResponse =
+                        reCaptcha.checkAnswer(httpServletRequest.getRemoteAddr(), challenge, uresponse);
+
+                if (reCaptchaResponse.isValid()) {
+                    reCaptchaPassed = true;
                 }
-                else {
+            } else {
+                reCaptchaPassed = true;
+            }
+
+            if (reCaptchaPassed) {
+                user = management.findAdminUser(email);
+                if (user != null) {
+                    management.startAdminUserPasswordResetFlow(user);
+                    return handleViewable("resetpw_email_success", this);
+                } else {
                     errorMsg = "We don't recognize that email, try again...";
-                    return handleViewable( "resetpw_email_form", this );
+                    return handleViewable("resetpw_email_form", this);
                 }
-            }
-            else {
+            } else {
                 errorMsg = "Incorrect Captcha, try again...";
-                return handleViewable( "resetpw_email_form", this );
+                return handleViewable("resetpw_email_form", this);
             }
+            
         }
         catch ( RedirectionException e ) {
             throw e;