security-package/issues/128: reCAPTCHA validation refactoring

ReCaptchaCheckout/composer.json

@@ -5,7 +5,6 @@
         "php": "~7.1.3||~7.2.0||~7.3.0",
         "magento/framework": "102.0.*",
         "magento/module-checkout": "*",
-        "magento/module-re-captcha-api": "*",
         "magento/module-re-captcha-ui": "*"
     },
     "type": "magento2-module",

ReCaptchaContact/composer.json

@@ -4,7 +4,6 @@
     "require": {
         "php": "~7.1.3||~7.2.0||~7.3.0",
         "magento/framework": "102.0.*",
-        "magento/module-re-captcha-api": "*",
         "magento/module-re-captcha-ui": "*"
     },
     "type": "magento2-module",

ReCaptchaCustomer/Observer/AjaxLoginObserver.php

@@ -94,7 +94,8 @@ public function execute(Observer $observer): void
             $reCaptchaResponse = $this->captchaResponseResolver->resolve($request);
             $validationConfig = $this->validationConfigResolver->get($key);
 
-            if (!$this->captchaValidator->isValid($reCaptchaResponse, $validationConfig)) {
+            $validationResult = $this->captchaValidator->isValid($reCaptchaResponse, $validationConfig);
+            if (false === $validationResult->isValid()) {
                 $this->actionFlag->set('', Action::FLAG_NO_DISPATCH, true);
 
                 $jsonPayload = $this->serializer->serialize([

ReCaptchaNewsletter/composer.json

@@ -4,7 +4,6 @@
     "require": {
         "php": "~7.1.3||~7.2.0||~7.3.0",
         "magento/framework": "102.0.*",
-        "magento/module-re-captcha-api": "*",
         "magento/module-re-captcha-ui": "*"
     },
     "type": "magento2-module",

ReCaptchaReview/composer.json

@@ -4,7 +4,6 @@
     "require": {
         "php": "~7.1.3||~7.2.0||~7.3.0",
         "magento/framework": "102.0.*",
-        "magento/module-re-captcha-api": "*",
         "magento/module-re-captcha-ui": "*"
     },
     "type": "magento2-module",

ReCaptchaSendFriend/composer.json

@@ -4,7 +4,6 @@
     "require": {
         "php": "~7.1.3||~7.2.0||~7.3.0",
         "magento/framework": "102.0.*",
-        "magento/module-re-captcha-api": "*",
         "magento/module-re-captcha-ui": "*"
     },
     "type": "magento2-module",

ReCaptchaUi/Model/RequestHandler.php

@@ -77,7 +77,8 @@ public function execute(
         $reCaptchaResponse = $this->captchaResponseResolver->resolve($request);
         $validationConfig = $this->validationConfigResolver->get($key);
 
-        if (false === $this->captchaValidator->isValid($reCaptchaResponse, $validationConfig)) {
+        $validationResult = $this->captchaValidator->isValid($reCaptchaResponse, $validationConfig);
+        if (false === $validationResult->isValid()) {
             $this->messageManager->addErrorMessage($validationConfig->getValidationFailureMessage());
             $this->actionFlag->set('', Action::FLAG_NO_DISPATCH, true);
 

ReCaptchaUser/Observer/LoginObserver.php

@@ -91,7 +91,8 @@ public function execute(Observer $observer): void
             $reCaptchaResponse = $this->captchaResponseResolver->resolve($this->request);
             $validationConfig = $this->validationConfigResolver->get($key);
 
-            if (false === $this->captchaValidator->isValid($reCaptchaResponse, $validationConfig)) {
+            $validationResult = $this->captchaValidator->isValid($reCaptchaResponse, $validationConfig);
+            if (false === $validationResult->isValid()) {
                 throw new AuthenticationException(__($validationConfig->getValidationFailureMessage()));
             }
         }

ReCaptchaValidation/Model/Validator.php

@@ -7,40 +7,67 @@
 
 namespace Magento\ReCaptchaValidation\Model;
 
+use Magento\Framework\Validation\ValidationResult;
+use Magento\Framework\Validation\ValidationResultFactory;
 use Magento\ReCaptchaValidationApi\Api\ValidatorInterface;
 use Magento\ReCaptchaValidationApi\Api\Data\ValidationConfigInterface;
+use Magento\ReCaptchaValidationApi\Model\ErrorMessages;
 use ReCaptcha\ReCaptcha;
 
 /**
- * @inheritDoc
+ * @inheritdoc
  */
 class Validator implements ValidatorInterface
 {
+    /**
+     * @var ValidationResultFactory
+     */
+    private $validationResultFactory;
+
+    /**
+     * @var ErrorMessages
+     */
+    private $errorMessages;
+
+    /**
+     * @param ValidationResultFactory $validationResultFactory
+     * @param ErrorMessages $errorMessages
+     */
+    public function __construct(
+        ValidationResultFactory $validationResultFactory,
+        ErrorMessages $errorMessages
+    ) {
+        $this->validationResultFactory = $validationResultFactory;
+        $this->errorMessages = $errorMessages;
+    }
+
     /**
      * @inheritdoc
      */
     public function isValid(
         string $reCaptchaResponse,
         ValidationConfigInterface $validationConfig
-    ): bool {
+    ): ValidationResult {
         $secret = $validationConfig->getPrivateKey();
 
-        if ($reCaptchaResponse) {
-            // @codingStandardsIgnoreStart
-            $reCaptcha = new ReCaptcha($secret);
-            // @codingStandardsIgnoreEnd
+        // @codingStandardsIgnoreStart
+        $reCaptcha = new ReCaptcha($secret);
+        // @codingStandardsIgnoreEnd
 
-            // Should use $validationConfig->getExtensionAttributes()
-            if (isset($options['threshold'])) {
-                $reCaptcha->setScoreThreshold($options['threshold']);
-            }
-            $res = $reCaptcha->verify($reCaptchaResponse, $validationConfig->getRemoteIp());
+        $extensionAttributes = $validationConfig->getExtensionAttributes();
+        if ($extensionAttributes && (null !== $extensionAttributes->getScoreThreshold())) {
+            $reCaptcha->setScoreThreshold($extensionAttributes->getScoreThreshold());
+        }
+        $result = $reCaptcha->verify($reCaptchaResponse, $validationConfig->getRemoteIp());
 
-            if ($res->isSuccess()) {
-                return true;
+        if ($result->isSuccess()) {
+            $validationResult = $this->validationResultFactory->create();
+        } else {
+            foreach ($result->getErrorCodes() as $errorCode) {
+                $validationErrors[] = $this->errorMessages->getErrorMessage($errorCode);
             }
+            $validationResult = $this->validationResultFactory->create(['errors' => $validationErrors]);
         }
-
-        return false;
+        return $validationResult;
     }
 }

ReCaptchaValidationApi/Api/ValidatorInterface.php

@@ -7,7 +7,7 @@
 
 namespace Magento\ReCaptchaValidationApi\Api;
 
-use Magento\Framework\Exception\LocalizedException;
+use Magento\Framework\Validation\ValidationResult;
 use Magento\ReCaptchaValidationApi\Api\Data\ValidationConfigInterface;
 
 /**
@@ -22,11 +22,10 @@ interface ValidatorInterface
      *
      * @param string $reCaptchaResponse
      * @param ValidationConfigInterface $validationConfig
-     * @return bool
-     * @throws LocalizedException
+     * @return ValidationResult
      */
     public function isValid(
         string $reCaptchaResponse,
         ValidationConfigInterface $validationConfig
-    ): bool;
+    ): ValidationResult;
 }

ReCaptchaValidationApi/Model/ErrorMessages.php

@@ -0,0 +1,40 @@
+<?php
+/**
+ * Copyright © Magento, Inc. All rights reserved.
+ * See COPYING.txt for license details.
+ */
+declare(strict_types=1);
+
+namespace Magento\ReCaptchaValidationApi\Model;
+
+/**
+ * Extension point for adding reCAPTCHA validation errors
+ *
+ * @api Class name should be used in DI for adding new validation errors
+ */
+class ErrorMessages
+{
+    /**
+     * @var array
+     */
+    private $errors;
+
+    /**
+     * @param array $errors
+     */
+    public function __construct(array $errors = [])
+    {
+        $this->errors = $errors;
+    }
+
+    /**
+     * Get error label
+     *
+     * @param string $key
+     * @return string
+     */
+    public function getErrorMessage(string $key): string
+    {
+        return $this->errors[$key] ?? $key;
+    }
+}

ReCaptchaValidationApi/etc/di.xml

@@ -0,0 +1,31 @@
+<?xml version="1.0"?>
+<!--
+/**
+ * Copyright © Magento, Inc. All rights reserved.
+ * See COPYING.txt for license details.
+ */
+ -->
+<config xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+        xsi:noNamespaceSchemaLocation="urn:magento:framework:ObjectManager/etc/config.xsd">
+    <type name="Magento\ReCaptchaValidationApi\Model\ErrorMessages">
+        <arguments>
+            <argument name="errors" xsi:type="array">
+                <item name="invalid-json" xsi:type="string" translatable="true">Invalid JSON received.</item>
+                <item name="connection-failed" xsi:type="string" translatable="true">Could not connect to service.</item>
+                <item name="bad-response" xsi:type="string" translatable="true">Did not receive a 200 from the service.</item>
+                <item name="unknown-error" xsi:type="string" translatable="true">Not a success, but no error codes received!</item>
+                <item name="missing-input-response" xsi:type="string" translatable="true">ReCAPTCHA response not provided.</item>
+                <item name="hostname-mismatch" xsi:type="string" translatable="true">Expected hostname did not match.</item>
+                <item name="apk_package_name-mismatch" xsi:type="string" translatable="true">Expected APK package name did not match.</item>
+                <item name="action-mismatch" xsi:type="string" translatable="true">Expected action did not match.</item>
+                <item name="score-threshold-not-met" xsi:type="string" translatable="true">Score threshold not met.</item>
+                <item name="challenge-timeout" xsi:type="string" translatable="true">Challenge timeout.</item>
+                <item name="missing-input-secret" xsi:type="string" translatable="true">The secret parameter is missing.</item>
+                <item name="invalid-input-secret" xsi:type="string" translatable="true">The secret parameter is invalid or malformed.</item>
+                <item name="invalid-input-response" xsi:type="string" translatable="true">The response parameter is invalid or malformed.</item>
+                <item name="bad-request" xsi:type="string" translatable="true">The request is invalid or malformed.</item>
+                <item name="timeout-or-duplicate" xsi:type="string" translatable="true">The response is no longer valid: either is too old or has been used previously.</item>
+            </argument>
+        </arguments>
+    </type>
+</config>

_metapackage/composer.json

@@ -23,18 +23,21 @@
         "magento/module-notifier-template": "*",
         "magento/module-notifier-template-admin-ui": "*",
         "magento/module-notifier-template-api": "*",
-        "magento/module-re-captcha-ui": "*",
-        "magento/module-re-captcha": "*",
         "magento/module-re-captcha-admin-ui": "*",
-        "magento/module-re-captcha-api": "*",
         "magento/module-re-captcha-checkout": "*",
         "magento/module-re-captcha-contact": "*",
-        "magento/module-re-captcha-customer":"*",
+        "magento/module-re-captcha-customer": "*",
         "magento/module-re-captcha-frontend-ui": "*",
         "magento/module-re-captcha-newsletter": "*",
         "magento/module-re-captcha-review": "*",
         "magento/module-re-captcha-send-friend": "*",
+        "magento/module-re-captcha-ui": "*",
         "magento/module-re-captcha-user": "*",
+        "magento/module-re-captcha-validation": "*",
+        "magento/module-re-captcha-validation-api": "*",
+        "magento/module-re-captcha-version-2-checkbox": "*",
+        "magento/module-re-captcha-version-2-invisible": "*",
+        "magento/module-re-captcha-version-3-invisible": "*",
         "magento/module-securitytxt": "*"
     }
 }