Support for Serpro captcha backend

Evandro Junior
1 parent 95f84d2d
Showing 4 changed files with 26 additions and 15 deletions Show diff stats
app/models/environment.rb
lib/noosfero/api/helpers.rb
lib/noosfero/api/session.rb
test/unit/api/helpers_test.rb
@@ -310,7 +310,7 @@ class Environment &lt; ActiveRecord::Base
  
   settings_items :signup_welcome_screen_body, :type => String
  
-  #Captcha setings
+  #Captcha settings
   settings_items :api_captcha_settings, :type => ActiveSupport::HashWithIndifferentAccess, :default => {}
  
   def has_custom_welcome_screen?
@@ -202,7 +202,6 @@
       def period(from_date, until_date)
         begin_period = from_date.nil? ? Time.at(0).to_datetime : from_date
         end_period = until_date.nil? ? DateTime.now : until_date
-
         begin_period..end_period
       end
  
@@ -211,7 +210,6 @@
       ##########################################
  
       def test_captcha(remote_ip, params, _environment = nil)
-        binding.pry
         environment ||= _environment
         d = environment.api_captcha_settings
         return true unless d[:enabled] == true
@@ -219,19 +217,20 @@
         if d[:provider] == 'google'
           raise ArgumentError, "Environment api_captcha_settings private_key not defined" if d[:private_key].nil?
           raise ArgumentError, "Environment api_captcha_settings version not defined" unless d[:version] == 1 || d[:version] == 2
-          raise ArgumentError, "Environment api_captcha_settings verify_uri not defined" if d[:verify_uri].nil?
           if d[:version]  == 1
+            d[:verify_uri] ||= 'https://www.google.com/recaptcha/api/verify'
             return verify_recaptcha_v1(remote_ip, d[:private_key], d[:verify_uri], params[:recaptcha_challenge_field], params[:recaptcha_response_field])
           end
           if d[:version] == 2
+            d[:verify_uri] ||= 'https://www.google.com/recaptcha/api/siteverify'
             return verify_recaptcha_v2(remote_ip, d[:private_key], d[:verify_uri], params[:g_recaptcha_response])
           end
         end
  
         if d[:provider] == 'serpro'
-          return verify_serpro_captcha(d[:serpro_client_id], params[:txtToken_captcha_serpro_gov_br], params[:captcha_text])
+          d[:verify_uri] ||= 'http://captcha.servicoscorporativos.serpro.gov.br'
+          return verify_serpro_captcha(d[:serpro_client_id], params[:txtToken_captcha_serpro_gov_br], params[:captcha_text], d[:verify_uri])
         end
-
         raise ArgumentError, "Environment api_captcha_settings provider not defined"
       end
  
@@ -256,7 +255,6 @@
       end
  
       def verify_recaptcha_v2(remote_ip, private_key, api_recaptcha_verify_uri, g_recaptcha_response)
-
         if g_recaptcha_response == nil
           return _('Missing captcha data')
         end
@@ -275,8 +273,7 @@
         captcha_result["success"] ? true : captcha_result
       end
  
-      def verify_serpro_captcha(client_id, token, captcha_text)
-        verify_uri = 'http://homcaptcha.servicoscorporativos.serpro.gov.br/captchavalidar/1.0.0/validar'
+      def verify_serpro_captcha(client_id, token, captcha_text, verify_uri)
         if token == nil || captcha_text == nil
           return _('Missing captcha data')
         end
@@ -41,7 +41,7 @@ module Noosfero
         attrs = attributes_for_keys [:email, :login, :password, :password_confirmation] + environment.signup_person_fields
         remote_ip = (request.respond_to?(:remote_ip) && request.remote_ip) || (env && env['REMOTE_ADDR'])
  
-        unless test_captcha(remote_ip, params) === true
+        if test_captcha(remote_ip, params, environment) != true
           render_api_error!(_('Please solve the test in order to register.'), 401)
           return
         end
@@ -163,7 +163,8 @@ class APIHelpersTest &lt; ActiveSupport::TestCase
  
   should 'do not test captcha when there are no settings' do
     environment = Environment.new
-    assert test_captcha("127.0.0.1", {}, environment)
+    stubs(:environment).returns(environment)
+    assert test_captcha("127.0.0.1", {})
   end
  
   should 'do not test captcha when captcha is disabled on settings' do
@@ -171,10 +172,10 @@ class APIHelpersTest &lt; ActiveSupport::TestCase
     environment.api_captcha_settings = {
         enabled: false,
     }
-    assert   test_captcha("127.0.0.1", {}, environment)
+    stubs(:environment).returns(environment)
+    assert test_captcha("127.0.0.1", {})
   end
  
-
   should 'fail display recaptcha v1' do
     environment = Environment.new
     environment.api_captcha_settings = {
@@ -185,7 +186,8 @@ class APIHelpersTest &lt; ActiveSupport::TestCase
         public_key:   '6LdsWAcTAAAAAChTUUD6yu9fCDhdIZzNd7F53zf-',
         verify_uri:   'https://www.google.com/recaptcha/api/verify',
     }
-    assert_equal test_captcha("127.0.0.1", {}, environment), "Missing captcha data"
+    stubs(:environment).returns(environment)
+    assert_equal test_captcha("127.0.0.1", {}), "Missing captcha data"
   end
  
   should 'fail display recaptcha v2' do
@@ -198,7 +200,19 @@ class APIHelpersTest &lt; ActiveSupport::TestCase
         public_key:   '6LdsWAcTAAAAAChTUUD6yu9fCDhdIZzNd7F53zf-',
         verify_uri:   'https://www.google.com/recaptcha/api/siteverify',
     }
-    assert_equal test_captcha("127.0.0.1", {}, environment), "Missing captcha data"
+    stubs(:environment).returns(environment)
+    assert_equal test_captcha("127.0.0.1", {}), "Missing captcha data"
+  end
+
+  should 'fail display Serpro captcha' do
+    environment = Environment.new
+    environment.api_captcha_settings = {
+        enabled: true,
+        provider: 'serpro',
+        serpro_client_id:  '0000000000000000',
+    }
+    stubs(:environment).returns(environment)
+    assert_equal test_captcha("127.0.0.1", {}), "Missing captcha data"
   end
  
   protected
...	...	@@ -310,7 +310,7 @@ class Environment < ActiveRecord::Base
310	310
311	311	settings_items :signup_welcome_screen_body, :type => String
312	312
313		- #Captcha setings
	313	+ #Captcha settings
314	314	settings_items :api_captcha_settings, :type => ActiveSupport::HashWithIndifferentAccess, :default => {}
315	315
316	316	def has_custom_welcome_screen?
...	...
...	...	@@ -202,7 +202,6 @@
202	202	def period(from_date, until_date)
203	203	begin_period = from_date.nil? ? Time.at(0).to_datetime : from_date
204	204	end_period = until_date.nil? ? DateTime.now : until_date
205		-
206	205	begin_period..end_period
207	206	end
208	207
...	...	@@ -211,7 +210,6 @@
211	210	##########################################
212	211
213	212	def test_captcha(remote_ip, params, _environment = nil)
214		- binding.pry
215	213	environment \|\|= _environment
216	214	d = environment.api_captcha_settings
217	215	return true unless d[:enabled] == true
...	...	@@ -219,19 +217,20 @@
219	217	if d[:provider] == 'google'
220	218	raise ArgumentError, "Environment api_captcha_settings private_key not defined" if d[:private_key].nil?
221	219	raise ArgumentError, "Environment api_captcha_settings version not defined" unless d[:version] == 1 \|\| d[:version] == 2
222		- raise ArgumentError, "Environment api_captcha_settings verify_uri not defined" if d[:verify_uri].nil?
223	220	if d[:version] == 1
	221	+ d[:verify_uri] \|\|= 'https://www.google.com/recaptcha/api/verify'
224	222	return verify_recaptcha_v1(remote_ip, d[:private_key], d[:verify_uri], params[:recaptcha_challenge_field], params[:recaptcha_response_field])
225	223	end
226	224	if d[:version] == 2
	225	+ d[:verify_uri] \|\|= 'https://www.google.com/recaptcha/api/siteverify'
227	226	return verify_recaptcha_v2(remote_ip, d[:private_key], d[:verify_uri], params[:g_recaptcha_response])
228	227	end
229	228	end
230	229
231	230	if d[:provider] == 'serpro'
232		- return verify_serpro_captcha(d[:serpro_client_id], params[:txtToken_captcha_serpro_gov_br], params[:captcha_text])
	231	+ d[:verify_uri] \|\|= 'http://captcha.servicoscorporativos.serpro.gov.br'
	232	+ return verify_serpro_captcha(d[:serpro_client_id], params[:txtToken_captcha_serpro_gov_br], params[:captcha_text], d[:verify_uri])
233	233	end
234		-
235	234	raise ArgumentError, "Environment api_captcha_settings provider not defined"
236	235	end
237	236
...	...	@@ -256,7 +255,6 @@
256	255	end
257	256
258	257	def verify_recaptcha_v2(remote_ip, private_key, api_recaptcha_verify_uri, g_recaptcha_response)
259		-
260	258	if g_recaptcha_response == nil
261	259	return _('Missing captcha data')
262	260	end
...	...	@@ -275,8 +273,7 @@
275	273	captcha_result["success"] ? true : captcha_result
276	274	end
277	275
278		- def verify_serpro_captcha(client_id, token, captcha_text)
279		- verify_uri = 'http://homcaptcha.servicoscorporativos.serpro.gov.br/captchavalidar/1.0.0/validar'
	276	+ def verify_serpro_captcha(client_id, token, captcha_text, verify_uri)
280	277	if token == nil \|\| captcha_text == nil
281	278	return _('Missing captcha data')
282	279	end
...	...
...	...	@@ -41,7 +41,7 @@ module Noosfero
41	41	attrs = attributes_for_keys [:email, :login, :password, :password_confirmation] + environment.signup_person_fields
42	42	remote_ip = (request.respond_to?(:remote_ip) && request.remote_ip) \|\| (env && env['REMOTE_ADDR'])
43	43
44		- unless test_captcha(remote_ip, params) === true
	44	+ if test_captcha(remote_ip, params, environment) != true
45	45	render_api_error!(_('Please solve the test in order to register.'), 401)
46	46	return
47	47	end
...	...
...	...	@@ -163,7 +163,8 @@ class APIHelpersTest < ActiveSupport::TestCase
163	163
164	164	should 'do not test captcha when there are no settings' do
165	165	environment = Environment.new
166		- assert test_captcha("127.0.0.1", {}, environment)
	166	+ stubs(:environment).returns(environment)
	167	+ assert test_captcha("127.0.0.1", {})
167	168	end
168	169
169	170	should 'do not test captcha when captcha is disabled on settings' do
...	...	@@ -171,10 +172,10 @@ class APIHelpersTest < ActiveSupport::TestCase
171	172	environment.api_captcha_settings = {
172	173	enabled: false,
173	174	}
174		- assert test_captcha("127.0.0.1", {}, environment)
	175	+ stubs(:environment).returns(environment)
	176	+ assert test_captcha("127.0.0.1", {})
175	177	end
176	178
177		-
178	179	should 'fail display recaptcha v1' do
179	180	environment = Environment.new
180	181	environment.api_captcha_settings = {
...	...	@@ -185,7 +186,8 @@ class APIHelpersTest < ActiveSupport::TestCase
185	186	public_key: '6LdsWAcTAAAAAChTUUD6yu9fCDhdIZzNd7F53zf-',
186	187	verify_uri: 'https://www.google.com/recaptcha/api/verify',
187	188	}
188		- assert_equal test_captcha("127.0.0.1", {}, environment), "Missing captcha data"
	189	+ stubs(:environment).returns(environment)
	190	+ assert_equal test_captcha("127.0.0.1", {}), "Missing captcha data"
189	191	end
190	192
191	193	should 'fail display recaptcha v2' do
...	...	@@ -198,7 +200,19 @@ class APIHelpersTest < ActiveSupport::TestCase
198	200	public_key: '6LdsWAcTAAAAAChTUUD6yu9fCDhdIZzNd7F53zf-',
199	201	verify_uri: 'https://www.google.com/recaptcha/api/siteverify',
200	202	}
201		- assert_equal test_captcha("127.0.0.1", {}, environment), "Missing captcha data"
	203	+ stubs(:environment).returns(environment)
	204	+ assert_equal test_captcha("127.0.0.1", {}), "Missing captcha data"
	205	+ end
	206	+
	207	+ should 'fail display Serpro captcha' do
	208	+ environment = Environment.new
	209	+ environment.api_captcha_settings = {
	210	+ enabled: true,
	211	+ provider: 'serpro',
	212	+ serpro_client_id: '0000000000000000',
	213	+ }
	214	+ stubs(:environment).returns(environment)
	215	+ assert_equal test_captcha("127.0.0.1", {}), "Missing captcha data"
202	216	end
203	217
204	218	protected
...	...