Commit f42c8282dca903a6b4c3354221ceabcdff4e7549
1 parent
95f84d2d
Exists in
staging
and in
4 other branches
Support for Serpro captcha backend
Showing
4 changed files
with
26 additions
and
15 deletions
Show diff stats
app/models/environment.rb
| @@ -310,7 +310,7 @@ class Environment < ActiveRecord::Base | @@ -310,7 +310,7 @@ class Environment < ActiveRecord::Base | ||
| 310 | 310 | ||
| 311 | settings_items :signup_welcome_screen_body, :type => String | 311 | settings_items :signup_welcome_screen_body, :type => String |
| 312 | 312 | ||
| 313 | - #Captcha setings | 313 | + #Captcha settings |
| 314 | settings_items :api_captcha_settings, :type => ActiveSupport::HashWithIndifferentAccess, :default => {} | 314 | settings_items :api_captcha_settings, :type => ActiveSupport::HashWithIndifferentAccess, :default => {} |
| 315 | 315 | ||
| 316 | def has_custom_welcome_screen? | 316 | def has_custom_welcome_screen? |
lib/noosfero/api/helpers.rb
| @@ -202,7 +202,6 @@ | @@ -202,7 +202,6 @@ | ||
| 202 | def period(from_date, until_date) | 202 | def period(from_date, until_date) |
| 203 | begin_period = from_date.nil? ? Time.at(0).to_datetime : from_date | 203 | begin_period = from_date.nil? ? Time.at(0).to_datetime : from_date |
| 204 | end_period = until_date.nil? ? DateTime.now : until_date | 204 | end_period = until_date.nil? ? DateTime.now : until_date |
| 205 | - | ||
| 206 | begin_period..end_period | 205 | begin_period..end_period |
| 207 | end | 206 | end |
| 208 | 207 | ||
| @@ -211,7 +210,6 @@ | @@ -211,7 +210,6 @@ | ||
| 211 | ########################################## | 210 | ########################################## |
| 212 | 211 | ||
| 213 | def test_captcha(remote_ip, params, _environment = nil) | 212 | def test_captcha(remote_ip, params, _environment = nil) |
| 214 | - binding.pry | ||
| 215 | environment ||= _environment | 213 | environment ||= _environment |
| 216 | d = environment.api_captcha_settings | 214 | d = environment.api_captcha_settings |
| 217 | return true unless d[:enabled] == true | 215 | return true unless d[:enabled] == true |
| @@ -219,19 +217,20 @@ | @@ -219,19 +217,20 @@ | ||
| 219 | if d[:provider] == 'google' | 217 | if d[:provider] == 'google' |
| 220 | raise ArgumentError, "Environment api_captcha_settings private_key not defined" if d[:private_key].nil? | 218 | raise ArgumentError, "Environment api_captcha_settings private_key not defined" if d[:private_key].nil? |
| 221 | raise ArgumentError, "Environment api_captcha_settings version not defined" unless d[:version] == 1 || d[:version] == 2 | 219 | raise ArgumentError, "Environment api_captcha_settings version not defined" unless d[:version] == 1 || d[:version] == 2 |
| 222 | - raise ArgumentError, "Environment api_captcha_settings verify_uri not defined" if d[:verify_uri].nil? | ||
| 223 | if d[:version] == 1 | 220 | if d[:version] == 1 |
| 221 | + d[:verify_uri] ||= 'https://www.google.com/recaptcha/api/verify' | ||
| 224 | return verify_recaptcha_v1(remote_ip, d[:private_key], d[:verify_uri], params[:recaptcha_challenge_field], params[:recaptcha_response_field]) | 222 | return verify_recaptcha_v1(remote_ip, d[:private_key], d[:verify_uri], params[:recaptcha_challenge_field], params[:recaptcha_response_field]) |
| 225 | end | 223 | end |
| 226 | if d[:version] == 2 | 224 | if d[:version] == 2 |
| 225 | + d[:verify_uri] ||= 'https://www.google.com/recaptcha/api/siteverify' | ||
| 227 | return verify_recaptcha_v2(remote_ip, d[:private_key], d[:verify_uri], params[:g_recaptcha_response]) | 226 | return verify_recaptcha_v2(remote_ip, d[:private_key], d[:verify_uri], params[:g_recaptcha_response]) |
| 228 | end | 227 | end |
| 229 | end | 228 | end |
| 230 | 229 | ||
| 231 | if d[:provider] == 'serpro' | 230 | if d[:provider] == 'serpro' |
| 232 | - return verify_serpro_captcha(d[:serpro_client_id], params[:txtToken_captcha_serpro_gov_br], params[:captcha_text]) | 231 | + d[:verify_uri] ||= 'http://captcha.servicoscorporativos.serpro.gov.br' |
| 232 | + return verify_serpro_captcha(d[:serpro_client_id], params[:txtToken_captcha_serpro_gov_br], params[:captcha_text], d[:verify_uri]) | ||
| 233 | end | 233 | end |
| 234 | - | ||
| 235 | raise ArgumentError, "Environment api_captcha_settings provider not defined" | 234 | raise ArgumentError, "Environment api_captcha_settings provider not defined" |
| 236 | end | 235 | end |
| 237 | 236 | ||
| @@ -256,7 +255,6 @@ | @@ -256,7 +255,6 @@ | ||
| 256 | end | 255 | end |
| 257 | 256 | ||
| 258 | def verify_recaptcha_v2(remote_ip, private_key, api_recaptcha_verify_uri, g_recaptcha_response) | 257 | def verify_recaptcha_v2(remote_ip, private_key, api_recaptcha_verify_uri, g_recaptcha_response) |
| 259 | - | ||
| 260 | if g_recaptcha_response == nil | 258 | if g_recaptcha_response == nil |
| 261 | return _('Missing captcha data') | 259 | return _('Missing captcha data') |
| 262 | end | 260 | end |
| @@ -275,8 +273,7 @@ | @@ -275,8 +273,7 @@ | ||
| 275 | captcha_result["success"] ? true : captcha_result | 273 | captcha_result["success"] ? true : captcha_result |
| 276 | end | 274 | end |
| 277 | 275 | ||
| 278 | - def verify_serpro_captcha(client_id, token, captcha_text) | ||
| 279 | - verify_uri = 'http://homcaptcha.servicoscorporativos.serpro.gov.br/captchavalidar/1.0.0/validar' | 276 | + def verify_serpro_captcha(client_id, token, captcha_text, verify_uri) |
| 280 | if token == nil || captcha_text == nil | 277 | if token == nil || captcha_text == nil |
| 281 | return _('Missing captcha data') | 278 | return _('Missing captcha data') |
| 282 | end | 279 | end |
lib/noosfero/api/session.rb
| @@ -41,7 +41,7 @@ module Noosfero | @@ -41,7 +41,7 @@ module Noosfero | ||
| 41 | attrs = attributes_for_keys [:email, :login, :password, :password_confirmation] + environment.signup_person_fields | 41 | attrs = attributes_for_keys [:email, :login, :password, :password_confirmation] + environment.signup_person_fields |
| 42 | remote_ip = (request.respond_to?(:remote_ip) && request.remote_ip) || (env && env['REMOTE_ADDR']) | 42 | remote_ip = (request.respond_to?(:remote_ip) && request.remote_ip) || (env && env['REMOTE_ADDR']) |
| 43 | 43 | ||
| 44 | - unless test_captcha(remote_ip, params) === true | 44 | + if test_captcha(remote_ip, params, environment) != true |
| 45 | render_api_error!(_('Please solve the test in order to register.'), 401) | 45 | render_api_error!(_('Please solve the test in order to register.'), 401) |
| 46 | return | 46 | return |
| 47 | end | 47 | end |
test/unit/api/helpers_test.rb
| @@ -163,7 +163,8 @@ class APIHelpersTest < ActiveSupport::TestCase | @@ -163,7 +163,8 @@ class APIHelpersTest < ActiveSupport::TestCase | ||
| 163 | 163 | ||
| 164 | should 'do not test captcha when there are no settings' do | 164 | should 'do not test captcha when there are no settings' do |
| 165 | environment = Environment.new | 165 | environment = Environment.new |
| 166 | - assert test_captcha("127.0.0.1", {}, environment) | 166 | + stubs(:environment).returns(environment) |
| 167 | + assert test_captcha("127.0.0.1", {}) | ||
| 167 | end | 168 | end |
| 168 | 169 | ||
| 169 | should 'do not test captcha when captcha is disabled on settings' do | 170 | should 'do not test captcha when captcha is disabled on settings' do |
| @@ -171,10 +172,10 @@ class APIHelpersTest < ActiveSupport::TestCase | @@ -171,10 +172,10 @@ class APIHelpersTest < ActiveSupport::TestCase | ||
| 171 | environment.api_captcha_settings = { | 172 | environment.api_captcha_settings = { |
| 172 | enabled: false, | 173 | enabled: false, |
| 173 | } | 174 | } |
| 174 | - assert test_captcha("127.0.0.1", {}, environment) | 175 | + stubs(:environment).returns(environment) |
| 176 | + assert test_captcha("127.0.0.1", {}) | ||
| 175 | end | 177 | end |
| 176 | 178 | ||
| 177 | - | ||
| 178 | should 'fail display recaptcha v1' do | 179 | should 'fail display recaptcha v1' do |
| 179 | environment = Environment.new | 180 | environment = Environment.new |
| 180 | environment.api_captcha_settings = { | 181 | environment.api_captcha_settings = { |
| @@ -185,7 +186,8 @@ class APIHelpersTest < ActiveSupport::TestCase | @@ -185,7 +186,8 @@ class APIHelpersTest < ActiveSupport::TestCase | ||
| 185 | public_key: '6LdsWAcTAAAAAChTUUD6yu9fCDhdIZzNd7F53zf-', | 186 | public_key: '6LdsWAcTAAAAAChTUUD6yu9fCDhdIZzNd7F53zf-', |
| 186 | verify_uri: 'https://www.google.com/recaptcha/api/verify', | 187 | verify_uri: 'https://www.google.com/recaptcha/api/verify', |
| 187 | } | 188 | } |
| 188 | - assert_equal test_captcha("127.0.0.1", {}, environment), "Missing captcha data" | 189 | + stubs(:environment).returns(environment) |
| 190 | + assert_equal test_captcha("127.0.0.1", {}), "Missing captcha data" | ||
| 189 | end | 191 | end |
| 190 | 192 | ||
| 191 | should 'fail display recaptcha v2' do | 193 | should 'fail display recaptcha v2' do |
| @@ -198,7 +200,19 @@ class APIHelpersTest < ActiveSupport::TestCase | @@ -198,7 +200,19 @@ class APIHelpersTest < ActiveSupport::TestCase | ||
| 198 | public_key: '6LdsWAcTAAAAAChTUUD6yu9fCDhdIZzNd7F53zf-', | 200 | public_key: '6LdsWAcTAAAAAChTUUD6yu9fCDhdIZzNd7F53zf-', |
| 199 | verify_uri: 'https://www.google.com/recaptcha/api/siteverify', | 201 | verify_uri: 'https://www.google.com/recaptcha/api/siteverify', |
| 200 | } | 202 | } |
| 201 | - assert_equal test_captcha("127.0.0.1", {}, environment), "Missing captcha data" | 203 | + stubs(:environment).returns(environment) |
| 204 | + assert_equal test_captcha("127.0.0.1", {}), "Missing captcha data" | ||
| 205 | + end | ||
| 206 | + | ||
| 207 | + should 'fail display Serpro captcha' do | ||
| 208 | + environment = Environment.new | ||
| 209 | + environment.api_captcha_settings = { | ||
| 210 | + enabled: true, | ||
| 211 | + provider: 'serpro', | ||
| 212 | + serpro_client_id: '0000000000000000', | ||
| 213 | + } | ||
| 214 | + stubs(:environment).returns(environment) | ||
| 215 | + assert_equal test_captcha("127.0.0.1", {}), "Missing captcha data" | ||
| 202 | end | 216 | end |
| 203 | 217 | ||
| 204 | protected | 218 | protected |