cure-recaptcha 0.4.1

checksums.yaml

@@ -0,0 +1,7 @@
+---
+SHA1:
+  metadata.gz: 5f9b067367260a289398dd9afc46f91c49163d38
+  data.tar.gz: bf5581b12a643b557a916daaf4c9c61eafecd500
+SHA512:
+  metadata.gz: 40d1386d493d31c6f8781b19c9509220b2823c9fdb93e5966d87385807382edc03c746fb3987451e9ab7659fb0408d076c1ed89aab495b23705c00e532d6cbc0
+  data.tar.gz: ba4b195f4c3b123dbe8e7126fa03d80f20c97ec5fcd15ad2d302ff64d44f1a8522c7509193b010c95db469fbeec8704d5f2a2fa2abf0252202e563e89c198ca5

data/.gitignore

@@ -0,0 +1,8 @@
+rdoc
+pkg
+.ruby-gemset
+.ruby-version
+.bundle
+
+.gems
+.rbenv-gemsets

data/.travis.yml

@@ -0,0 +1,3 @@
+language: ruby
+rvm:
+  - 2.1.2

data/CHANGELOG

@@ -0,0 +1,41 @@
+== 0.3.6 / 2012-01-07
+
+* Many documentation changes
+* Fixed deprecations in dependencies
+* Protocol relative JS includes
+* Fixes for options hash
+* Fixes for failing tests
+
+== 0.3.5 / 2012-05-02
+
+* I18n for error messages
+* Rails: delete flash keys if unused
+
+== 0.3.4 / 2011-12-13
+
+* Rails 3
+* Remove jeweler
+
+== 0.2.2 / 2009-09-14
+
+* Add a timeout to the validator
+* Give the documentation some love
+
+== 0.2.1 / 2009-09-14
+
+* Removed Ambethia namespace, and restructured classes a bit
+* Added an example rails app in the example-rails branch
+
+== 0.2.0 / 2009-09-12
+
+* RecaptchaOptions AJAX API Fix
+* Added 'cucumber' as a test environment to skip
+* Ruby 1.9 compat fixes
+* Added option :message => 'Custom error message' to verify_recaptcha
+* Removed dependency on ActiveRecord constant
+* Add I18n
+
+== 0.1.0 / 2008-2-8
+
+* 1 major enhancement
+	* Initial Gem Release

data/Gemfile

@@ -0,0 +1,3 @@
+source 'https://rubygems.org'
+
+gemspec

data/Gemfile.lock

@@ -0,0 +1,52 @@
+PATH
+  remote: .
+  specs:
+    cure-recaptcha (0.4.1)
+
+GEM
+  remote: https://rubygems.org/
+  specs:
+    activesupport (4.1.8)
+      i18n (~> 0.6, >= 0.6.9)
+      json (~> 1.7, >= 1.7.7)
+      minitest (~> 5.1)
+      thread_safe (~> 0.1)
+      tzinfo (~> 1.1)
+    byebug (3.5.1)
+      columnize (~> 0.8)
+      debugger-linecache (~> 1.2)
+      slop (~> 3.6)
+    coderay (1.1.0)
+    columnize (0.8.9)
+    debugger-linecache (1.2.0)
+    i18n (0.6.11)
+    json (1.8.1)
+    metaclass (0.0.4)
+    method_source (0.8.2)
+    minitest (5.4.3)
+    mocha (1.1.0)
+      metaclass (~> 0.0.1)
+    pry (0.10.1)
+      coderay (~> 1.1.0)
+      method_source (~> 0.8.1)
+      slop (~> 3.4)
+    pry-byebug (2.0.0)
+      byebug (~> 3.4)
+      pry (~> 0.10)
+    rake (10.3.2)
+    slop (3.6.0)
+    thread_safe (0.3.4)
+    tzinfo (1.2.2)
+      thread_safe (~> 0.1)
+
+PLATFORMS
+  ruby
+
+DEPENDENCIES
+  activesupport
+  i18n
+  minitest (~> 5.0)
+  mocha
+  pry-byebug
+  rake
+  recaptcha!

data/LICENSE

@@ -0,0 +1,19 @@
+Copyright (c) 2007 Jason L Perry
+
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is
+furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in
+all copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
+THE SOFTWARE.

data/README.rdoc

@@ -0,0 +1,151 @@
+= reCAPTCHA
+
+Author::    Jason L Perry (http://ambethia.com)
+Copyright:: Copyright (c) 2007-2013 Jason L Perry
+License::   {MIT}[http://creativecommons.org/licenses/MIT/]
+Info::      http://github.com/ambethia/recaptcha
+Bugs::      http://github.com/ambethia/recaptcha/issues
+
+This plugin adds helpers for the {reCAPTCHA API}[https://www.google.com/recaptcha]. In your
+views you can use the +recaptcha_tags+ method to embed the needed javascript,
+and you can validate in your controllers with +verify_recaptcha+ or +verify_recaptcha!+,
+which throws an error on failiure.
+
+Beforehand you need to configure Recaptcha with your custom private and public
+key. You may find detailed examples below. Exceptions will be raised if you
+call these methods and the keys can't be found.
+
+== Rails Installation
+
+reCAPTCHA for Rails > 3.0, add this to your Gemfile:
+
+  gem "recaptcha", :require => "recaptcha/rails"
+
+Rails apps below 3.0 are no longer supported, but you can install an older
+release and view it's README.
+
+== Setting up your API Keys
+
+There are multiple ways to setup your reCAPTCHA API key once you
+{obtain}[https://www.google.com/recaptcha/admin] a pair.
+
+=== Recaptcha.configure
+
+You may use the block style configuration. The following code could be placed
+into a +config/initializers/recaptcha.rb+ when used in a Rails project.
+
+  Recaptcha.configure do |config|
+    config.public_key  = '6Lc6BAAAAAAAAChqRbQZcn_yyyyyyyyyyyyyyyyy'
+    config.private_key = '6Lc6BAAAAAAAAKN3DRm6VA_xxxxxxxxxxxxxxxxx'
+    # Uncomment the following line if you are using a proxy server:
+    # config.proxy = 'http://myproxy.com.au:8080'
+    # Uncomment if you want to use the newer version of the API,
+    # only works for versions >= 0.3.7:
+    # config.api_version = 'v2'
+  end
+
+This way, you may also set additional options to fit recaptcha into your
+deployment environment.
+
+== Recaptcha#with_configuration
+
+If you want to temporarily overwrite the configuration you set with `Recaptcha.configure` (when testing, for example), you can use a `Recaptcha#with_configuration` block:
+
+  Recaptcha.with_configuration(:public_key => '12345') do
+    # Do stuff with the overwritten public_key.
+  end
+
+=== Heroku & Shell environment
+
+Or, you can keep your keys out of your code base by exporting the following
+environment variables. You might do this in the .profile/rc, or equivalent for
+the user running your application. This would also be the preffered method
+in an Heroku deployment.
+
+  export RECAPTCHA_PUBLIC_KEY  = '6Lc6BAAAAAAAAChqRbQZcn_yyyyyyyyyyyyyyyyy'
+  export RECAPTCHA_PRIVATE_KEY = '6Lc6BAAAAAAAAKN3DRm6VA_xxxxxxxxxxxxxxxxx'
+
+=== Per call
+
+You can also pass in your keys as options at runtime, for example:
+
+  recaptcha_tags :public_key => '6Lc6BAAAAAAAAChqRbQZcn_yyyyyyyyyyyyyyyyy'
+
+and later,
+
+  verify_recaptcha :private_key => '6Lc6BAAAAAAAAKN3DRm6VA_xxxxxxxxxxxxxxxxx'
+
+This option might be useful, if the same code base is used for multiple
+reCAPTCHA setups.
+
+== To use 'recaptcha'
+
+Add +recaptcha_tags+ to each form you want to protect. Place it where you want the recaptcha widget to appear.
+
+Example:
+
+  <%= form_for @foo do |f| %>
+    # ... additional lines truncated for brevity ...
+    <%= recaptcha_tags %>
+    # ... additional lines truncated for brevity ...
+  <% end %>
+
+And, add +verify_recaptcha+ logic to each form action that you've protected.
+
+=== +recaptcha_tags+
+
+Some of the options available:
+
+<tt>:ssl</tt>::         Uses secure http for captcha widget (default +false+, but can be changed by setting +config.use_ssl_by_default+)
+<tt>:noscript</tt>::    Include <noscript> content (default +true+)
+<tt>:display</tt>::     Takes a hash containing the +theme+ and +tabindex+ options per the API. (default +nil+), options: 'red', 'white', 'blackglass', 'clean', 'custom'
+<tt>:ajax</tt>::        Render the dynamic AJAX captcha per the API. (default +false+)
+<tt>:public_key</tt>::  Your public API key, takes precedence over the ENV variable (default +nil+)
+<tt>:error</tt>::       Override the error code returned from the reCAPTCHA API (default +nil+)
+
+You can also override the html attributes for the sizes of the generated +textarea+ and +iframe+
+elements, if CSS isn't your thing. Inspect the source of +recaptcha_tags+ to see these options.
+
+=== +verify_recaptcha+
+
+This method returns +true+ or +false+ after processing the parameters from the reCAPTCHA widget. Why
+isn't this a model validation? Because that violates MVC. You can use it like this, or how ever you
+like. Passing in the ActiveRecord object is optional, if you do--and the captcha fails to verify--an
+error will be added to the object for you to use.
+
+Some of the options available:
+
+<tt>:model</tt>::       Model to set errors
+<tt>:attribute</tt>::   Model attribute to receive errors (default :base)
+<tt>:message</tt>::     Custom error message
+<tt>:private_key</tt>:: Your private API key, takes precedence over the ENV variable (default +nil+).
+<tt>:timeout</tt>::     The number of seconds to wait for reCAPTCHA servers before give up. (default +3+)
+
+  respond_to do |format|
+    if verify_recaptcha(:model => @post, :message => "Oh! It's error with reCAPTCHA!") && @post.save
+      # ...
+    else
+      # ...
+    end
+  end
+
+== I18n support
+reCAPTCHA passes two types of error explanation to a linked model. It will use the I18n gem
+to translate the default error message if I18n is available. To customize the messages to your locale,
+add these keys to your I18n backend:
+
+<tt>recaptcha.errors.verification_failed</tt>:: error message displayed if the captcha words didn't match
+<tt>recaptcha.errors.recaptcha_unreachable</tt>:: displayed if a timeout error occured while attempting to verify the captcha
+
+Also you can translate API response errors to human friendly by adding translations to the locale (+config/locales/en.yml+):
+
+  en:
+    recaptcha:
+      errors:
+        incorrect-captcha-sol: 'Fail'
+
+== TODO
+* Remove Rails/ActionController dependencies
+* Framework agnostic
+* Add some helpers to use in before_filter and what not
+* Better documentation

data/Rakefile

@@ -0,0 +1,8 @@
+require "bundler/gem_tasks"
+require "rake/testtask"
+
+Rake::TestTask.new do |t|
+  t.test_files = FileList['test/*_test.rb']
+end
+
+task :default => :test

data/init.rb

@@ -0,0 +1,5 @@
+# Rails plugin initialization.
+# You can also install it as a gem:
+#   config.gem "ambethia-recaptcha", :lib => "recaptcha/rails", :source => "http://gems.github.com"
+
+require 'recaptcha/rails'

data/lib/recaptcha.rb

@@ -0,0 +1,66 @@
+require 'recaptcha/configuration'
+require 'recaptcha/client_helper'
+require 'recaptcha/verify'
+
+module Recaptcha
+  CONFIG =
+    {
+      'v1' => {
+        'server_url' => '//www.google.com/recaptcha/api',
+        'secure_server_url' => 'https://www.google.com/recaptcha/api',
+        'verify_url' => 'http://www.google.com/recaptcha/api/verify'
+      },
+
+      'v2' => {
+        'server_url' => '//www.google.com/recaptcha/api.js',
+        'secure_server_url' => 'https://www.google.com/recaptcha/api.js',
+        'verify_url' => 'https://www.google.com/recaptcha/api/siteverify'
+      }
+    }
+
+  RECAPTCHA_API_VERSION           = 'v2' 
+  USE_SSL_BY_DEFAULT              = false
+  HANDLE_TIMEOUTS_GRACEFULLY      = true
+  SKIP_VERIFY_ENV = ['test', 'cucumber']
+
+  # Gives access to the current Configuration.
+  def self.configuration
+    @configuration ||= Configuration.new
+  end
+
+  # Allows easy setting of multiple configuration options. See Configuration
+  # for all available options.
+  #--
+  # The temp assignment is only used to get a nicer rdoc. Feel free to remove
+  # this hack.
+  #++
+  def self.configure
+    config = configuration
+    yield(config)
+  end
+
+  def self.with_configuration(config)
+    original_config = {}
+
+    config.each do |key, value|
+      original_config[key] = configuration.send(key)
+      configuration.send("#{key}=", value)
+    end
+
+    result = yield if block_given?
+
+    original_config.each { |key, value| configuration.send("#{key}=", value) }
+    result
+  end
+
+  class RecaptchaError < StandardError
+  end
+
+  class VerifyError < RecaptchaError
+  end
+
+end
+
+if defined?(Rails)
+  require 'recaptcha/rails'
+end

data/lib/recaptcha/client_helper.rb

@@ -0,0 +1,121 @@
+module Recaptcha
+  module ClientHelper
+    # Your public API can be specified in the +options+ hash or preferably
+    # using the Configuration.
+    def recaptcha_tags(options = {})
+      return v1_tags(options) if Recaptcha.configuration.v1?
+      return v2_tags(options) if Recaptcha.configuration.v2?
+    end # recaptcha_tags
+
+    def v1_tags(options)
+      # Default options
+      key   = options[:public_key] ||= Recaptcha.configuration.public_key
+      raise RecaptchaError, "No public key specified." unless key
+      error = options[:error] ||= ((defined? flash) ? flash[:recaptcha_error] : "")
+      uri   = Recaptcha.configuration.api_server_url(options[:ssl])
+      lang  = options[:display] && options[:display][:lang] ? options[:display][:lang].to_sym : ""
+      html  = ""
+      if options[:display]
+        html << %{<script type="text/javascript">\n}
+        html << %{  var RecaptchaOptions = #{hash_to_json(options[:display])};\n}
+        html << %{</script>\n}
+      end
+      if options[:ajax]
+        if options[:display] && options[:display][:custom_theme_widget]
+          widget = options[:display][:custom_theme_widget]
+        else
+          widget = "dynamic_recaptcha"
+          html << <<-EOS
+           <div id="#{widget}"></div>
+          EOS
+        end
+        html << <<-EOS
+          <script type="text/javascript">
+            var rc_script_tag = document.createElement('script'),
+                rc_init_func = function(){Recaptcha.create("#{key}", document.getElementById("#{widget}")#{',RecaptchaOptions' if options[:display]});}
+            rc_script_tag.src = "#{uri}/js/recaptcha_ajax.js";
+            rc_script_tag.type = 'text/javascript';
+            rc_script_tag.onload = function(){rc_init_func.call();};
+            rc_script_tag.onreadystatechange = function(){
+              if (rc_script_tag.readyState == 'loaded' || rc_script_tag.readyState == 'complete') {rc_init_func.call();}
+            };
+            (document.getElementsByTagName('head')[0] || document.getElementsByTagName('body')[0]).appendChild(rc_script_tag);
+          </script>
+        EOS
+      else
+        html << %{<script type="text/javascript" src="#{uri}/challenge?k=#{key}}
+        html << %{#{error ? "&amp;error=#{CGI::escape(error)}" : ""}}
+        html << %{#{lang ? "&amp;lang=#{lang}" : ""}"></script>\n}
+        unless options[:noscript] == false
+          html << %{<noscript>\n  }
+          html << %{<iframe src="#{uri}/noscript?k=#{key}" }
+          html << %{height="#{options[:iframe_height] ||= 300}" }
+          html << %{width="#{options[:iframe_width]   ||= 500}" }
+          html << %{style="border:none;"></iframe><br/>\n  }
+          html << %{<textarea name="recaptcha_challenge_field" }
+          html << %{rows="#{options[:textarea_rows] ||= 3}" }
+          html << %{cols="#{options[:textarea_cols] ||= 40}"></textarea>\n  }
+          html << %{<input type="hidden" name="recaptcha_response_field" value="manual_challenge"/>}
+          html << %{</noscript>\n}
+        end
+      end
+      return (html.respond_to?(:html_safe) && html.html_safe) || html
+    end
+
+    def v2_tags(options)
+      key   = options[:public_key] ||= Recaptcha.configuration.public_key
+      raise RecaptchaError, "No public key specified." unless key
+      error = options[:error] ||= ((defined? flash) ? flash[:recaptcha_error] : "")
+      uri   = Recaptcha.configuration.api_server_url(options[:ssl])
+      uri += "?hl=#{options[:hl]}" unless options[:hl].blank?
+      
+      v2_options = options.slice(:theme, :type, :callback).map {|k,v| %{data-#{k}="#{v}"} }.join(" ")
+
+      html = ""
+      html << %{<script src="#{uri}" async defer></script>\n}
+      html << %{<div class="g-recaptcha" data-sitekey="#{key}" #{v2_options}></div>\n}
+    
+      unless options[:noscript] == false
+        fallback_uri = "#{uri.chomp('.js')}/fallback?k=#{key}"
+        html << %{<noscript>}
+        html << %{<div style="width: 302px; height: 352px;">}
+        html << %{  <div style="width: 302px; height: 352px; position: relative;">}
+        html << %{    <div style="width: 302px; height: 352px; position: absolute;">}
+        html << %{      <iframe src="#{fallback_uri}"}
+        html << %{                frameborder="0" scrolling="no"}
+        html << %{                style="width: 302px; height:352px; border-style: none;">}
+        html << %{        </iframe>}
+        html << %{      </div>}
+        html << %{      <div style="width: 250px; height: 80px; position: absolute; border-style: none; }
+        html << %{             bottom: 21px; left: 25px; margin: 0px; padding: 0px; right: 25px;">}
+        html << %{        <textarea id="g-recaptcha-response" name="g-recaptcha-response" }
+        html << %{                  class="g-recaptcha-response" }
+        html << %{                  style="width: 250px; height: 80px; border: 1px solid #c1c1c1; }
+        html << %{                  margin: 0px; padding: 0px; resize: none;" value=""> }
+        html << %{        </textarea>}
+        html << %{      </div>}
+        html << %{    </div>}
+        html << %{  </div>}
+        html << %{</noscript>}
+      end
+
+      return (html.respond_to?(:html_safe) && html.html_safe) || html
+    end
+
+    private
+
+    def hash_to_json(hash)
+      result = "{"
+      result << hash.map do |k, v|
+        if v.is_a?(Hash)
+          "\"#{k}\": #{hash_to_json(v)}"
+        elsif ! v.is_a?(String) || k.to_s == "callback"
+          "\"#{k}\": #{v}"
+        else
+          "\"#{k}\": \"#{v}\""
+        end
+      end.join(", ")
+      result << "}"
+    end
+  end # ClientHelper
+end # Recaptcha

data/lib/recaptcha/configuration.rb

@@ -0,0 +1,74 @@
+module Recaptcha
+  # This class enables detailed configuration of the recaptcha services.
+  #
+  # By calling
+  #
+  #   Recaptcha.configuration # => instance of Recaptcha::Configuration
+  #
+  # or
+  #   Recaptcha.configure do |config|
+  #     config # => instance of Recaptcha::Configuration
+  #   end
+  #
+  # you are able to perform configuration updates.
+  #
+  # Your are able to customize all attributes listed below. All values have
+  # sensitive default and will very likely not need to be changed.
+  #
+  # Please note that the public and private key for the reCAPTCHA API Access
+  # have no useful default value. The keys may be set via the Shell enviroment
+  # or using this configuration. Settings within this configuration always take
+  # precedence.
+  #
+  # Setting the keys with this Configuration
+  #
+  #   Recaptcha.configure do |config|
+  #     config.public_key  = '6Lc6BAAAAAAAAChqRbQZcn_yyyyyyyyyyyyyyyyy'
+  #     config.private_key = '6Lc6BAAAAAAAAKN3DRm6VA_xxxxxxxxxxxxxxxxx'
+  #   end
+  #
+  class Configuration
+    attr_accessor :api_version, 
+                  :skip_verify_env,
+                  :private_key,
+                  :public_key,
+                  :proxy,
+                  :handle_timeouts_gracefully,
+                  :use_ssl_by_default
+
+    def initialize #:nodoc:
+      @api_version                = RECAPTCHA_API_VERSION
+      @skip_verify_env            = SKIP_VERIFY_ENV
+      @handle_timeouts_gracefully = HANDLE_TIMEOUTS_GRACEFULLY
+      @use_ssl_by_default         = USE_SSL_BY_DEFAULT
+
+      @private_key           = ENV['RECAPTCHA_PRIVATE_KEY']
+      @public_key            = ENV['RECAPTCHA_PUBLIC_KEY']      
+    end
+
+    def api_server_url(ssl = nil) #:nodoc:
+      ssl = use_ssl_by_default if ssl.nil?
+      ssl ? ssl_api_server_url : nonssl_api_server_url
+    end
+
+    def nonssl_api_server_url
+      CONFIG[@api_version]['server_url']
+    end
+
+    def ssl_api_server_url
+      CONFIG[@api_version]['secure_server_url']
+    end
+
+    def verify_url
+      CONFIG[@api_version]['verify_url']
+    end
+
+    def v1?
+      @api_version == 'v1'
+    end
+
+    def v2?
+      @api_version == 'v2'
+    end
+  end
+end

data/lib/recaptcha/merb.rb

@@ -0,0 +1,4 @@
+require 'recaptcha'
+
+Merb::GlobalHelpers.send(:include, Recaptcha::ClientHelper)
+Merb::Controller.send(:include, Recaptcha::Verify)

data/lib/recaptcha/rails.rb

@@ -0,0 +1,5 @@
+require 'net/http'
+require 'recaptcha'
+
+ActionView::Base.send(:include, Recaptcha::ClientHelper)
+ActionController::Base.send(:include, Recaptcha::Verify)

data/lib/recaptcha/railtie.rb

@@ -0,0 +1,15 @@
+require 'net/http'
+require 'recaptcha'
+module Rails
+  module Recaptcha
+    class Railtie < Rails::Railtie
+      initializer "setup config" do
+        begin
+          ActionView::Base.send(:include, ::Recaptcha::ClientHelper)
+          ActionController::Base.send(:include, ::Recaptcha::Verify)
+        end
+      end
+    end
+  end
+end
+

data/lib/recaptcha/verify.rb

@@ -0,0 +1,117 @@
+require "uri"
+module Recaptcha
+  module Verify
+    # Your private API can be specified in the +options+ hash or preferably
+    # using the Configuration.
+    def verify_recaptcha(options = {})
+      options = {:model => options} unless options.is_a? Hash
+
+      env_options = options[:env] || ENV['RAILS_ENV']
+      return true if Recaptcha.configuration.skip_verify_env.include? env_options
+      model = options[:model]
+      attribute = options[:attribute] || :base
+      private_key = options[:private_key] || Recaptcha.configuration.private_key
+      raise RecaptchaError, "No private key specified." unless private_key
+
+      begin
+        recaptcha = nil
+        if(Recaptcha.configuration.proxy)
+          proxy_server = URI.parse(Recaptcha.configuration.proxy)
+          http = Net::HTTP::Proxy(proxy_server.host, proxy_server.port, proxy_server.user, proxy_server.password)
+        else
+          http = Net::HTTP
+        end
+
+        # env['REMOTE_ADDR'] to retrieve IP for Grape API
+        remote_ip = (request.respond_to?(:remote_ip) && request.remote_ip) || (env && env['REMOTE_ADDR'])
+        if Recaptcha.configuration.v1?
+          verify_hash = {
+            "privatekey" => private_key,
+            "remoteip"   => remote_ip,
+            "challenge"  => params[:recaptcha_challenge_field],
+            "response"   => params[:recaptcha_response_field]
+          }
+          Timeout::timeout(options[:timeout] || 3) do
+            recaptcha = http.post_form(URI.parse(Recaptcha.configuration.verify_url), verify_hash)
+          end
+          answer, error = recaptcha.body.split.map { |s| s.chomp }
+        end
+
+        if Recaptcha.configuration.v2?
+          verify_hash = {
+            "secret"    => private_key,
+            "remoteip"  => remote_ip,
+            "response"  => params['g-recaptcha-response']
+          }
+
+          Timeout::timeout(options[:timeout] || 3) do
+            uri = URI.parse(Recaptcha.configuration.verify_url + '?' + verify_hash.to_query)
+            http_instance = http.new(uri.host, uri.port)
+            if uri.port==443
+              http_instance.use_ssl =
+              http_instance.verify_mode = OpenSSL::SSL::VERIFY_NONE
+            end
+            request = Net::HTTP::Get.new(uri.request_uri)
+            recaptcha = http_instance.request(request)
+          end
+          #answer, error = JSON.parse(recaptcha.body).values
+          answer = JSON.parse(recaptcha.body)['success']
+          if answer.to_s != 'true'
+            error = true
+          else
+            error = false
+          end
+        end
+
+        unless answer.to_s == 'true'
+          error = 'verification_failed' if error && Recaptcha.configuration.v2?
+          if request_in_html_format?
+            flash[:recaptcha_error] = if defined?(I18n)
+                                        I18n.translate("recaptcha.errors.#{error}", {:default => error})
+                                      else
+                                        error
+                                      end
+          end
+
+          if model
+            message = "Word verification response is incorrect, please try again."
+            message = I18n.translate('recaptcha.errors.verification_failed', {:default => message}) if defined?(I18n)
+            model.errors.add attribute, options[:message] || message
+          end
+          return false
+        else
+          flash.delete(:recaptcha_error) if request_in_html_format?
+          return true
+        end
+      rescue Timeout::Error
+        if Recaptcha.configuration.handle_timeouts_gracefully
+          if request_in_html_format?
+            flash[:recaptcha_error] = if defined?(I18n)
+                                        I18n.translate('recaptcha.errors.recaptcha_unreachable', {:default => 'Recaptcha unreachable.'})
+                                      else
+                                        'Recaptcha unreachable.'
+                                      end
+          end
+
+          if model
+            message = "Oops, we failed to validate your word verification response. Please try again."
+            message = I18n.translate('recaptcha.errors.recaptcha_unreachable', :default => message) if defined?(I18n)
+            model.errors.add attribute, options[:message] || message
+          end
+          return false
+        else
+          raise RecaptchaError, "Recaptcha unreachable."
+        end
+      rescue Exception => e
+        raise RecaptchaError, e.message, e.backtrace
+      end
+    end # verify_recaptcha
+
+    def request_in_html_format?
+      request.respond_to?(:format) && request.format == :html && respond_to?(:flash)
+    end
+    def verify_recaptcha!(options = {})
+      verify_recaptcha(options) or raise VerifyError
+    end #verify_recaptcha!
+  end # Verify
+end # Recaptcha

data/lib/recaptcha/version.rb

@@ -0,0 +1,3 @@
+module Recaptcha
+  VERSION = "0.4.1"
+end

data/recaptcha.gemspec

@@ -0,0 +1,26 @@
+# -*- encoding: utf-8 -*-
+$:.push File.expand_path("../lib", __FILE__)
+require "recaptcha/version"
+
+Gem::Specification.new do |s|
+  s.name        = "cure-recaptcha"
+  s.version     = Recaptcha::VERSION
+  s.authors     = ["Ward Vandewege"]
+  s.email       = ["ward@curoverse.com"]
+  s.homepage    = "http://github.com/cure/recaptcha"
+  s.summary     = %q{Helpers for the reCAPTCHA API}
+  s.description = %q{This plugin adds helpers for the reCAPTCHA API}
+
+  s.rubyforge_project = "cure-recaptcha"
+
+  s.files         = `git ls-files`.split("\n")
+  s.test_files    = `git ls-files -- {test,spec,features}/*`.split("\n")
+  s.require_paths = ["lib"]
+
+  s.add_development_dependency "mocha"
+  s.add_development_dependency "rake"
+  s.add_development_dependency "activesupport"
+  s.add_development_dependency "i18n"
+  s.add_development_dependency "minitest", "~> 5.0"
+  s.add_development_dependency "pry-byebug"
+end

data/test/recaptcha_configuration_test.rb

@@ -0,0 +1,44 @@
+require 'minitest/autorun'
+require 'cgi'
+require File.dirname(File.expand_path(__FILE__)) + '/../lib/recaptcha'
+
+class RecaptchaConfigurationTest < Minitest::Test
+  include Recaptcha
+  include Recaptcha::ClientHelper
+  include Recaptcha::Verify
+
+  attr_accessor :session
+
+  def setup
+    @session = {}
+    @nonssl_api_server_url = Regexp.new(Regexp.quote(Recaptcha.configuration.nonssl_api_server_url) + '(.*)')
+    @ssl_api_server_url = Regexp.new(Regexp.quote(Recaptcha.configuration.ssl_api_server_url) + '(.*)')
+    Recaptcha.configure do |config|
+      config.public_key = '0000000000000000000000000000000000000000'
+      config.private_key = 'XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX'
+      config.api_version = 'v2'
+    end
+  end
+
+  def test_recaptcha_api_version_default
+    assert_equal(Recaptcha.configuration.api_version, Recaptcha::RECAPTCHA_API_VERSION)
+  end
+
+  def test_v2_with_v2_api?
+    assert Recaptcha.configuration.v2?
+    refute Recaptcha.configuration.v1?
+  end
+
+  def test_different_configuration_within_with_configuration_block
+    key = Recaptcha.with_configuration(:public_key => '12345') do
+      Recaptcha.configuration.public_key
+    end
+
+    assert_equal('12345', key)
+  end
+
+  def test_reset_configuration_after_with_configuration_block
+    Recaptcha.with_configuration(:public_key => '12345')
+    assert_equal('0000000000000000000000000000000000000000', Recaptcha.configuration.public_key)
+  end
+end

data/test/recaptcha_test.rb

@@ -0,0 +1,54 @@
+require 'minitest/autorun'
+require 'cgi'
+require File.dirname(File.expand_path(__FILE__)) + '/../lib/recaptcha'
+
+class RecaptchaClientHelperTest < Minitest::Test
+  include Recaptcha
+  include Recaptcha::ClientHelper
+  include Recaptcha::Verify
+
+  attr_accessor :session
+
+  def setup
+    @session = {}
+    @nonssl_api_server_url = Regexp.new(Regexp.quote(Recaptcha.configuration.nonssl_api_server_url) + '(.*)')
+    @ssl_api_server_url = Regexp.new(Regexp.quote(Recaptcha.configuration.ssl_api_server_url) + '(.*)')
+    Recaptcha.configure do |config|
+      config.public_key = '0000000000000000000000000000000000000000'
+      config.private_key = 'XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX'
+    end
+  end
+
+  def test_recaptcha_tags_v2
+    Recaptcha.configuration.api_version = 'v2'
+    # match a v2 only tag
+    assert_match /data-sitekey/, recaptcha_tags
+    # refute a v1 only tag
+    refute_match /\/challenge\?/, recaptcha_tags
+  end
+
+  def test_ssl_by_default
+    Recaptcha.configuration.use_ssl_by_default = true
+    assert_match @ssl_api_server_url, recaptcha_tags
+  end
+
+  def test_relative_protocol_by_default_without_ssl
+    Recaptcha.configuration.use_ssl_by_default = false
+    assert_match @nonssl_api_server_url, recaptcha_tags(:ssl => false)
+  end
+
+  def test_recaptcha_tags_with_ssl
+    assert_match @ssl_api_server_url, recaptcha_tags(:ssl => true)
+  end
+
+  def test_recaptcha_tags_without_noscript
+    refute_match /noscript/, recaptcha_tags(:noscript => false)
+  end
+
+  def test_should_raise_exception_without_public_key
+    assert_raises RecaptchaError do
+      Recaptcha.configuration.public_key = nil
+      recaptcha_tags
+    end
+  end
+end

data/test/recaptcha_v1_test.rb

@@ -0,0 +1,35 @@
+require 'minitest/autorun'
+require 'cgi'
+require File.dirname(File.expand_path(__FILE__)) + '/../lib/recaptcha'
+
+class RecaptchaV1Test < Minitest::Test
+  include Recaptcha
+  include Recaptcha::ClientHelper
+  include Recaptcha::Verify
+
+  attr_accessor :session
+
+  def setup
+    @session = {}
+    @nonssl_api_server_url = Regexp.new(Regexp.quote(Recaptcha.configuration.nonssl_api_server_url) + '(.*)')
+    @ssl_api_server_url = Regexp.new(Regexp.quote(Recaptcha.configuration.ssl_api_server_url) + '(.*)')
+    Recaptcha.configure do |config|
+      config.public_key = '0000000000000000000000000000000000000000'
+      config.private_key = 'XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX'
+      config.api_version = 'v1'
+    end
+  end
+
+  def test_v1_with_v1_api?
+    assert Recaptcha.configuration.v1?
+    refute Recaptcha.configuration.v2?
+  end
+
+  def test_recaptcah_tags_v1
+    Recaptcha.configuration.api_version = 'v1'
+    # match a v1 only tag
+    assert_match /\/challenge\?/, recaptcha_tags
+    # refute a v2 only tag
+    refute_match /data-sitekey/, recaptcha_tags
+  end
+end

data/test/verify_recaptcha_test.rb

@@ -0,0 +1,191 @@
+# coding: utf-8
+
+require 'minitest/autorun'
+require 'rubygems'
+require 'active_support'
+require 'active_support/core_ext/string'
+require 'mocha/setup'
+require 'i18n'
+require 'net/http'
+require File.dirname(File.expand_path(__FILE__)) + '/../lib/recaptcha'
+
+class RecaptchaVerifyTest < Minitest::Test
+  def setup
+    Recaptcha.configuration.private_key = 'XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX'
+    @controller = TestController.new
+    @controller.request = stub(:remote_ip => "1.1.1.1", format: :html)
+
+    @expected_post_data = {}
+    @expected_post_data["remoteip"]   = @controller.request.remote_ip
+    @expected_post_data["response"]   = "response"
+
+    if Recaptcha.configuration.v1?
+      @controller.params = {:recaptcha_challenge_field => "challenge", :recaptcha_response_field => "response"}
+      @expected_post_data["privatekey"] = Recaptcha.configuration.private_key
+      @expected_post_data["challenge"]  = "challenge"
+    end
+
+    if Recaptcha.configuration.v2?
+      @controller.params = {:recaptcha_response_field => "response"}
+      @expected_post_data["secret"] = Recaptcha.configuration.private_key
+    end
+
+    @expected_uri = URI.parse(Recaptcha.configuration.verify_url)
+  end
+
+  def test_should_raise_exception_when_calling_bang_method
+    @controller.expects(:verify_recaptcha).returns(false)
+
+    assert_raises Recaptcha::VerifyError do
+      @controller.verify_recaptcha!
+    end
+  end
+
+  def test_should_return_whatever_verify_method_returns_when_using_bang_method
+    @controller.expects(:verify_recaptcha).returns(:foo)
+
+    assert_equal :foo, @controller.verify_recaptcha!
+  end
+
+  def test_should_raise_exception_without_private_key
+    skip
+    assert_raises Recaptcha::RecaptchaError do
+      Recaptcha.configuration.private_key = nil
+      @controller.verify_recaptcha
+    end
+  end
+
+  def test_should_return_false_when_key_is_invalid
+    skip
+    expect_http_post(response_with_body("false\ninvalid-site-private-key"))
+
+    assert !@controller.verify_recaptcha
+    assert_equal "invalid-site-private-key", @controller.flash[:recaptcha_error]
+  end
+
+  def test_returns_true_on_success
+    skip
+    @controller.flash[:recaptcha_error] = "previous error that should be cleared"
+    expect_http_post(response_with_body("true\n"))
+
+    assert @controller.verify_recaptcha
+    assert_nil @controller.flash[:recaptcha_error]
+  end
+
+  def test_errors_should_be_added_to_model
+    skip
+    expect_http_post(response_with_body("false\nbad-news"))
+
+    errors = mock
+    errors.expects(:add).with(:base, "Word verification response is incorrect, please try again.")
+    model = mock(:errors => errors)
+
+    assert !@controller.verify_recaptcha(:model => model)
+    assert_equal "bad-news", @controller.flash[:recaptcha_error]
+  end
+
+  def test_returns_true_on_success_with_optional_key
+    skip
+    @controller.flash[:recaptcha_error] = "previous error that should be cleared"
+    # reset private key
+    @expected_post_data["privatekey"] =  'ADIFFERENTPRIVATEKEYXXXXXXXXXXXXXX'
+    expect_http_post(response_with_body("true\n"))
+
+    assert @controller.verify_recaptcha(:private_key => 'ADIFFERENTPRIVATEKEYXXXXXXXXXXXXXX')
+    assert_nil @controller.flash[:recaptcha_error]
+  end
+
+  def test_timeout
+    skip
+    expect_http_post(Timeout::Error, :exception => true)
+    assert !@controller.verify_recaptcha()
+    assert_equal "Recaptcha unreachable.", @controller.flash[:recaptcha_error]
+  end
+
+  def test_timeout_when_handle_timeouts_gracefully_disabled
+    skip
+    Recaptcha.with_configuration(:handle_timeouts_gracefully => false) do
+      expect_http_post(Timeout::Error, :exception => true)
+      assert_raises Recaptcha::RecaptchaError, "Recaptcha unreachable." do
+        assert @controller.verify_recaptcha()
+      end
+      assert_nil @controller.flash[:recaptcha_error]
+    end
+  end
+
+  def test_message_should_use_i18n
+    skip
+    I18n.locale = :de
+    verification_failed_translated   = "Sicherheitscode konnte nicht verifiziert werden."
+    verification_failed_default      = "Word verification response is incorrect, please try again."
+    recaptcha_unreachable_translated = "Netzwerkfehler, bitte versuchen Sie es später erneut."
+    recaptcha_unreachable_default    = "Oops, we failed to validate your word verification response. Please try again."
+
+    I18n.expects(:translate).with('recaptcha.errors.bad-news', {:default => 'bad-news'})
+    I18n.expects(:translate).with('recaptcha.errors.recaptcha_unreachable', {:default => 'Recaptcha unreachable.'})
+
+    I18n.expects(:translate).with('recaptcha.errors.verification_failed', :default => verification_failed_default).returns(verification_failed_translated)
+    I18n.expects(:translate).with('recaptcha.errors.recaptcha_unreachable', :default => recaptcha_unreachable_default).returns(recaptcha_unreachable_translated)
+
+    errors = mock
+    errors.expects(:add).with(:base, verification_failed_translated)
+    errors.expects(:add).with(:base, recaptcha_unreachable_translated)
+    model  = mock; model.stubs(:errors => errors)
+
+    expect_http_post(response_with_body("false\nbad-news"))
+    @controller.verify_recaptcha(:model => model)
+
+    expect_http_post(Timeout::Error, :exception => true)
+    @controller.verify_recaptcha(:model => model)
+
+  end
+
+  def test_it_translates_api_response_with_i18n
+    skip
+    api_error_translated = "Bad news, body :("
+    expect_http_post(response_with_body("false\nbad-news"))
+    I18n.expects(:translate).with('recaptcha.errors.bad-news', :default => 'bad-news').returns(api_error_translated)
+
+    assert !@controller.verify_recaptcha
+    assert_equal api_error_translated, @controller.flash[:recaptcha_error]
+  end
+
+  def test_it_fallback_to_api_response_if_i18n_translation_is_missing
+    skip
+    expect_http_post(response_with_body("false\nbad-news"))
+
+    assert !@controller.verify_recaptcha
+    assert_equal 'bad-news', @controller.flash[:recaptcha_error]
+  end
+
+  def test_not_flashing_error_if_request_format_not_in_html
+    skip
+    @controller.request = stub(:remote_ip => "1.1.1.1", format: :json)
+    expect_http_post(response_with_body("false\nbad-news"))
+    assert !@controller.verify_recaptcha
+    assert_nil @controller.flash[:recaptcha_error]
+  end
+
+  private
+
+  class TestController
+    include Recaptcha::Verify
+    attr_accessor :request, :params, :flash
+
+    def initialize
+      @flash = {}
+    end
+  end
+
+  def expect_http_post(response, options = {})
+    unless options[:exception]
+      Net::HTTP.expects(:post_form).with(@expected_uri, @expected_post_data).returns(response)
+    else
+      Net::HTTP.expects(:post_form).raises response
+    end
+  end
+
+  def response_with_body(body)
+    stub(:body => body)
+  end
+end

metadata

@@ -0,0 +1,149 @@
+--- !ruby/object:Gem::Specification
+name: cure-recaptcha
+version: !ruby/object:Gem::Version
+  version: 0.4.1
+platform: ruby
+authors:
+- Ward Vandewege
+autorequire: 
+bindir: bin
+cert_chain: []
+date: 2016-03-04 00:00:00.000000000 Z
+dependencies:
+- !ruby/object:Gem::Dependency
+  name: mocha
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+- !ruby/object:Gem::Dependency
+  name: rake
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+- !ruby/object:Gem::Dependency
+  name: activesupport
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+- !ruby/object:Gem::Dependency
+  name: i18n
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+- !ruby/object:Gem::Dependency
+  name: minitest
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '5.0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '5.0'
+- !ruby/object:Gem::Dependency
+  name: pry-byebug
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+description: This plugin adds helpers for the reCAPTCHA API
+email:
+- ward@curoverse.com
+executables: []
+extensions: []
+extra_rdoc_files: []
+files:
+- ".gitignore"
+- ".travis.yml"
+- CHANGELOG
+- Gemfile
+- Gemfile.lock
+- LICENSE
+- README.rdoc
+- Rakefile
+- init.rb
+- lib/recaptcha.rb
+- lib/recaptcha/client_helper.rb
+- lib/recaptcha/configuration.rb
+- lib/recaptcha/merb.rb
+- lib/recaptcha/rails.rb
+- lib/recaptcha/railtie.rb
+- lib/recaptcha/verify.rb
+- lib/recaptcha/version.rb
+- recaptcha.gemspec
+- test/recaptcha_configuration_test.rb
+- test/recaptcha_test.rb
+- test/recaptcha_v1_test.rb
+- test/verify_recaptcha_test.rb
+homepage: http://github.com/cure/recaptcha
+licenses: []
+metadata: {}
+post_install_message: 
+rdoc_options: []
+require_paths:
+- lib
+required_ruby_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - ">="
+    - !ruby/object:Gem::Version
+      version: '0'
+required_rubygems_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - ">="
+    - !ruby/object:Gem::Version
+      version: '0'
+requirements: []
+rubyforge_project: cure-recaptcha
+rubygems_version: 2.4.8
+signing_key: 
+specification_version: 4
+summary: Helpers for the reCAPTCHA API
+test_files: []