recaptcha 5.9.0 → 5.10.0

Sign up to get free protection for your applications and to get access to all the features.
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: b4e91df77500a77804749d34ac9690c4ddc9a8cfa30af5f2eae6b51c3d0a0e02
4
- data.tar.gz: 2fa166f38a4e39ee6b2244bdfc91991b3bfc6d65360c6dd2e846d584352e3aab
3
+ metadata.gz: 3870278113409bbbf6e9c772f8afc5a7130a1d9bf21eecaa7e8c6067b979a2c1
4
+ data.tar.gz: 7beaede8a6def64ae941a5c886188a53af77d243ddd80a84291fd9a033372c00
5
5
  SHA512:
6
- metadata.gz: acfb0b7bf9d211b2571dfcd8ee5a8195dc149effee4a04fe609d116f869722e583f4a5737e7d21174f2ff3d0f08c1f73f845dd4859daa107500e272230562052
7
- data.tar.gz: 8c64efbfd826ab4a817fdbd37ef8e199d6a7c661b0efc18f6e4c5b26aca45a4412c8c0b331772561fe478d1f88c88b1a0cc655471c3eb751883a767a852680cf
6
+ metadata.gz: '089d2b491909e0e5c65dd021b97d99e196a69a6f43c452f835e08517a0e54b20d3a1166a16c7b16fa374e86c11629b847fe0f022b772db140c85412191231949'
7
+ data.tar.gz: ea8fe92b546e8174d0c143dd10c843683e7b4d793f40a3ccb6f403f10881ba0d246a20194e983f7332b869f11ca9aba7a1b998e984a21a49a550e960ba998e03
data/CHANGELOG.md CHANGED
@@ -1,6 +1,11 @@
1
1
  ## Next
2
+ * drop ruby 2.4 2.5 2.6
3
+
4
+ ## 5.9.0
2
5
  * Gracefully handle invalid params
3
- * allow configuring response limit
6
+
7
+ ## 5.8.1
8
+ * Allow configuring response limit
4
9
 
5
10
  ## 5.8.0
6
11
  * Add support for the enterprise API
data/README.md CHANGED
@@ -559,7 +559,7 @@ verify_recaptcha secret_key: '6Lc6BAAAAAAAAKN3DRm6VA_xxxxxxxxxxxxxxxxx'
559
559
  To use hCaptcha:
560
560
  1. Set a site and a secret key as usual
561
561
  2. Set two options in `verify_url` and `api_service_url` pointing to hCaptcha API endpoints.
562
- 3. Disable a response limit check by setting a `response_limit` to the negative or large enough value (reCAPTCHA is limited by 4000 characters).
562
+ 3. Disable a response limit check by setting a `response_limit` to the large enough value (reCAPTCHA is limited by 4000 characters).
563
563
  4. It is not required to change a parameter name as [official docs suggest](https://docs.hcaptcha.com/switch) because API handles standard `g-recaptcha` for compatibility.
564
564
 
565
565
  ```ruby
@@ -569,10 +569,20 @@ Recaptcha.configure do |config|
569
569
  config.secret_key = '6Lc6BAAAAAAAAKN3DRm6VA_xxxxxxxxxxxxxxxxx'
570
570
  config.verify_url = 'https://hcaptcha.com/siteverify'
571
571
  config.api_server_url = 'https://hcaptcha.com/1/api.js'
572
- config.response_limit = -1
572
+ config.response_limit = 100000
573
573
  end
574
574
  ```
575
575
 
576
+ hCaptcha uses a scoring system (higher number more likely to be a bot) which is inverse of the reCaptcha scoring system (lower number more likely to be a bot). As such, a `maximum_score` attribute is provided for use with hCaptcha.
577
+
578
+ ```ruby
579
+ result = verify_recaptcha(maximum_score: 0.7)
580
+ ```
581
+
582
+ | Option | Description |
583
+ |------------------|-------------|
584
+ | `:maximum_score` | Provide a threshold to meet or fall below. Threshold should be a float between 0 and 1 which will be tested as `score <= maximum_score`. (Default: `nil`) |
585
+
576
586
  ## Misc
577
587
  - Check out the [wiki](https://github.com/ambethia/recaptcha/wiki) and leave whatever you found valuable there.
578
588
  - [Add multiple widgets to the same page](https://github.com/ambethia/recaptcha/wiki/Add-multiple-widgets-to-the-same-page)
@@ -37,11 +37,11 @@ module Recaptcha
37
37
  'enterprise_verify_url' => 'https://recaptchaenterprise.googleapis.com/v1beta1/projects'
38
38
  }.freeze
39
39
 
40
- attr_accessor :default_env, :skip_verify_env, :proxy, :secret_key, :site_key, :handle_timeouts_gracefully, :hostname
41
- attr_accessor :enterprise, :enterprise_api_key, :enterprise_project_id, :response_limit
40
+ attr_accessor :default_env, :skip_verify_env, :proxy, :secret_key, :site_key, :handle_timeouts_gracefully,
41
+ :hostname, :enterprise, :enterprise_api_key, :enterprise_project_id, :response_limit
42
42
  attr_writer :api_server_url, :verify_url
43
43
 
44
- def initialize #:nodoc:
44
+ def initialize # :nodoc:
45
45
  @default_env = ENV['RAILS_ENV'] || ENV['RACK_ENV'] || (Rails.env if defined? Rails.env)
46
46
  @skip_verify_env = %w[test cucumber]
47
47
  @handle_timeouts_gracefully = true
@@ -10,7 +10,7 @@ module Recaptcha
10
10
  def self.recaptcha_v3(options = {})
11
11
  site_key = options[:site_key] ||= Recaptcha.configuration.site_key!
12
12
  action = options.delete(:action) || raise(Recaptcha::RecaptchaError, 'action is required')
13
- id = options.delete(:id) || "g-recaptcha-response-data-" + dasherize_action(action)
13
+ id = options.delete(:id) || "g-recaptcha-response-data-#{dasherize_action(action)}"
14
14
  name = options.delete(:name) || "g-recaptcha-response-data[#{action}]"
15
15
  turbolinks = options.delete(:turbolinks)
16
16
  options[:render] = site_key
@@ -1,5 +1,5 @@
1
1
  # frozen_string_literal: true
2
2
 
3
3
  module Recaptcha
4
- VERSION = '5.9.0'
4
+ VERSION = '5.10.0'
5
5
  end
data/lib/recaptcha.rb CHANGED
@@ -82,12 +82,13 @@ module Recaptcha
82
82
  token_properties['valid'].to_s == 'true' &&
83
83
  hostname_valid?(token_properties['hostname'], options[:hostname]) &&
84
84
  action_valid?(token_properties['action'], options[:action]) &&
85
- score_above_threshold?(reply['score'], options[:minimum_score])
85
+ score_above_threshold?(reply['score'], options[:minimum_score]) &&
86
+ score_below_threshold?(reply['score'], options[:maximum_score])
86
87
 
87
88
  if options[:with_reply] == true
88
- return success, reply
89
+ [success, reply]
89
90
  else
90
- return success
91
+ success
91
92
  end
92
93
  end
93
94
 
@@ -100,12 +101,13 @@ module Recaptcha
100
101
  success = reply['success'].to_s == 'true' &&
101
102
  hostname_valid?(reply['hostname'], options[:hostname]) &&
102
103
  action_valid?(reply['action'], options[:action]) &&
103
- score_above_threshold?(reply['score'], options[:minimum_score])
104
+ score_above_threshold?(reply['score'], options[:minimum_score]) &&
105
+ score_below_threshold?(reply['score'], options[:maximum_score])
104
106
 
105
107
  if options[:with_reply] == true
106
- return success, reply
108
+ [success, reply]
107
109
  else
108
- return success
110
+ success
109
111
  end
110
112
  end
111
113
 
@@ -126,15 +128,12 @@ module Recaptcha
126
128
  end
127
129
  end
128
130
 
129
- # Returns true iff score is greater or equal to (>=) minimum_score, or if no minimum_score was specified
130
131
  def self.score_above_threshold?(score, minimum_score)
131
- return true if minimum_score.nil?
132
- return false if score.nil?
132
+ !minimum_score || (score && score >= minimum_score)
133
+ end
133
134
 
134
- case minimum_score
135
- when nil, FalseClass then true
136
- else score >= minimum_score
137
- end
135
+ def self.score_below_threshold?(score, maximum_score)
136
+ !maximum_score || (score && score <= maximum_score)
138
137
  end
139
138
 
140
139
  def self.http_client_for(uri:, timeout: nil)
@@ -154,7 +153,7 @@ module Recaptcha
154
153
 
155
154
  def self.api_verification_free(verify_hash, timeout: nil)
156
155
  query = URI.encode_www_form(verify_hash)
157
- uri = URI.parse(configuration.verify_url + '?' + query)
156
+ uri = URI.parse("#{configuration.verify_url}?#{query}")
158
157
  http_instance = http_client_for(uri: uri, timeout: timeout)
159
158
  request = Net::HTTP::Get.new(uri.request_uri)
160
159
  JSON.parse(http_instance.request(request).body)
@@ -162,7 +161,7 @@ module Recaptcha
162
161
 
163
162
  def self.api_verification_enterprise(query_params, body, project_id, timeout: nil)
164
163
  query = URI.encode_www_form(query_params)
165
- uri = URI.parse(configuration.verify_url + "/#{project_id}/assessments" + '?' + query)
164
+ uri = URI.parse("#{configuration.verify_url}/#{project_id}/assessments?#{query}")
166
165
  http_instance = http_client_for(uri: uri, timeout: timeout)
167
166
  request = Net::HTTP::Post.new(uri.request_uri)
168
167
  request['Content-Type'] = 'application/json; charset=utf-8'
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: recaptcha
3
3
  version: !ruby/object:Gem::Version
4
- version: 5.9.0
4
+ version: 5.10.0
5
5
  platform: ruby
6
6
  authors:
7
7
  - Jason L Perry
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2022-03-07 00:00:00.000000000 Z
11
+ date: 2022-04-27 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: json
@@ -169,7 +169,7 @@ required_ruby_version: !ruby/object:Gem::Requirement
169
169
  requirements:
170
170
  - - ">="
171
171
  - !ruby/object:Gem::Version
172
- version: 2.4.0
172
+ version: 2.7.0
173
173
  required_rubygems_version: !ruby/object:Gem::Requirement
174
174
  requirements:
175
175
  - - ">="