@nauth-toolkit/recaptcha 0.1.92

package/README.md

@@ -0,0 +1,9 @@
+# @nauth-toolkit/recaptcha
+
+Google reCAPTCHA v2/v3/Enterprise provider for nauth-toolkit
+
+## Preview Release Notice
+
+**This is a preview release for internal testing. Do not use in production yet.**
+
+This package is part of nauth-toolkit and is currently in early access/preview. Features and APIs may change between releases. For production use, please wait for the stable v1.0 release.

package/dist/nestjs/index.d.ts

@@ -0,0 +1,23 @@
+/**
+ * NestJS integration for @nauth-toolkit/recaptcha
+ *
+ * Currently this module simply re-exports the main package.
+ * Future versions may include NestJS-specific features such as:
+ * - Global module configuration
+ * - Dependency injection providers
+ * - Guard decorators
+ *
+ * @example
+ * ```typescript
+ * import { RecaptchaV3Provider } from '@nauth-toolkit/recaptcha/nestjs';
+ *
+ * // Use the same as main package for now
+ * const provider = new RecaptchaV3Provider({
+ *   secretKey: process.env.RECAPTCHA_SECRET_KEY!,
+ * });
+ * ```
+ *
+ * @packageDocumentation
+ */
+export * from '../src/index';
+//# sourceMappingURL=index.d.ts.map

package/dist/nestjs/index.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../nestjs/index.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;;;;;GAoBG;AAGH,cAAc,cAAc,CAAC"}

package/dist/nestjs/index.js

@@ -0,0 +1,40 @@
+"use strict";
+/**
+ * NestJS integration for @nauth-toolkit/recaptcha
+ *
+ * Currently this module simply re-exports the main package.
+ * Future versions may include NestJS-specific features such as:
+ * - Global module configuration
+ * - Dependency injection providers
+ * - Guard decorators
+ *
+ * @example
+ * ```typescript
+ * import { RecaptchaV3Provider } from '@nauth-toolkit/recaptcha/nestjs';
+ *
+ * // Use the same as main package for now
+ * const provider = new RecaptchaV3Provider({
+ *   secretKey: process.env.RECAPTCHA_SECRET_KEY!,
+ * });
+ * ```
+ *
+ * @packageDocumentation
+ */
+var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    var desc = Object.getOwnPropertyDescriptor(m, k);
+    if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
+      desc = { enumerable: true, get: function() { return m[k]; } };
+    }
+    Object.defineProperty(o, k2, desc);
+}) : (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    o[k2] = m[k];
+}));
+var __exportStar = (this && this.__exportStar) || function(m, exports) {
+    for (var p in m) if (p !== "default" && !Object.prototype.hasOwnProperty.call(exports, p)) __createBinding(exports, m, p);
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+// Re-export everything from main package
+__exportStar(require("../src/index"), exports);
+//# sourceMappingURL=index.js.map

package/dist/nestjs/index.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.js","sourceRoot":"","sources":["../../nestjs/index.ts"],"names":[],"mappings":";AAAA;;;;;;;;;;;;;;;;;;;;GAoBG;;;;;;;;;;;;;;;;AAEH,yCAAyC;AACzC,+CAA6B"}

package/dist/src/index.d.ts

@@ -0,0 +1,27 @@
+/**
+ * @nauth-toolkit/recaptcha
+ *
+ * Google reCAPTCHA v2/v3/Enterprise support for nauth-toolkit.
+ *
+ * Provides bot protection for authentication endpoints via configurable
+ * reCAPTCHA verification. Supports all Google reCAPTCHA versions with
+ * platform-agnostic implementation.
+ *
+ * @example
+ * ```typescript
+ * import { RecaptchaV3Provider } from '@nauth-toolkit/recaptcha';
+ *
+ * const provider = new RecaptchaV3Provider({
+ *   secretKey: process.env.RECAPTCHA_SECRET_KEY!,
+ * });
+ *
+ * const result = await provider.verify(token, clientIp, 'login');
+ * ```
+ *
+ * @packageDocumentation
+ */
+export * from './recaptcha-provider.interface';
+export * from './providers/recaptcha-v2.provider';
+export * from './providers/recaptcha-v3.provider';
+export * from './providers/recaptcha-enterprise.provider';
+//# sourceMappingURL=index.d.ts.map

package/dist/src/index.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../src/index.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;;;;;;GAqBG;AAGH,cAAc,gCAAgC,CAAC;AAG/C,cAAc,mCAAmC,CAAC;AAClD,cAAc,mCAAmC,CAAC;AAClD,cAAc,2CAA2C,CAAC"}

package/dist/src/index.js

@@ -0,0 +1,45 @@
+"use strict";
+/**
+ * @nauth-toolkit/recaptcha
+ *
+ * Google reCAPTCHA v2/v3/Enterprise support for nauth-toolkit.
+ *
+ * Provides bot protection for authentication endpoints via configurable
+ * reCAPTCHA verification. Supports all Google reCAPTCHA versions with
+ * platform-agnostic implementation.
+ *
+ * @example
+ * ```typescript
+ * import { RecaptchaV3Provider } from '@nauth-toolkit/recaptcha';
+ *
+ * const provider = new RecaptchaV3Provider({
+ *   secretKey: process.env.RECAPTCHA_SECRET_KEY!,
+ * });
+ *
+ * const result = await provider.verify(token, clientIp, 'login');
+ * ```
+ *
+ * @packageDocumentation
+ */
+var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    var desc = Object.getOwnPropertyDescriptor(m, k);
+    if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
+      desc = { enumerable: true, get: function() { return m[k]; } };
+    }
+    Object.defineProperty(o, k2, desc);
+}) : (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    o[k2] = m[k];
+}));
+var __exportStar = (this && this.__exportStar) || function(m, exports) {
+    for (var p in m) if (p !== "default" && !Object.prototype.hasOwnProperty.call(exports, p)) __createBinding(exports, m, p);
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+// Core interfaces
+__exportStar(require("./recaptcha-provider.interface"), exports);
+// Provider implementations
+__exportStar(require("./providers/recaptcha-v2.provider"), exports);
+__exportStar(require("./providers/recaptcha-v3.provider"), exports);
+__exportStar(require("./providers/recaptcha-enterprise.provider"), exports);
+//# sourceMappingURL=index.js.map

package/dist/src/index.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.js","sourceRoot":"","sources":["../../src/index.ts"],"names":[],"mappings":";AAAA;;;;;;;;;;;;;;;;;;;;;GAqBG;;;;;;;;;;;;;;;;AAEH,kBAAkB;AAClB,iEAA+C;AAE/C,2BAA2B;AAC3B,oEAAkD;AAClD,oEAAkD;AAClD,4EAA0D"}

package/dist/src/providers/recaptcha-enterprise.provider.d.ts

@@ -0,0 +1,87 @@
+import { RecaptchaProvider, RecaptchaVerificationResult } from '../recaptcha-provider.interface';
+/**
+ * Configuration for reCAPTCHA Enterprise provider
+ */
+export interface RecaptchaEnterpriseConfig {
+    /**
+     * Project ID from Google Cloud Console
+     */
+    projectId: string;
+    /**
+     * API key from Google Cloud Console
+     * Must have reCAPTCHA Enterprise API enabled
+     */
+    apiKey: string;
+    /**
+     * Site key from reCAPTCHA Enterprise admin console
+     */
+    siteKey: string;
+    /**
+     * Custom API endpoint (optional)
+     * Useful for regional deployments
+     *
+     * @default 'https://recaptchaenterprise.googleapis.com/v1'
+     */
+    apiEndpoint?: string;
+    /**
+     * Request timeout in milliseconds
+     *
+     * @default 10000 (10 seconds)
+     */
+    timeout?: number;
+}
+/**
+ * Google reCAPTCHA Enterprise Provider
+ *
+ * Implements advanced bot detection with additional features:
+ * - Advanced fraud detection
+ * - Custom rules and actions
+ * - Detailed analytics and reporting
+ * - SLA guarantees
+ *
+ * Enterprise is recommended for:
+ * - High-traffic production applications
+ * - Advanced security requirements
+ * - Compliance and auditing needs
+ *
+ * @example
+ * ```typescript
+ * const provider = new RecaptchaEnterpriseProvider({
+ *   projectId: 'my-project',
+ *   apiKey: process.env.RECAPTCHA_ENTERPRISE_API_KEY!,
+ *   siteKey: process.env.RECAPTCHA_ENTERPRISE_SITE_KEY!,
+ * });
+ *
+ * const result = await provider.verify(token, clientIp, 'login');
+ *
+ * if (!result.success) {
+ *   throw new Error('reCAPTCHA validation failed');
+ * }
+ *
+ * if (result.score && result.score < 0.5) {
+ *   // Additional fraud prevention logic
+ * }
+ * ```
+ */
+export declare class RecaptchaEnterpriseProvider implements RecaptchaProvider {
+    private readonly projectId;
+    private readonly apiKey;
+    private readonly siteKey;
+    private readonly apiEndpoint;
+    private readonly timeout;
+    constructor(config: RecaptchaEnterpriseConfig);
+    /**
+     * Verify reCAPTCHA Enterprise token with Google's API
+     *
+     * Uses the reCAPTCHA Enterprise REST API for assessment creation.
+     *
+     * @param token - Token from client
+     * @param remoteIp - Client IP address (optional but recommended)
+     * @param action - Action name used when generating token (e.g., 'login', 'signup')
+     * @returns Verification result with score and risk analysis
+     *
+     * @throws Error if network request fails or times out
+     */
+    verify(token: string, remoteIp?: string, action?: string): Promise<RecaptchaVerificationResult>;
+}
+//# sourceMappingURL=recaptcha-enterprise.provider.d.ts.map

package/dist/src/providers/recaptcha-enterprise.provider.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"recaptcha-enterprise.provider.d.ts","sourceRoot":"","sources":["../../../src/providers/recaptcha-enterprise.provider.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,iBAAiB,EAAE,2BAA2B,EAAE,MAAM,iCAAiC,CAAC;AAEjG;;GAEG;AACH,MAAM,WAAW,yBAAyB;IACxC;;OAEG;IACH,SAAS,EAAE,MAAM,CAAC;IAElB;;;OAGG;IACH,MAAM,EAAE,MAAM,CAAC;IAEf;;OAEG;IACH,OAAO,EAAE,MAAM,CAAC;IAEhB;;;;;OAKG;IACH,WAAW,CAAC,EAAE,MAAM,CAAC;IAErB;;;;OAIG;IACH,OAAO,CAAC,EAAE,MAAM,CAAC;CAClB;AAED;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;GAgCG;AACH,qBAAa,2BAA4B,YAAW,iBAAiB;IACnE,OAAO,CAAC,QAAQ,CAAC,SAAS,CAAS;IACnC,OAAO,CAAC,QAAQ,CAAC,MAAM,CAAS;IAChC,OAAO,CAAC,QAAQ,CAAC,OAAO,CAAS;IACjC,OAAO,CAAC,QAAQ,CAAC,WAAW,CAAS;IACrC,OAAO,CAAC,QAAQ,CAAC,OAAO,CAAS;gBAErB,MAAM,EAAE,yBAAyB;IAQ7C;;;;;;;;;;;OAWG;IACG,MAAM,CAAC,KAAK,EAAE,MAAM,EAAE,QAAQ,CAAC,EAAE,MAAM,EAAE,MAAM,CAAC,EAAE,MAAM,GAAG,OAAO,CAAC,2BAA2B,CAAC;CA2DtG"}

package/dist/src/providers/recaptcha-enterprise.provider.js

@@ -0,0 +1,116 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.RecaptchaEnterpriseProvider = void 0;
+/**
+ * Google reCAPTCHA Enterprise Provider
+ *
+ * Implements advanced bot detection with additional features:
+ * - Advanced fraud detection
+ * - Custom rules and actions
+ * - Detailed analytics and reporting
+ * - SLA guarantees
+ *
+ * Enterprise is recommended for:
+ * - High-traffic production applications
+ * - Advanced security requirements
+ * - Compliance and auditing needs
+ *
+ * @example
+ * ```typescript
+ * const provider = new RecaptchaEnterpriseProvider({
+ *   projectId: 'my-project',
+ *   apiKey: process.env.RECAPTCHA_ENTERPRISE_API_KEY!,
+ *   siteKey: process.env.RECAPTCHA_ENTERPRISE_SITE_KEY!,
+ * });
+ *
+ * const result = await provider.verify(token, clientIp, 'login');
+ *
+ * if (!result.success) {
+ *   throw new Error('reCAPTCHA validation failed');
+ * }
+ *
+ * if (result.score && result.score < 0.5) {
+ *   // Additional fraud prevention logic
+ * }
+ * ```
+ */
+class RecaptchaEnterpriseProvider {
+    projectId;
+    apiKey;
+    siteKey;
+    apiEndpoint;
+    timeout;
+    constructor(config) {
+        this.projectId = config.projectId;
+        this.apiKey = config.apiKey;
+        this.siteKey = config.siteKey;
+        this.apiEndpoint = config.apiEndpoint || 'https://recaptchaenterprise.googleapis.com/v1';
+        this.timeout = config.timeout || 10000;
+    }
+    /**
+     * Verify reCAPTCHA Enterprise token with Google's API
+     *
+     * Uses the reCAPTCHA Enterprise REST API for assessment creation.
+     *
+     * @param token - Token from client
+     * @param remoteIp - Client IP address (optional but recommended)
+     * @param action - Action name used when generating token (e.g., 'login', 'signup')
+     * @returns Verification result with score and risk analysis
+     *
+     * @throws Error if network request fails or times out
+     */
+    async verify(token, remoteIp, action) {
+        // Build assessment request
+        const assessmentUrl = `${this.apiEndpoint}/projects/${this.projectId}/assessments?key=${this.apiKey}`;
+        const requestBody = {
+            event: {
+                token,
+                siteKey: this.siteKey,
+                ...(action && { expectedAction: action }),
+                ...(remoteIp && { userIpAddress: remoteIp }),
+            },
+        };
+        try {
+            // Create abort controller for timeout
+            const controller = new AbortController();
+            const timeoutId = setTimeout(() => controller.abort(), this.timeout);
+            // Make request to Google's Enterprise API
+            const response = await fetch(assessmentUrl, {
+                method: 'POST',
+                headers: {
+                    'Content-Type': 'application/json',
+                },
+                body: JSON.stringify(requestBody),
+                signal: controller.signal,
+            });
+            clearTimeout(timeoutId);
+            if (!response.ok) {
+                throw new Error(`reCAPTCHA Enterprise API returned status ${response.status}`);
+            }
+            const data = await response.json();
+            // Extract token properties from assessment
+            const tokenProperties = data.tokenProperties || {};
+            const riskAnalysis = data.riskAnalysis || {};
+            // Map Enterprise response to our interface
+            return {
+                success: tokenProperties.valid === true,
+                score: riskAnalysis.score,
+                action: tokenProperties.action,
+                hostname: tokenProperties.hostname,
+                errorCodes: tokenProperties.invalidReason ? [tokenProperties.invalidReason] : undefined,
+            };
+        }
+        catch (error) {
+            // Handle network errors
+            if (error instanceof Error) {
+                if (error.name === 'AbortError') {
+                    throw new Error(`reCAPTCHA Enterprise verification timeout after ${this.timeout}ms`);
+                }
+                throw new Error(`reCAPTCHA Enterprise verification failed: ${error.message}`);
+            }
+            throw new Error('reCAPTCHA Enterprise verification failed with unknown error');
+        }
+    }
+}
+exports.RecaptchaEnterpriseProvider = RecaptchaEnterpriseProvider;
+//# sourceMappingURL=recaptcha-enterprise.provider.js.map

package/dist/src/providers/recaptcha-enterprise.provider.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"recaptcha-enterprise.provider.js","sourceRoot":"","sources":["../../../src/providers/recaptcha-enterprise.provider.ts"],"names":[],"mappings":";;;AAsCA;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;GAgCG;AACH,MAAa,2BAA2B;IACrB,SAAS,CAAS;IAClB,MAAM,CAAS;IACf,OAAO,CAAS;IAChB,WAAW,CAAS;IACpB,OAAO,CAAS;IAEjC,YAAY,MAAiC;QAC3C,IAAI,CAAC,SAAS,GAAG,MAAM,CAAC,SAAS,CAAC;QAClC,IAAI,CAAC,MAAM,GAAG,MAAM,CAAC,MAAM,CAAC;QAC5B,IAAI,CAAC,OAAO,GAAG,MAAM,CAAC,OAAO,CAAC;QAC9B,IAAI,CAAC,WAAW,GAAG,MAAM,CAAC,WAAW,IAAI,+CAA+C,CAAC;QACzF,IAAI,CAAC,OAAO,GAAG,MAAM,CAAC,OAAO,IAAI,KAAK,CAAC;IACzC,CAAC;IAED;;;;;;;;;;;OAWG;IACH,KAAK,CAAC,MAAM,CAAC,KAAa,EAAE,QAAiB,EAAE,MAAe;QAC5D,2BAA2B;QAC3B,MAAM,aAAa,GAAG,GAAG,IAAI,CAAC,WAAW,aAAa,IAAI,CAAC,SAAS,oBAAoB,IAAI,CAAC,MAAM,EAAE,CAAC;QAEtG,MAAM,WAAW,GAAG;YAClB,KAAK,EAAE;gBACL,KAAK;gBACL,OAAO,EAAE,IAAI,CAAC,OAAO;gBACrB,GAAG,CAAC,MAAM,IAAI,EAAE,cAAc,EAAE,MAAM,EAAE,CAAC;gBACzC,GAAG,CAAC,QAAQ,IAAI,EAAE,aAAa,EAAE,QAAQ,EAAE,CAAC;aAC7C;SACF,CAAC;QAEF,IAAI,CAAC;YACH,sCAAsC;YACtC,MAAM,UAAU,GAAG,IAAI,eAAe,EAAE,CAAC;YACzC,MAAM,SAAS,GAAG,UAAU,CAAC,GAAG,EAAE,CAAC,UAAU,CAAC,KAAK,EAAE,EAAE,IAAI,CAAC,OAAO,CAAC,CAAC;YAErE,0CAA0C;YAC1C,MAAM,QAAQ,GAAG,MAAM,KAAK,CAAC,aAAa,EAAE;gBAC1C,MAAM,EAAE,MAAM;gBACd,OAAO,EAAE;oBACP,cAAc,EAAE,kBAAkB;iBACnC;gBACD,IAAI,EAAE,IAAI,CAAC,SAAS,CAAC,WAAW,CAAC;gBACjC,MAAM,EAAE,UAAU,CAAC,MAAM;aAC1B,CAAC,CAAC;YAEH,YAAY,CAAC,SAAS,CAAC,CAAC;YAExB,IAAI,CAAC,QAAQ,CAAC,EAAE,EAAE,CAAC;gBACjB,MAAM,IAAI,KAAK,CAAC,4CAA4C,QAAQ,CAAC,MAAM,EAAE,CAAC,CAAC;YACjF,CAAC;YAED,MAAM,IAAI,GAAG,MAAM,QAAQ,CAAC,IAAI,EAAE,CAAC;YAEnC,2CAA2C;YAC3C,MAAM,eAAe,GAAG,IAAI,CAAC,eAAe,IAAI,EAAE,CAAC;YACnD,MAAM,YAAY,GAAG,IAAI,CAAC,YAAY,IAAI,EAAE,CAAC;YAE7C,2CAA2C;YAC3C,OAAO;gBACL,OAAO,EAAE,eAAe,CAAC,KAAK,KAAK,IAAI;gBACvC,KAAK,EAAE,YAAY,CAAC,KAAK;gBACzB,MAAM,EAAE,eAAe,CAAC,MAAM;gBAC9B,QAAQ,EAAE,eAAe,CAAC,QAAQ;gBAClC,UAAU,EAAE,eAAe,CAAC,aAAa,CAAC,CAAC,CAAC,CAAC,eAAe,CAAC,aAAa,CAAC,CAAC,CAAC,CAAC,SAAS;aACxF,CAAC;QACJ,CAAC;QAAC,OAAO,KAAc,EAAE,CAAC;YACxB,wBAAwB;YACxB,IAAI,KAAK,YAAY,KAAK,EAAE,CAAC;gBAC3B,IAAI,KAAK,CAAC,IAAI,KAAK,YAAY,EAAE,CAAC;oBAChC,MAAM,IAAI,KAAK,CAAC,mDAAmD,IAAI,CAAC,OAAO,IAAI,CAAC,CAAC;gBACvF,CAAC;gBACD,MAAM,IAAI,KAAK,CAAC,6CAA6C,KAAK,CAAC,OAAO,EAAE,CAAC,CAAC;YAChF,CAAC;YACD,MAAM,IAAI,KAAK,CAAC,6DAA6D,CAAC,CAAC;QACjF,CAAC;IACH,CAAC;CACF;AAtFD,kEAsFC"}

package/dist/src/providers/recaptcha-v2.provider.d.ts

@@ -0,0 +1,65 @@
+import { RecaptchaProvider, RecaptchaVerificationResult } from '../recaptcha-provider.interface';
+/**
+ * Configuration for reCAPTCHA v2 provider
+ */
+export interface RecaptchaV2Config {
+    /**
+     * Secret key from Google reCAPTCHA admin console
+     */
+    secretKey: string;
+    /**
+     * Custom verification endpoint (optional)
+     * Useful for enterprise deployments or proxies
+     *
+     * @default 'https://www.google.com/recaptcha/api/siteverify'
+     */
+    verifyUrl?: string;
+    /**
+     * Request timeout in milliseconds
+     *
+     * @default 10000 (10 seconds)
+     */
+    timeout?: number;
+}
+/**
+ * Google reCAPTCHA v2 Provider
+ *
+ * Implements checkbox-based CAPTCHA requiring user interaction.
+ * Returns simple success/fail without scoring.
+ *
+ * v2 is useful when:
+ * - You need explicit user verification
+ * - Mobile WebView environments where v3 scoring is unreliable
+ * - Regulatory requirements mandate visible challenges
+ *
+ * @example
+ * ```typescript
+ * const provider = new RecaptchaV2Provider({
+ *   secretKey: process.env.RECAPTCHA_V2_SECRET_KEY!,
+ * });
+ *
+ * const result = await provider.verify(token, clientIp);
+ *
+ * if (!result.success) {
+ *   throw new Error('reCAPTCHA validation failed');
+ * }
+ * ```
+ */
+export declare class RecaptchaV2Provider implements RecaptchaProvider {
+    private readonly secretKey;
+    private readonly verifyUrl;
+    private readonly timeout;
+    constructor(config: RecaptchaV2Config);
+    /**
+     * Verify reCAPTCHA v2 token with Google's API
+     *
+     * @param token - Token from client (obtained from checkbox widget)
+     * @param remoteIp - Client IP address (optional but recommended)
+     * @param action - Not used for v2 (only for v3/Enterprise)
+     * @returns Verification result (no score for v2)
+     *
+     * @throws Error if network request fails or times out
+     */
+    verify(token: string, remoteIp?: string, _action?: string): Promise<RecaptchaVerificationResult>;
+}
+//# sourceMappingURL=recaptcha-v2.provider.d.ts.map

package/dist/src/providers/recaptcha-v2.provider.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"recaptcha-v2.provider.d.ts","sourceRoot":"","sources":["../../../src/providers/recaptcha-v2.provider.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,iBAAiB,EAAE,2BAA2B,EAAE,MAAM,iCAAiC,CAAC;AAEjG;;GAEG;AACH,MAAM,WAAW,iBAAiB;IAChC;;OAEG;IACH,SAAS,EAAE,MAAM,CAAC;IAElB;;;;;OAKG;IACH,SAAS,CAAC,EAAE,MAAM,CAAC;IAEnB;;;;OAIG;IACH,OAAO,CAAC,EAAE,MAAM,CAAC;CAClB;AAED;;;;;;;;;;;;;;;;;;;;;;;GAuBG;AACH,qBAAa,mBAAoB,YAAW,iBAAiB;IAC3D,OAAO,CAAC,QAAQ,CAAC,SAAS,CAAS;IACnC,OAAO,CAAC,QAAQ,CAAC,SAAS,CAAS;IACnC,OAAO,CAAC,QAAQ,CAAC,OAAO,CAAS;gBAErB,MAAM,EAAE,iBAAiB;IAMrC;;;;;;;;;OASG;IACG,MAAM,CAAC,KAAK,EAAE,MAAM,EAAE,QAAQ,CAAC,EAAE,MAAM,EAAE,OAAO,CAAC,EAAE,MAAM,GAAG,OAAO,CAAC,2BAA2B,CAAC;CAqDvG"}

package/dist/src/providers/recaptcha-v2.provider.js

@@ -0,0 +1,96 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.RecaptchaV2Provider = void 0;
+/**
+ * Google reCAPTCHA v2 Provider
+ *
+ * Implements checkbox-based CAPTCHA requiring user interaction.
+ * Returns simple success/fail without scoring.
+ *
+ * v2 is useful when:
+ * - You need explicit user verification
+ * - Mobile WebView environments where v3 scoring is unreliable
+ * - Regulatory requirements mandate visible challenges
+ *
+ * @example
+ * ```typescript
+ * const provider = new RecaptchaV2Provider({
+ *   secretKey: process.env.RECAPTCHA_V2_SECRET_KEY!,
+ * });
+ *
+ * const result = await provider.verify(token, clientIp);
+ *
+ * if (!result.success) {
+ *   throw new Error('reCAPTCHA validation failed');
+ * }
+ * ```
+ */
+class RecaptchaV2Provider {
+    secretKey;
+    verifyUrl;
+    timeout;
+    constructor(config) {
+        this.secretKey = config.secretKey;
+        this.verifyUrl = config.verifyUrl || 'https://www.google.com/recaptcha/api/siteverify';
+        this.timeout = config.timeout || 10000;
+    }
+    /**
+     * Verify reCAPTCHA v2 token with Google's API
+     *
+     * @param token - Token from client (obtained from checkbox widget)
+     * @param remoteIp - Client IP address (optional but recommended)
+     * @param action - Not used for v2 (only for v3/Enterprise)
+     * @returns Verification result (no score for v2)
+     *
+     * @throws Error if network request fails or times out
+     */
+    async verify(token, remoteIp, _action) {
+        // Build request body
+        const params = new URLSearchParams({
+            secret: this.secretKey,
+            response: token,
+        });
+        if (remoteIp) {
+            params.append('remoteip', remoteIp);
+        }
+        try {
+            // Create abort controller for timeout
+            const controller = new AbortController();
+            const timeoutId = setTimeout(() => controller.abort(), this.timeout);
+            // Make request to Google's API
+            const response = await fetch(this.verifyUrl, {
+                method: 'POST',
+                headers: {
+                    'Content-Type': 'application/x-www-form-urlencoded',
+                },
+                body: params.toString(),
+                signal: controller.signal,
+            });
+            clearTimeout(timeoutId);
+            if (!response.ok) {
+                throw new Error(`reCAPTCHA API returned status ${response.status}`);
+            }
+            const data = await response.json();
+            // Map Google's response to our interface
+            // v2 does not include score or action
+            return {
+                success: data.success === true,
+                challengeTs: data.challenge_ts,
+                hostname: data.hostname,
+                errorCodes: data['error-codes'],
+            };
+        }
+        catch (error) {
+            // Handle network errors
+            if (error instanceof Error) {
+                if (error.name === 'AbortError') {
+                    throw new Error(`reCAPTCHA verification timeout after ${this.timeout}ms`);
+                }
+                throw new Error(`reCAPTCHA verification failed: ${error.message}`);
+            }
+            throw new Error('reCAPTCHA verification failed with unknown error');
+        }
+    }
+}
+exports.RecaptchaV2Provider = RecaptchaV2Provider;
+//# sourceMappingURL=recaptcha-v2.provider.js.map

package/dist/src/providers/recaptcha-v2.provider.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"recaptcha-v2.provider.js","sourceRoot":"","sources":["../../../src/providers/recaptcha-v2.provider.ts"],"names":[],"mappings":";;;AA2BA;;;;;;;;;;;;;;;;;;;;;;;GAuBG;AACH,MAAa,mBAAmB;IACb,SAAS,CAAS;IAClB,SAAS,CAAS;IAClB,OAAO,CAAS;IAEjC,YAAY,MAAyB;QACnC,IAAI,CAAC,SAAS,GAAG,MAAM,CAAC,SAAS,CAAC;QAClC,IAAI,CAAC,SAAS,GAAG,MAAM,CAAC,SAAS,IAAI,iDAAiD,CAAC;QACvF,IAAI,CAAC,OAAO,GAAG,MAAM,CAAC,OAAO,IAAI,KAAK,CAAC;IACzC,CAAC;IAED;;;;;;;;;OASG;IACH,KAAK,CAAC,MAAM,CAAC,KAAa,EAAE,QAAiB,EAAE,OAAgB;QAC7D,qBAAqB;QACrB,MAAM,MAAM,GAAG,IAAI,eAAe,CAAC;YACjC,MAAM,EAAE,IAAI,CAAC,SAAS;YACtB,QAAQ,EAAE,KAAK;SAChB,CAAC,CAAC;QAEH,IAAI,QAAQ,EAAE,CAAC;YACb,MAAM,CAAC,MAAM,CAAC,UAAU,EAAE,QAAQ,CAAC,CAAC;QACtC,CAAC;QAED,IAAI,CAAC;YACH,sCAAsC;YACtC,MAAM,UAAU,GAAG,IAAI,eAAe,EAAE,CAAC;YACzC,MAAM,SAAS,GAAG,UAAU,CAAC,GAAG,EAAE,CAAC,UAAU,CAAC,KAAK,EAAE,EAAE,IAAI,CAAC,OAAO,CAAC,CAAC;YAErE,+BAA+B;YAC/B,MAAM,QAAQ,GAAG,MAAM,KAAK,CAAC,IAAI,CAAC,SAAS,EAAE;gBAC3C,MAAM,EAAE,MAAM;gBACd,OAAO,EAAE;oBACP,cAAc,EAAE,mCAAmC;iBACpD;gBACD,IAAI,EAAE,MAAM,CAAC,QAAQ,EAAE;gBACvB,MAAM,EAAE,UAAU,CAAC,MAAM;aAC1B,CAAC,CAAC;YAEH,YAAY,CAAC,SAAS,CAAC,CAAC;YAExB,IAAI,CAAC,QAAQ,CAAC,EAAE,EAAE,CAAC;gBACjB,MAAM,IAAI,KAAK,CAAC,iCAAiC,QAAQ,CAAC,MAAM,EAAE,CAAC,CAAC;YACtE,CAAC;YAED,MAAM,IAAI,GAAG,MAAM,QAAQ,CAAC,IAAI,EAAE,CAAC;YAEnC,yCAAyC;YACzC,sCAAsC;YACtC,OAAO;gBACL,OAAO,EAAE,IAAI,CAAC,OAAO,KAAK,IAAI;gBAC9B,WAAW,EAAE,IAAI,CAAC,YAAY;gBAC9B,QAAQ,EAAE,IAAI,CAAC,QAAQ;gBACvB,UAAU,EAAE,IAAI,CAAC,aAAa,CAAC;aAChC,CAAC;QACJ,CAAC;QAAC,OAAO,KAAc,EAAE,CAAC;YACxB,wBAAwB;YACxB,IAAI,KAAK,YAAY,KAAK,EAAE,CAAC;gBAC3B,IAAI,KAAK,CAAC,IAAI,KAAK,YAAY,EAAE,CAAC;oBAChC,MAAM,IAAI,KAAK,CAAC,wCAAwC,IAAI,CAAC,OAAO,IAAI,CAAC,CAAC;gBAC5E,CAAC;gBACD,MAAM,IAAI,KAAK,CAAC,kCAAkC,KAAK,CAAC,OAAO,EAAE,CAAC,CAAC;YACrE,CAAC;YACD,MAAM,IAAI,KAAK,CAAC,kDAAkD,CAAC,CAAC;QACtE,CAAC;IACH,CAAC;CACF;AA1ED,kDA0EC"}

package/dist/src/providers/recaptcha-v3.provider.d.ts

@@ -0,0 +1,67 @@
+import { RecaptchaProvider, RecaptchaVerificationResult } from '../recaptcha-provider.interface';
+/**
+ * Configuration for reCAPTCHA v3 provider
+ */
+export interface RecaptchaV3Config {
+    /**
+     * Secret key from Google reCAPTCHA admin console
+     */
+    secretKey: string;
+    /**
+     * Custom verification endpoint (optional)
+     * Useful for enterprise deployments or proxies
+     *
+     * @default 'https://www.google.com/recaptcha/api/siteverify'
+     */
+    verifyUrl?: string;
+    /**
+     * Request timeout in milliseconds
+     *
+     * @default 10000 (10 seconds)
+     */
+    timeout?: number;
+}
+/**
+ * Google reCAPTCHA v3 Provider
+ *
+ * Implements invisible, score-based bot detection without user interaction.
+ * Returns a risk score (0.0 - 1.0) indicating likelihood of bot activity.
+ *
+ * v3 is recommended for most web applications as it provides better UX
+ * by not requiring user interaction while still detecting bots effectively.
+ *
+ * @example
+ * ```typescript
+ * const provider = new RecaptchaV3Provider({
+ *   secretKey: process.env.RECAPTCHA_SECRET_KEY!,
+ * });
+ *
+ * const result = await provider.verify(token, clientIp, 'login');
+ *
+ * if (!result.success) {
+ *   throw new Error('reCAPTCHA validation failed');
+ * }
+ *
+ * if (result.score && result.score < 0.5) {
+ *   throw new Error('Suspicious activity detected');
+ * }
+ * ```
+ */
+export declare class RecaptchaV3Provider implements RecaptchaProvider {
+    private readonly secretKey;
+    private readonly verifyUrl;
+    private readonly timeout;
+    constructor(config: RecaptchaV3Config);
+    /**
+     * Verify reCAPTCHA v3 token with Google's API
+     *
+     * @param token - Token from client
+     * @param remoteIp - Client IP address (optional but recommended)
+     * @param action - Action name used when generating token (e.g., 'login', 'signup')
+     * @returns Verification result with score
+     *
+     * @throws Error if network request fails or times out
+     */
+    verify(token: string, remoteIp?: string, _action?: string): Promise<RecaptchaVerificationResult>;
+}
+//# sourceMappingURL=recaptcha-v3.provider.d.ts.map

package/dist/src/providers/recaptcha-v3.provider.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"recaptcha-v3.provider.d.ts","sourceRoot":"","sources":["../../../src/providers/recaptcha-v3.provider.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,iBAAiB,EAAE,2BAA2B,EAAE,MAAM,iCAAiC,CAAC;AAEjG;;GAEG;AACH,MAAM,WAAW,iBAAiB;IAChC;;OAEG;IACH,SAAS,EAAE,MAAM,CAAC;IAElB;;;;;OAKG;IACH,SAAS,CAAC,EAAE,MAAM,CAAC;IAEnB;;;;OAIG;IACH,OAAO,CAAC,EAAE,MAAM,CAAC;CAClB;AAED;;;;;;;;;;;;;;;;;;;;;;;;;GAyBG;AACH,qBAAa,mBAAoB,YAAW,iBAAiB;IAC3D,OAAO,CAAC,QAAQ,CAAC,SAAS,CAAS;IACnC,OAAO,CAAC,QAAQ,CAAC,SAAS,CAAS;IACnC,OAAO,CAAC,QAAQ,CAAC,OAAO,CAAS;gBAErB,MAAM,EAAE,iBAAiB;IAMrC;;;;;;;;;OASG;IACG,MAAM,CAAC,KAAK,EAAE,MAAM,EAAE,QAAQ,CAAC,EAAE,MAAM,EAAE,OAAO,CAAC,EAAE,MAAM,GAAG,OAAO,CAAC,2BAA2B,CAAC;CAqDvG"}