@nauth-toolkit/recaptcha 0.2.0 → 0.2.1
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/src/providers/recaptcha-enterprise.provider.d.ts +11 -1
- package/dist/src/providers/recaptcha-enterprise.provider.d.ts.map +1 -1
- package/dist/src/providers/recaptcha-enterprise.provider.js +80 -0
- package/dist/src/providers/recaptcha-enterprise.provider.js.map +1 -1
- package/dist/src/providers/recaptcha-v2.provider.d.ts +11 -1
- package/dist/src/providers/recaptcha-v2.provider.d.ts.map +1 -1
- package/dist/src/providers/recaptcha-v2.provider.js +64 -0
- package/dist/src/providers/recaptcha-v2.provider.js.map +1 -1
- package/dist/src/providers/recaptcha-v3.provider.d.ts +11 -1
- package/dist/src/providers/recaptcha-v3.provider.d.ts.map +1 -1
- package/dist/src/providers/recaptcha-v3.provider.js +65 -0
- package/dist/src/providers/recaptcha-v3.provider.js.map +1 -1
- package/dist/src/recaptcha-provider.interface.d.ts +33 -0
- package/dist/src/recaptcha-provider.interface.d.ts.map +1 -1
- package/dist/tsconfig.tsbuildinfo +1 -1
- package/package.json +2 -2
|
@@ -1,4 +1,4 @@
|
|
|
1
|
-
import { RecaptchaProvider, RecaptchaVerificationResult } from '../recaptcha-provider.interface';
|
|
1
|
+
import { RecaptchaProvider, RecaptchaValidationResult, RecaptchaVerificationResult } from '../recaptcha-provider.interface';
|
|
2
2
|
/**
|
|
3
3
|
* Configuration for reCAPTCHA Enterprise provider
|
|
4
4
|
*/
|
|
@@ -84,6 +84,16 @@ export declare class RecaptchaEnterpriseProvider implements RecaptchaProvider {
|
|
|
84
84
|
private readonly apiEndpoint;
|
|
85
85
|
private readonly timeout;
|
|
86
86
|
constructor(config: RecaptchaEnterpriseConfig);
|
|
87
|
+
/**
|
|
88
|
+
* Validate Enterprise reCAPTCHA configuration by sending a probe assessment
|
|
89
|
+
*
|
|
90
|
+
* Sends a dummy token to the assessments API. If credentials are valid,
|
|
91
|
+
* Google returns HTTP 200 with tokenProperties.valid === false (expected).
|
|
92
|
+
* Any other HTTP status indicates a configuration problem.
|
|
93
|
+
*
|
|
94
|
+
* @returns Validation result with actionable guidance
|
|
95
|
+
*/
|
|
96
|
+
validateConfig(): Promise<RecaptchaValidationResult>;
|
|
87
97
|
/**
|
|
88
98
|
* Verify reCAPTCHA Enterprise token with Google's API
|
|
89
99
|
*
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"recaptcha-enterprise.provider.d.ts","sourceRoot":"","sources":["../../../src/providers/recaptcha-enterprise.provider.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,iBAAiB,EAAE,2BAA2B,EAAE,MAAM,iCAAiC,CAAC;
|
|
1
|
+
{"version":3,"file":"recaptcha-enterprise.provider.d.ts","sourceRoot":"","sources":["../../../src/providers/recaptcha-enterprise.provider.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,iBAAiB,EAAE,yBAAyB,EAAE,2BAA2B,EAAE,MAAM,iCAAiC,CAAC;AAE5H;;GAEG;AACH,MAAM,WAAW,yBAAyB;IACxC;;OAEG;IACH,SAAS,EAAE,MAAM,CAAC;IAElB;;;;;;;;;OASG;IACH,MAAM,EAAE,MAAM,CAAC;IAEf;;OAEG;IACH,OAAO,EAAE,MAAM,CAAC;IAEhB;;;;;OAKG;IACH,WAAW,CAAC,EAAE,MAAM,CAAC;IAErB;;;;OAIG;IACH,OAAO,CAAC,EAAE,MAAM,CAAC;CAClB;AAED;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;GAwCG;AACH,qBAAa,2BAA4B,YAAW,iBAAiB;IACnE,OAAO,CAAC,QAAQ,CAAC,SAAS,CAAS;IACnC,OAAO,CAAC,QAAQ,CAAC,MAAM,CAAS;IAChC,OAAO,CAAC,QAAQ,CAAC,OAAO,CAAS;IACjC,OAAO,CAAC,QAAQ,CAAC,WAAW,CAAS;IACrC,OAAO,CAAC,QAAQ,CAAC,OAAO,CAAS;gBAErB,MAAM,EAAE,yBAAyB;IAQ7C;;;;;;;;OAQG;IACG,cAAc,IAAI,OAAO,CAAC,yBAAyB,CAAC;IA8E1D;;;;;;;;;;;;OAYG;IACG,MAAM,CAAC,KAAK,EAAE,MAAM,EAAE,QAAQ,CAAC,EAAE,MAAM,EAAE,MAAM,CAAC,EAAE,MAAM,GAAG,OAAO,CAAC,2BAA2B,CAAC;CA6DtG"}
|
|
@@ -55,6 +55,86 @@ class RecaptchaEnterpriseProvider {
|
|
|
55
55
|
this.apiEndpoint = config.apiEndpoint || 'https://recaptchaenterprise.googleapis.com/v1';
|
|
56
56
|
this.timeout = config.timeout || 10000;
|
|
57
57
|
}
|
|
58
|
+
/**
|
|
59
|
+
* Validate Enterprise reCAPTCHA configuration by sending a probe assessment
|
|
60
|
+
*
|
|
61
|
+
* Sends a dummy token to the assessments API. If credentials are valid,
|
|
62
|
+
* Google returns HTTP 200 with tokenProperties.valid === false (expected).
|
|
63
|
+
* Any other HTTP status indicates a configuration problem.
|
|
64
|
+
*
|
|
65
|
+
* @returns Validation result with actionable guidance
|
|
66
|
+
*/
|
|
67
|
+
async validateConfig() {
|
|
68
|
+
const assessmentUrl = `${this.apiEndpoint}/projects/${this.projectId}/assessments?key=${this.apiKey}`;
|
|
69
|
+
const requestBody = {
|
|
70
|
+
event: {
|
|
71
|
+
token: 'NAUTH_STARTUP_VALIDATION_PROBE',
|
|
72
|
+
siteKey: this.siteKey,
|
|
73
|
+
},
|
|
74
|
+
};
|
|
75
|
+
try {
|
|
76
|
+
const controller = new AbortController();
|
|
77
|
+
const timeoutId = setTimeout(() => controller.abort(), this.timeout);
|
|
78
|
+
const response = await fetch(assessmentUrl, {
|
|
79
|
+
method: 'POST',
|
|
80
|
+
headers: { 'Content-Type': 'application/json' },
|
|
81
|
+
body: JSON.stringify(requestBody),
|
|
82
|
+
signal: controller.signal,
|
|
83
|
+
});
|
|
84
|
+
clearTimeout(timeoutId);
|
|
85
|
+
if (response.ok) {
|
|
86
|
+
return {
|
|
87
|
+
valid: true,
|
|
88
|
+
message: 'reCAPTCHA Enterprise configuration is valid. API key, project, and site key are all working.',
|
|
89
|
+
httpStatus: response.status,
|
|
90
|
+
};
|
|
91
|
+
}
|
|
92
|
+
switch (response.status) {
|
|
93
|
+
case 400:
|
|
94
|
+
return {
|
|
95
|
+
valid: false,
|
|
96
|
+
message: `reCAPTCHA Enterprise: Invalid request (HTTP 400). The site key "${this.siteKey}" may be incorrect or not yet activated.`,
|
|
97
|
+
hint: 'Verify your siteKey in the reCAPTCHA Enterprise console at https://console.cloud.google.com/security/recaptcha. Newly created keys may take a few minutes to propagate.',
|
|
98
|
+
httpStatus: 400,
|
|
99
|
+
};
|
|
100
|
+
case 403:
|
|
101
|
+
return {
|
|
102
|
+
valid: false,
|
|
103
|
+
message: 'reCAPTCHA Enterprise: Access denied (HTTP 403). The API key may be invalid or the reCAPTCHA Enterprise API is not enabled.',
|
|
104
|
+
hint: 'Check: (1) API key is correct, (2) reCAPTCHA Enterprise API is enabled at https://console.cloud.google.com/apis/library/recaptchaenterprise.googleapis.com, (3) API key restrictions allow this service.',
|
|
105
|
+
httpStatus: 403,
|
|
106
|
+
};
|
|
107
|
+
case 404:
|
|
108
|
+
return {
|
|
109
|
+
valid: false,
|
|
110
|
+
message: `reCAPTCHA Enterprise: Project not found (HTTP 404). The project ID "${this.projectId}" may be incorrect.`,
|
|
111
|
+
hint: 'Verify your projectId matches a Google Cloud project with reCAPTCHA Enterprise enabled.',
|
|
112
|
+
httpStatus: 404,
|
|
113
|
+
};
|
|
114
|
+
default:
|
|
115
|
+
return {
|
|
116
|
+
valid: false,
|
|
117
|
+
message: `reCAPTCHA Enterprise: Unexpected response (HTTP ${response.status}).`,
|
|
118
|
+
httpStatus: response.status,
|
|
119
|
+
};
|
|
120
|
+
}
|
|
121
|
+
}
|
|
122
|
+
catch (error) {
|
|
123
|
+
if (error instanceof Error && error.name === 'AbortError') {
|
|
124
|
+
return {
|
|
125
|
+
valid: false,
|
|
126
|
+
message: `reCAPTCHA Enterprise: Connection timeout after ${this.timeout}ms.`,
|
|
127
|
+
hint: 'Check network connectivity and verify the apiEndpoint is correct.',
|
|
128
|
+
};
|
|
129
|
+
}
|
|
130
|
+
const errorMessage = error instanceof Error ? error.message : 'Unknown error';
|
|
131
|
+
return {
|
|
132
|
+
valid: false,
|
|
133
|
+
message: `reCAPTCHA Enterprise: Network error — ${errorMessage}`,
|
|
134
|
+
hint: 'Check network connectivity. If using a custom apiEndpoint, verify the URL is correct.',
|
|
135
|
+
};
|
|
136
|
+
}
|
|
137
|
+
}
|
|
58
138
|
/**
|
|
59
139
|
* Verify reCAPTCHA Enterprise token with Google's API
|
|
60
140
|
*
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"recaptcha-enterprise.provider.js","sourceRoot":"","sources":["../../../src/providers/recaptcha-enterprise.provider.ts"],"names":[],"mappings":";;;AA4CA;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;GAwCG;AACH,MAAa,2BAA2B;IACrB,SAAS,CAAS;IAClB,MAAM,CAAS;IACf,OAAO,CAAS;IAChB,WAAW,CAAS;IACpB,OAAO,CAAS;IAEjC,YAAY,MAAiC;QAC3C,IAAI,CAAC,SAAS,GAAG,MAAM,CAAC,SAAS,CAAC;QAClC,IAAI,CAAC,MAAM,GAAG,MAAM,CAAC,MAAM,CAAC;QAC5B,IAAI,CAAC,OAAO,GAAG,MAAM,CAAC,OAAO,CAAC;QAC9B,IAAI,CAAC,WAAW,GAAG,MAAM,CAAC,WAAW,IAAI,+CAA+C,CAAC;QACzF,IAAI,CAAC,OAAO,GAAG,MAAM,CAAC,OAAO,IAAI,KAAK,CAAC;IACzC,CAAC;IAED;;;;;;;;;;;;OAYG;IACH,KAAK,CAAC,MAAM,CAAC,KAAa,EAAE,QAAiB,EAAE,MAAe;QAC5D,uDAAuD;QACvD,wEAAwE;QACxE,MAAM,aAAa,GAAG,GAAG,IAAI,CAAC,WAAW,aAAa,IAAI,CAAC,SAAS,oBAAoB,IAAI,CAAC,MAAM,EAAE,CAAC;QAEtG,MAAM,WAAW,GAAG;YAClB,KAAK,EAAE;gBACL,KAAK;gBACL,OAAO,EAAE,IAAI,CAAC,OAAO;gBACrB,GAAG,CAAC,MAAM,IAAI,EAAE,cAAc,EAAE,MAAM,EAAE,CAAC;gBACzC,GAAG,CAAC,QAAQ,IAAI,EAAE,aAAa,EAAE,QAAQ,EAAE,CAAC;aAC7C;SACF,CAAC;QAEF,IAAI,CAAC;YACH,sCAAsC;YACtC,MAAM,UAAU,GAAG,IAAI,eAAe,EAAE,CAAC;YACzC,MAAM,SAAS,GAAG,UAAU,CAAC,GAAG,EAAE,CAAC,UAAU,CAAC,KAAK,EAAE,EAAE,IAAI,CAAC,OAAO,CAAC,CAAC;YAErE,0CAA0C;YAC1C,MAAM,QAAQ,GAAG,MAAM,KAAK,CAAC,aAAa,EAAE;gBAC1C,MAAM,EAAE,MAAM;gBACd,OAAO,EAAE;oBACP,cAAc,EAAE,kBAAkB;iBACnC;gBACD,IAAI,EAAE,IAAI,CAAC,SAAS,CAAC,WAAW,CAAC;gBACjC,MAAM,EAAE,UAAU,CAAC,MAAM;aAC1B,CAAC,CAAC;YAEH,YAAY,CAAC,SAAS,CAAC,CAAC;YAExB,IAAI,CAAC,QAAQ,CAAC,EAAE,EAAE,CAAC;gBACjB,MAAM,SAAS,GAAG,MAAM,QAAQ,CAAC,IAAI,EAAE,CAAC;gBACxC,MAAM,IAAI,KAAK,CAAC,4CAA4C,QAAQ,CAAC,MAAM,KAAK,SAAS,EAAE,CAAC,CAAC;YAC/F,CAAC;YAED,MAAM,IAAI,GAAG,MAAM,QAAQ,CAAC,IAAI,EAAE,CAAC;YAEnC,2CAA2C;YAC3C,MAAM,eAAe,GAAG,IAAI,CAAC,eAAe,IAAI,EAAE,CAAC;YACnD,MAAM,YAAY,GAAG,IAAI,CAAC,YAAY,IAAI,EAAE,CAAC;YAE7C,2CAA2C;YAC3C,OAAO;gBACL,OAAO,EAAE,eAAe,CAAC,KAAK,KAAK,IAAI;gBACvC,KAAK,EAAE,YAAY,CAAC,KAAK;gBACzB,MAAM,EAAE,eAAe,CAAC,MAAM;gBAC9B,QAAQ,EAAE,eAAe,CAAC,QAAQ;gBAClC,UAAU,EAAE,eAAe,CAAC,aAAa,CAAC,CAAC,CAAC,CAAC,eAAe,CAAC,aAAa,CAAC,CAAC,CAAC,CAAC,SAAS;aACxF,CAAC;QACJ,CAAC;QAAC,OAAO,KAAc,EAAE,CAAC;YACxB,wBAAwB;YACxB,IAAI,KAAK,YAAY,KAAK,EAAE,CAAC;gBAC3B,IAAI,KAAK,CAAC,IAAI,KAAK,YAAY,EAAE,CAAC;oBAChC,MAAM,IAAI,KAAK,CAAC,mDAAmD,IAAI,CAAC,OAAO,IAAI,CAAC,CAAC;gBACvF,CAAC;gBACD,MAAM,IAAI,KAAK,CAAC,6CAA6C,KAAK,CAAC,OAAO,EAAE,CAAC,CAAC;YAChF,CAAC;YACD,MAAM,IAAI,KAAK,CAAC,6DAA6D,CAAC,CAAC;QACjF,CAAC;IACH,CAAC;CACF;
|
|
1
|
+
{"version":3,"file":"recaptcha-enterprise.provider.js","sourceRoot":"","sources":["../../../src/providers/recaptcha-enterprise.provider.ts"],"names":[],"mappings":";;;AA4CA;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;GAwCG;AACH,MAAa,2BAA2B;IACrB,SAAS,CAAS;IAClB,MAAM,CAAS;IACf,OAAO,CAAS;IAChB,WAAW,CAAS;IACpB,OAAO,CAAS;IAEjC,YAAY,MAAiC;QAC3C,IAAI,CAAC,SAAS,GAAG,MAAM,CAAC,SAAS,CAAC;QAClC,IAAI,CAAC,MAAM,GAAG,MAAM,CAAC,MAAM,CAAC;QAC5B,IAAI,CAAC,OAAO,GAAG,MAAM,CAAC,OAAO,CAAC;QAC9B,IAAI,CAAC,WAAW,GAAG,MAAM,CAAC,WAAW,IAAI,+CAA+C,CAAC;QACzF,IAAI,CAAC,OAAO,GAAG,MAAM,CAAC,OAAO,IAAI,KAAK,CAAC;IACzC,CAAC;IAED;;;;;;;;OAQG;IACH,KAAK,CAAC,cAAc;QAClB,MAAM,aAAa,GAAG,GAAG,IAAI,CAAC,WAAW,aAAa,IAAI,CAAC,SAAS,oBAAoB,IAAI,CAAC,MAAM,EAAE,CAAC;QAEtG,MAAM,WAAW,GAAG;YAClB,KAAK,EAAE;gBACL,KAAK,EAAE,gCAAgC;gBACvC,OAAO,EAAE,IAAI,CAAC,OAAO;aACtB;SACF,CAAC;QAEF,IAAI,CAAC;YACH,MAAM,UAAU,GAAG,IAAI,eAAe,EAAE,CAAC;YACzC,MAAM,SAAS,GAAG,UAAU,CAAC,GAAG,EAAE,CAAC,UAAU,CAAC,KAAK,EAAE,EAAE,IAAI,CAAC,OAAO,CAAC,CAAC;YAErE,MAAM,QAAQ,GAAG,MAAM,KAAK,CAAC,aAAa,EAAE;gBAC1C,MAAM,EAAE,MAAM;gBACd,OAAO,EAAE,EAAE,cAAc,EAAE,kBAAkB,EAAE;gBAC/C,IAAI,EAAE,IAAI,CAAC,SAAS,CAAC,WAAW,CAAC;gBACjC,MAAM,EAAE,UAAU,CAAC,MAAM;aAC1B,CAAC,CAAC;YAEH,YAAY,CAAC,SAAS,CAAC,CAAC;YAExB,IAAI,QAAQ,CAAC,EAAE,EAAE,CAAC;gBAChB,OAAO;oBACL,KAAK,EAAE,IAAI;oBACX,OAAO,EAAE,8FAA8F;oBACvG,UAAU,EAAE,QAAQ,CAAC,MAAM;iBAC5B,CAAC;YACJ,CAAC;YAED,QAAQ,QAAQ,CAAC,MAAM,EAAE,CAAC;gBACxB,KAAK,GAAG;oBACN,OAAO;wBACL,KAAK,EAAE,KAAK;wBACZ,OAAO,EAAE,mEAAmE,IAAI,CAAC,OAAO,0CAA0C;wBAClI,IAAI,EAAE,yKAAyK;wBAC/K,UAAU,EAAE,GAAG;qBAChB,CAAC;gBACJ,KAAK,GAAG;oBACN,OAAO;wBACL,KAAK,EAAE,KAAK;wBACZ,OAAO,EAAE,4HAA4H;wBACrI,IAAI,EAAE,0MAA0M;wBAChN,UAAU,EAAE,GAAG;qBAChB,CAAC;gBACJ,KAAK,GAAG;oBACN,OAAO;wBACL,KAAK,EAAE,KAAK;wBACZ,OAAO,EAAE,uEAAuE,IAAI,CAAC,SAAS,qBAAqB;wBACnH,IAAI,EAAE,yFAAyF;wBAC/F,UAAU,EAAE,GAAG;qBAChB,CAAC;gBACJ;oBACE,OAAO;wBACL,KAAK,EAAE,KAAK;wBACZ,OAAO,EAAE,mDAAmD,QAAQ,CAAC,MAAM,IAAI;wBAC/E,UAAU,EAAE,QAAQ,CAAC,MAAM;qBAC5B,CAAC;YACN,CAAC;QACH,CAAC;QAAC,OAAO,KAAc,EAAE,CAAC;YACxB,IAAI,KAAK,YAAY,KAAK,IAAI,KAAK,CAAC,IAAI,KAAK,YAAY,EAAE,CAAC;gBAC1D,OAAO;oBACL,KAAK,EAAE,KAAK;oBACZ,OAAO,EAAE,kDAAkD,IAAI,CAAC,OAAO,KAAK;oBAC5E,IAAI,EAAE,mEAAmE;iBAC1E,CAAC;YACJ,CAAC;YAED,MAAM,YAAY,GAAG,KAAK,YAAY,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC,CAAC,eAAe,CAAC;YAC9E,OAAO;gBACL,KAAK,EAAE,KAAK;gBACZ,OAAO,EAAE,yCAAyC,YAAY,EAAE;gBAChE,IAAI,EAAE,uFAAuF;aAC9F,CAAC;QACJ,CAAC;IACH,CAAC;IAED;;;;;;;;;;;;OAYG;IACH,KAAK,CAAC,MAAM,CAAC,KAAa,EAAE,QAAiB,EAAE,MAAe;QAC5D,uDAAuD;QACvD,wEAAwE;QACxE,MAAM,aAAa,GAAG,GAAG,IAAI,CAAC,WAAW,aAAa,IAAI,CAAC,SAAS,oBAAoB,IAAI,CAAC,MAAM,EAAE,CAAC;QAEtG,MAAM,WAAW,GAAG;YAClB,KAAK,EAAE;gBACL,KAAK;gBACL,OAAO,EAAE,IAAI,CAAC,OAAO;gBACrB,GAAG,CAAC,MAAM,IAAI,EAAE,cAAc,EAAE,MAAM,EAAE,CAAC;gBACzC,GAAG,CAAC,QAAQ,IAAI,EAAE,aAAa,EAAE,QAAQ,EAAE,CAAC;aAC7C;SACF,CAAC;QAEF,IAAI,CAAC;YACH,sCAAsC;YACtC,MAAM,UAAU,GAAG,IAAI,eAAe,EAAE,CAAC;YACzC,MAAM,SAAS,GAAG,UAAU,CAAC,GAAG,EAAE,CAAC,UAAU,CAAC,KAAK,EAAE,EAAE,IAAI,CAAC,OAAO,CAAC,CAAC;YAErE,0CAA0C;YAC1C,MAAM,QAAQ,GAAG,MAAM,KAAK,CAAC,aAAa,EAAE;gBAC1C,MAAM,EAAE,MAAM;gBACd,OAAO,EAAE;oBACP,cAAc,EAAE,kBAAkB;iBACnC;gBACD,IAAI,EAAE,IAAI,CAAC,SAAS,CAAC,WAAW,CAAC;gBACjC,MAAM,EAAE,UAAU,CAAC,MAAM;aAC1B,CAAC,CAAC;YAEH,YAAY,CAAC,SAAS,CAAC,CAAC;YAExB,IAAI,CAAC,QAAQ,CAAC,EAAE,EAAE,CAAC;gBACjB,MAAM,SAAS,GAAG,MAAM,QAAQ,CAAC,IAAI,EAAE,CAAC;gBACxC,MAAM,IAAI,KAAK,CAAC,4CAA4C,QAAQ,CAAC,MAAM,KAAK,SAAS,EAAE,CAAC,CAAC;YAC/F,CAAC;YAED,MAAM,IAAI,GAAG,MAAM,QAAQ,CAAC,IAAI,EAAE,CAAC;YAEnC,2CAA2C;YAC3C,MAAM,eAAe,GAAG,IAAI,CAAC,eAAe,IAAI,EAAE,CAAC;YACnD,MAAM,YAAY,GAAG,IAAI,CAAC,YAAY,IAAI,EAAE,CAAC;YAE7C,2CAA2C;YAC3C,OAAO;gBACL,OAAO,EAAE,eAAe,CAAC,KAAK,KAAK,IAAI;gBACvC,KAAK,EAAE,YAAY,CAAC,KAAK;gBACzB,MAAM,EAAE,eAAe,CAAC,MAAM;gBAC9B,QAAQ,EAAE,eAAe,CAAC,QAAQ;gBAClC,UAAU,EAAE,eAAe,CAAC,aAAa,CAAC,CAAC,CAAC,CAAC,eAAe,CAAC,aAAa,CAAC,CAAC,CAAC,CAAC,SAAS;aACxF,CAAC;QACJ,CAAC;QAAC,OAAO,KAAc,EAAE,CAAC;YACxB,wBAAwB;YACxB,IAAI,KAAK,YAAY,KAAK,EAAE,CAAC;gBAC3B,IAAI,KAAK,CAAC,IAAI,KAAK,YAAY,EAAE,CAAC;oBAChC,MAAM,IAAI,KAAK,CAAC,mDAAmD,IAAI,CAAC,OAAO,IAAI,CAAC,CAAC;gBACvF,CAAC;gBACD,MAAM,IAAI,KAAK,CAAC,6CAA6C,KAAK,CAAC,OAAO,EAAE,CAAC,CAAC;YAChF,CAAC;YACD,MAAM,IAAI,KAAK,CAAC,6DAA6D,CAAC,CAAC;QACjF,CAAC;IACH,CAAC;CACF;AAhLD,kEAgLC"}
|
|
@@ -1,4 +1,4 @@
|
|
|
1
|
-
import { RecaptchaProvider, RecaptchaVerificationResult } from '../recaptcha-provider.interface';
|
|
1
|
+
import { RecaptchaProvider, RecaptchaValidationResult, RecaptchaVerificationResult } from '../recaptcha-provider.interface';
|
|
2
2
|
/**
|
|
3
3
|
* Configuration for reCAPTCHA v2 provider
|
|
4
4
|
*/
|
|
@@ -50,6 +50,16 @@ export declare class RecaptchaV2Provider implements RecaptchaProvider {
|
|
|
50
50
|
private readonly verifyUrl;
|
|
51
51
|
private readonly timeout;
|
|
52
52
|
constructor(config: RecaptchaV2Config);
|
|
53
|
+
/**
|
|
54
|
+
* Validate reCAPTCHA v2 configuration by sending a probe verification
|
|
55
|
+
*
|
|
56
|
+
* Sends a dummy token to siteverify. If the secret key is valid,
|
|
57
|
+
* Google returns success: false with error-codes: ["invalid-input-response"].
|
|
58
|
+
* If the secret key itself is wrong, error-codes contains "invalid-input-secret".
|
|
59
|
+
*
|
|
60
|
+
* @returns Validation result with actionable guidance
|
|
61
|
+
*/
|
|
62
|
+
validateConfig(): Promise<RecaptchaValidationResult>;
|
|
53
63
|
/**
|
|
54
64
|
* Verify reCAPTCHA v2 token with Google's API
|
|
55
65
|
*
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"recaptcha-v2.provider.d.ts","sourceRoot":"","sources":["../../../src/providers/recaptcha-v2.provider.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,iBAAiB,EAAE,2BAA2B,EAAE,MAAM,iCAAiC,CAAC;
|
|
1
|
+
{"version":3,"file":"recaptcha-v2.provider.d.ts","sourceRoot":"","sources":["../../../src/providers/recaptcha-v2.provider.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,iBAAiB,EAAE,yBAAyB,EAAE,2BAA2B,EAAE,MAAM,iCAAiC,CAAC;AAE5H;;GAEG;AACH,MAAM,WAAW,iBAAiB;IAChC;;OAEG;IACH,SAAS,EAAE,MAAM,CAAC;IAElB;;;;;OAKG;IACH,SAAS,CAAC,EAAE,MAAM,CAAC;IAEnB;;;;OAIG;IACH,OAAO,CAAC,EAAE,MAAM,CAAC;CAClB;AAED;;;;;;;;;;;;;;;;;;;;;;;GAuBG;AACH,qBAAa,mBAAoB,YAAW,iBAAiB;IAC3D,OAAO,CAAC,QAAQ,CAAC,SAAS,CAAS;IACnC,OAAO,CAAC,QAAQ,CAAC,SAAS,CAAS;IACnC,OAAO,CAAC,QAAQ,CAAC,OAAO,CAAS;gBAErB,MAAM,EAAE,iBAAiB;IAMrC;;;;;;;;OAQG;IACG,cAAc,IAAI,OAAO,CAAC,yBAAyB,CAAC;IA+D1D;;;;;;;;;OASG;IACG,MAAM,CAAC,KAAK,EAAE,MAAM,EAAE,QAAQ,CAAC,EAAE,MAAM,EAAE,OAAO,CAAC,EAAE,MAAM,GAAG,OAAO,CAAC,2BAA2B,CAAC;CAqDvG"}
|
|
@@ -34,6 +34,70 @@ class RecaptchaV2Provider {
|
|
|
34
34
|
this.verifyUrl = config.verifyUrl || 'https://www.google.com/recaptcha/api/siteverify';
|
|
35
35
|
this.timeout = config.timeout || 10000;
|
|
36
36
|
}
|
|
37
|
+
/**
|
|
38
|
+
* Validate reCAPTCHA v2 configuration by sending a probe verification
|
|
39
|
+
*
|
|
40
|
+
* Sends a dummy token to siteverify. If the secret key is valid,
|
|
41
|
+
* Google returns success: false with error-codes: ["invalid-input-response"].
|
|
42
|
+
* If the secret key itself is wrong, error-codes contains "invalid-input-secret".
|
|
43
|
+
*
|
|
44
|
+
* @returns Validation result with actionable guidance
|
|
45
|
+
*/
|
|
46
|
+
async validateConfig() {
|
|
47
|
+
const params = new URLSearchParams({
|
|
48
|
+
secret: this.secretKey,
|
|
49
|
+
response: 'NAUTH_STARTUP_VALIDATION_PROBE',
|
|
50
|
+
});
|
|
51
|
+
try {
|
|
52
|
+
const controller = new AbortController();
|
|
53
|
+
const timeoutId = setTimeout(() => controller.abort(), this.timeout);
|
|
54
|
+
const response = await fetch(this.verifyUrl, {
|
|
55
|
+
method: 'POST',
|
|
56
|
+
headers: { 'Content-Type': 'application/x-www-form-urlencoded' },
|
|
57
|
+
body: params.toString(),
|
|
58
|
+
signal: controller.signal,
|
|
59
|
+
});
|
|
60
|
+
clearTimeout(timeoutId);
|
|
61
|
+
if (!response.ok) {
|
|
62
|
+
return {
|
|
63
|
+
valid: false,
|
|
64
|
+
message: `reCAPTCHA v2: API returned HTTP ${response.status}.`,
|
|
65
|
+
hint: 'Check network connectivity and verify the verifyUrl is correct.',
|
|
66
|
+
httpStatus: response.status,
|
|
67
|
+
};
|
|
68
|
+
}
|
|
69
|
+
const data = await response.json();
|
|
70
|
+
const errorCodes = data['error-codes'] || [];
|
|
71
|
+
if (errorCodes.includes('invalid-input-secret')) {
|
|
72
|
+
return {
|
|
73
|
+
valid: false,
|
|
74
|
+
message: 'reCAPTCHA v2: The secret key is invalid.',
|
|
75
|
+
hint: 'Verify your secretKey at https://www.google.com/recaptcha/admin. Ensure you are using the server-side secret, not the site key.',
|
|
76
|
+
httpStatus: response.status,
|
|
77
|
+
};
|
|
78
|
+
}
|
|
79
|
+
return {
|
|
80
|
+
valid: true,
|
|
81
|
+
message: 'reCAPTCHA v2 configuration is valid. Secret key is accepted by Google.',
|
|
82
|
+
httpStatus: response.status,
|
|
83
|
+
};
|
|
84
|
+
}
|
|
85
|
+
catch (error) {
|
|
86
|
+
if (error instanceof Error && error.name === 'AbortError') {
|
|
87
|
+
return {
|
|
88
|
+
valid: false,
|
|
89
|
+
message: `reCAPTCHA v2: Connection timeout after ${this.timeout}ms.`,
|
|
90
|
+
hint: 'Check network connectivity.',
|
|
91
|
+
};
|
|
92
|
+
}
|
|
93
|
+
const errorMessage = error instanceof Error ? error.message : 'Unknown error';
|
|
94
|
+
return {
|
|
95
|
+
valid: false,
|
|
96
|
+
message: `reCAPTCHA v2: Network error — ${errorMessage}`,
|
|
97
|
+
hint: 'Check network connectivity.',
|
|
98
|
+
};
|
|
99
|
+
}
|
|
100
|
+
}
|
|
37
101
|
/**
|
|
38
102
|
* Verify reCAPTCHA v2 token with Google's API
|
|
39
103
|
*
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"recaptcha-v2.provider.js","sourceRoot":"","sources":["../../../src/providers/recaptcha-v2.provider.ts"],"names":[],"mappings":";;;AA2BA;;;;;;;;;;;;;;;;;;;;;;;GAuBG;AACH,MAAa,mBAAmB;IACb,SAAS,CAAS;IAClB,SAAS,CAAS;IAClB,OAAO,CAAS;IAEjC,YAAY,MAAyB;QACnC,IAAI,CAAC,SAAS,GAAG,MAAM,CAAC,SAAS,CAAC;QAClC,IAAI,CAAC,SAAS,GAAG,MAAM,CAAC,SAAS,IAAI,iDAAiD,CAAC;QACvF,IAAI,CAAC,OAAO,GAAG,MAAM,CAAC,OAAO,IAAI,KAAK,CAAC;IACzC,CAAC;IAED;;;;;;;;;OASG;IACH,KAAK,CAAC,MAAM,CAAC,KAAa,EAAE,QAAiB,EAAE,OAAgB;QAC7D,qBAAqB;QACrB,MAAM,MAAM,GAAG,IAAI,eAAe,CAAC;YACjC,MAAM,EAAE,IAAI,CAAC,SAAS;YACtB,QAAQ,EAAE,KAAK;SAChB,CAAC,CAAC;QAEH,IAAI,QAAQ,EAAE,CAAC;YACb,MAAM,CAAC,MAAM,CAAC,UAAU,EAAE,QAAQ,CAAC,CAAC;QACtC,CAAC;QAED,IAAI,CAAC;YACH,sCAAsC;YACtC,MAAM,UAAU,GAAG,IAAI,eAAe,EAAE,CAAC;YACzC,MAAM,SAAS,GAAG,UAAU,CAAC,GAAG,EAAE,CAAC,UAAU,CAAC,KAAK,EAAE,EAAE,IAAI,CAAC,OAAO,CAAC,CAAC;YAErE,+BAA+B;YAC/B,MAAM,QAAQ,GAAG,MAAM,KAAK,CAAC,IAAI,CAAC,SAAS,EAAE;gBAC3C,MAAM,EAAE,MAAM;gBACd,OAAO,EAAE;oBACP,cAAc,EAAE,mCAAmC;iBACpD;gBACD,IAAI,EAAE,MAAM,CAAC,QAAQ,EAAE;gBACvB,MAAM,EAAE,UAAU,CAAC,MAAM;aAC1B,CAAC,CAAC;YAEH,YAAY,CAAC,SAAS,CAAC,CAAC;YAExB,IAAI,CAAC,QAAQ,CAAC,EAAE,EAAE,CAAC;gBACjB,MAAM,IAAI,KAAK,CAAC,iCAAiC,QAAQ,CAAC,MAAM,EAAE,CAAC,CAAC;YACtE,CAAC;YAED,MAAM,IAAI,GAAG,MAAM,QAAQ,CAAC,IAAI,EAAE,CAAC;YAEnC,yCAAyC;YACzC,sCAAsC;YACtC,OAAO;gBACL,OAAO,EAAE,IAAI,CAAC,OAAO,KAAK,IAAI;gBAC9B,WAAW,EAAE,IAAI,CAAC,YAAY;gBAC9B,QAAQ,EAAE,IAAI,CAAC,QAAQ;gBACvB,UAAU,EAAE,IAAI,CAAC,aAAa,CAAC;aAChC,CAAC;QACJ,CAAC;QAAC,OAAO,KAAc,EAAE,CAAC;YACxB,wBAAwB;YACxB,IAAI,KAAK,YAAY,KAAK,EAAE,CAAC;gBAC3B,IAAI,KAAK,CAAC,IAAI,KAAK,YAAY,EAAE,CAAC;oBAChC,MAAM,IAAI,KAAK,CAAC,wCAAwC,IAAI,CAAC,OAAO,IAAI,CAAC,CAAC;gBAC5E,CAAC;gBACD,MAAM,IAAI,KAAK,CAAC,kCAAkC,KAAK,CAAC,OAAO,EAAE,CAAC,CAAC;YACrE,CAAC;YACD,MAAM,IAAI,KAAK,CAAC,kDAAkD,CAAC,CAAC;QACtE,CAAC;IACH,CAAC;CACF;
|
|
1
|
+
{"version":3,"file":"recaptcha-v2.provider.js","sourceRoot":"","sources":["../../../src/providers/recaptcha-v2.provider.ts"],"names":[],"mappings":";;;AA2BA;;;;;;;;;;;;;;;;;;;;;;;GAuBG;AACH,MAAa,mBAAmB;IACb,SAAS,CAAS;IAClB,SAAS,CAAS;IAClB,OAAO,CAAS;IAEjC,YAAY,MAAyB;QACnC,IAAI,CAAC,SAAS,GAAG,MAAM,CAAC,SAAS,CAAC;QAClC,IAAI,CAAC,SAAS,GAAG,MAAM,CAAC,SAAS,IAAI,iDAAiD,CAAC;QACvF,IAAI,CAAC,OAAO,GAAG,MAAM,CAAC,OAAO,IAAI,KAAK,CAAC;IACzC,CAAC;IAED;;;;;;;;OAQG;IACH,KAAK,CAAC,cAAc;QAClB,MAAM,MAAM,GAAG,IAAI,eAAe,CAAC;YACjC,MAAM,EAAE,IAAI,CAAC,SAAS;YACtB,QAAQ,EAAE,gCAAgC;SAC3C,CAAC,CAAC;QAEH,IAAI,CAAC;YACH,MAAM,UAAU,GAAG,IAAI,eAAe,EAAE,CAAC;YACzC,MAAM,SAAS,GAAG,UAAU,CAAC,GAAG,EAAE,CAAC,UAAU,CAAC,KAAK,EAAE,EAAE,IAAI,CAAC,OAAO,CAAC,CAAC;YAErE,MAAM,QAAQ,GAAG,MAAM,KAAK,CAAC,IAAI,CAAC,SAAS,EAAE;gBAC3C,MAAM,EAAE,MAAM;gBACd,OAAO,EAAE,EAAE,cAAc,EAAE,mCAAmC,EAAE;gBAChE,IAAI,EAAE,MAAM,CAAC,QAAQ,EAAE;gBACvB,MAAM,EAAE,UAAU,CAAC,MAAM;aAC1B,CAAC,CAAC;YAEH,YAAY,CAAC,SAAS,CAAC,CAAC;YAExB,IAAI,CAAC,QAAQ,CAAC,EAAE,EAAE,CAAC;gBACjB,OAAO;oBACL,KAAK,EAAE,KAAK;oBACZ,OAAO,EAAE,mCAAmC,QAAQ,CAAC,MAAM,GAAG;oBAC9D,IAAI,EAAE,iEAAiE;oBACvE,UAAU,EAAE,QAAQ,CAAC,MAAM;iBAC5B,CAAC;YACJ,CAAC;YAED,MAAM,IAAI,GAAG,MAAM,QAAQ,CAAC,IAAI,EAAE,CAAC;YACnC,MAAM,UAAU,GAAa,IAAI,CAAC,aAAa,CAAC,IAAI,EAAE,CAAC;YAEvD,IAAI,UAAU,CAAC,QAAQ,CAAC,sBAAsB,CAAC,EAAE,CAAC;gBAChD,OAAO;oBACL,KAAK,EAAE,KAAK;oBACZ,OAAO,EAAE,0CAA0C;oBACnD,IAAI,EAAE,iIAAiI;oBACvI,UAAU,EAAE,QAAQ,CAAC,MAAM;iBAC5B,CAAC;YACJ,CAAC;YAED,OAAO;gBACL,KAAK,EAAE,IAAI;gBACX,OAAO,EAAE,wEAAwE;gBACjF,UAAU,EAAE,QAAQ,CAAC,MAAM;aAC5B,CAAC;QACJ,CAAC;QAAC,OAAO,KAAc,EAAE,CAAC;YACxB,IAAI,KAAK,YAAY,KAAK,IAAI,KAAK,CAAC,IAAI,KAAK,YAAY,EAAE,CAAC;gBAC1D,OAAO;oBACL,KAAK,EAAE,KAAK;oBACZ,OAAO,EAAE,0CAA0C,IAAI,CAAC,OAAO,KAAK;oBACpE,IAAI,EAAE,6BAA6B;iBACpC,CAAC;YACJ,CAAC;YAED,MAAM,YAAY,GAAG,KAAK,YAAY,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC,CAAC,eAAe,CAAC;YAC9E,OAAO;gBACL,KAAK,EAAE,KAAK;gBACZ,OAAO,EAAE,iCAAiC,YAAY,EAAE;gBACxD,IAAI,EAAE,6BAA6B;aACpC,CAAC;QACJ,CAAC;IACH,CAAC;IAED;;;;;;;;;OASG;IACH,KAAK,CAAC,MAAM,CAAC,KAAa,EAAE,QAAiB,EAAE,OAAgB;QAC7D,qBAAqB;QACrB,MAAM,MAAM,GAAG,IAAI,eAAe,CAAC;YACjC,MAAM,EAAE,IAAI,CAAC,SAAS;YACtB,QAAQ,EAAE,KAAK;SAChB,CAAC,CAAC;QAEH,IAAI,QAAQ,EAAE,CAAC;YACb,MAAM,CAAC,MAAM,CAAC,UAAU,EAAE,QAAQ,CAAC,CAAC;QACtC,CAAC;QAED,IAAI,CAAC;YACH,sCAAsC;YACtC,MAAM,UAAU,GAAG,IAAI,eAAe,EAAE,CAAC;YACzC,MAAM,SAAS,GAAG,UAAU,CAAC,GAAG,EAAE,CAAC,UAAU,CAAC,KAAK,EAAE,EAAE,IAAI,CAAC,OAAO,CAAC,CAAC;YAErE,+BAA+B;YAC/B,MAAM,QAAQ,GAAG,MAAM,KAAK,CAAC,IAAI,CAAC,SAAS,EAAE;gBAC3C,MAAM,EAAE,MAAM;gBACd,OAAO,EAAE;oBACP,cAAc,EAAE,mCAAmC;iBACpD;gBACD,IAAI,EAAE,MAAM,CAAC,QAAQ,EAAE;gBACvB,MAAM,EAAE,UAAU,CAAC,MAAM;aAC1B,CAAC,CAAC;YAEH,YAAY,CAAC,SAAS,CAAC,CAAC;YAExB,IAAI,CAAC,QAAQ,CAAC,EAAE,EAAE,CAAC;gBACjB,MAAM,IAAI,KAAK,CAAC,iCAAiC,QAAQ,CAAC,MAAM,EAAE,CAAC,CAAC;YACtE,CAAC;YAED,MAAM,IAAI,GAAG,MAAM,QAAQ,CAAC,IAAI,EAAE,CAAC;YAEnC,yCAAyC;YACzC,sCAAsC;YACtC,OAAO;gBACL,OAAO,EAAE,IAAI,CAAC,OAAO,KAAK,IAAI;gBAC9B,WAAW,EAAE,IAAI,CAAC,YAAY;gBAC9B,QAAQ,EAAE,IAAI,CAAC,QAAQ;gBACvB,UAAU,EAAE,IAAI,CAAC,aAAa,CAAC;aAChC,CAAC;QACJ,CAAC;QAAC,OAAO,KAAc,EAAE,CAAC;YACxB,wBAAwB;YACxB,IAAI,KAAK,YAAY,KAAK,EAAE,CAAC;gBAC3B,IAAI,KAAK,CAAC,IAAI,KAAK,YAAY,EAAE,CAAC;oBAChC,MAAM,IAAI,KAAK,CAAC,wCAAwC,IAAI,CAAC,OAAO,IAAI,CAAC,CAAC;gBAC5E,CAAC;gBACD,MAAM,IAAI,KAAK,CAAC,kCAAkC,KAAK,CAAC,OAAO,EAAE,CAAC,CAAC;YACrE,CAAC;YACD,MAAM,IAAI,KAAK,CAAC,kDAAkD,CAAC,CAAC;QACtE,CAAC;IACH,CAAC;CACF;AAlJD,kDAkJC"}
|
|
@@ -1,4 +1,4 @@
|
|
|
1
|
-
import { RecaptchaProvider, RecaptchaVerificationResult } from '../recaptcha-provider.interface';
|
|
1
|
+
import { RecaptchaProvider, RecaptchaValidationResult, RecaptchaVerificationResult } from '../recaptcha-provider.interface';
|
|
2
2
|
/**
|
|
3
3
|
* Configuration for reCAPTCHA v3 provider
|
|
4
4
|
*/
|
|
@@ -52,6 +52,16 @@ export declare class RecaptchaV3Provider implements RecaptchaProvider {
|
|
|
52
52
|
private readonly verifyUrl;
|
|
53
53
|
private readonly timeout;
|
|
54
54
|
constructor(config: RecaptchaV3Config);
|
|
55
|
+
/**
|
|
56
|
+
* Validate reCAPTCHA v3 configuration by sending a probe verification
|
|
57
|
+
*
|
|
58
|
+
* Sends a dummy token to siteverify. If the secret key is valid,
|
|
59
|
+
* Google returns success: false with error-codes: ["invalid-input-response"].
|
|
60
|
+
* If the secret key itself is wrong, error-codes contains "invalid-input-secret".
|
|
61
|
+
*
|
|
62
|
+
* @returns Validation result with actionable guidance
|
|
63
|
+
*/
|
|
64
|
+
validateConfig(): Promise<RecaptchaValidationResult>;
|
|
55
65
|
/**
|
|
56
66
|
* Verify reCAPTCHA v3 token with Google's API
|
|
57
67
|
*
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"recaptcha-v3.provider.d.ts","sourceRoot":"","sources":["../../../src/providers/recaptcha-v3.provider.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,iBAAiB,EAAE,2BAA2B,EAAE,MAAM,iCAAiC,CAAC;
|
|
1
|
+
{"version":3,"file":"recaptcha-v3.provider.d.ts","sourceRoot":"","sources":["../../../src/providers/recaptcha-v3.provider.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,iBAAiB,EAAE,yBAAyB,EAAE,2BAA2B,EAAE,MAAM,iCAAiC,CAAC;AAE5H;;GAEG;AACH,MAAM,WAAW,iBAAiB;IAChC;;OAEG;IACH,SAAS,EAAE,MAAM,CAAC;IAElB;;;;;OAKG;IACH,SAAS,CAAC,EAAE,MAAM,CAAC;IAEnB;;;;OAIG;IACH,OAAO,CAAC,EAAE,MAAM,CAAC;CAClB;AAED;;;;;;;;;;;;;;;;;;;;;;;;;GAyBG;AACH,qBAAa,mBAAoB,YAAW,iBAAiB;IAC3D,OAAO,CAAC,QAAQ,CAAC,SAAS,CAAS;IACnC,OAAO,CAAC,QAAQ,CAAC,SAAS,CAAS;IACnC,OAAO,CAAC,QAAQ,CAAC,OAAO,CAAS;gBAErB,MAAM,EAAE,iBAAiB;IAMrC;;;;;;;;OAQG;IACG,cAAc,IAAI,OAAO,CAAC,yBAAyB,CAAC;IAgE1D;;;;;;;;;OASG;IACG,MAAM,CAAC,KAAK,EAAE,MAAM,EAAE,QAAQ,CAAC,EAAE,MAAM,EAAE,OAAO,CAAC,EAAE,MAAM,GAAG,OAAO,CAAC,2BAA2B,CAAC;CAqDvG"}
|
|
@@ -36,6 +36,71 @@ class RecaptchaV3Provider {
|
|
|
36
36
|
this.verifyUrl = config.verifyUrl || 'https://www.google.com/recaptcha/api/siteverify';
|
|
37
37
|
this.timeout = config.timeout || 10000;
|
|
38
38
|
}
|
|
39
|
+
/**
|
|
40
|
+
* Validate reCAPTCHA v3 configuration by sending a probe verification
|
|
41
|
+
*
|
|
42
|
+
* Sends a dummy token to siteverify. If the secret key is valid,
|
|
43
|
+
* Google returns success: false with error-codes: ["invalid-input-response"].
|
|
44
|
+
* If the secret key itself is wrong, error-codes contains "invalid-input-secret".
|
|
45
|
+
*
|
|
46
|
+
* @returns Validation result with actionable guidance
|
|
47
|
+
*/
|
|
48
|
+
async validateConfig() {
|
|
49
|
+
const params = new URLSearchParams({
|
|
50
|
+
secret: this.secretKey,
|
|
51
|
+
response: 'NAUTH_STARTUP_VALIDATION_PROBE',
|
|
52
|
+
});
|
|
53
|
+
try {
|
|
54
|
+
const controller = new AbortController();
|
|
55
|
+
const timeoutId = setTimeout(() => controller.abort(), this.timeout);
|
|
56
|
+
const response = await fetch(this.verifyUrl, {
|
|
57
|
+
method: 'POST',
|
|
58
|
+
headers: { 'Content-Type': 'application/x-www-form-urlencoded' },
|
|
59
|
+
body: params.toString(),
|
|
60
|
+
signal: controller.signal,
|
|
61
|
+
});
|
|
62
|
+
clearTimeout(timeoutId);
|
|
63
|
+
if (!response.ok) {
|
|
64
|
+
return {
|
|
65
|
+
valid: false,
|
|
66
|
+
message: `reCAPTCHA v3: API returned HTTP ${response.status}.`,
|
|
67
|
+
hint: 'Check network connectivity and verify the verifyUrl is correct.',
|
|
68
|
+
httpStatus: response.status,
|
|
69
|
+
};
|
|
70
|
+
}
|
|
71
|
+
const data = await response.json();
|
|
72
|
+
const errorCodes = data['error-codes'] || [];
|
|
73
|
+
if (errorCodes.includes('invalid-input-secret')) {
|
|
74
|
+
return {
|
|
75
|
+
valid: false,
|
|
76
|
+
message: 'reCAPTCHA v3: The secret key is invalid.',
|
|
77
|
+
hint: 'Verify your secretKey at https://www.google.com/recaptcha/admin. Ensure you are using the server-side secret, not the site key.',
|
|
78
|
+
httpStatus: response.status,
|
|
79
|
+
};
|
|
80
|
+
}
|
|
81
|
+
// "invalid-input-response" for the dummy token means the secret key works
|
|
82
|
+
return {
|
|
83
|
+
valid: true,
|
|
84
|
+
message: 'reCAPTCHA v3 configuration is valid. Secret key is accepted by Google.',
|
|
85
|
+
httpStatus: response.status,
|
|
86
|
+
};
|
|
87
|
+
}
|
|
88
|
+
catch (error) {
|
|
89
|
+
if (error instanceof Error && error.name === 'AbortError') {
|
|
90
|
+
return {
|
|
91
|
+
valid: false,
|
|
92
|
+
message: `reCAPTCHA v3: Connection timeout after ${this.timeout}ms.`,
|
|
93
|
+
hint: 'Check network connectivity.',
|
|
94
|
+
};
|
|
95
|
+
}
|
|
96
|
+
const errorMessage = error instanceof Error ? error.message : 'Unknown error';
|
|
97
|
+
return {
|
|
98
|
+
valid: false,
|
|
99
|
+
message: `reCAPTCHA v3: Network error — ${errorMessage}`,
|
|
100
|
+
hint: 'Check network connectivity.',
|
|
101
|
+
};
|
|
102
|
+
}
|
|
103
|
+
}
|
|
39
104
|
/**
|
|
40
105
|
* Verify reCAPTCHA v3 token with Google's API
|
|
41
106
|
*
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"recaptcha-v3.provider.js","sourceRoot":"","sources":["../../../src/providers/recaptcha-v3.provider.ts"],"names":[],"mappings":";;;AA2BA;;;;;;;;;;;;;;;;;;;;;;;;;GAyBG;AACH,MAAa,mBAAmB;IACb,SAAS,CAAS;IAClB,SAAS,CAAS;IAClB,OAAO,CAAS;IAEjC,YAAY,MAAyB;QACnC,IAAI,CAAC,SAAS,GAAG,MAAM,CAAC,SAAS,CAAC;QAClC,IAAI,CAAC,SAAS,GAAG,MAAM,CAAC,SAAS,IAAI,iDAAiD,CAAC;QACvF,IAAI,CAAC,OAAO,GAAG,MAAM,CAAC,OAAO,IAAI,KAAK,CAAC;IACzC,CAAC;IAED;;;;;;;;;OASG;IACH,KAAK,CAAC,MAAM,CAAC,KAAa,EAAE,QAAiB,EAAE,OAAgB;QAC7D,qBAAqB;QACrB,MAAM,MAAM,GAAG,IAAI,eAAe,CAAC;YACjC,MAAM,EAAE,IAAI,CAAC,SAAS;YACtB,QAAQ,EAAE,KAAK;SAChB,CAAC,CAAC;QAEH,IAAI,QAAQ,EAAE,CAAC;YACb,MAAM,CAAC,MAAM,CAAC,UAAU,EAAE,QAAQ,CAAC,CAAC;QACtC,CAAC;QAED,IAAI,CAAC;YACH,sCAAsC;YACtC,MAAM,UAAU,GAAG,IAAI,eAAe,EAAE,CAAC;YACzC,MAAM,SAAS,GAAG,UAAU,CAAC,GAAG,EAAE,CAAC,UAAU,CAAC,KAAK,EAAE,EAAE,IAAI,CAAC,OAAO,CAAC,CAAC;YAErE,+BAA+B;YAC/B,MAAM,QAAQ,GAAG,MAAM,KAAK,CAAC,IAAI,CAAC,SAAS,EAAE;gBAC3C,MAAM,EAAE,MAAM;gBACd,OAAO,EAAE;oBACP,cAAc,EAAE,mCAAmC;iBACpD;gBACD,IAAI,EAAE,MAAM,CAAC,QAAQ,EAAE;gBACvB,MAAM,EAAE,UAAU,CAAC,MAAM;aAC1B,CAAC,CAAC;YAEH,YAAY,CAAC,SAAS,CAAC,CAAC;YAExB,IAAI,CAAC,QAAQ,CAAC,EAAE,EAAE,CAAC;gBACjB,MAAM,IAAI,KAAK,CAAC,iCAAiC,QAAQ,CAAC,MAAM,EAAE,CAAC,CAAC;YACtE,CAAC;YAED,MAAM,IAAI,GAAG,MAAM,QAAQ,CAAC,IAAI,EAAE,CAAC;YAEnC,yCAAyC;YACzC,OAAO;gBACL,OAAO,EAAE,IAAI,CAAC,OAAO,KAAK,IAAI;gBAC9B,KAAK,EAAE,IAAI,CAAC,KAAK;gBACjB,MAAM,EAAE,IAAI,CAAC,MAAM;gBACnB,QAAQ,EAAE,IAAI,CAAC,QAAQ;gBACvB,UAAU,EAAE,IAAI,CAAC,aAAa,CAAC;aAChC,CAAC;QACJ,CAAC;QAAC,OAAO,KAAc,EAAE,CAAC;YACxB,wBAAwB;YACxB,IAAI,KAAK,YAAY,KAAK,EAAE,CAAC;gBAC3B,IAAI,KAAK,CAAC,IAAI,KAAK,YAAY,EAAE,CAAC;oBAChC,MAAM,IAAI,KAAK,CAAC,wCAAwC,IAAI,CAAC,OAAO,IAAI,CAAC,CAAC;gBAC5E,CAAC;gBACD,MAAM,IAAI,KAAK,CAAC,kCAAkC,KAAK,CAAC,OAAO,EAAE,CAAC,CAAC;YACrE,CAAC;YACD,MAAM,IAAI,KAAK,CAAC,kDAAkD,CAAC,CAAC;QACtE,CAAC;IACH,CAAC;CACF;
|
|
1
|
+
{"version":3,"file":"recaptcha-v3.provider.js","sourceRoot":"","sources":["../../../src/providers/recaptcha-v3.provider.ts"],"names":[],"mappings":";;;AA2BA;;;;;;;;;;;;;;;;;;;;;;;;;GAyBG;AACH,MAAa,mBAAmB;IACb,SAAS,CAAS;IAClB,SAAS,CAAS;IAClB,OAAO,CAAS;IAEjC,YAAY,MAAyB;QACnC,IAAI,CAAC,SAAS,GAAG,MAAM,CAAC,SAAS,CAAC;QAClC,IAAI,CAAC,SAAS,GAAG,MAAM,CAAC,SAAS,IAAI,iDAAiD,CAAC;QACvF,IAAI,CAAC,OAAO,GAAG,MAAM,CAAC,OAAO,IAAI,KAAK,CAAC;IACzC,CAAC;IAED;;;;;;;;OAQG;IACH,KAAK,CAAC,cAAc;QAClB,MAAM,MAAM,GAAG,IAAI,eAAe,CAAC;YACjC,MAAM,EAAE,IAAI,CAAC,SAAS;YACtB,QAAQ,EAAE,gCAAgC;SAC3C,CAAC,CAAC;QAEH,IAAI,CAAC;YACH,MAAM,UAAU,GAAG,IAAI,eAAe,EAAE,CAAC;YACzC,MAAM,SAAS,GAAG,UAAU,CAAC,GAAG,EAAE,CAAC,UAAU,CAAC,KAAK,EAAE,EAAE,IAAI,CAAC,OAAO,CAAC,CAAC;YAErE,MAAM,QAAQ,GAAG,MAAM,KAAK,CAAC,IAAI,CAAC,SAAS,EAAE;gBAC3C,MAAM,EAAE,MAAM;gBACd,OAAO,EAAE,EAAE,cAAc,EAAE,mCAAmC,EAAE;gBAChE,IAAI,EAAE,MAAM,CAAC,QAAQ,EAAE;gBACvB,MAAM,EAAE,UAAU,CAAC,MAAM;aAC1B,CAAC,CAAC;YAEH,YAAY,CAAC,SAAS,CAAC,CAAC;YAExB,IAAI,CAAC,QAAQ,CAAC,EAAE,EAAE,CAAC;gBACjB,OAAO;oBACL,KAAK,EAAE,KAAK;oBACZ,OAAO,EAAE,mCAAmC,QAAQ,CAAC,MAAM,GAAG;oBAC9D,IAAI,EAAE,iEAAiE;oBACvE,UAAU,EAAE,QAAQ,CAAC,MAAM;iBAC5B,CAAC;YACJ,CAAC;YAED,MAAM,IAAI,GAAG,MAAM,QAAQ,CAAC,IAAI,EAAE,CAAC;YACnC,MAAM,UAAU,GAAa,IAAI,CAAC,aAAa,CAAC,IAAI,EAAE,CAAC;YAEvD,IAAI,UAAU,CAAC,QAAQ,CAAC,sBAAsB,CAAC,EAAE,CAAC;gBAChD,OAAO;oBACL,KAAK,EAAE,KAAK;oBACZ,OAAO,EAAE,0CAA0C;oBACnD,IAAI,EAAE,iIAAiI;oBACvI,UAAU,EAAE,QAAQ,CAAC,MAAM;iBAC5B,CAAC;YACJ,CAAC;YAED,0EAA0E;YAC1E,OAAO;gBACL,KAAK,EAAE,IAAI;gBACX,OAAO,EAAE,wEAAwE;gBACjF,UAAU,EAAE,QAAQ,CAAC,MAAM;aAC5B,CAAC;QACJ,CAAC;QAAC,OAAO,KAAc,EAAE,CAAC;YACxB,IAAI,KAAK,YAAY,KAAK,IAAI,KAAK,CAAC,IAAI,KAAK,YAAY,EAAE,CAAC;gBAC1D,OAAO;oBACL,KAAK,EAAE,KAAK;oBACZ,OAAO,EAAE,0CAA0C,IAAI,CAAC,OAAO,KAAK;oBACpE,IAAI,EAAE,6BAA6B;iBACpC,CAAC;YACJ,CAAC;YAED,MAAM,YAAY,GAAG,KAAK,YAAY,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC,CAAC,eAAe,CAAC;YAC9E,OAAO;gBACL,KAAK,EAAE,KAAK;gBACZ,OAAO,EAAE,iCAAiC,YAAY,EAAE;gBACxD,IAAI,EAAE,6BAA6B;aACpC,CAAC;QACJ,CAAC;IACH,CAAC;IAED;;;;;;;;;OASG;IACH,KAAK,CAAC,MAAM,CAAC,KAAa,EAAE,QAAiB,EAAE,OAAgB;QAC7D,qBAAqB;QACrB,MAAM,MAAM,GAAG,IAAI,eAAe,CAAC;YACjC,MAAM,EAAE,IAAI,CAAC,SAAS;YACtB,QAAQ,EAAE,KAAK;SAChB,CAAC,CAAC;QAEH,IAAI,QAAQ,EAAE,CAAC;YACb,MAAM,CAAC,MAAM,CAAC,UAAU,EAAE,QAAQ,CAAC,CAAC;QACtC,CAAC;QAED,IAAI,CAAC;YACH,sCAAsC;YACtC,MAAM,UAAU,GAAG,IAAI,eAAe,EAAE,CAAC;YACzC,MAAM,SAAS,GAAG,UAAU,CAAC,GAAG,EAAE,CAAC,UAAU,CAAC,KAAK,EAAE,EAAE,IAAI,CAAC,OAAO,CAAC,CAAC;YAErE,+BAA+B;YAC/B,MAAM,QAAQ,GAAG,MAAM,KAAK,CAAC,IAAI,CAAC,SAAS,EAAE;gBAC3C,MAAM,EAAE,MAAM;gBACd,OAAO,EAAE;oBACP,cAAc,EAAE,mCAAmC;iBACpD;gBACD,IAAI,EAAE,MAAM,CAAC,QAAQ,EAAE;gBACvB,MAAM,EAAE,UAAU,CAAC,MAAM;aAC1B,CAAC,CAAC;YAEH,YAAY,CAAC,SAAS,CAAC,CAAC;YAExB,IAAI,CAAC,QAAQ,CAAC,EAAE,EAAE,CAAC;gBACjB,MAAM,IAAI,KAAK,CAAC,iCAAiC,QAAQ,CAAC,MAAM,EAAE,CAAC,CAAC;YACtE,CAAC;YAED,MAAM,IAAI,GAAG,MAAM,QAAQ,CAAC,IAAI,EAAE,CAAC;YAEnC,yCAAyC;YACzC,OAAO;gBACL,OAAO,EAAE,IAAI,CAAC,OAAO,KAAK,IAAI;gBAC9B,KAAK,EAAE,IAAI,CAAC,KAAK;gBACjB,MAAM,EAAE,IAAI,CAAC,MAAM;gBACnB,QAAQ,EAAE,IAAI,CAAC,QAAQ;gBACvB,UAAU,EAAE,IAAI,CAAC,aAAa,CAAC;aAChC,CAAC;QACJ,CAAC;QAAC,OAAO,KAAc,EAAE,CAAC;YACxB,wBAAwB;YACxB,IAAI,KAAK,YAAY,KAAK,EAAE,CAAC;gBAC3B,IAAI,KAAK,CAAC,IAAI,KAAK,YAAY,EAAE,CAAC;oBAChC,MAAM,IAAI,KAAK,CAAC,wCAAwC,IAAI,CAAC,OAAO,IAAI,CAAC,CAAC;gBAC5E,CAAC;gBACD,MAAM,IAAI,KAAK,CAAC,kCAAkC,KAAK,CAAC,OAAO,EAAE,CAAC,CAAC;YACrE,CAAC;YACD,MAAM,IAAI,KAAK,CAAC,kDAAkD,CAAC,CAAC;QACtE,CAAC;IACH,CAAC;CACF;AAnJD,kDAmJC"}
|
|
@@ -32,6 +32,39 @@ export interface RecaptchaProvider {
|
|
|
32
32
|
* ```
|
|
33
33
|
*/
|
|
34
34
|
verify(token: string, remoteIp?: string, action?: string): Promise<RecaptchaVerificationResult>;
|
|
35
|
+
/**
|
|
36
|
+
* Validate provider configuration at startup
|
|
37
|
+
*
|
|
38
|
+
* Makes a lightweight probe request to Google's API to verify that
|
|
39
|
+
* credentials are correct and the API is reachable. Uses a known-bad
|
|
40
|
+
* token so no real assessment is created.
|
|
41
|
+
*
|
|
42
|
+
* This method is optional. If not implemented, startup validation
|
|
43
|
+
* is skipped for this provider.
|
|
44
|
+
*
|
|
45
|
+
* @returns Validation result with actionable error messages
|
|
46
|
+
*/
|
|
47
|
+
validateConfig?(): Promise<RecaptchaValidationResult>;
|
|
48
|
+
}
|
|
49
|
+
/**
|
|
50
|
+
* Result of startup configuration validation
|
|
51
|
+
*
|
|
52
|
+
* Returned by `validateConfig()` to indicate whether the provider's
|
|
53
|
+
* credentials and API connectivity are correctly configured.
|
|
54
|
+
*/
|
|
55
|
+
export interface RecaptchaValidationResult {
|
|
56
|
+
/** Whether the configuration is valid and the API is reachable */
|
|
57
|
+
valid: boolean;
|
|
58
|
+
/** Human-readable message describing the validation outcome */
|
|
59
|
+
message: string;
|
|
60
|
+
/**
|
|
61
|
+
* Actionable hint for fixing the issue (only present when valid is false)
|
|
62
|
+
*
|
|
63
|
+
* @example 'Enable the reCAPTCHA Enterprise API at https://console.cloud.google.com/apis/library/recaptchaenterprise.googleapis.com'
|
|
64
|
+
*/
|
|
65
|
+
hint?: string;
|
|
66
|
+
/** HTTP status code from the probe request (useful for debugging in logs) */
|
|
67
|
+
httpStatus?: number;
|
|
35
68
|
}
|
|
36
69
|
/**
|
|
37
70
|
* Result of reCAPTCHA token verification
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"recaptcha-provider.interface.d.ts","sourceRoot":"","sources":["../../src/recaptcha-provider.interface.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;GAcG;AACH,MAAM,WAAW,iBAAiB;IAChC;;;;;;;;;;;;;;;;OAgBG;IACH,MAAM,CAAC,KAAK,EAAE,MAAM,EAAE,QAAQ,CAAC,EAAE,MAAM,EAAE,MAAM,CAAC,EAAE,MAAM,GAAG,OAAO,CAAC,2BAA2B,CAAC,CAAC;
|
|
1
|
+
{"version":3,"file":"recaptcha-provider.interface.d.ts","sourceRoot":"","sources":["../../src/recaptcha-provider.interface.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;GAcG;AACH,MAAM,WAAW,iBAAiB;IAChC;;;;;;;;;;;;;;;;OAgBG;IACH,MAAM,CAAC,KAAK,EAAE,MAAM,EAAE,QAAQ,CAAC,EAAE,MAAM,EAAE,MAAM,CAAC,EAAE,MAAM,GAAG,OAAO,CAAC,2BAA2B,CAAC,CAAC;IAEhG;;;;;;;;;;;OAWG;IACH,cAAc,CAAC,IAAI,OAAO,CAAC,yBAAyB,CAAC,CAAC;CACvD;AAED;;;;;GAKG;AACH,MAAM,WAAW,yBAAyB;IACxC,kEAAkE;IAClE,KAAK,EAAE,OAAO,CAAC;IAEf,+DAA+D;IAC/D,OAAO,EAAE,MAAM,CAAC;IAEhB;;;;OAIG;IACH,IAAI,CAAC,EAAE,MAAM,CAAC;IAEd,6EAA6E;IAC7E,UAAU,CAAC,EAAE,MAAM,CAAC;CACrB;AAED;;;;;;;GAOG;AACH,MAAM,WAAW,2BAA2B;IAC1C;;OAEG;IACH,OAAO,EAAE,OAAO,CAAC;IAEjB;;;;;;OAMG;IACH,KAAK,CAAC,EAAE,MAAM,CAAC;IAEf;;OAEG;IACH,MAAM,CAAC,EAAE,MAAM,CAAC;IAEhB;;;OAGG;IACH,WAAW,CAAC,EAAE,MAAM,CAAC;IAErB;;OAEG;IACH,QAAQ,CAAC,EAAE,MAAM,CAAC;IAElB;;;;;;;;;OASG;IACH,UAAU,CAAC,EAAE,MAAM,EAAE,CAAC;CACvB"}
|