npm - @nestlab/google-recaptcha - Versions diffs - 3.3.0 → 3.3.1 - Mend

@nestlab/google-recaptcha 3.3.0 → 3.3.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (3) hide show

package/CHANGELOG.md ADDED Viewed

@@ -0,0 +1,268 @@
+# Changelog
+## v3.3.1
+- Reworked readme docs.
+- Added changelog file.
+## v3.3.0
+- Reworked to use axios instead of @nestjs/axios.
+- Removed peer dependencies:
+  - `@nestjs/axios`
+  - `rxjs`
+## v3.2.0
+- Upgraded peer dependencies versions:
+  - `@nestjs/axios`: >=1.0.0 <2.0.0
+  - `axios`: >=1.0.0 <2.0.0
+## v3.1.9
+- Declared used axios package as peerDependency.
+## v3.1.8
+- Fixed async module options type in ts strict mode.
+- Declared used `rxjs` package as peerDependency.
+## v3.1.7
+- Smallfix with logging recaptcha results.
+- Fixed resolving error codes for enterprise validator.
+## v3.1.6
+- Fixed handling enterprise response without token properties info.
+## v3.1.5
+- Fixed recaptcha enterprise error handling.
+## v3.1.4
+- Fixed instance of response for recaptcha v2.
+- Fixed error handling for recaptcha enterprise.
+- Internal fixes.
+- Test coverage.
+## v3.1.3
+- Fixed response type for `RecaptchaVerificationResult.getEnterpriseRiskAnalytics()`.
+## v3.1.2
+- Fixed http exception statuses for error codes: `site-mismatch`, `browser-error` (HTTP status - 400).
+- Added error code: `incorrect-captcha-sol`.
+## v3.1.1
+- Minor type fixes by eslint rules.
+- Fixes in: README.md, package.json.
+## v3.1.0
+- Added support reCAPTCHA Enterprise API.
+- Updated module options:
+  - Updated `secretKey` as optional (shouldn't use for enterprise configuration).
+  - Added `enterprise` option
+| Property                        | Description |
+|---------------------------------|-------------|
+| `enterprise.projectId`     | **Required.**<br> Type: `string`<br> Google Cloud project ID |
+| `enterprise.siteKey`       | **Required.**<br> Type: `string`<br> [reCAPTCHA key](https://cloud.google.com/recaptcha-enterprise/docs/keys) associated with the site/app. |
+| `enterprise.apiKey`        | **Required.**<br> Type: `string`<br> API key associated with the current project. <br>Must have permission `reCAPTCHA Enterprise API`. <br> You can manage credentials [here](https://console.cloud.google.com/apis/credentials). |
+**Updated GoogleRecaptchaValidator interface**
+```typescript
+class GoogleRecaptchaValidator {
+    validate(options: VerifyResponseOptions): Promise<RecaptchaVerificationResult<VerifyResponseV3>>;
+}
+```
+**Addded recaptcha validator for enterprise**
+```typescript
+@Injectable()
+export class SomeService {
+    constructor(private readonly recaptchaEnterpriseValidator: GoogleRecaptchaEnterpriseValidator) {
+    }
+    async someAction(recaptchaToken: string): Promise<void> {
+        const result = await this.recaptchaEnterpriseValidator.validate({
+            response: recaptchaToken,
+            score: 0.8,
+            action: 'SomeAction',
+        });
+        if (!result.success) {
+            throw new GoogleRecaptchaException(result.errors);
+        }
+        const riskAnalytics = result.getEnterpriseRiskAnalytics();
+        console.log('score', riskAnalysis.score);
+        console.log('score', riskAnalysis.reasons);
+        // TODO: Your implemetation
+    }
+}
+```
+## v3.0.3
+- Updated README.md.
+## v3.0.2
+- Added debug mode and logging
+- Added module options
+  - `debug?: boolean` enables debug mode
+  - `logger?: Logger` instance of Logger from @nestjs/common or extended from this
+## v3.0.1
+- Fixed published root dir
+## v3.0.0
+- Compat with NestJS 9
+- Removed deprecated options:
+  - `applicationType?: ApplicationType` (now detect it automatically)
+  - `agent?: https.Agent` (use option axiosConfig.httpsAgent)
+## v2.1.2
+- Fixed decorators reexports
+## v2.1.1
+- Removed source maps. Little fixes in readme file.
+## v2.1.0
+- Added request type auto detection from execution context`applicationType` configuration option marked as deprecated. Will removed in next major release.
+## v2.0.8
+- Fixed README.md.
+## 2.0.7
+- Added axiosConfig: AxiosRequestConfig option.
+- Option agent?: https.Agent marked as deprecated.
+- Added GoogleRecaptchaNetworkException.
+## v2.0.6
+- Added support NestJS 8.
+- Dynamic loading HttpModule from `@nestjs/axios` or `@nestjs/common`.
+## v2.0.5
+- Fixed dynamic module loading.
+## v2.0.4
+- Added `RecaptchaResult` decorator.
+## v2.0.3
+- Added `SetRecaptchaOptions` decorator.
+## v2.0.2
+- Added error handling for invalid-keys.
+## v2.0.1
+- Removed console.log
+## v2.0.0
+- Added validation by action and score for reCAPTCHA v3.
+- Updated external interfaces. Affected places:
+  -  service GoogleRecaptchaValidator
+  -  decorator Recaptcha
+  -  module options (added optional default parameters)
+## v1.2.4
+- Fixed readme.
+## v.1.2.3
+- Updated readme. Added example to use validation in service.
+## v1.2.2
+- Added support GraphQL.
+## v1.2.1
+- Added LICENSE, CONTRIBUTING.md to build. Fixed readme.
+## v1.2.0
+- Updated google recaptcha module options.
+- Removed option useRecaptchaNet: boolean
+- Added option: network: GoogleRecaptchaNetwork | string <br>If your server has trouble connecting to 'https://google.com' then you can set networks:
+<br/>GoogleRecaptchaNetwork.Google = 'https://www.google.com/recaptcha/api/siteverify'
+</br>GoogleRecaptchaNetwork.Recaptcha = 'https://recaptcha.net/recaptcha/api/siteverify'
+or set any api url
+## v1.1.11
+Removed unused dev dependencies. Updated readme.
+## v1.1.10
+- Extended peer dependencies versions:
+	- @nestjs/core: >=6.0.0 <8.0.0
+	- @nestjs/common: >=6.0.0 <8.0.0
+## v1.1.9
+- Fixed global option for `forRootAsync` method.
+## v1.1.8
+- Module declared as global.
+## v1.1.7
+- Fixed readme.md file.
+## v1.1.6
+- Updated `skipIf` option to `boolean | ((request: any) => boolean | Promise<boolean>)`
+## v1.1.5
+- Updated skipIf argument from `() => boolean` to `(request) => boolean | Promise<boolean>`.
+## v1.1.4
+- Added option to use recaptcha.net and agent support.
+## v1.1.3
+- Async module initialization.
+## v1.1.2
+- Added override ability default recaptcha property.
+## v1.1.1
+- Updated `GoogleRecaptchaException`.
+## v1.1.0
+- Added `GoogleRecaptchaException`. Error handling via exception filter.
+## v1.0.13
+- Reexported types

package/README.md CHANGED Viewed

@@ -1,22 +1,35 @@
-# Google recaptcha module
+# @nestlab/google-recaptcha
+This package provides protection for endpoints using [reCAPTCHA](https://www.google.com/recaptcha/about/) for [NestJS](https://docs.nestjs.com/) REST and GraphQL applications. By integrating with reCAPTCHA, this package helps to prevent automated abuse such as spam and bots, improving the security and reliability of your application.
 [![NPM Version](https://img.shields.io/npm/v/@nestlab/google-recaptcha.svg)](https://www.npmjs.com/package/@nestlab/google-recaptcha)
 [![Licence](https://img.shields.io/npm/l/@nestlab/google-recaptcha.svg)](https://github.com/chvarkov/google-recaptcha/blob/master/LICENSE)
 [![NPM Downloads](https://img.shields.io/npm/dm/@nestlab/google-recaptcha.svg)](https://www.npmjs.com/package/@nestlab/google-recaptcha)
 [![Circle CI build](https://img.shields.io/circleci/build/github/chvarkov/google-recaptcha/master)](https://github.com/chvarkov/google-recaptcha/tree/master)
 [![Coverage Status](https://coveralls.io/repos/github/chvarkov/google-recaptcha/badge.svg?branch=master)](https://coveralls.io/github/chvarkov/google-recaptcha?branch=master)
-The [NestJS](https://docs.nestjs.com/) module to protect your endpoints via [google recaptcha](https://www.google.com/recaptcha/about/).
-Supported for HTTP and GraphQL [NestJS](https://docs.nestjs.com/) applications.
-- [Installation](#installation)
-- [Configuration](#configuration)
-- [Usage](#usage)
-    -  [Validate in service](#validate-in-service)
-    -  [Validate in service (enterprise)](#validate-in-service-enterprise)
-    -  [Guard](#guard)
-    -  [GraphQL guard](#graphql-guard)
-- [Error handling](#error-handling)
+## Table of Contents
+* [Installation](#installation)
+* [Changes](#changes)
+* [Configuration](#configuration)
+  * [Options](#options)
+  * [REST application](#rest-application)
+    * [reCAPTCHA v2](#rest-recaptcha-v2)
+    * [reCAPTCHA v3](#rest-recaptcha-v3)
+    * [reCAPTCHA Enterprise](#rest-recaptcha-enterprise)
+  * [Graphql application](#graphql-application)
+    * [reCAPTCHA v2](#graphql-recaptcha-v2)
+    * [reCAPTCHA v3](#graphql-recaptcha-v3)
+    * [reCAPTCHA Enterprise](#graphql-recaptcha-enterprise)
+* [Usage](#usage)
+  * [REST application](#usage-in-rest-application)
+  * [Graphql application](#usage-in-graphql-application)
+  * [Validate in service](#validate-in-service)
+  * [Validate in service (Enterprise)](#validate-in-service-enterprise)
+  * [Error handling](#error-handling)
+* [Contribution](#contribution)
+* [License](#license)
 Usage example [here](https://github.com/chvarkov/google-recaptcha-example)
@@ -27,9 +40,45 @@ Usage example [here](https://github.com/chvarkov/google-recaptcha-example)
 $ npm i @nestlab/google-recaptcha
 ```
+## Changes
+The list of changes made in the project can be found in the [CHANGELOG.md](./CHANGELOG.md) file.
 ## Configuration
-**Configuration for REST application**
+### Options
+**GoogleRecaptchaModuleOptions**
+| Property          | Description |
+|-------------------|-------------|
+| `response`        | **Required.**<br> Type: `(request) => string`<br> Function that returns response (recaptcha token) by request |
+| `secretKey`       | Optional.<br> Type: `string`<br> Google recaptcha secret key. Must be set if you don't use reCAPTCHA Enterprise |
+| `debug`           | Optional.<br> Type: `boolean` <br> Default: `false` <br> Enables logging requests, responses, errors and transformed results |
+| `logger`          | Optional.<br> Type: `Logger` <br> Default: `new Logger()` <br> Instance of custom logger that extended from Logger (@nestjs/common) |
+| `skipIf`          | Optional.<br> Type: `boolean` \| `(request) => boolean \| Promise<boolean>` <br> Function that returns true if you allow the request to skip the recaptcha verification. Useful for involing other check methods (e.g. custom privileged API key) or for development or testing |
+| `enterprise`      | Optional.<br> Type: `GoogleRecaptchaEnterpriseOptions` <br> Options for using recCAPTCHA Enterprise API. Cannot using with `secretKey` option.  |
+| `network`         | Optional.<br> Type: `GoogleRecaptchaNetwork` \| `string`<br> Default: `GoogleRecaptchaNetwork.Google` <br> If your server has trouble connecting to https://google.com then you can set networks:<br> `GoogleRecaptchaNetwork.Google` = 'https://www.google.com/recaptcha/api/siteverify'<br>`GoogleRecaptchaNetwork.Recaptcha` = 'https://recaptcha.net/recaptcha/api/siteverify'<br> or set any api url |
+| `score`           | Optional.<br> Type: `number` \| `(score: number) => boolean`<br> Score validator for reCAPTCHA v3 or enterprise. <br> `number` - minimum available score. <br> `(score: number) => boolean` - function with custom validation rules. |
+| `actions`         | Optional.<br> Type: `string[]`<br> Available action list for reCAPTCHA v3 or enterprise. <br> You can make this check stricter by passing the action property parameter to `@Recaptcha(...)` decorator. |
+| `axiosConfig`     | Optional.<br> Type: `AxiosRequestConfig`<br> Allows to setup proxy, response timeout, https agent etc... |
+**GoogleRecaptchaEnterpriseOptions**
+| Property        | Description |
+|-----------------|-------------|
+| `projectId`     | **Required.**<br> Type: `string`<br> Google Cloud project ID |
+| `siteKey`       | **Required.**<br> Type: `string`<br> [reCAPTCHA key](https://cloud.google.com/recaptcha-enterprise/docs/keys) associated with the site/app. |
+| `apiKey`        | **Required.**<br> Type: `string`<br> API key associated with the current project. <br>Must have permission `reCAPTCHA Enterprise API`. <br> You can manage credentials [here](https://console.cloud.google.com/apis/credentials). |
+The module provides two static methods for configuration: `forRoot` and `forRootAsync`.
+**forRoot**
+> forRoot(options: GoogleRecaptchaModuleOptions): DynamicModule
+The `forRoot` method accepts a `GoogleRecaptchaModuleOptions` object that configures the module. This method should be used in the root `AppModule`. <br/>Example usage:
 ```typescript
 @Module({
@@ -37,8 +86,6 @@ $ npm i @nestlab/google-recaptcha
         GoogleRecaptchaModule.forRoot({
             secretKey: process.env.GOOGLE_RECAPTCHA_SECRET_KEY,
             response: req => req.headers.recaptcha,
-            skipIf: process.env.NODE_ENV !== 'production',
-            network: GoogleRecaptchaNetwork.Recaptcha,
         })
     ],
 })
@@ -46,40 +93,94 @@ export class AppModule {
 }
 ```
-**Configuration for reCAPTCHA V3**
+**forRootAsync**
+> forRootAsync(options: ModuleAsyncOptions): DynamicModule
+The `forRootAsync` method is similar to `forRoot`, but allows for asynchronous configuration.<br/>
+It accepts a `GoogleRecaptchaModuleAsyncOptions` object that returns a configuration object or a Promise that resolves to a configuration object. <br/>
+Read more about [ConfigService](https://docs.nestjs.com/techniques/configuration#getting-started) and [custom getter function](https://docs.nestjs.com/techniques/configuration#custom-getter-functions).
+Example usage:
+```typescript
+@Module({
+    imports: [
+        GoogleRecaptchaModule.forRootAsync({
+            imports: [ConfigModule],
+            useFactory: (configService: ConfigService) => configService.googleRecaptchaOptions,
+            inject: [ConfigService],
+        })
+    ],
+})
+export class AppModule {
+}
+```
+### REST application
+#### REST reCAPTCHA V2
 ```typescript
 @Module({
     imports: [
         GoogleRecaptchaModule.forRoot({
             secretKey: process.env.GOOGLE_RECAPTCHA_SECRET_KEY,
-            response: (req: IncomingMessage) => (req.headers.recaptcha || '').toString(),
+            response: req => req.headers.recaptcha,
+            skipIf: process.env.NODE_ENV !== 'production',
+        }),
+    ],
+})
+export class AppModule {
+}
+```
+**Tip: header names transforming to lower case.**
+**For example:** If you send 'Recaptcha' header then use `(req) => req.headers.recaptcha`
+<br/>
+#### REST reCAPTCHA V3
+```typescript
+@Module({
+    imports: [
+        GoogleRecaptchaModule.forRoot({
+            secretKey: process.env.GOOGLE_RECAPTCHA_SECRET_KEY,
+            response: req => req.headers.recaptcha,
             skipIf: process.env.NODE_ENV !== 'production',
             actions: ['SignUp', 'SignIn'],
             score: 0.8,
-        })
+        }),
     ],
 })
 export class AppModule {
 }
 ```
-**Configuration for reCAPTCHA Enterprise**
+**Tip: header names transforming to lower case.**
+**For example:** If you send 'Recaptcha' header then use `(req) => req.headers.recaptcha`
+<br/>
+#### REST reCAPTCHA Enterprise
 ```typescript
 @Module({
     imports: [
         GoogleRecaptchaModule.forRoot({
-            response: (req: IncomingMessage) => (req.headers.recaptcha || '').toString(),
+            response: (req) => req.headers.recaptcha,
             skipIf: process.env.NODE_ENV !== 'production',
             actions: ['SignUp', 'SignIn'],
             score: 0.8,
-            enterprise: {
-                projectId: process.env.RECAPTCHA_ENTERPRISE_PROJECT_ID,
-                siteKey: process.env.RECAPTCHA_ENTERPRISE_SITE_KEY,
-                apiKey: process.env.RECAPTCHA_ENTERPRISE_API_KEY,
+            enterprise: {
+                projectId: process.env.RECAPTCHA_ENTERPRISE_PROJECT_ID,
+                siteKey: process.env.RECAPTCHA_ENTERPRISE_SITE_KEY,
+                apiKey: process.env.RECAPTCHA_ENTERPRISE_API_KEY,
             },
-        })
+        }),
     ],
 })
 export class AppModule {
@@ -90,99 +191,108 @@ export class AppModule {
 **For example:** If you send 'Recaptcha' header then use `(req) => req.headers.recaptcha`
-#### Configuration options
+### Graphql application
-| Property          | Description |
-|-------------------|-------------|
-| `response`        | **Required.**<br> Type: `(request) => string`<br> Function that returns response (recaptcha token) by request |
-| `secretKey`       | Optional.<br> Type: `string`<br> Google recaptcha secret key. Must be set if you don't use reCAPTCHA Enterprise |
-| `debug`           | Optional.<br> Type: `boolean` <br> Default: `false` <br> Enables logging requests, responses, errors and transformed results |
-| `logger`          | Optional.<br> Type: `Logger` <br> Default: `new Logger()` <br> Instance of custom logger that extended from Logger (@nestjs/common) |
-| `skipIf`          | Optional.<br> Type: `boolean` \| `(request) => boolean \| Promise<boolean>` <br> Function that returns true if you allow the request to skip the recaptcha verification. Useful for involing other check methods (e.g. custom privileged API key) or for development or testing |
-| `enterprise`      | Optional.<br> Type: [`GoogleRecaptchaEnterpriseOptions`](#GoogleRecaptchaEnterpriseOptions) <br> Options for using recCAPTCHA Enterprise API. Cannot using with `secretKey` option.  |
-| `network`         | Optional.<br> Type: `GoogleRecaptchaNetwork` \| `string`<br> Default: `GoogleRecaptchaNetwork.Google` <br> If your server has trouble connecting to https://google.com then you can set networks:<br> `GoogleRecaptchaNetwork.Google` = 'https://www.google.com/recaptcha/api/siteverify'<br>`GoogleRecaptchaNetwork.Recaptcha` = 'https://recaptcha.net/recaptcha/api/siteverify'<br> or set any api url |
-| `score`           | Optional.<br> Type: `number` \| `(score: number) => boolean`<br> Score validator for reCAPTCHA v3 or enterprise. <br> `number` - minimum available score. <br> `(score: number) => boolean` - function with custom validation rules. |
-| `actions`         | Optional.<br> Type: `string[]`<br> Available action list for reCAPTCHA v3 or enterprise. <br> You can make this check stricter by passing the action property parameter to `@Recaptcha(...)` decorator. |
-| `axiosConfig`     | Optional.<br> Type: `AxiosRequestConfig`<br> Allows to setup proxy, response timeout, https agent etc... |
+#### Graphql reCAPTCHA V2
+```typescript
+@Module({
+    imports: [
+        GoogleRecaptchaModule.forRoot({
+            secretKey: process.env.GOOGLE_RECAPTCHA_SECRET_KEY,
+            response: (req: IncomingMessage) => (req.headers.recaptcha || '').toString(),
+            skipIf: process.env.NODE_ENV !== 'production',
+        }),
+    ],
+})
+export class AppModule {
+}
+```
-#### GoogleRecaptchaEnterpriseOptions
+**Tip: header names transforming to lower case.**
-| Property        | Description |
-|-----------------|-------------|
-| `projectId`     | **Required.**<br> Type: `string`<br> Google Cloud project ID |
-| `siteKey`       | **Required.**<br> Type: `string`<br> [reCAPTCHA key](https://cloud.google.com/recaptcha-enterprise/docs/keys) associated with the site/app. |
-| `apiKey`        | **Required.**<br> Type: `string`<br> API key associated with the current project. <br>Must have permission `reCAPTCHA Enterprise API`. <br> You can manage credentials [here](https://console.cloud.google.com/apis/credentials). |
+**For example:** If you send 'Recaptcha' header then use `(req: IncomingMessage) => (req.headers.recaptcha || '').toString()`
-If you want import configs from your [ConfigService](https://docs.nestjs.com/techniques/configuration#getting-started) via [custom getter function](https://docs.nestjs.com/techniques/configuration#custom-getter-functions) that will return `GoogleRecaptchaModuleOptions` object.
+<br/>
+#### Graphql reCAPTCHA V3
 ```typescript
 @Module({
     imports: [
-        GoogleRecaptchaModule.forRootAsync({
-            imports: [ConfigModule],
-            useFactory: (configService: ConfigService) => configService.googleRecaptchaOptions,
-            inject: [ConfigService],
-        })
+        GoogleRecaptchaModule.forRoot({
+            secretKey: process.env.GOOGLE_RECAPTCHA_SECRET_KEY,
+            response: (req: IncomingMessage) => (req.headers.recaptcha || '').toString(),
+            skipIf: process.env.NODE_ENV !== 'production',
+            actions: ['SignUp', 'SignIn'],
+            score: 0.8,
+        }),
     ],
 })
 export class AppModule {
 }
 ```
-## Usage
+**Tip: header names transforming to lower case.**
-### Validate in service
+**For example:** If you send 'Recaptcha' header then use `(req: IncomingMessage) => (req.headers.recaptcha || '').toString()`
-```typescript
-@Injectable()
-export class SomeService {
-    constructor(private readonly recaptchaValidator: GoogleRecaptchaValidator) {
-    }
+<br/>
-    async someAction(recaptchaToken: string): Promise<void> {
-        const result = await this.recaptchaValidator.validate({
-            response: recaptchaToken,
+#### Graphql reCAPTCHA Enterprise
+```typescript
+@Module({
+    imports: [
+        GoogleRecaptchaModule.forRoot({
+            response: (req: IncomingMessage) => (req.headers.recaptcha || '').toString(),
+            skipIf: process.env.NODE_ENV !== 'production',
+            actions: ['SignUp', 'SignIn'],
             score: 0.8,
-            action: 'SomeAction',
-        });
-        if (!result.success) {
-            throw new GoogleRecaptchaException(result.errors);
-        }
-        // TODO: Your implemetation
-    }
+            enterprise: {
+                projectId: process.env.RECAPTCHA_ENTERPRISE_PROJECT_ID,
+                siteKey: process.env.RECAPTCHA_ENTERPRISE_SITE_KEY,
+                apiKey: process.env.RECAPTCHA_ENTERPRISE_API_KEY,
+            },
+        }),
+    ],
+})
+export class AppModule {
 }
 ```
-### Validate in service (Enterprise)
+**Tip: header names transforming to lower case.**
-```typescript
-@Injectable()
-export class SomeService {
-    constructor(private readonly recaptchaEnterpriseValidator: GoogleRecaptchaEnterpriseValidator) {
-    }
+**For example:** If you send 'Recaptcha' header then use `(req) => req.headers.recaptcha`
-    async someAction(recaptchaToken: string): Promise<void> {
-        const result = await this.recaptchaEnterpriseValidator.validate({
-            response: recaptchaToken,
+**Configuration for reCAPTCHA Enterprise**
+```typescript
+@Module({
+    imports: [
+        GoogleRecaptchaModule.forRoot({
+            response: (req) => req.headers.recaptcha,
+            skipIf: process.env.NODE_ENV !== 'production',
+            actions: ['SignUp', 'SignIn'],
             score: 0.8,
-            action: 'SomeAction',
-        });
-        if (!result.success) {
-            throw new GoogleRecaptchaException(result.errors);
-        }
-        const riskAnalytics = result.getEnterpriseRiskAnalytics();
-        // TODO: Your implemetation
-    }
+            enterprise: {
+                projectId: process.env.RECAPTCHA_ENTERPRISE_PROJECT_ID,
+                siteKey: process.env.RECAPTCHA_ENTERPRISE_SITE_KEY,
+                apiKey: process.env.RECAPTCHA_ENTERPRISE_API_KEY,
+            },
+        }),
+    ],
+})
+export class AppModule {
 }
 ```
-### Guard
+## Usage
+### Usage in REST application
-Use `@Recaptcha` decorator to protect your endpoints.
+To protect your REST endpoints, you can use the `@Recaptcha` decorator.<br/>Example:
 ```typescript
@@ -197,7 +307,7 @@ export class FeedbackController {
 ```
-You can override default property that contain recaptcha for specific endpoint.
+You can also override the default property that contains reCAPTCHA for a specific endpoint.<br/>
 ```typescript
@@ -212,7 +322,7 @@ export class FeedbackController {
 ```
-Also you can override recaptcha v3 options.
+Additionally, you can override reCAPTCHA v3 options.<br/>
 ```typescript
@@ -227,7 +337,7 @@ export class FeedbackController {
 ```
-Get verification result
+To get the verification result, you can use the @RecaptchaResult() decorator.<br/>
 ```typescript
@@ -243,8 +353,7 @@ export class FeedbackController {
 ```
-If you want use google recaptcha guard in combination with another guards then you can use `@UseGuards` decorator.
+If you want to use the Google reCAPTCHA guard in combination with other guards, you can use the `@UseGuards` decorator.<br/>
 ```typescript
 @Controller('feedback')
@@ -259,9 +368,11 @@ export class FeedbackController {
 ```
-### GraphQL guard
+You can find a usage example in the following [link](https://github.com/chvarkov/google-recaptcha-example).
-Use `@Recaptcha` decorator to protect your resolver.
+### Usage in Graphql application
+To protect your resolver, use the `@Recaptcha` decorator.
 ```typescript
 @Recaptcha()
@@ -274,7 +385,22 @@ export class RecipesResolver {
 }
 ```
-You can override default property that contain recaptcha for specific query, mutation or subscription.
+Obtain verification result:
+```typescript
+@Recaptcha()
+@Resolver(of => Recipe)
+export class RecipesResolver {
+    @Query(returns => Recipe)
+    async recipe(@Args('id') id: string,
+                 @RecaptchaResult() recaptchaResult: RecaptchaVerificationResult): Promise<Recipe> {
+        console.log(`Action: ${recaptchaResult.action} Score: ${recaptchaResult.score}`);
+        // TODO: Your implementation.
+    }
+}
+```
+You can override the default recaptcha property for a specific endpoint.
 ```typescript
 @Recaptcha()
@@ -294,21 +420,87 @@ export class RecipesResolver {
 }
 ```
-## Error handling
+### Validate in service
+```typescript
+@Injectable()
+export class SomeService {
+    constructor(private readonly recaptchaValidator: GoogleRecaptchaValidator) {
+    }
+    async someAction(recaptchaToken: string): Promise<void> {
+        const result = await this.recaptchaValidator.validate({
+            response: recaptchaToken,
+            score: 0.8,
+            action: 'SomeAction',
+        });
+        if (!result.success) {
+            throw new GoogleRecaptchaException(result.errors);
+        }
+        // TODO: Your implemetation
+    }
+}
+```
+### Validate in service (Enterprise)
+```typescript
+@Injectable()
+export class SomeService {
+    constructor(private readonly recaptchaEnterpriseValidator: GoogleRecaptchaEnterpriseValidator) {
+    }
+    async someAction(recaptchaToken: string): Promise<void> {
+        const result = await this.recaptchaEnterpriseValidator.validate({
+            response: recaptchaToken,
+            score: 0.8,
+            action: 'SomeAction',
+        });
+        if (!result.success) {
+            throw new GoogleRecaptchaException(result.errors);
+        }
+        const riskAnalytics = result.getEnterpriseRiskAnalytics();
+        // TODO: Your implemetation
+    }
+}
+```
-Google recaptcha guard will throw GoogleRecaptchaException on error.
+### Error handling
 **GoogleRecaptchaException**
-`GoogleRecaptchaException` has data with google recaptcha error codes.
+`GoogleRecaptchaException` extends `HttpException` extends `Error`.
+The `GoogleRecaptchaException` is an exception that can be thrown by the `GoogleRecaptchaGuard` when an error occurs. It extends the `HttpException` class provided by NestJS, which means that it can be caught by an ExceptionFilter in the same way as any other HTTP exception.
+One important feature of the `GoogleRecaptchaException` is that it contains an array of Error Code values in the errorCodes property. These values  can be used to diagnose and handle the error.
-`GoogleRecaptchaException` ← `HttpException` ← `Error`.
-**GoogleRecaptchaNetworkException**
-`GoogleRecaptchaNetworkException` has error code `ErrorCode.NetworkError`.
+| Error code                       | Description | Status code |
+|----------------------------------|-------------|-------------|
+| `ErrorCode.MissingInputSecret`   | The secret parameter is missing. (Throws from reCAPTCHA api). | 500         |
+| `ErrorCode.InvalidInputSecret`   | The secret parameter is invalid or malformed. (Throws from reCAPTCHA api). | 500         |
+| `ErrorCode.MissingInputResponse` | The response parameter is missing. (Throws from reCAPTCHA api). | 400         |
+| `ErrorCode.InvalidInputResponse` | The response parameter is invalid or malformed. (Throws from reCAPTCHA api). | 400         |
+| `ErrorCode.BadRequest`	       | The request is invalid or malformed. (Throws from reCAPTCHA api). | 500         |
+| `ErrorCode.TimeoutOrDuplicate`   | The response is no longer valid: either is too old or has been used previously. (Throws from reCAPTCHA api). | 400         |
+| `ErrorCode.UnknownError`         | Unknown error. (Throws from reCAPTCHA api). | 500         |
+| `ErrorCode.ForbiddenAction`      | Forbidden action. (Throws from guard when expected action not equals to received). | 400         |
+| `ErrorCode.LowScore`             | Low score (Throws from guard when expected score less than received). | 400         |
+| `ErrorCode.InvalidKeys`          | keys were copied incorrectly, the wrong keys were used for the environment (e.g. development vs production), or if the keys were revoked or deleted from the Google reCAPTCHA admin console.. (Throws from reCAPTCHA api). | 400         |
+| `ErrorCode.NetworkError`         | Network error (like ECONNRESET, ECONNREFUSED...). | 500         |
+| `ErrorCode.SiteMismatch`         | Site mismatch (Throws from reCAPTCHA Enterprise api only). | 400         |
+| `ErrorCode.BrowserError`         | Browser error (Throws from reCAPTCHA Enterprise api only). | 400         |
-`GoogleRecaptchaNetworkException` ← `GoogleRecaptchaException`
+**GoogleRecaptchaNetworkException**
+The `GoogleRecaptchaNetworkException` is an exception that extends the `GoogleRecaptchaException` class and is thrown in the case of a network error. <br/> It contains a `networkErrorCode` property, which contains the error code of the network error, retrieved from the `code` property of the `AxiosError` object.
 You can handle it via [ExceptionFilter](https://docs.nestjs.com/exception-filters).
@@ -339,4 +531,14 @@ bootstrap();
 ```
-Enjoy!
+## Contribution
+We welcome any contributions to improve our package! If you find a bug, have a feature request, or want to suggest an improvement, feel free to submit an issue on our GitHub repository.
+If you want to contribute to the codebase directly, please follow our contributing guidelines outlined in the [CONTRIBUTING.md](./CONTRIBUTING.md) file in the repository.
+We value the contributions of our community and appreciate all efforts to make this package better for everyone. Thank you for your support!
+## License
+This project is licensed under the MIT License - see the [LICENSE.md](./LICENSE) file for details.

package/package.json CHANGED Viewed

@@ -1,6 +1,6 @@
 {
 	"name": "@nestlab/google-recaptcha",
-	"version": "3.3.0",
+	"version": "3.3.1",
 	"description": "Google recaptcha module for NestJS.",
 	"keywords": [
 		"nestjs",
@@ -11,7 +11,7 @@
 	"private": false,
 	"main": "index.js",
 	"scripts": {
-		"build": "rimraf dist && tsc && cp package.json dist && cp README.md dist && cp LICENSE dist && cp CONTRIBUTING.md dist",
+		"build": "rimraf dist && tsc && cp package.json dist && cp README.md dist && cp LICENSE dist && cp CONTRIBUTING.md dist && cp CHANGELOG.md dist",
 		"format": "prettier \"**/*.ts\" \"**/*.json\" --ignore-path ./.prettierignore --write",
 		"lint:fix": "eslint . --fix",
 		"lint:check": "eslint . --max-warnings=0",
@@ -64,7 +64,7 @@
 		"prettier": "^2.7.1",
 		"reflect-metadata": "^0.1.13",
 		"rxjs": "^7.5.6",
-		"supertest": "^6.2.4",
+		"supertest": "^6.3.3",
 		"ts-jest": "^28.0.8",
 		"ts-loader": "^9.3.1",
 		"ts-node": "^10.9.1",