@prosopo/procaptcha 2.5.5 → 2.6.1

package/CHANGELOG.md

@@ -0,0 +1,31 @@
+# @prosopo/procaptcha
+
+## 2.6.1
+
+### Patch Changes
+
+- Updated dependencies [52feffc]
+  - @prosopo/datasets@2.6.1
+  - @prosopo/types@2.6.1
+  - @prosopo/account@2.6.1
+  - @prosopo/api@2.6.1
+  - @prosopo/load-balancer@2.6.1
+  - @prosopo/procaptcha-common@2.6.1
+
+## 2.6.0
+
+### Minor Changes
+
+- a0bfc8a: bump all pkg versions since independent versioning applied
+
+### Patch Changes
+
+- Updated dependencies [a0bfc8a]
+  - @prosopo/account@2.6.0
+  - @prosopo/api@2.6.0
+  - @prosopo/common@2.6.0
+  - @prosopo/datasets@2.6.0
+  - @prosopo/load-balancer@2.6.0
+  - @prosopo/procaptcha-common@2.6.0
+  - @prosopo/types@2.6.0
+  - @prosopo/util@2.6.0

package/dist/cjs/index.cjs

@@ -0,0 +1,9 @@
+"use strict";
+Object.defineProperty(exports, Symbol.toStringTag, { value: "Module" });
+require("./modules/index.cjs");
+const Manager = require("./modules/Manager.cjs");
+const ProsopoCaptchaApi = require("./modules/ProsopoCaptchaApi.cjs");
+const collector = require("./modules/collector.cjs");
+exports.Manager = Manager.Manager;
+exports.ProsopoCaptchaApi = ProsopoCaptchaApi.ProsopoCaptchaApi;
+exports.startCollector = collector.startCollector;

package/dist/cjs/modules/Manager.cjs

@@ -0,0 +1,348 @@
+"use strict";
+Object.defineProperty(exports, Symbol.toStringTag, { value: "Module" });
+const random = require("@polkadot/util-crypto/random");
+const string = require("@polkadot/util/string");
+const api = require("@prosopo/api");
+const common = require("@prosopo/common");
+const procaptchaCommon = require("@prosopo/procaptcha-common");
+const types = require("@prosopo/types");
+const util = require("@prosopo/util");
+const ProsopoCaptchaApi = require("./ProsopoCaptchaApi.cjs");
+const defaultState = () => {
+  return {
+    // note order matters! see buildUpdateState. These fields are set in order, so disable modal first, then set loading to false, etc.
+    showModal: false,
+    loading: false,
+    index: 0,
+    challenge: void 0,
+    solutions: void 0,
+    isHuman: false,
+    captchaApi: void 0,
+    account: void 0
+    // don't handle timeout here, this should be handled by the state management
+  };
+};
+function Manager(configOptional, state, onStateUpdate, callbacks, frictionlessState) {
+  const events = procaptchaCommon.getDefaultEvents(callbacks);
+  const updateState = procaptchaCommon.buildUpdateState(state, onStateUpdate);
+  const getConfig = () => {
+    const config = {
+      userAccountAddress: "",
+      ...configOptional
+    };
+    if (state.account) {
+      config.userAccountAddress = state.account.account.address;
+    }
+    return types.ProcaptchaConfigSchema.parse(config);
+  };
+  const start = async () => {
+    events.onOpen();
+    await procaptchaCommon.providerRetry(
+      async () => {
+        if (state.loading) {
+          return;
+        }
+        if (state.isHuman) {
+          return;
+        }
+        updateState({ loading: true });
+        updateState({
+          attemptCount: state.attemptCount ? state.attemptCount + 1 : 1
+        });
+        updateState({
+          sessionId: frictionlessState?.sessionId
+        });
+        const config = getConfig();
+        updateState({ dappAccount: config.account.address });
+        await util.sleep(100);
+        const account = await loadAccount();
+        let captchaApi = state.captchaApi;
+        if (!frictionlessState?.provider) {
+          const getRandomProviderResponse = await procaptchaCommon.getRandomActiveProvider(
+            getConfig()
+          );
+          const providerUrl = getRandomProviderResponse.provider.url;
+          const providerApi = await loadProviderApi(providerUrl);
+          captchaApi = new ProsopoCaptchaApi.ProsopoCaptchaApi(
+            account.account.address,
+            getRandomProviderResponse,
+            providerApi,
+            config.web2,
+            config.account.address || ""
+          );
+          updateState({ captchaApi });
+        } else {
+          const providerUrl = frictionlessState.provider.provider.url;
+          const providerApi = await loadProviderApi(providerUrl);
+          captchaApi = new ProsopoCaptchaApi.ProsopoCaptchaApi(
+            account.account.address,
+            frictionlessState.provider,
+            providerApi,
+            config.web2,
+            config.account.address || ""
+          );
+          updateState({ captchaApi });
+        }
+        const challenge = await captchaApi?.getCaptchaChallenge(
+          state.sessionId
+        );
+        if (challenge.error) {
+          updateState({
+            loading: false,
+            error: {
+              message: challenge.error.message,
+              key: challenge.error.key || "API.UNKNOWN_ERROR"
+            }
+          });
+          events.onError(new Error(challenge.error?.message));
+        } else {
+          if (challenge.captchas.length <= 0) {
+            throw new common.ProsopoDatasetError("DEVELOPER.PROVIDER_NO_CAPTCHA");
+          }
+          const timeMillis = challenge.captchas.map(
+            (captcha) => captcha.timeLimitMs || config.captchas.image.challengeTimeout
+          ).reduce((a, b) => a + b);
+          const timeout = setTimeout(() => {
+            events.onChallengeExpired();
+            updateState({ isHuman: false, showModal: false, loading: false });
+          }, timeMillis);
+          updateState({
+            index: 0,
+            solutions: challenge.captchas.map(() => []),
+            challenge,
+            showModal: true,
+            timeout,
+            loading: false
+          });
+        }
+      },
+      start,
+      resetState,
+      state.attemptCount,
+      10
+    );
+  };
+  const submit = async () => {
+    await procaptchaCommon.providerRetry(
+      async () => {
+        clearTimeout();
+        if (!state.challenge) {
+          throw new common.ProsopoError("CAPTCHA.NO_CAPTCHA", {
+            context: { error: "Cannot submit, no Captcha found in state" }
+          });
+        }
+        updateState({ showModal: false });
+        const challenge = state.challenge;
+        const salt = random.randomAsHex();
+        const captchaSolution = state.challenge.captchas.map(
+          (captcha, index) => {
+            const solution = util.at(state.solutions, index);
+            return {
+              captchaId: captcha.captchaId,
+              captchaContentId: captcha.captchaContentId,
+              salt,
+              solution
+            };
+          }
+        );
+        const account = getAccount();
+        const signer = getExtension(account).signer;
+        const first = util.at(challenge.captchas, 0);
+        if (!first.datasetId) {
+          throw new common.ProsopoDatasetError("CAPTCHA.INVALID_CAPTCHA_ID", {
+            context: { error: "No datasetId set for challenge" }
+          });
+        }
+        const captchaApi = state.captchaApi;
+        if (!captchaApi) {
+          throw new common.ProsopoError("CAPTCHA.INVALID_TOKEN", {
+            context: { error: "No Captcha API found in state" }
+          });
+        }
+        if (!signer || !signer.signRaw) {
+          throw new common.ProsopoEnvError("GENERAL.CANT_FIND_KEYRINGPAIR", {
+            context: {
+              error: "Signer is not defined, cannot sign message to prove account ownership"
+            }
+          });
+        }
+        const userTimestampSignature = await signer.signRaw({
+          address: account.account.address,
+          data: string.stringToHex(challenge[types.ApiParams.timestamp]),
+          type: "bytes"
+        });
+        const submission = await captchaApi.submitCaptchaSolution(
+          userTimestampSignature.signature,
+          challenge.requestHash,
+          captchaSolution,
+          challenge.timestamp,
+          challenge.signature.provider.requestHash
+        );
+        const isHuman = submission[0].verified;
+        updateState({
+          submission,
+          isHuman,
+          loading: false
+        });
+        if (state.isHuman) {
+          const providerUrl = captchaApi.provider.provider.url;
+          events.onHuman(
+            types.encodeProcaptchaOutput({
+              [types.ApiParams.providerUrl]: providerUrl,
+              [types.ApiParams.user]: account.account.address,
+              [types.ApiParams.dapp]: getDappAccount(),
+              [types.ApiParams.commitmentId]: util.hashToHex(submission[1]),
+              [types.ApiParams.timestamp]: challenge.timestamp,
+              [types.ApiParams.signature]: {
+                [types.ApiParams.provider]: {
+                  [types.ApiParams.requestHash]: challenge.signature.provider.requestHash
+                },
+                [types.ApiParams.user]: {
+                  [types.ApiParams.timestamp]: userTimestampSignature.signature
+                }
+              }
+            })
+          );
+          setValidChallengeTimeout();
+        } else {
+          events.onFailed();
+          resetState(frictionlessState?.restart);
+        }
+      },
+      start,
+      resetState,
+      state.attemptCount,
+      10
+    );
+  };
+  const cancel = async () => {
+    clearTimeout();
+    resetState(frictionlessState?.restart);
+    events.onClose();
+  };
+  const reload = async () => {
+    clearTimeout();
+    events.onReload();
+    resetState(frictionlessState?.restart);
+    if (!frictionlessState?.restart) {
+      await start();
+    }
+  };
+  const select = (hash) => {
+    if (!state.challenge) {
+      throw new common.ProsopoError("CAPTCHA.NO_CAPTCHA", {
+        context: { error: "Cannot select, no Captcha found in state" }
+      });
+    }
+    if (state.index >= state.challenge.captchas.length || state.index < 0) {
+      throw new common.ProsopoError("CAPTCHA.NO_CAPTCHA", {
+        context: {
+          error: "Cannot select, index is out of range for this Captcha"
+        }
+      });
+    }
+    const index = state.index;
+    const solutions = state.solutions;
+    const solution = util.at(solutions, index);
+    if (solution.includes(hash)) {
+      solution.splice(solution.indexOf(hash), 1);
+    } else {
+      solution.push(hash);
+    }
+    updateState({ solutions });
+  };
+  const nextRound = () => {
+    if (!state.challenge) {
+      throw new common.ProsopoError("CAPTCHA.NO_CAPTCHA", {
+        context: { error: "Cannot select, no Captcha found in state" }
+      });
+    }
+    if (state.index + 1 >= state.challenge.captchas.length) {
+      throw new common.ProsopoError("CAPTCHA.NO_CAPTCHA", {
+        context: {
+          error: "Cannot select, index is out of range for this Captcha"
+        }
+      });
+    }
+    updateState({ index: state.index + 1 });
+  };
+  const loadProviderApi = async (providerUrl) => {
+    const config = getConfig();
+    if (!config.account.address) {
+      throw new common.ProsopoEnvError("GENERAL.SITE_KEY_MISSING");
+    }
+    return new api.ProviderApi(providerUrl, config.account.address);
+  };
+  const clearTimeout = () => {
+    window.clearTimeout(Number(state.timeout));
+    updateState({ timeout: void 0 });
+  };
+  const setValidChallengeTimeout = () => {
+    const timeMillis = configOptional.captchas.image.solutionTimeout;
+    const successfullChallengeTimeout = setTimeout(() => {
+      updateState({ isHuman: false });
+      events.onExpired();
+    }, timeMillis);
+    updateState({ successfullChallengeTimeout });
+  };
+  const resetState = (frictionlessRestart) => {
+    clearTimeout();
+    updateState(defaultState());
+    events.onReset();
+    if (frictionlessRestart) {
+      frictionlessRestart();
+    }
+  };
+  const loadAccount = async () => {
+    const config = getConfig();
+    if (!config.web2 && !config.userAccountAddress) {
+      throw new common.ProsopoEnvError("GENERAL.ACCOUNT_NOT_FOUND", {
+        context: { error: "Account address has not been set for web3 mode" }
+      });
+    }
+    const selectAccount = async () => {
+      const ext = new (await procaptchaCommon.ExtensionLoader(config.web2))();
+      if (frictionlessState) {
+        return frictionlessState.userAccount;
+      }
+      return await ext.getAccount(config);
+    };
+    const account = await selectAccount();
+    updateState({ account });
+    return getAccount();
+  };
+  const getAccount = () => {
+    if (!state.account) {
+      throw new common.ProsopoEnvError("GENERAL.ACCOUNT_NOT_FOUND", {
+        context: { error: "Account not loaded" }
+      });
+    }
+    const account = state.account;
+    return account;
+  };
+  const getDappAccount = () => {
+    if (!state.dappAccount) {
+      throw new common.ProsopoEnvError("GENERAL.SITE_KEY_MISSING");
+    }
+    const dappAccount = state.dappAccount;
+    return dappAccount;
+  };
+  const getExtension = (possiblyAccount) => {
+    const account = possiblyAccount || getAccount();
+    if (!account.extension) {
+      throw new common.ProsopoEnvError("ACCOUNT.NO_POLKADOT_EXTENSION", {
+        context: { error: "Extension not loaded" }
+      });
+    }
+    return account.extension;
+  };
+  return {
+    start,
+    cancel,
+    submit,
+    select,
+    nextRound,
+    reload
+  };
+}
+exports.Manager = Manager;

package/dist/cjs/modules/ProsopoCaptchaApi.cjs

@@ -0,0 +1,73 @@
+"use strict";
+Object.defineProperties(exports, { __esModule: { value: true }, [Symbol.toStringTag]: { value: "Module" } });
+const common = require("@prosopo/common");
+const datasets = require("@prosopo/datasets");
+const types = require("@prosopo/types");
+class ProsopoCaptchaApi {
+  constructor(userAccount, provider, providerApi, web2, dappAccount) {
+    this.userAccount = userAccount;
+    this.provider = provider;
+    this.providerApi = providerApi;
+    this._web2 = web2;
+    this.dappAccount = dappAccount;
+  }
+  get web2() {
+    return this._web2;
+  }
+  async getCaptchaChallenge(sessionId) {
+    try {
+      const captchaChallenge = await this.providerApi.getCaptchaChallenge(
+        this.userAccount,
+        this.provider,
+        sessionId
+      );
+      if (captchaChallenge[types.ApiParams.error]) {
+        return captchaChallenge;
+      }
+      for (const captcha of captchaChallenge.captchas) {
+        for (const item of captcha.items) {
+          if (item.data) {
+            item.data = `https://${item.data.replace(/^http(s)*:\/\//, "")}`;
+          }
+        }
+      }
+      return captchaChallenge;
+    } catch (error) {
+      throw new common.ProsopoEnvError("CAPTCHA.INVALID_CAPTCHA_CHALLENGE", {
+        context: { error }
+      });
+    }
+  }
+  async submitCaptchaSolution(userTimestampSignature, requestHash, solutions, timestamp, providerRequestHashSignature) {
+    const tree = new datasets.CaptchaMerkleTree();
+    const captchasHashed = solutions.map(
+      (captcha) => datasets.computeCaptchaSolutionHash(captcha)
+    );
+    tree.build(captchasHashed);
+    if (!tree.root) {
+      throw new common.ProsopoDatasetError("CAPTCHA.INVALID_CAPTCHA_CHALLENGE", {
+        context: { error: "Merkle tree root is undefined" }
+      });
+    }
+    const commitmentId = tree.root.hash;
+    const tx = void 0;
+    let result;
+    try {
+      result = await this.providerApi.submitCaptchaSolution(
+        solutions,
+        requestHash,
+        this.userAccount,
+        timestamp,
+        providerRequestHashSignature,
+        userTimestampSignature
+      );
+    } catch (error) {
+      throw new common.ProsopoDatasetError("CAPTCHA.INVALID_CAPTCHA_CHALLENGE", {
+        context: { error }
+      });
+    }
+    return [result, commitmentId, tx];
+  }
+}
+exports.ProsopoCaptchaApi = ProsopoCaptchaApi;
+exports.default = ProsopoCaptchaApi;

package/dist/cjs/modules/collector.cjs

@@ -0,0 +1,80 @@
+"use strict";
+Object.defineProperty(exports, Symbol.toStringTag, { value: "Module" });
+const COLLECTOR_LIMIT = 1e4;
+const storeLog = (event, setEvents) => {
+  setEvents((currentEvents) => {
+    let newEvents = [...currentEvents, event];
+    if (newEvents.length > COLLECTOR_LIMIT) {
+      newEvents = newEvents.slice(1);
+    }
+    return newEvents;
+  });
+};
+const logMouseEvent = (event, setMouseEvent) => {
+  const storedEvent = {
+    x: event.x,
+    y: event.y,
+    timestamp: event.timeStamp
+  };
+  storeLog(storedEvent, setMouseEvent);
+};
+const logKeyboardEvent = (event, setKeyboardEvent) => {
+  const storedEvent = {
+    key: event.key,
+    timestamp: event.timeStamp,
+    isShiftKey: event.shiftKey,
+    isCtrlKey: event.ctrlKey
+  };
+  storeLog(storedEvent, setKeyboardEvent);
+};
+const logTouchEvent = (event, setTouchEvent) => {
+  for (const touch of Array.from(event.touches)) {
+    storeLog(
+      { x: touch.clientX, y: touch.clientY, timestamp: event.timeStamp },
+      setTouchEvent
+    );
+  }
+};
+const startCollector = (setStoredMouseEvents, setStoredTouchEvents, setStoredKeyboardEvents, rootElement) => {
+  const form = findContainingForm(rootElement);
+  if (form) {
+    form.addEventListener(
+      "mousemove",
+      (e) => logMouseEvent(e, setStoredMouseEvents)
+    );
+    form.addEventListener(
+      "keydown",
+      (e) => logKeyboardEvent(e, setStoredKeyboardEvents)
+    );
+    form.addEventListener(
+      "keyup",
+      (e) => logKeyboardEvent(e, setStoredKeyboardEvents)
+    );
+    form.addEventListener(
+      "touchstart",
+      (e) => logTouchEvent(e, setStoredTouchEvents)
+    );
+    form.addEventListener(
+      "touchend",
+      (e) => logTouchEvent(e, setStoredTouchEvents)
+    );
+    form.addEventListener(
+      "touchcancel",
+      (e) => logTouchEvent(e, setStoredTouchEvents)
+    );
+    form.addEventListener(
+      "touchmove",
+      (e) => logTouchEvent(e, setStoredTouchEvents)
+    );
+  }
+};
+const findContainingForm = (element) => {
+  if (element.tagName === "FORM") {
+    return element;
+  }
+  if (element.parentElement) {
+    return findContainingForm(element.parentElement);
+  }
+  return null;
+};
+exports.startCollector = startCollector;

package/dist/cjs/modules/index.cjs

@@ -0,0 +1,8 @@
+"use strict";
+Object.defineProperty(exports, Symbol.toStringTag, { value: "Module" });
+const Manager = require("./Manager.cjs");
+const ProsopoCaptchaApi = require("./ProsopoCaptchaApi.cjs");
+const collector = require("./collector.cjs");
+exports.Manager = Manager.Manager;
+exports.ProsopoCaptchaApi = ProsopoCaptchaApi.ProsopoCaptchaApi;
+exports.startCollector = collector.startCollector;

package/package.json

@@ -1,6 +1,6 @@
 {
 	"name": "@prosopo/procaptcha",
-	"version": "2.5.5",
+	"version": "2.6.1",
 	"author": "PROSOPO LIMITED <info@prosopo.io>",
 	"license": "Apache-2.0",
 	"main": "./dist/index.js",
@@ -33,14 +33,14 @@
 		"@polkadot/api-contract": "10.13.1",
 		"@polkadot/util": "12.6.2",
 		"@polkadot/util-crypto": "12.6.2",
-		"@prosopo/account": "2.5.5",
-		"@prosopo/api": "2.5.5",
-		"@prosopo/common": "2.5.5",
-		"@prosopo/datasets": "2.5.5",
-		"@prosopo/load-balancer": "2.5.5",
-		"@prosopo/procaptcha-common": "2.5.5",
-		"@prosopo/types": "2.5.5",
-		"@prosopo/util": "2.5.5",
+		"@prosopo/account": "2.6.1",
+		"@prosopo/api": "2.6.1",
+		"@prosopo/common": "2.6.0",
+		"@prosopo/datasets": "2.6.1",
+		"@prosopo/load-balancer": "2.6.1",
+		"@prosopo/procaptcha-common": "2.6.1",
+		"@prosopo/types": "2.6.1",
+		"@prosopo/util": "2.6.0",
 		"express": "4.21.2",
 		"jsdom": "25.0.0"
 	},
@@ -57,7 +57,7 @@
 		}
 	},
 	"devDependencies": {
-		"@prosopo/config": "2.5.5",
+		"@prosopo/config": "2.6.0",
 		"@vitest/coverage-v8": "3.0.9",
 		"concurrently": "9.0.1",
 		"del-cli": "6.0.0",
@@ -72,7 +72,8 @@
 	"keywords": [],
 	"repository": {
 		"type": "git",
-		"url": "git+https://github.com/prosopo/captcha.git"
+		"url": "git+https://github.com/prosopo/captcha.git",
+		"directory": "packages/procaptcha"
 	},
 	"bugs": {
 		"url": "https://github.com/prosopo/captcha/issues"