2023-07-27 07:31:52 +02:00
|
|
|
/*
|
2024-02-12 03:37:45 +01:00
|
|
|
* SPDX-FileCopyrightText: syuilo and misskey-project
|
2023-07-27 07:31:52 +02:00
|
|
|
* SPDX-License-Identifier: AGPL-3.0-only
|
|
|
|
|
*/
|
|
|
|
|
|
2023-01-12 13:03:02 +01:00
|
|
|
import { Injectable } from '@nestjs/common';
|
2022-12-04 02:16:03 +01:00
|
|
|
import { HttpRequestService } from '@/core/HttpRequestService.js';
|
2022-12-04 07:03:09 +01:00
|
|
|
import { bindThis } from '@/decorators.js';
|
2022-09-17 20:27:08 +02:00
|
|
|
|
|
|
|
|
type CaptchaResponse = {
|
|
|
|
|
success: boolean;
|
|
|
|
|
'error-codes'?: string[];
|
|
|
|
|
};
|
|
|
|
|
|
|
|
|
|
@Injectable()
|
|
|
|
|
export class CaptchaService {
|
|
|
|
|
constructor(
|
|
|
|
|
private httpRequestService: HttpRequestService,
|
|
|
|
|
) {
|
|
|
|
|
}
|
|
|
|
|
|
2022-12-04 07:03:09 +01:00
|
|
|
@bindThis
|
2022-09-18 20:11:50 +02:00
|
|
|
private async getCaptchaResponse(url: string, secret: string, response: string): Promise<CaptchaResponse> {
|
2022-09-17 20:27:08 +02:00
|
|
|
const params = new URLSearchParams({
|
|
|
|
|
secret,
|
|
|
|
|
response,
|
|
|
|
|
});
|
2023-07-08 00:08:16 +02:00
|
|
|
|
2023-01-25 04:00:04 +01:00
|
|
|
const res = await this.httpRequestService.send(url, {
|
|
|
|
|
method: 'POST',
|
2023-01-26 03:31:43 +01:00
|
|
|
body: params.toString(),
|
2023-01-25 04:00:04 +01:00
|
|
|
headers: {
|
2023-01-26 03:31:43 +01:00
|
|
|
'Content-Type': 'application/x-www-form-urlencoded',
|
2022-09-17 20:27:08 +02:00
|
|
|
},
|
2023-01-25 04:00:04 +01:00
|
|
|
}, { throwErrorWhenResponseNotOk: false });
|
2023-07-08 00:08:16 +02:00
|
|
|
|
2022-09-17 20:27:08 +02:00
|
|
|
if (!res.ok) {
|
2023-05-29 04:54:49 +02:00
|
|
|
throw new Error(`${res.status}`);
|
2022-09-17 20:27:08 +02:00
|
|
|
}
|
2023-07-08 00:08:16 +02:00
|
|
|
|
2022-09-17 20:27:08 +02:00
|
|
|
return await res.json() as CaptchaResponse;
|
2023-07-08 00:08:16 +02:00
|
|
|
}
|
|
|
|
|
|
2022-12-04 07:03:09 +01:00
|
|
|
@bindThis
|
2022-12-03 11:42:05 +01:00
|
|
|
public async verifyRecaptcha(secret: string, response: string | null | undefined): Promise<void> {
|
|
|
|
|
if (response == null) {
|
2023-05-29 04:54:49 +02:00
|
|
|
throw new Error('recaptcha-failed: no response provided');
|
2022-12-03 11:42:05 +01:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
const result = await this.getCaptchaResponse('https://www.recaptcha.net/recaptcha/api/siteverify', secret, response).catch(err => {
|
2023-05-29 04:54:49 +02:00
|
|
|
throw new Error(`recaptcha-request-failed: ${err}`);
|
2022-09-17 20:27:08 +02:00
|
|
|
});
|
|
|
|
|
|
|
|
|
|
if (result.success !== true) {
|
|
|
|
|
const errorCodes = result['error-codes'] ? result['error-codes'].join(', ') : '';
|
2023-05-29 04:54:49 +02:00
|
|
|
throw new Error(`recaptcha-failed: ${errorCodes}`);
|
2022-09-17 20:27:08 +02:00
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
2022-12-04 07:03:09 +01:00
|
|
|
@bindThis
|
2022-12-03 11:42:05 +01:00
|
|
|
public async verifyHcaptcha(secret: string, response: string | null | undefined): Promise<void> {
|
|
|
|
|
if (response == null) {
|
2023-05-29 04:54:49 +02:00
|
|
|
throw new Error('hcaptcha-failed: no response provided');
|
2022-12-03 11:42:05 +01:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
const result = await this.getCaptchaResponse('https://hcaptcha.com/siteverify', secret, response).catch(err => {
|
2023-05-29 04:54:49 +02:00
|
|
|
throw new Error(`hcaptcha-request-failed: ${err}`);
|
2022-09-17 20:27:08 +02:00
|
|
|
});
|
|
|
|
|
|
|
|
|
|
if (result.success !== true) {
|
|
|
|
|
const errorCodes = result['error-codes'] ? result['error-codes'].join(', ') : '';
|
2023-05-29 04:54:49 +02:00
|
|
|
throw new Error(`hcaptcha-failed: ${errorCodes}`);
|
2022-09-17 20:27:08 +02:00
|
|
|
}
|
|
|
|
|
}
|
2022-10-13 02:19:57 +02:00
|
|
|
|
2024-01-06 12:14:33 +01:00
|
|
|
// https://codeberg.org/Gusted/mCaptcha/src/branch/main/mcaptcha.go
|
|
|
|
|
@bindThis
|
|
|
|
|
public async verifyMcaptcha(secret: string, siteKey: string, instanceHost: string, response: string | null | undefined): Promise<void> {
|
|
|
|
|
if (response == null) {
|
|
|
|
|
throw new Error('mcaptcha-failed: no response provided');
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
const endpointUrl = new URL('/api/v1/pow/siteverify', instanceHost);
|
|
|
|
|
const result = await this.httpRequestService.send(endpointUrl.toString(), {
|
|
|
|
|
method: 'POST',
|
|
|
|
|
body: JSON.stringify({
|
|
|
|
|
key: siteKey,
|
|
|
|
|
secret: secret,
|
|
|
|
|
token: response,
|
|
|
|
|
}),
|
|
|
|
|
headers: {
|
|
|
|
|
'Content-Type': 'application/json',
|
|
|
|
|
},
|
|
|
|
|
});
|
|
|
|
|
|
|
|
|
|
if (result.status !== 200) {
|
|
|
|
|
throw new Error('mcaptcha-failed: mcaptcha didn\'t return 200 OK');
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
const resp = (await result.json()) as { valid: boolean };
|
|
|
|
|
|
|
|
|
|
if (!resp.valid) {
|
|
|
|
|
throw new Error('mcaptcha-request-failed');
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
2022-12-04 07:03:09 +01:00
|
|
|
@bindThis
|
2022-12-03 11:42:05 +01:00
|
|
|
public async verifyTurnstile(secret: string, response: string | null | undefined): Promise<void> {
|
|
|
|
|
if (response == null) {
|
2023-05-29 04:54:49 +02:00
|
|
|
throw new Error('turnstile-failed: no response provided');
|
2022-12-03 11:42:05 +01:00
|
|
|
}
|
2023-07-08 00:08:16 +02:00
|
|
|
|
2022-12-03 11:42:05 +01:00
|
|
|
const result = await this.getCaptchaResponse('https://challenges.cloudflare.com/turnstile/v0/siteverify', secret, response).catch(err => {
|
2023-05-29 04:54:49 +02:00
|
|
|
throw new Error(`turnstile-request-failed: ${err}`);
|
2022-10-13 02:19:57 +02:00
|
|
|
});
|
|
|
|
|
|
|
|
|
|
if (result.success !== true) {
|
|
|
|
|
const errorCodes = result['error-codes'] ? result['error-codes'].join(', ') : '';
|
2023-05-29 04:54:49 +02:00
|
|
|
throw new Error(`turnstile-failed: ${errorCodes}`);
|
2022-10-13 02:19:57 +02:00
|
|
|
}
|
|
|
|
|
}
|
2022-09-17 20:27:08 +02:00
|
|
|
}
|
|
|
|
|
|
