debian-mirror-gitlab/app/services/captcha/captcha_verification_service.rb

# frozen_string_literal: true

module Captcha
  ##
  # Encapsulates logic of checking captchas.
  #
  class CaptchaVerificationService
    include Recaptcha::Verify

    # Currently the only value that is used out of the request by the reCAPTCHA library
    # is 'remote_ip'. Therefore, we just create a struct to avoid passing the full request
    # object through all the service layer objects, and instead just rely on passing only
    # the required remote_ip value. This eliminates the need to couple the service layer
    # to the HTTP request (for the purpose of this service, at least).
    RequestStruct = Struct.new(:remote_ip)

    def initialize(spam_params:)
      @spam_params = spam_params
    end

    ##
    # Performs verification of a captcha response.
    #
    # NOTE: Currently only supports reCAPTCHA, and is not yet used in all places of the app in which
    # captchas are verified, but these can be addressed in future MRs.  See:
    # https://gitlab.com/gitlab-org/gitlab/-/issues/273480
    def execute
      return false unless spam_params.captcha_response

      @request = RequestStruct.new(spam_params.ip_address)

      Gitlab::Recaptcha.load_configurations!

      # NOTE: We could pass the model and let the recaptcha gem automatically add errors to it,
      # but we do not, for two reasons:
      #
      # 1. We want control over when the errors are added
      # 2. We want control over the wording and i18n of the message
      # 3. We want a consistent interface and behavior when adding support for other captcha
      #    libraries which may not support automatically adding errors to the model.
      verify_recaptcha(response: spam_params.captcha_response)
    end

    private

    attr_reader :spam_params

    # The recaptcha library's Recaptcha::Verify#verify_recaptcha method requires that
    # 'request' be a readable attribute - it doesn't support passing it as an options argument.
    attr_reader :request
  end
end
New upstream version 13.9.3+ds1 2021-03-11 19:13:27 +05:30			`# frozen_string_literal: true`

			`module Captcha`
			`##`
			`# Encapsulates logic of checking captchas.`
			`#`
			`class CaptchaVerificationService`
			`include Recaptcha::Verify`

New upstream version 14.1.7+ds1 2021-09-30 23:02:18 +05:30			`# Currently the only value that is used out of the request by the reCAPTCHA library`
			`# is 'remote_ip'. Therefore, we just create a struct to avoid passing the full request`
			`# object through all the service layer objects, and instead just rely on passing only`
			`# the required remote_ip value. This eliminates the need to couple the service layer`
			`# to the HTTP request (for the purpose of this service, at least).`
			`RequestStruct = Struct.new(:remote_ip)`

			`def initialize(spam_params:)`
			`@spam_params = spam_params`
			`end`

New upstream version 13.9.3+ds1 2021-03-11 19:13:27 +05:30			`##`
			`# Performs verification of a captcha response.`
			`#`
			`# NOTE: Currently only supports reCAPTCHA, and is not yet used in all places of the app in which`
			`# captchas are verified, but these can be addressed in future MRs. See:`
			`# https://gitlab.com/gitlab-org/gitlab/-/issues/273480`
New upstream version 14.1.7+ds1 2021-09-30 23:02:18 +05:30			`def execute`
			`return false unless spam_params.captcha_response`
New upstream version 13.9.3+ds1 2021-03-11 19:13:27 +05:30
New upstream version 14.1.7+ds1 2021-09-30 23:02:18 +05:30			`@request = RequestStruct.new(spam_params.ip_address)`
New upstream version 13.9.3+ds1 2021-03-11 19:13:27 +05:30
			`Gitlab::Recaptcha.load_configurations!`

			`# NOTE: We could pass the model and let the recaptcha gem automatically add errors to it,`
			`# but we do not, for two reasons:`
			`#`
			`# 1. We want control over when the errors are added`
			`# 2. We want control over the wording and i18n of the message`
			`# 3. We want a consistent interface and behavior when adding support for other captcha`
			`# libraries which may not support automatically adding errors to the model.`
New upstream version 14.1.7+ds1 2021-09-30 23:02:18 +05:30			`verify_recaptcha(response: spam_params.captcha_response)`
New upstream version 13.9.3+ds1 2021-03-11 19:13:27 +05:30			`end`

			`private`

New upstream version 14.1.7+ds1 2021-09-30 23:02:18 +05:30			`attr_reader :spam_params`

New upstream version 13.9.3+ds1 2021-03-11 19:13:27 +05:30			`# The recaptcha library's Recaptcha::Verify#verify_recaptcha method requires that`
			`# 'request' be a readable attribute - it doesn't support passing it as an options argument.`
			`attr_reader :request`
			`end`
			`end`