abuse/src/Abuse/Adapters/ReCaptcha.php at 7bece2fd2ac0726e2322fc761b300bd7de0a469f · utopia-php/abuse · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
<?php

namespace Utopia\Abuse\Adapters;

use Exception;
use Utopia\Abuse\Adapter;

class ReCaptcha extends Adapter
{
    /**
     * Use this for communication between your site and Google.
     * Be sure to keep it a secret.
     *
     * @var string
     */
    protected string $secret = '';

    /**
     * The value of 'g-recaptcha-response'.
     *
     * @var string
     */
    protected string $response = '';

    /**
     * The end user's ip address
     *
     * @var string
     */
    protected string $remoteIP = '';

    /**
     * ReCaptcha Adapter
     *
     * See more information about the implementation instructions
     *
     * @see https://developers.google.com/recaptcha/docs/verify
     *
     * Admin Panel
     * @see https://www.google.com/recaptcha/admin
     *
     * @param  string  $secret
     * @param  string  $response
     * @param  string  $remoteIP
     */
    public function __construct(string $secret, string $response, string $remoteIP)
    {
        $this->secret = $secret;
        $this->response = $response;
        $this->remoteIP = $remoteIP;
    }

    /**
     * Check
     *
     * Check if user is human or not, compared to score
     *
     * @param  float  $score
     * @return bool
     */
    public function check(float $score = 0.5): bool
    {
        $url = 'https://www.google.com/recaptcha/api/siteverify';
        $fields = [
            'secret' => \urlencode($this->secret),
            'response' => \urlencode($this->response),
            'remoteip' => \urlencode($this->remoteIP),
        ];

        //open connection
        $ch = \curl_init();

        //set the url, number of POST vars, POST data
        \curl_setopt($ch, CURLOPT_URL, $url);
        \curl_setopt($ch, CURLOPT_POST, \count($fields));
        \curl_setopt($ch, CURLOPT_POSTFIELDS, \http_build_query($fields));
        \curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);

        //execute post
        /** @var array<string, mixed> $result */
        $result = \json_decode((string) \curl_exec($ch), true);

        //close connection
        \curl_close($ch);
        if ($result['success'] && $result['score'] >= $score) {
            return true;
        } else {
            return false;
        }
    }

    /**
     * Delete logs older than $timestamp
     *
     * @param  int  $timestamp
     * @return bool
     *
     * @throws Exception
     */
    public function cleanup(int $timestamp): bool
    {
        throw new Exception('Method not supported');
    }

    /**
     * Get abuse logs
     *
     * Return logs with an offset and limit
     *
     * @param  int|null  $offset
     * @param  int|null  $limit
     * @return array<string, mixed>
     *
     * @throws Exception
     */
    public function getLogs(?int $offset = null, ?int $limit = 25): array
    {
        throw new Exception('Method not supported');
    }

    /**
     * Reset
     *
     * Reset is not applicable for ReCaptcha adapter
     *
     * @return void
     *
     * @throws Exception
     */
    public function reset(): void
    {
        throw new Exception('Method not supported');
    }
}