3 use MediaWiki\Auth\AuthenticationRequest;
5 class ReCaptchaNoCaptcha extends SimpleCaptcha {
6 // used for renocaptcha-edit, renocaptcha-addurl, renocaptcha-badlogin, renocaptcha-createaccount,
7 // renocaptcha-create, renocaptcha-sendemail via getMessage()
8 protected static $messagePrefix = 'renocaptcha-';
10 private $error = null;
12 * Get the captcha form.
15 function getFormInformation( $tabIndex = 1 ) {
16 global $wgReCaptchaSiteKey, $wgLang;
17 $lang = htmlspecialchars( urlencode( $wgLang->getCode() ) );
19 $output = Html::element( 'div', [
22 'mw-confirmedit-captcha-fail' => !!$this->error,
24 'data-sitekey' => $wgReCaptchaSiteKey
26 $htmlUrlencoded = htmlspecialchars( urlencode( $wgReCaptchaSiteKey ) );
30 <div style="width: 302px; height: 422px; position: relative;">
31 <div style="width: 302px; height: 422px; position: absolute;">
32 <iframe src="https://www.google.com/recaptcha/api/fallback?k={$htmlUrlencoded}&hl={$lang}"
33 frameborder="0" scrolling="no"
34 style="width: 302px; height:422px; border-style: none;">
38 <div style="width: 300px; height: 60px; border-style: none;
39 bottom: 12px; left: 25px; margin: 0px; padding: 0px; right: 25px;
40 background: #f9f9f9; border: 1px solid #c1c1c1; border-radius: 3px;">
41 <textarea id="g-recaptcha-response" name="g-recaptcha-response"
42 class="g-recaptcha-response"
43 style="width: 250px; height: 40px; border: 1px solid #c1c1c1;
44 margin: 10px 25px; padding: 0px; resize: none;" >
53 // Insert reCAPTCHA script, in display language, if available.
54 // Language falls back to the browser's display language.
55 // See https://developers.google.com/recaptcha/docs/faq
56 "<script src=\"https://www.google.com/recaptcha/api.js?hl={$lang}\" async defer></script>"
64 protected function logCheckError( $info ) {
65 if ( $info instanceof Status ) {
66 $errors = $info->getErrorsArray();
67 $error = $errors[0][0];
68 } elseif ( is_array( $info ) ) {
69 $error = implode( ',', $info );
74 wfDebugLog( 'captcha', 'Unable to validate response: ' . $error );
78 * @param WebRequest $request
81 protected function getCaptchaParamsFromRequest( WebRequest $request ) {
82 $index = 'not used'; // ReCaptchaNoCaptcha combines captcha ID + solution into a single value
83 // API is hardwired to return captchaWord, so use that if the standard isempty
84 $response = $request->getVal( 'g-recaptcha-response', $request->getVal( 'captchaWord' ) );
85 return [ $index, $response ];
89 * Check, if the user solved the captcha.
91 * Based on reference implementation:
92 * https://github.com/google/recaptcha#php
94 * @param $_ mixed Not used (ReCaptcha v2 puts index and solution in a single string)
95 * @param $word string captcha solution
98 function passCaptcha( $_, $word ) {
99 global $wgRequest, $wgReCaptchaSecretKey, $wgReCaptchaSendRemoteIP;
101 $url = 'https://www.google.com/recaptcha/api/siteverify';
102 // Build data to append to request
104 'secret' => $wgReCaptchaSecretKey,
107 if ( $wgReCaptchaSendRemoteIP ) {
108 $data['remoteip'] = $wgRequest->getIP();
110 $url = wfAppendQuery( $url, $data );
111 $request = MWHttpRequest::factory( $url, [ 'method' => 'GET' ] );
112 $status = $request->execute();
113 if ( !$status->isOK() ) {
114 $this->error = 'http';
115 $this->logCheckError( $status );
118 $response = FormatJson::decode( $request->getContent(), true );
120 $this->error = 'json';
121 $this->logCheckError( $this->error );
124 if ( isset( $response['error-codes'] ) ) {
125 $this->error = 'recaptcha-api';
126 $this->logCheckError( $response['error-codes'] );
130 return $response['success'];
134 * @param array $resultArr
136 function addCaptchaAPI( &$resultArr ) {
137 $resultArr['captcha'] = $this->describeCaptchaType();
138 $resultArr['captcha']['error'] = $this->error;
144 public function describeCaptchaType() {
145 global $wgReCaptchaSiteKey;
147 'type' => 'recaptchanocaptcha',
148 'mime' => 'image/png',
149 'key' => $wgReCaptchaSiteKey,
154 * Show a message asking the user to enter a captcha on edit
155 * The result will be treated as wiki text
157 * @param $action string Action being performed
158 * @return string Wikitext
160 public function getMessage( $action ) {
161 $msg = parent::getMessage( $action );
162 if ( $this->error ) {
163 $msg = new RawMessage( '<div class="error">$1</div>', [ $msg ] );
169 * @param ApiBase $module
170 * @param array $params
174 public function APIGetAllowedParams( &$module, &$params, $flags ) {
175 if ( $flags && $this->isAPICaptchaModule( $module ) ) {
176 $params['g-recaptcha-response'] = [
177 ApiBase::PARAM_HELP_MSG => 'renocaptcha-apihelp-param-g-recaptcha-response',
184 public function getError() {
188 public function storeCaptcha( $info ) {
189 // ReCaptcha is stored by Google; the ID will be generated at that time as well, and
190 // the one returned here won't be used. Just pretend this worked.
194 public function retrieveCaptcha( $index ) {
195 // just pretend it worked
196 return [ 'index' => $index ];
199 public function getCaptcha() {
200 // ReCaptcha is handled by frontend code + an external provider; nothing to do here.
205 * @param array $captchaData
209 public function getCaptchaInfo( $captchaData, $id ) {
210 return wfMessage( 'renocaptcha-info' );
214 * @return ReCaptchaNoCaptchaAuthenticationRequest
216 public function createAuthenticationRequest() {
217 return new ReCaptchaNoCaptchaAuthenticationRequest();
221 * @param array $requests
222 * @param array $fieldInfo
223 * @param array $formDescriptor
224 * @param string $action
226 public function onAuthChangeFormFields(
227 array $requests, array $fieldInfo, array &$formDescriptor, $action
229 global $wgReCaptchaSiteKey;
231 $req = AuthenticationRequest::getRequestByClass( $requests,
232 CaptchaAuthenticationRequest::class, true );
237 // ugly way to retrieve error information
238 $captcha = ConfirmEditHooks::getInstance();
240 $formDescriptor['captchaWord'] = [
241 'class' => HTMLReCaptchaNoCaptchaField::class,
242 'key' => $wgReCaptchaSiteKey,
243 'error' => $captcha->getError(),
244 ] + $formDescriptor['captchaWord'];