Merge branch 'feature/v3/recaptcha-v3-integration' into develop

Author: biscolab

README.md

@@ -6,7 +6,7 @@ Simple Google reCAPTCHA package for Laravel 5
 ## System requirements
 PHP 7.1 or greater
 
-Are you still using PHP 5.6? Please go to [V2](https://github.com/biscolab/laravel-recaptcha/tree/v2.0.4)
+Are you still using PHP 5.x or 7.0? Please go to [V2](https://github.com/biscolab/laravel-recaptcha/tree/v2.0.4)
 
 ## Installation
 
@@ -36,11 +36,17 @@ php artisan vendor:publish --provider="Biscolab\ReCaptcha\ReCaptchaServiceProvid
 ## Configuration
 
 ### Add your API Keys
-Open `config/recaptcha.php` configuration file and set `api_site_key`, `api_secret_key` and `version`:
+Open `.env` file and set `RECAPTCHA_SITE_KEY` and `RECAPTCHA_SECRET_KEY`:
+```php
+RECAPTCHA_SITE_KEY=YOUR_API_SITE_KEY
+RECAPTCHA_SECRET_KEY=YOUR_API_SECRET_KEY
+```
+
+Open `config/recaptcha.php` configuration file and set `version`:
 ```php
 return [
-    'api_site_key'      => 'YOUR_API_SITE_KEY',
-    'api_secret_key'    => 'YOUR_API_SECRET_KEY',
+    'api_site_key'      => env('RECAPTCHA_SITE_KEY', ''),
+    'api_secret_key'    => env('RECAPTCHA_SECRET_KEY', ''),
     'version'           => 'v2' // supported: v2|invisible 
     'skip_ip'           => [] // array of IP addresses - String: dotted quad format e.g.: 127.0.0.1
 ];

config/recaptcha.php

@@ -19,30 +19,46 @@
      * get site key @ www.google.com/recaptcha/admin
      *
      */
-    'api_site_key'   => '',
+    'api_site_key'                 => env('RECAPTCHA_SITE_KEY', ''),
 
     /**
      *
      * The secret key
      * get secret key @ www.google.com/recaptcha/admin
      *
      */
-    'api_secret_key' => '',
+    'api_secret_key'               => env('RECAPTCHA_SECRET_KEY', ''),
 
     /**
      *
      * ReCATCHA version
-     * Supported: "v2", "invisible",
+     * Supported: "v2", "invisible", "v3",
      *
      * get more info @ https://developers.google.com/recaptcha/docs/versions
      *
      */
-    'version'        => 'v2',
+    'version'                      => env('RECAPTCHA_DEFAULT_VERSION', 'v2'),
 
     /**
      *
      * IP addresses for which validation will be skipped
      *
      */
-    'skip_ip'        => []
+    'skip_ip'                      => [],
+
+    /**
+     *
+     * Default route called to check the Google reCAPTCHA token
+     * @since v3.2.0
+     *
+     */
+    'default_validation_route'     => env('RECAPTCHA_DEFAULT_VALIDATION_ROUTE', 'biscolab-recaptcha/validate'),
+
+    /**
+     *
+     * The name of the parameter used to send Google reCAPTCHA token to verify route
+     * @since v3.2.0
+     *
+     */
+    'default_token_parameter_name' => env('RECAPTCHA_DEFAULT_TOKEN_PARAMETER_NAME', 'token')
 ];

src/ReCaptchaBuilder.php

@@ -48,40 +48,98 @@ class ReCaptchaBuilder {
 
     public function __construct($api_site_key, $api_secret_key, $version = 'v2') {
 
+        $this->setApiSiteKey($api_site_key);
+        $this->setApiSecretKey($api_secret_key);
+        $this->setVersion($version);
+        $this->setSkipByIp($this->skipByIp());
+    }
+
+    /**
+     * @param string $api_site_key
+     *
+     * @return ReCaptchaBuilder
+     */
+    public function setApiSiteKey(string $api_site_key): ReCaptchaBuilder{
         $this->api_site_key = $api_site_key;
+
+        return $this;
+    }
+
+    /**
+     * @param string $api_secret_key
+     *
+     * @return ReCaptchaBuilder
+     */
+    public function setApiSecretKey(string $api_secret_key): ReCaptchaBuilder{
         $this->api_secret_key = $api_secret_key;
+
+        return $this;
+    }
+
+    /**
+     * @param string $version
+     *
+     * @return ReCaptchaBuilder
+     */
+    public function setVersion(string $version): ReCaptchaBuilder{
         $this->version = $version;
-        $this->skip_by_ip = self::skipByIp();
+
+        return $this;
+    }
+
+    /**
+     * @return string
+     */
+    public function getVersion(): string {
+        return $this->version;
+    }
+
+    /**
+     * @param bool $skip_by_ip
+     *
+     * @return ReCaptchaBuilder
+     */
+    public function setSkipByIp(bool $skip_by_ip): ReCaptchaBuilder {
+        $this->skip_by_ip = $skip_by_ip;
+
+        return $this;
     }
 
     /**
      * Checks whether the user IP address is among IPs "to be skipped"
      *
      * @return boolean
      */
-    public static function skipByIp() {
-
-        $skip_ip = (config('recaptcha.skip_ip')) ? config('recaptcha.skip_ip') : [];
+    public function skipByIp(): bool {
 
-        return (in_array(request()->ip(), $skip_ip));
+        return (in_array(request()->ip(), config('recaptcha.skip_ip', [])));
     }
 
     /**
      * Write script HTML tag in you HTML code
      * Insert before </head> tag
      *
-     * @param string $formId
+     * @param string|null    $formId
+     * @param array|null $configuration
      *
      * @return string
      * @throws Exception
      */
-    public function htmlScriptTagJsApi($formId = '') {
+    public function htmlScriptTagJsApi(?string $formId = '', ?array $configuration = []): string {
 
         if ($this->skip_by_ip) {
             return '';
         }
-        $html = "<script src='https://www.google.com/recaptcha/api.js' async defer></script>";
-        if ($this->version != 'v2') {
+
+        switch ($this->version) {
+            case 'v3':
+                $html = "<script src=\"https://www.google.com/recaptcha/api.js?render={$this->api_site_key}\"></script>";
+                break;
+            default:
+                $html = "<script src=\"https://www.google.com/recaptcha/api.js\" async defer></script>";
+        }
+
+        if ($this->version == 'invisible') {
             if (!$formId) {
                 throw new Exception("formId required", 1);
             }
@@ -91,10 +149,62 @@ function biscolabLaravelReCaptcha(token) {
 		       }
 		     </script>';
         }
+        elseif ($this->version == 'v3') {
+
+            $action = array_get($configuration, 'action', 'homepage');
+
+            $js_custom_validation = array_get($configuration, 'custom_validation', '');
+
+            // Check if set custom_validation. That function will override default fetch validation function
+            if($js_custom_validation) {
+
+                $validate_function = ($js_custom_validation) ? "{$js_custom_validation}(token);" : '';
+            }
+            else {
+
+                $js_then_callback = array_get($configuration, 'callback_then', '');
+                $js_callback_catch = array_get($configuration, 'callback_catch', '');
+
+                $js_then_callback = ($js_then_callback) ? "{$js_then_callback}(response)" : '';
+                $js_callback_catch = ($js_callback_catch) ? "{$js_callback_catch}(err)" : '';
+
+                $validate_function = "
+                fetch('/" . config('recaptcha.default_validation_route', 'biscolab-recaptcha/validate') . "?" . config('recaptcha.default_token_parameter_name', 'token') . "=' + token, {
+                    headers: {
+                        \"X-Requested-With\": \"XMLHttpRequest\",
+                        \"X-CSRF-TOKEN\": csrfToken.content
+                    }
+                })
+                .then(function(response) {
+                   	{$js_then_callback}
+                })
+                .catch(function(err) {
+                    {$js_callback_catch}
+                });";
+            }
+
+            $html .= "<script>
+                    var csrfToken = document.head.querySelector('meta[name=\"csrf-token\"]');
+                  grecaptcha.ready(function() {
+                      grecaptcha.execute('{$this->api_site_key}', {action: '{$action}'}).then(function(token) {
+                        {$validate_function}
+                      });
+                  });
+		     </script>";
+        }
 
         return $html;
     }
 
+    /**
+     * @param array|null $configuration
+     *
+     * @return string
+     */
+    public function htmlScriptTagJsApiV3(?array $configuration = []): string {
+        return $this->htmlScriptTagJsApi('', $configuration);
+    }
+
     /**
      * Call out to reCAPTCHA and process the response
      *
@@ -131,6 +241,10 @@ public function validate($response) {
         }
         $response = json_decode(trim($curl_response), true);
 
+        if($this->version == 'v3') {
+            return $response;
+        }
+
         return $response['success'];
 
     }

src/ReCaptchaBuilderInvisible.php

@@ -16,6 +16,16 @@
  */
 class ReCaptchaBuilderInvisible extends ReCaptchaBuilder {
 
+    /**
+     * ReCaptchaBuilderInvisible constructor.
+     *
+     * @param string $api_site_key
+     * @param string $api_secret_key
+     */
+    public function __construct(string $api_site_key, string $api_secret_key) {
+        parent::__construct($api_site_key, $api_secret_key, 'invisible');
+    }
+
     /**
      * Write HTML <button> tag in your HTML code
      * Insert before </form> tag
@@ -24,7 +34,7 @@ class ReCaptchaBuilderInvisible extends ReCaptchaBuilder {
      *
      * @return string
      */
-    public function htmlFormButton($buttonInnerHTML = 'Submit') {
+    public function htmlFormButton($buttonInnerHTML = 'Submit'): string {
 
         return ($this->version == 'invisible') ? '<button class="g-recaptcha" data-sitekey="' . $this->api_site_key . '" data-callback="biscolabLaravelReCaptcha">' . $buttonInnerHTML . '</button>' : '';
     }

src/ReCaptchaBuilderV2.php

@@ -16,12 +16,22 @@
  */
 class ReCaptchaBuilderV2 extends ReCaptchaBuilder {
 
+    /**
+     * ReCaptchaBuilderV2 constructor.
+     *
+     * @param string $api_site_key
+     * @param string $api_secret_key
+     */
+    public function __construct(string $api_site_key, string $api_secret_key) {
+        parent::__construct($api_site_key, $api_secret_key, 'v2');
+    }
+
     /**
      * Write ReCAPTCHA HTML tag in your FORM
      * Insert before </form> tag
      * @return string
      */
-    public function htmlFormSnippet() {
+    public function htmlFormSnippet(): string {
 
         return ($this->version == 'v2') ? '<div class="g-recaptcha" data-sitekey="' . $this->api_site_key . '"></div>' : '';
     }

src/ReCaptchaBuilderV3.php

@@ -0,0 +1,29 @@
+<?php
+/**
+ * Copyright (c) 2017 - present
+ * LaravelGoogleRecaptcha - ReCaptchaBuilderV3.php
+ * author: Roberto Belotti - roby.belotti@gmail.com
+ * web : robertobelotti.com, github.com/biscolab
+ * Initial version created on: 22/1/2019
+ * MIT license: https://github.com/biscolab/laravel-recaptcha/blob/master/LICENSE
+ */
+
+namespace Biscolab\ReCaptcha;
+
+/**
+ * Class ReCaptchaBuilderV3
+ * @package Biscolab\ReCaptcha
+ */
+class ReCaptchaBuilderV3 extends ReCaptchaBuilder {
+
+    /**
+     * ReCaptchaBuilderV3 constructor.
+     *
+     * @param string $api_site_key
+     * @param string $api_secret_key
+     */
+    public function __construct(string $api_site_key, string $api_secret_key) {
+        parent::__construct($api_site_key, $api_secret_key, 'v3');
+    }
+
+}

src/ReCaptchaServiceProvider.php

@@ -32,9 +32,12 @@ class ReCaptchaServiceProvider extends ServiceProvider {
     public function boot() {
 
         $this->addValidationRule();
+        $this->loadRoutesFrom(__DIR__ . '/routes/routes.php');
+
         $this->publishes([
             __DIR__ . '/../config/recaptcha.php' => config_path('recaptcha.php'),
         ]);
+
     }
 
     /**
@@ -71,11 +74,22 @@ protected function registerReCaptchaBuilder() {
 
         $this->app->singleton('recaptcha', function ($app) {
 
-            if (config('recaptcha.version') == 'v2') {
-                return new ReCaptchaBuilderV2(config('recaptcha.api_site_key'), config('recaptcha.api_secret_key'), config('recaptcha.version'));
-            } else {
-                return new ReCaptchaBuilderInvisible(config('recaptcha.api_site_key'), config('recaptcha.api_secret_key'), config('recaptcha.version'));
+            $recaptcha_class = '';
+
+            switch (config('recaptcha.version')) {
+                case 'v3' :
+                    $recaptcha_class = ReCaptchaBuilderV3::class;
+                    break;
+                case 'v2' :
+                    $recaptcha_class = ReCaptchaBuilderV2::class;
+                    break;
+                case 'invisible':
+                    $recaptcha_class = ReCaptchaBuilderInvisible::class;
+                    break;
             }
+
+            return new $recaptcha_class(config('recaptcha.api_site_key'), config('recaptcha.api_secret_key'));
+
         });
     }