Merge pull request #12 from Webotvorba/development

- Add support for reCAPTCHA v3 Enterprise in README and implementation

Author: bert-w

README.md

@@ -22,11 +22,12 @@ version you are going to implement.
 
 This package supports the following versions. Note that each version requires a different sitekey/secretkey pair:
 
-| **Version**          | **Docs**                                                          | **Notes**                   |
-|----------------------|-------------------------------------------------------------------|-----------------------------|
-| **v3** (recommended) | [V3 Docs](https://developers.google.com/recaptcha/docs/v3)        |                             |
-| **v2**               | [V2 Docs](https://developers.google.com/recaptcha/docs/display)   |                             |
-| **v2 invisible**     | [V2 Docs](https://developers.google.com/recaptcha/docs/invisible) | Use `'size' => 'invisible'` |
+| **Version**          | **Docs**                                                          | **Notes**                         |
+|----------------------|-------------------------------------------------------------------|-----------------------------------|
+| **v3** (recommended) | [V3 Docs](https://developers.google.com/recaptcha/docs/v3)        |                                   |
+| **v3** (enterprise)  | [V3 Docs](https://developers.google.com/recaptcha/docs/v3)        | Use `'version' => 'v3-enterprise'` |
+| **v2**               | [V2 Docs](https://developers.google.com/recaptcha/docs/display)   |                                   |
+| **v2 invisible**     | [V2 Docs](https://developers.google.com/recaptcha/docs/invisible) | Use `'size' => 'invisible'`       |
 
 Your options should reside in the `config/services.php` file:
 
@@ -38,6 +39,7 @@ Your options should reside in the `config/services.php` file:
             'secret_key' => env('GOOGLE_RECAPTCHA_SECRET_KEY'),
             'version' => 'v3',
             'score' => 0.5, // An integer between 0 and 1, that indicates the minimum score to pass the Captcha challenge.
+            'endpoint' => 'https://www.google.com/recaptcha/api/siteverify', // For enterprise users, fill in your URL from Google Console.
         ],
     ],
 

src/ValidatesRecaptcha.php

@@ -16,9 +16,11 @@ class ValidatesRecaptcha extends LivewireAttribute
     public function __construct(
         public ?string $secretKey = null,
         public ?float $score = null,
+        public ?string $endpoint = null,
     ) {
         $this->secretKey ??= config('services.google.recaptcha.secret_key');
         $this->score ??= config('services.google.recaptcha.score') ?? 0.5;
+        $this->endpoint ??= config('services.google.recaptcha.endpoint', 'https://www.google.com/recaptcha/api/siteverify');
     }
 
     /**
@@ -28,8 +30,10 @@ public function __construct(
      */
     public function call(array $params, Closure $returnEarly): void
     {
+        assert(is_string($this->endpoint));
+
         if (isset($this->component->gRecaptchaResponse)) {
-            $response = Http::asForm()->post('https://www.google.com/recaptcha/api/siteverify', [
+            $response = Http::asForm()->post($this->endpoint, [
                 'secret' => $this->secretKey,
                 'response' => $this->component->gRecaptchaResponse,
                 'remoteip' => request()->ip(),

src/directive.recaptcha.v3-enterprise.blade.php

@@ -0,0 +1,29 @@
+<script>
+    document.addEventListener('livewire:init', () => {
+        Livewire.directive('recaptcha', ({ el, directive, component, cleanup }) => {
+            const submitExpression = (() => {
+                for (const attr of el.attributes) {
+                    if (attr.name.startsWith('wire:submit')) {
+                        return attr.value;
+                    }
+                }
+            })();
+
+            const onSubmit = (e) => {
+                e.preventDefault();
+                e.stopImmediatePropagation();
+
+                grecaptcha.enterprise.ready(async () => {
+                    const token = await grecaptcha.enterprise.execute(@json($siteKey), { action: 'submit' });
+
+                    component.$wire.$set('gRecaptchaResponse', token).then(() => {
+                        Alpine.evaluate(el, "$wire." + submitExpression, { scope: { $event: e } });
+                    });
+                });
+            }
+
+            el.addEventListener('submit', onSubmit, { capture: true });
+        });
+    });
+</script>
+<script src="https://www.google.com/recaptcha/enterprise.js?render={{ $siteKey }}"></script>

tests/CaptchaTest.php

@@ -2,6 +2,7 @@
 
 namespace DutchCodingCompany\LivewireRecaptcha\Tests;
 
+use DutchCodingCompany\LivewireRecaptcha\Tests\Fixtures\MyCustomAttributeComponent;
 use DutchCodingCompany\LivewireRecaptcha\Tests\Fixtures\MyTestComponent;
 use Illuminate\Http\Client\Request;
 use Illuminate\Support\Facades\Http;
@@ -13,7 +14,7 @@ class CaptchaTest extends TestCase
     /**
      * @param array{0: bool, 1: array{'success': bool}} $captchaResponse
      */
-    #[DataProvider('provideCaptchaData')]
+    #[DataProvider('provideDefaultAttributeData')]
     public function testInvalidCaptchaResponse(bool $isValid, array $captchaResponse): void
     {
         Http::fake([
@@ -45,10 +46,52 @@ public function testInvalidCaptchaResponse(bool $isValid, array $captchaResponse
         );
     }
 
+    /**
+     * @param array{0: bool, 1: array{'success': bool}} $captchaResponse
+     */
+    #[DataProvider('provideCustomAttributeData')]
+    public function testCustomAttributeProperties(bool $isValid, array $captchaResponse): void
+    {
+        Http::fake([
+            'https://custom.example.com/verify' => Http::response($captchaResponse),
+        ]);
+
+        $testable = Livewire::test(MyCustomAttributeComponent::class)
+            ->set('gRecaptchaResponse', $captcha = 'mygrecaptcharesponse')
+            ->call('save');
+
+        if ($isValid) {
+            $testable->assertHasNoErrors();
+        } else {
+            $testable->assertHasErrors([
+                'gRecaptchaResponse',
+            ]);
+        }
+
+        Http::assertSent(fn (Request $request) => $request->url() === 'https://custom.example.com/verify' &&
+            $request['secret'] === 'custom-secret-key' &&
+            $request['response'] === $captcha &&
+            array_key_exists('remoteip', $request->data())
+        );
+    }
+
+    /**
+     * @return array<string, array{0: bool, 1: array{'success': bool}}>
+     */
+    public static function provideCustomAttributeData(): array
+    {
+        return [
+            'valid response' => [true, ['success' => true, 'score' => 0.9]],
+            'valid response, score at threshold' => [true, ['success' => true, 'score' => 0.7]],
+            'valid response, score below threshold' => [false, ['success' => true, 'score' => 0.5]],
+            'invalid response' => [false, ['success' => false]],
+        ];
+    }
+
     /**
      * @return array<string, array{0: bool, 1: array{'success': bool}}>
      */
-    public static function provideCaptchaData(): array
+    public static function provideDefaultAttributeData(): array
     {
         return [
             'valid response' => [true, ['success' => true, 'score' => 0.9]],

tests/Fixtures/MyCustomAttributeComponent.php

@@ -0,0 +1,32 @@
+<?php
+
+namespace DutchCodingCompany\LivewireRecaptcha\Tests\Fixtures;
+
+use DutchCodingCompany\LivewireRecaptcha\ValidatesRecaptcha;
+use Exception;
+use Livewire\Component;
+
+class MyCustomAttributeComponent extends Component
+{
+    public string $gRecaptchaResponse;
+
+    public function mount(): void
+    {
+        //
+    }
+
+    #[ValidatesRecaptcha(
+        secretKey: 'custom-secret-key',
+        score: 0.7,
+        endpoint: 'https://custom.example.com/verify',
+    )]
+    public function save(): void
+    {
+        //
+    }
+
+    public function render(): string
+    {
+        return file_get_contents(__DIR__.'/my-test-component.blade.php') ?: throw new Exception('Failed to load my-test-component.blade.php.');
+    }
+}