From cf6f25273ab253e2501dc1ddb0cab252a156db79 Mon Sep 17 00:00:00 2001 From: Udara Pathum <46132469+hwupathum@users.noreply.github.com> Date: Mon, 27 May 2024 13:39:11 +0530 Subject: [PATCH] Refactor --- .../recovery/endpoint/Utils/RecoveryUtil.java | 3 ++ .../endpoint/impl/CaptchaApiServiceImpl.java | 46 +++++++++++++------ .../identity/captcha/util/CaptchaUtil.java | 2 +- pom.xml | 4 +- 4 files changed, 37 insertions(+), 18 deletions(-) diff --git a/components/org.wso2.carbon.identity.api.user.recovery/src/main/java/org/wso2/carbon/identity/recovery/endpoint/Utils/RecoveryUtil.java b/components/org.wso2.carbon.identity.api.user.recovery/src/main/java/org/wso2/carbon/identity/recovery/endpoint/Utils/RecoveryUtil.java index 9aef837e70..e2db0c6caa 100644 --- a/components/org.wso2.carbon.identity.api.user.recovery/src/main/java/org/wso2/carbon/identity/recovery/endpoint/Utils/RecoveryUtil.java +++ b/components/org.wso2.carbon.identity.api.user.recovery/src/main/java/org/wso2/carbon/identity/recovery/endpoint/Utils/RecoveryUtil.java @@ -403,7 +403,10 @@ private static Properties validateCaptchaConfigs(Properties properties) { * @param reCaptchaResponse ReCaptcha response token * @param properties ReCaptcha properties * @return httpResponse + * + * @deprecated Please create a new method with apache httpclient 5.x version */ + @Deprecated public static HttpResponse makeCaptchaVerificationHttpRequest(ReCaptchaResponseTokenDTO reCaptchaResponse, Properties properties) { diff --git a/components/org.wso2.carbon.identity.api.user.recovery/src/main/java/org/wso2/carbon/identity/recovery/endpoint/impl/CaptchaApiServiceImpl.java b/components/org.wso2.carbon.identity.api.user.recovery/src/main/java/org/wso2/carbon/identity/recovery/endpoint/impl/CaptchaApiServiceImpl.java index fd96ce7afa..3d8413379a 100644 --- a/components/org.wso2.carbon.identity.api.user.recovery/src/main/java/org/wso2/carbon/identity/recovery/endpoint/impl/CaptchaApiServiceImpl.java +++ b/components/org.wso2.carbon.identity.api.user.recovery/src/main/java/org/wso2/carbon/identity/recovery/endpoint/impl/CaptchaApiServiceImpl.java @@ -18,12 +18,14 @@ package org.wso2.carbon.identity.recovery.endpoint.impl; import com.google.gson.JsonObject; -import com.google.gson.JsonParser; -import org.apache.commons.io.IOUtils; import org.apache.commons.logging.Log; import org.apache.commons.logging.LogFactory; -import org.apache.http.HttpEntity; -import org.apache.http.HttpResponse; +import org.apache.hc.client5.http.classic.methods.HttpPost; +import org.wso2.carbon.http.client.HttpClientConstants; +import org.wso2.carbon.http.client.exception.HttpClientException; +import org.wso2.carbon.http.client.handler.JsonResponseHandler; +import org.wso2.carbon.http.client.request.HttpPostRequest; +import org.wso2.carbon.identity.captcha.internal.CaptchaDataHolder; import org.wso2.carbon.identity.captcha.util.CaptchaConstants; import org.wso2.carbon.identity.recovery.endpoint.CaptchaApiService; import org.wso2.carbon.identity.recovery.endpoint.Constants; @@ -33,7 +35,8 @@ import org.wso2.carbon.identity.recovery.endpoint.dto.ReCaptchaVerificationResponseDTO; import java.io.IOException; -import java.io.InputStream; +import java.util.HashMap; +import java.util.Map; import java.util.Properties; import javax.ws.rs.core.Response; @@ -85,17 +88,12 @@ public Response verifyCaptcha(ReCaptchaResponseTokenDTO reCaptchaResponse, Strin RecoveryUtil.handleBadRequest("ReCaptcha is disabled", Constants.INVALID); } - HttpResponse response = RecoveryUtil.makeCaptchaVerificationHttpRequest(reCaptchaResponse, properties); - HttpEntity entity = response.getEntity(); + HttpPost httpPost = makeCaptchaVerificationHttpRequest(reCaptchaResponse, properties); ReCaptchaVerificationResponseDTO reCaptchaVerificationResponseDTO = new ReCaptchaVerificationResponseDTO(); - if (entity == null) { - RecoveryUtil.handleBadRequest("ReCaptcha verification response is not received.", - Constants.STATUS_INTERNAL_SERVER_ERROR_MESSAGE_DEFAULT); - } - try (InputStream in = entity.getContent()) { - JsonObject verificationResponse = new JsonParser().parse(IOUtils.toString(in)).getAsJsonObject(); - + try { + JsonObject verificationResponse = CaptchaDataHolder.getInstance().getHttpClientService() + .getClosableHttpClient(CaptchaApiServiceImpl.class.getName()).execute(httpPost, new JsonResponseHandler()); if (CaptchaConstants.RE_CAPTCHA_TYPE_ENTERPRISE.equals(reCaptchaType)) { // For Recaptcha Enterprise. JsonObject tokenProperties = verificationResponse.get(CaptchaConstants.CAPTCHA_TOKEN_PROPERTIES) @@ -107,12 +105,30 @@ public Response verifyCaptcha(ReCaptchaResponseTokenDTO reCaptchaResponse, Strin reCaptchaVerificationResponseDTO.setSuccess(verificationResponse.get( CaptchaConstants.CAPTCHA_SUCCESS).getAsBoolean()); } - } catch (IOException e) { + } catch (HttpClientException e) { + if (HttpClientConstants.Error.RESPONSE_ENTITY_EMPTY.getCode().equals(e.getErrorCode())) { + RecoveryUtil.handleBadRequest("ReCaptcha verification response is not received.", + Constants.STATUS_INTERNAL_SERVER_ERROR_MESSAGE_DEFAULT); + } log.error("Unable to read the verification response.", e); RecoveryUtil.handleBadRequest("Unable to read the verification response.", Constants.STATUS_INTERNAL_SERVER_ERROR_MESSAGE_DEFAULT); + } catch (IOException e) { + RecoveryUtil.handleBadRequest(String.format("Unable to get the verification response : %s", e.getMessage()), + Constants.STATUS_INTERNAL_SERVER_ERROR_MESSAGE_DEFAULT); } return Response.ok(reCaptchaVerificationResponseDTO).build(); } + + private HttpPost makeCaptchaVerificationHttpRequest(ReCaptchaResponseTokenDTO reCaptchaResponse, + Properties properties) { + + String reCaptchaSecretKey = properties.getProperty(CaptchaConstants.RE_CAPTCHA_SECRET_KEY); + String reCaptchaVerifyUrl = properties.getProperty(CaptchaConstants.RE_CAPTCHA_VERIFY_URL); + Map params = new HashMap<>(); + params.put("secret", reCaptchaSecretKey); + params.put("response", reCaptchaResponse.getToken()); + return HttpPostRequest.createUrlEncodedRequest(reCaptchaVerifyUrl, params); + } } diff --git a/components/org.wso2.carbon.identity.captcha/src/main/java/org/wso2/carbon/identity/captcha/util/CaptchaUtil.java b/components/org.wso2.carbon.identity.captcha/src/main/java/org/wso2/carbon/identity/captcha/util/CaptchaUtil.java index 23ed756ac9..c593560bfd 100644 --- a/components/org.wso2.carbon.identity.captcha/src/main/java/org/wso2/carbon/identity/captcha/util/CaptchaUtil.java +++ b/components/org.wso2.carbon.identity.captcha/src/main/java/org/wso2/carbon/identity/captcha/util/CaptchaUtil.java @@ -290,7 +290,7 @@ public static boolean isValidCaptcha(String reCaptchaResponse) throws CaptchaExc if (HttpClientConstants.Error.RESPONSE_ENTITY_EMPTY.getCode().equals(e.getErrorCode())) { throw new CaptchaServerException("reCaptcha verification response is not received."); } - throw new CaptchaServerException("Unable to read the verification response.", e.getCause()); + throw new CaptchaServerException("Unable to read the verification response.", e); } catch (IOException e) { throw new CaptchaServerException("Unable to get the verification response.", e); } diff --git a/pom.xml b/pom.xml index 5882dea97b..5dbc35eeee 100644 --- a/pom.xml +++ b/pom.xml @@ -705,8 +705,8 @@ 5.3.27 - 4.10.12-SNAPSHOT - 4.10.12-SNAPSHOT + 4.10.17-SNAPSHOT + 4.10.17-SNAPSHOT [4.5.0, 5.0.0) [1.0.1, 2.0.0) [1.0.1, 2.0.0)