From 84d480700c59e4110e768b9847db6c8ff8ff016d Mon Sep 17 00:00:00 2001
From: Benjamin Pollack <benjamin@bitquabit.com>
Date: Tue, 14 Aug 2018 20:07:04 -0400
Subject: [PATCH] furance.recaptcha: update to reCAPTCHA2

---
 basis/furnace/recaptcha/example/authors.txt   |  1 +
 .../furnace/recaptcha/example/example.factor  |  4 +-
 basis/furnace/recaptcha/example/example.xml   |  2 +-
 basis/furnace/recaptcha/recaptcha-docs.factor |  2 +-
 .../furnace/recaptcha/recaptcha-tests.factor  |  9 +--
 basis/furnace/recaptcha/recaptcha.factor      | 55 ++++++-------------
 6 files changed, 25 insertions(+), 48 deletions(-)

diff --git a/basis/furnace/recaptcha/example/authors.txt b/basis/furnace/recaptcha/example/authors.txt
index 7c1b2f2279..28fd95c75e 100644
--- a/basis/furnace/recaptcha/example/authors.txt
+++ b/basis/furnace/recaptcha/example/authors.txt
@@ -1 +1,2 @@
 Doug Coleman
+Benjamin Pollack
diff --git a/basis/furnace/recaptcha/example/example.factor b/basis/furnace/recaptcha/example/example.factor
index 6c2acc541e..41ade9e96a 100644
--- a/basis/furnace/recaptcha/example/example.factor
+++ b/basis/furnace/recaptcha/example/example.factor
@@ -20,8 +20,8 @@ TUPLE: recaptcha-app < dispatcher recaptcha ;
 : <test-recaptcha> ( responder -- recaptcha )
     <recaptcha>
         "concatenative.org" >>domain
-        "6LeJWQgAAAAAAFlYV7SuBClE9uSpGtV_ZS-qVON7" >>public-key
-        "6LeJWQgAAAAAALh-XJgSSQ6xKygRgJ8-029Ip2Xv" >>private-key ;
+        "6LeJWQgAAAAAAFlYV7SuBClE9uSpGtV_ZS-qVON7" >>site-key
+        "6LeJWQgAAAAAALh-XJgSSQ6xKygRgJ8-029Ip2Xv" >>secret-key ;
 
 : <recaptcha-app> ( -- obj )
     \ recaptcha-app new-dispatcher
diff --git a/basis/furnace/recaptcha/example/example.xml b/basis/furnace/recaptcha/example/example.xml
index 38ac6019e5..4a8ce13eba 100644
--- a/basis/furnace/recaptcha/example/example.xml
+++ b/basis/furnace/recaptcha/example/example.xml
@@ -1,5 +1,5 @@
 <?xml version='1.0' ?>
 <!DOCTYPE html>
 <t:chloe xmlns:t="http://factorcode.org/chloe/1.0">
-<html><body><t:form t:action=""><t:recaptcha/></t:form></body></html>
+<html><body><t:form t:action=""><t:recaptcha/><input type="SUBMIT" value="Done" /></t:form></body></html>
 </t:chloe>
diff --git a/basis/furnace/recaptcha/recaptcha-docs.factor b/basis/furnace/recaptcha/recaptcha-docs.factor
index 3d23979962..2a4be14e1f 100644
--- a/basis/furnace/recaptcha/recaptcha-docs.factor
+++ b/basis/furnace/recaptcha/recaptcha-docs.factor
@@ -36,7 +36,7 @@ $nl
 ARTICLE: "furnace.recaptcha" "Recaptcha support for Furnace"
 "The " { $vocab-link "furnace.recaptcha" } " vocabulary implements support for the recaptcha. Recaptcha is a web service that provides the user with a captcha, a test that is easy to solve by visual inspection, but hard to solve by writing a computer program. Use a captcha to protect forms from abusive users." $nl
 
-"The recaptcha responder is a " { $link filter-responder } " that wraps another responder. Set the " { $slot "domain" } ", " { $slot "public-key" } ", and " { $slot "private-key" } " slots of this responder to your recaptcha account information." $nl
+"The recaptcha responder is a " { $link filter-responder } " that wraps another responder. Set the " { $slot "domain" } ", " { $slot "site-key" } ", and " { $slot "secret-key" } " slots of this responder to your recaptcha account information." $nl
 
 "Wrapping a responder with recaptcha support:"
 { $subsections <recaptcha> }
diff --git a/basis/furnace/recaptcha/recaptcha-tests.factor b/basis/furnace/recaptcha/recaptcha-tests.factor
index 7f18184eef..ff0f4217b5 100644
--- a/basis/furnace/recaptcha/recaptcha-tests.factor
+++ b/basis/furnace/recaptcha/recaptcha-tests.factor
@@ -1,10 +1,5 @@
 USING: furnace.recaptcha.private tools.test urls ;
 IN: furnace.recaptcha.tests
 
-{
-    URL" http://www.google.com/recaptcha/api/challenge"
-    URL" https://www.google.com/recaptcha/api/challenge"
-} [
-    f recaptcha-url
-    t recaptcha-url
-] unit-test
+{ t f } [ "{\"success\": true, \"challenge_ts\": \"2018-09-14T21:12:17Z\", \"hostname\": \"localhost\"}" parse-recaptcha-response ] unit-test
+{ f { "invalid-input-secret" } } [ "{\"success\": false, \"error-codes\": [\"invalid-input-secret\"]}" parse-recaptcha-response ] unit-test
diff --git a/basis/furnace/recaptcha/recaptcha.factor b/basis/furnace/recaptcha/recaptcha.factor
index fff1f61610..95a2caccf1 100644
--- a/basis/furnace/recaptcha/recaptcha.factor
+++ b/basis/furnace/recaptcha/recaptcha.factor
@@ -1,13 +1,13 @@
 ! Copyright (C) 2009 Doug Coleman.
 ! See http://factorcode.org/license.txt for BSD license.
-USING: accessors furnace.actions furnace.redirection html.forms
-html.templates.chloe.compiler html.templates.chloe.syntax
-http.client http.server http.server.filters io.sockets kernel
-locals namespaces sequences splitting urls validators
-xml.syntax furnace.conversations ;
+USING: accessors assocs furnace.actions furnace.conversations
+furnace.redirection html.forms html.templates.chloe.compiler
+html.templates.chloe.syntax http.client http.server
+http.server.filters io.sockets json.reader kernel locals
+namespaces sequences splitting urls validators xml.syntax ;
 IN: furnace.recaptcha
 
-TUPLE: recaptcha < filter-responder domain public-key private-key ;
+TUPLE: recaptcha < filter-responder domain secret-key site-key ;
 
 SYMBOL: recaptcha-error
 
@@ -21,61 +21,42 @@ M: recaptcha call-responder*
 
 <PRIVATE
 
-: (render-recaptcha) ( url -- xml )
-    dup
-    [XML
+: render-recaptcha ( recaptcha -- xml )
+    site-key>> [XML
         <script type="text/javascript"
-           src=<->>
+           src="https://www.google.com/recaptcha/api.js" async="async" defer="defer">
         </script>
 
-        <noscript>
-           <iframe src=<->
-               height="300" width="500" frameborder="0"></iframe><br/>
-           <textarea name="recaptcha_challenge_field" rows="3" cols="40">
-           </textarea>
-           <input type="hidden" name="recaptcha_response_field"
-               value="manual_challenge"/>
-        </noscript>
+        <div class="g-recaptcha" data-sitekey=<->></div>
     XML] ;
 
-: recaptcha-url ( secure? -- ? )
-    "https" "http" ? "://www.google.com/recaptcha/api/challenge" append
-    recaptcha-error cget [ "?error=" glue ] when* >url ;
-
-: render-recaptcha ( -- xml )
-    secure-connection? recaptcha-url
-    recaptcha get public-key>> "k" set-query-param (render-recaptcha) ;
-
 : parse-recaptcha-response ( string -- valid? error )
-    "\n" split first2 [ "true" = ] dip ;
+    json> [ "success" of ] [ "error-codes" of ] bi ;
 
-:: (validate-recaptcha) ( challenge response recaptcha -- valid? error )
-    recaptcha private-key>> :> private-key
+:: (validate-recaptcha) ( response recaptcha -- valid? error )
+    recaptcha secret-key>> :> secret-key
     remote-address get host>> :> remote-ip
     H{
-        { "challenge" challenge }
         { "response" response }
-        { "privatekey" private-key }
+        { "secret" secret-key }
         { "remoteip" remote-ip }
-    } URL" http://api-verify.recaptcha.net/verify"
+    } URL" https://www.google.com/recaptcha/api/siteverify"
     http-post nip parse-recaptcha-response ;
 
 : validate-recaptcha-params ( -- )
     {
-        { "recaptcha_challenge_field" [ v-required ] }
-        { "recaptcha_response_field" [ v-required ] }
+        { "g-recaptcha-response" [ v-required ] }
     } validate-params ;
 
 PRIVATE>
 
-CHLOE: recaptcha drop [ render-recaptcha ] [xml-code] ;
+CHLOE: recaptcha drop [ recaptcha get render-recaptcha ] [xml-code] ;
 
 : validate-recaptcha ( -- )
     begin-conversation
     validate-recaptcha-params
 
-    "recaptcha_challenge_field" value
-    "recaptcha_response_field" value
+    "g-recaptcha-response" value
     recaptcha get
     (validate-recaptcha)
     recaptcha-error cset
-- 
2.34.1