Implement support for Google reCAPTCHA 2.0 ("No captcha")

This change adds a new Captcha type (ReCaptchaNoCaptcha) that uses
Google reCAPTCHA 2.0.

See more:
- https://www.google.com/recaptcha/intro/
- https://developers.google.com/recaptcha/docs/display
- https://developers.google.com/recaptcha/docs/faq
- http://googleonlinesecurity.blogspot.com/2014/12/are-you-robot-introducing-no-captcha.html

Bug: T84918
Change-Id: I5908fd2716786237adb01a403d5bd1e22d95c563

FancyCaptcha/FancyCaptcha.class.php

@@ -88,19 +88,20 @@ class FancyCaptcha extends SimpleCaptcha {
 
 	/**
 	 * Insert the captcha prompt into the edit form.
+	 * @param OutputPage $out
 	 */
-	function getForm() {
+	function getForm( OutputPage $out ) {
 		global $wgOut, $wgEnableAPI;
 
 		// Uses addModuleStyles so it is loaded when JS is disabled.
-		$wgOut->addModuleStyles( 'ext.confirmEdit.fancyCaptcha.styles' );
+		$out->addModuleStyles( 'ext.confirmEdit.fancyCaptcha.styles' );
 
 		$title = SpecialPage::getTitleFor( 'Captcha', 'image' );
 		$index = $this->getCaptchaIndex();
 
 		if ( $wgEnableAPI ) {
 			// Loaded only if JS is enabled
-			$wgOut->addModules( 'ext.confirmEdit.fancyCaptcha' );
+			$out->addModules( 'ext.confirmEdit.fancyCaptcha' );
 
 			$captchaReload = Html::element(
 				'small',

MathCaptcha/MathCaptcha.class.php

@@ -16,8 +16,11 @@ class MathCaptcha extends SimpleCaptcha {
 		$resultArr['captcha']['question'] = $sum;
 	}
 
-	/** Produce a nice little form */
-	function getForm() {
+	/**
+	 * Produce a nice little form
+	 * @param OutputPage $out
+	 */
+	function getForm( OutputPage $out ) {
 		list( $sum, $answer ) = $this->pickSum();
 		$index = $this->storeCaptcha( array( 'answer' => $answer ) );
 

QuestyCaptcha/QuestyCaptcha.class.php

@@ -41,7 +41,7 @@ class QuestyCaptcha extends SimpleCaptcha {
 		return array( 'question' => $question, 'answer' => $answer );
 	}
 
-	function getForm() {
+	function getForm( OutputPage $out ) {
 		$captcha = $this->getCaptcha();
 		if ( !$captcha ) {
 			die( "No questions found; set some in LocalSettings.php using the format from QuestyCaptcha.php." );

ReCaptcha/ReCaptcha.class.php

@@ -7,9 +7,9 @@ class ReCaptcha extends SimpleCaptcha {
 	/**
 	 * Displays the reCAPTCHA widget.
 	 * If $this->recaptcha_error is set, it will display an error in the widget.
-	 *
+	 * @param OutputPage $out
 	 */
-	function getForm() {
+	function getForm( OutputPage $out ) {
 		global $wgReCaptchaPublicKey, $wgReCaptchaTheme;
 
 		$useHttps = ( isset( $_SERVER['HTTPS'] ) && $_SERVER['HTTPS'] == 'on' );

ReCaptchaNoCaptcha.php

@@ -0,0 +1,2 @@
+<?php
+require_once __DIR__ . "/ReCaptchaNoCaptcha/ReCaptchaNoCaptcha.php";

ReCaptchaNoCaptcha/ReCaptchaNoCaptcha.class.php

@@ -0,0 +1,148 @@
+<?php
+class ReCaptchaNoCaptcha extends SimpleCaptcha {
+	private $error = null;
+	/**
+	 * Get the captcha form.
+	 * @return string
+	 */
+	function getForm( OutputPage $out ) {
+		global $wgReCaptchaSiteKey;
+
+		// Insert reCAPTCHA script.
+		// See https://developers.google.com/recaptcha/docs/faq
+		$out->addHeadItem(
+			'g-recaptchascript',
+			'<script src="https://www.google.com/recaptcha/api.js" async defer></script>'
+		);
+		$output = Html::element( 'div', array(
+			'class' => array(
+				'g-recaptcha',
+				'mw-confirmedit-captcha-fail' => !!$this->error,
+			),
+			'data-sitekey' => $wgReCaptchaSiteKey
+		) );
+		$htmlUrlencoded = htmlspecialchars( urlencode( $wgReCaptchaSiteKey ) );
+		$output .= <<<HTML
+<noscript>
+  <div style="width: 302px; height: 422px;">
+    <div style="width: 302px; height: 422px; position: relative;">
+      <div style="width: 302px; height: 422px; position: absolute;">
+        <iframe src="https://www.google.com/recaptcha/api/fallback?k={$htmlUrlencoded}"
+                frameborder="0" scrolling="no"
+                style="width: 302px; height:422px; border-style: none;">
+        </iframe>
+      </div>
+      <div style="width: 300px; height: 60px; border-style: none;
+                  bottom: 12px; left: 25px; margin: 0px; padding: 0px; right: 25px;
+                  background: #f9f9f9; border: 1px solid #c1c1c1; border-radius: 3px;">
+        <textarea id="g-recaptcha-response" name="g-recaptcha-response"
+                  class="g-recaptcha-response"
+                  style="width: 250px; height: 40px; border: 1px solid #c1c1c1;
+                         margin: 10px 25px; padding: 0px; resize: none;" >
+        </textarea>
+      </div>
+    </div>
+  </div>
+</noscript>
+HTML;
+		return $output;
+	}
+
+	protected function logCheckError( $info ) {
+		if ( $info instanceof Status ) {
+			$errors = $status->getErrorsArray();
+			$error = $errors[0][0];
+		} elseif ( is_array( $info ) ) {
+			$error = implode( ',', $info );
+		} else {
+			$error = $info;
+		}
+		wfDebugLog( 'captcha', 'Unable to validate response: ' . $error );
+	}
+
+	/**
+	 * Check, if the user solved the captcha.
+	 *
+	 * Based on reference implementation:
+	 * https://github.com/google/recaptcha#php
+	 *
+	 * @return boolean
+	 */
+	function passCaptcha() {
+		global $wgRequest, $wgReCaptchaSecretKey, $wgReCaptchaSendRemoteIP;
+
+		$url = 'https://www.google.com/recaptcha/api/siteverify';
+		// Build data to append to request
+		$data = array(
+			'secret' => $wgReCaptchaSecretKey,
+			'response' => $wgRequest->getVal( 'g-recaptcha-response' ),
+		);
+		if ( $wgReCaptchaSendRemoteIP ) {
+			$data['remoteip'] = $wgRequest->getIP();
+		}
+		$url = wfAppendQuery( $url, $data );
+		$request = MWHttpRequest::factory( $url, array( 'method' => 'GET' ) );
+		$status = $request->execute();
+		if ( !$status->isOK() ) {
+			$this->error = 'http';
+			$this->logStatusError( $status );
+			return false;
+		}
+		$response = FormatJson::decode( $request->getContent(), true );
+		if ( !$response ) {
+			$this->error = 'json';
+			$this->logStatusError( $this->error );
+			return false;
+		}
+		if ( isset( $response['error-codes'] ) ) {
+			$this->error = 'recaptcha-api';
+			$this->logCheckError( $response['error-codes'] );
+			return false;
+		}
+
+		return $response['success'];
+	}
+
+	function addCaptchaAPI( &$resultArr ) {
+		global $wgReCaptchaSiteKey;
+
+		$resultArr['captcha']['type'] = 'recaptchanocaptcha';
+		$resultArr['captcha']['mime'] = 'image/png';
+		$resultArr['captcha']['key'] = $wgReCaptchaSiteKey;
+		$resultArr['captcha']['error'] = $this->error;
+	}
+
+	/**
+	 * Show a message asking the user to enter a captcha on edit
+	 * The result will be treated as wiki text
+	 *
+	 * @param $action string Action being performed
+	 * @return string Wikitext
+	 */
+	function getMessage( $action ) {
+		$name = 'renocaptcha-' . $action;
+		$msg = wfMessage( $name );
+
+		$text = $msg->isDisabled() ? wfMessage( 'renocaptcha-edit' )->text() : $msg->text();
+		if ( $this->error ) {
+			$text = '<div class="error">' . $text . '</div>';
+		}
+		return $text;
+	}
+
+	public function APIGetAllowedParams( &$module, &$params, $flags ) {
+		if ( $flags && $this->isAPICaptchaModule( $module ) ) {
+			$params['g-recaptcha-response'] = null;
+		}
+
+		return true;
+	}
+
+	public function APIGetParamDescription( &$module, &$desc ) {
+		if ( $this->isAPICaptchaModule( $module ) ) {
+			$desc['g-recaptcha-response'] = 'Field from the ReCaptcha widget';
+		}
+
+		return true;
+	}
+}

ReCaptchaNoCaptcha/ReCaptchaNoCaptcha.php

@@ -0,0 +1,13 @@
+<?php
+if ( function_exists( 'wfLoadExtension' ) ) {
+	wfLoadExtension( 'ConfirmEdit/ReCaptchaNoCaptcha' );
+	// Keep i18n globals so mergeMessageFileList.php doesn't break
+	$wgMessagesDirs['ReCaptchaNoCaptcha'] = __DIR__ . '/i18n';
+	/* wfWarn(
+		'Deprecated PHP entry point used for ReCaptchaNoCaptcha extension. Please use wfLoadExtension instead, ' .
+		'see https://www.mediawiki.org/wiki/Extension_registration for more details.'
+	); */
+	return;
+} else {
+	die( 'This version of the ReCaptchaNoCaptcha extension requires MediaWiki 1.25+' );
+}

ReCaptchaNoCaptcha/extension.json

@@ -0,0 +1,17 @@
+{
+	"name": "ReCaptchaNoCaptcha",
+	"MessagesDirs": {
+		"ReCaptchaNoCaptcha": [
+			"i18n"
+		]
+	},
+	"AutoloadClasses": {
+		"ReCaptchaNoCaptcha": "ReCaptchaNoCaptcha.class.php"
+	},
+	"config": {
+		"CaptchaClass": "ReCaptchaNoCaptcha",
+		"ReCaptchaSiteKey": "",
+		"ReCaptchaSecretKey": "",
+		"ReCaptchaSendRemoteIP": false
+	}
+}

ReCaptchaNoCaptcha/i18n/en.json

@@ -0,0 +1,12 @@
+{
+    "@metadata": {
+        "authors": []
+    },
+    "renocaptcha-edit": "To protect the wiki against automated edit spam, we kindly ask you to solve the following CAPTCHA:",
+    "renocaptcha-addurl": "Your edit includes new external links. To protect the wiki against automated spam, we kindly ask you to solve the following CAPTCHA:",
+    "renocaptcha-badlogin": "To protect the wiki against automated password cracking, we kindly ask you to solve the following CAPTCHA:",
+    "renocaptcha-createaccount": "To protect the wiki against automated account creation, we kindly ask you to solve the following CAPTCHA:",
+    "renocaptcha-createaccount-fail": "It seems you haven't solved the CAPTCHA.",
+    "renocaptcha-create": "To protect the wiki against automated page creation, we kindly ask you to solve the following CAPTCHA:",
+    "renocaptcha-noscript": "Unhappily you have disabled JavaScript, so we can't recognize automatically, if you're a human or not. Please solve the CAPTCHA above and copy the resulting text into the following textarea:"
+}

ReCaptchaNoCaptcha/i18n/qqq.json

@@ -0,0 +1,11 @@
+{
+    "@metadata": {
+        "authors": []
+    },
+    "renoCAPTCHA-edit": "Message above the CAPTCHA for edit action.",
+    "renoCAPTCHA-addurl": "Message above the CAPTCHA for addurl (user added new external links to the page) action.",
+    "renoCAPTCHA-badlogin": "Message above the CAPTCHA for badlogin action.",
+    "renoCAPTCHA-createaccount": "Message above the CAPTCHA for createaccount (user creates a new account) action.",
+    "renoCAPTCHA-createaccount-fail": "Error message, when the CAPTCHA isn't solved correctly.",
+    "renoCAPTCHA-create": "Message above the CAPTCHA for create (user creates a new page) action."
+}

SimpleCaptcha/Captcha.php

@@ -37,7 +37,7 @@ class SimpleCaptcha {
 	 *
 	 * @return string HTML
 	 */
-	function getForm() {
+	function getForm( OutputPage $out ) {
 		$captcha = $this->getCaptcha();
 		$index = $this->storeCaptcha( $captcha );
 
@@ -87,7 +87,7 @@ class SimpleCaptcha {
 			$this->shouldCheck( $page, '', '', false )
 		) {
 			$out->addWikiText( $this->getMessage( $this->action ) );
-			$out->addHTML( $this->getForm() );
+			$out->addHTML( $this->getForm( $out ) );
 		}
 		unset( $page->ConfirmEdit_ActivateCaptcha );
 	}
@@ -124,7 +124,7 @@ class SimpleCaptcha {
 			$form->addFooterText(
 				"<div class='captcha'>" .
 				$wgOut->parse( $this->getMessage( 'sendemail' ) ) .
-				$this->getForm() .
+				$this->getForm( $wgOut ) .
 				"</div>\n" );
 		}
 		return true;
@@ -146,7 +146,7 @@ class SimpleCaptcha {
 			}
 			$captcha = "<div class='captcha'>" .
 				$wgOut->parse( $this->getMessage( 'createaccount' ) ) .
-				$this->getForm() .
+				$this->getForm( $wgOut ) .
 				"</div>\n";
 			// for older MediaWiki versions
 			if ( is_callable( array( $template, 'extend' ) ) ) {
@@ -172,7 +172,7 @@ class SimpleCaptcha {
 			$this->action = 'badlogin';
 			$captcha = "<div class='captcha'>" .
 				$wgOut->parse( $this->getMessage( 'badlogin' ) ) .
-				$this->getForm() .
+				$this->getForm( $wgOut ) .
 				"</div>\n";
 			// for older MediaWiki versions
 			if ( is_callable( array( $template, 'extend' ) ) ) {