wikimedia/mediawiki-extensions-ConfirmEdit
1
0
Fork 0
mirror of https://gerrit.wikimedia.org/r/mediawiki/extensions/ConfirmEdit synced 2024-11-23 15:56:50 +00:00
Code Issues Packages Projects Releases Wiki Activity

hCaptcha: Extra logging for captcha solve

Browse source 
Bug: T377341
Change-Id: I53934a3a0756878e18de336fd644b54f542ee9e5
This commit is contained in:
Reedy 2024-10-25 17:40:44 +01:00
parent a1c4dccbf2
commit cd607319c2
5 changed files with 27 additions and 10 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

4
includes/FancyCaptcha/FancyCaptcha.php
View file

@ -443,12 +443,12 @@ class FancyCaptcha extends SimpleCaptcha {
* Delete a solved captcha image, if $wgCaptchaDeleteOnSolve is true. * Delete a solved captcha image, if $wgCaptchaDeleteOnSolve is true.
* @inheritDoc * @inheritDoc
*/ */
protected function passCaptcha( $index, $word ) { protected function passCaptcha( $index, $word, $user ) {
global $wgCaptchaDeleteOnSolve; global $wgCaptchaDeleteOnSolve;
// get the captcha info before it gets deleted // get the captcha info before it gets deleted
$info = $this->retrieveCaptcha( $index ); $info = $this->retrieveCaptcha( $index );
$pass = parent::passCaptcha( $index, $word ); $pass = parent::passCaptcha( $index, $word, $user );
if ( $pass && $wgCaptchaDeleteOnSolve ) { if ( $pass && $wgCaptchaDeleteOnSolve ) {
$this->getBackend()->quickDelete( [ $this->getBackend()->quickDelete( [

4
includes/ReCaptchaNoCaptcha/ReCaptchaNoCaptcha.php
View file

@ -14,6 +14,7 @@ use MediaWiki\MediaWikiServices;
use MediaWiki\Message\Message; use MediaWiki\Message\Message;
use MediaWiki\Request\WebRequest; use MediaWiki\Request\WebRequest;
use MediaWiki\Status\Status; use MediaWiki\Status\Status;
use MediaWiki\User\UserIdentity;
class ReCaptchaNoCaptcha extends SimpleCaptcha { class ReCaptchaNoCaptcha extends SimpleCaptcha {
/** /**
@ -122,9 +123,10 @@ HTML;
* *
* @param mixed $_ Not used (ReCaptcha v2 puts index and solution in a single string) * @param mixed $_ Not used (ReCaptcha v2 puts index and solution in a single string)
* @param string $word captcha solution * @param string $word captcha solution
* @param UserIdentity $user
* @return bool * @return bool
*/ */
protected function passCaptcha( $_, $word ) { protected function passCaptcha( $_, $word, $user ) {
global $wgRequest, $wgReCaptchaSecretKey, $wgReCaptchaSendRemoteIP; global $wgRequest, $wgReCaptchaSecretKey, $wgReCaptchaSendRemoteIP;
$url = 'https://www.recaptcha.net/recaptcha/api/siteverify'; $url = 'https://www.recaptcha.net/recaptcha/api/siteverify';

9
includes/SimpleCaptcha/SimpleCaptcha.php
View file

@ -1026,7 +1026,7 @@ class SimpleCaptcha {
return false; return false;
} }
if ( $this->passCaptcha( $index, $word ) ) { if ( $this->passCaptcha( $index, $word, $user ) ) {
return true; return true;
} }
@ -1044,17 +1044,18 @@ class SimpleCaptcha {
*/ */
public function passCaptchaFromRequest( WebRequest $request, User $user ) { public function passCaptchaFromRequest( WebRequest $request, User $user ) {
[ $index, $word ] = $this->getCaptchaParamsFromRequest( $request ); [ $index, $word ] = $this->getCaptchaParamsFromRequest( $request );
return $this->passCaptcha( $index, $word ); return $this->passCaptcha( $index, $word, $user );
} }
/** /**
* Given a required captcha run, test form input for correct * Given a required captcha run, test form input for correct
* input on the open session. * input on the open session.
* @param string $index Captcha idenitifier * @param string $index Captcha identifier
* @param string $word Captcha solution * @param string $word Captcha solution
* @param User $user
* @return bool if passed, false if failed or new session * @return bool if passed, false if failed or new session
*/ */
protected function passCaptcha( $index, $word ) { protected function passCaptcha( $index, $word, $user ) {
// Don't check the same CAPTCHA twice in one session, // Don't check the same CAPTCHA twice in one session,
// if the CAPTCHA was already checked - Bug T94276 // if the CAPTCHA was already checked - Bug T94276
if ( $this->isCaptchaSolved() !== null ) { if ( $this->isCaptchaSolved() !== null ) {

4
includes/Turnstile/Turnstile.php
View file

@ -14,6 +14,7 @@ use MediaWiki\MediaWikiServices;
use MediaWiki\Message\Message; use MediaWiki\Message\Message;
use MediaWiki\Request\WebRequest; use MediaWiki\Request\WebRequest;
use MediaWiki\Status\Status; use MediaWiki\Status\Status;
use MediaWiki\User\UserIdentity;
class Turnstile extends SimpleCaptcha { class Turnstile extends SimpleCaptcha {
/** /**
@ -98,9 +99,10 @@ class Turnstile extends SimpleCaptcha {
* *
* @param mixed $_ Not used * @param mixed $_ Not used
* @param string $word captcha solution * @param string $word captcha solution
* @param UserIdentity $user
* @return bool * @return bool
*/ */
protected function passCaptcha( $_, $word ) { protected function passCaptcha( $_, $word, $user ) {
global $wgRequest, $wgTurnstileSecretKey, $wgTurnstileSendRemoteIP; global $wgRequest, $wgTurnstileSecretKey, $wgTurnstileSendRemoteIP;
$url = 'https://challenges.cloudflare.com/turnstile/v0/siteverify'; $url = 'https://challenges.cloudflare.com/turnstile/v0/siteverify';

16
includes/hCaptcha/HCaptcha.php
View file

@ -12,11 +12,13 @@ use MediaWiki\Extension\ConfirmEdit\SimpleCaptcha\SimpleCaptcha;
use MediaWiki\Html\Html; use MediaWiki\Html\Html;
use MediaWiki\Json\FormatJson; use MediaWiki\Json\FormatJson;
use MediaWiki\Language\RawMessage; use MediaWiki\Language\RawMessage;
use MediaWiki\Logger\LoggerFactory;
use MediaWiki\MediaWikiServices; use MediaWiki\MediaWikiServices;
use MediaWiki\Message\Message; use MediaWiki\Message\Message;
use MediaWiki\Request\ContentSecurityPolicy; use MediaWiki\Request\ContentSecurityPolicy;
use MediaWiki\Request\WebRequest; use MediaWiki\Request\WebRequest;
use MediaWiki\Status\Status; use MediaWiki\Status\Status;
use MediaWiki\User\UserIdentity;
class HCaptcha extends SimpleCaptcha { class HCaptcha extends SimpleCaptcha {
/** /**
@ -119,9 +121,10 @@ class HCaptcha extends SimpleCaptcha {
* *
* @param mixed $_ Not used * @param mixed $_ Not used
* @param string $token token from the POST data * @param string $token token from the POST data
* @param UserIdentity $user
* @return bool * @return bool
*/ */
protected function passCaptcha( $_, $token ) { protected function passCaptcha( $_, $token, $user ) {
$webRequest = RequestContext::getMain()->getRequest(); $webRequest = RequestContext::getMain()->getRequest();
$secretKey = $this->hCaptchaConfig->get( 'HCaptchaSecretKey' ); $secretKey = $this->hCaptchaConfig->get( 'HCaptchaSecretKey' );
@ -155,7 +158,8 @@ class HCaptcha extends SimpleCaptcha {
$this->logCheckError( $status ); $this->logCheckError( $status );
return false; return false;
} }
$response = FormatJson::decode( $request->getContent(), true ); $json = $request->getContent();
$response = FormatJson::decode( $json, true );
if ( !$response ) { if ( !$response ) {
$this->error = 'json'; $this->error = 'json';
$this->logCheckError( $this->error ); $this->logCheckError( $this->error );
@ -167,6 +171,14 @@ class HCaptcha extends SimpleCaptcha {
return false; return false;
} }
LoggerFactory::getInstance( 'captcha' )
->debug( 'Captcha solution attempt for {user}', [
'event' => 'captcha.solve',
'user' => $user->getName(),
'success' => $response['success'],
'blob' => $json,
] );
return $response['success']; return $response['success'];
} }