botprotection

package
v0.0.0-...-09efcc3 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Dec 23, 2024 License: Apache-2.0 Imports: 17 Imported by: 0

Documentation

Index

Constants

View Source 
const (
	CloudflareTurnstileVerifyEndpoint string = "https://challenges.cloudflare.com/turnstile/v0/siteverify"
)

https://developers.cloudflare.com/turnstile/get-started/server-side-validation/

View Source 
const (
	RecaptchaV2VerifyEndpoint string = "https://www.google.com/recaptcha/api/siteverify"
)

Variables

View Source 
var CloudFlareTurnstileServiceUnavailableErrorCodes = [...]CloudflareTurnstileErrorCode{
	CloudflareTurnstileErrorCodeInternalError,
}
View Source 
var DependencySet = wire.NewSet(
	wire.Struct(new(Provider), "*"),
	NewProviderLogger,
	NewCloudflareClient,
	NewRecaptchaV2Client,
)
View Source 
var ErrVerificationFailed = apierrors.Forbidden.WithReason("BotProtectionVerificationFailed").New("bot protection verification failed")
View Source 
var ErrVerificationServiceUnavailable = apierrors.ServiceUnavailable.WithReason("BotProtectionVerificationServiceUnavailable").New("bot protection service unavailable")

Functions

This section is empty.

Types

type CloudflareClient 

type CloudflareClient struct {
	HTTPClient     *http.Client
	Credentials    *config.BotProtectionProviderCredentials
	VerifyEndpoint string
}

func NewCloudflareClient 

func NewCloudflareClient(c *config.BotProtectionProviderCredentials, e *config.EnvironmentConfig) *CloudflareClient

func (*CloudflareClient) Verify 

func (c *CloudflareClient) Verify(ctx context.Context, token string, remoteip string) (*CloudflareTurnstileResponse, error)

type CloudflareTurnstileErrorCode 

type CloudflareTurnstileErrorCode string
const (
	CloudflareTurnstileErrorCodeMissingInputSecret   CloudflareTurnstileErrorCode = "missing-input-secret"
	CloudflareTurnstileErrorCodeInvalidInputSecret   CloudflareTurnstileErrorCode = "invalid-input-secret"
	CloudflareTurnstileErrorCodeMissingInputResponse CloudflareTurnstileErrorCode = "missing-input-response"
	CloudflareTurnstileErrorCodeInvalidInputResponse CloudflareTurnstileErrorCode = "invalid-input-response"
	CloudflareTurnstileErrorCodeInvalidWidgetId      CloudflareTurnstileErrorCode = "invalid-widget-id"
	// nolint: gosec
	CloudflareTurnstileErrorCodeInvalidParsedSecret CloudflareTurnstileErrorCode = "invalid-parsed-secret"
	CloudflareTurnstileErrorCodeBadRequest          CloudflareTurnstileErrorCode = "bad-request"
	CloudflareTurnstileErrorCodeTimeoutOrDuplicate  CloudflareTurnstileErrorCode = "timeout-or-duplicate"
	CloudflareTurnstileErrorCodeInternalError       CloudflareTurnstileErrorCode = "internal-error"
)

type CloudflareTurnstileResponse 

type CloudflareTurnstileResponse struct {
	Success *bool `json:"success,omitempty,omitempty"`

	// non-empty if Success == false, empty if Success == true
	ErrorCodes []CloudflareTurnstileErrorCode `json:"error-codes,omitempty"`

	// specific to Success == true
	ChallengeTs string `json:"challenge_ts,omitempty"` // ISO timestamp for the time the challenge was solved.
	Hostname    string `json:"hostname,omitempty"`     // hostname for which the challenge was served.
	Action      string `json:"action,omitempty"`       // customer widget identifier passed to the widget on the client side.
	CData       string `json:"cdata,omitempty"`        // customer data passed to the widget on the client side.
}

raw API response from cloudflare turnstile

func (*CloudflareTurnstileResponse) Error 

func (e *CloudflareTurnstileResponse) Error() string

returns a comma separated string of error codes

type EventService 

type EventService interface {
	DispatchEventImmediately(ctx context.Context, payload event.NonBlockingPayload) error
}

type Provider 

type Provider struct {
	RemoteIP          httputil.RemoteIP
	Config            *config.BotProtectionConfig
	Logger            ProviderLogger
	CloudflareClient  *CloudflareClient
	RecaptchaV2Client *RecaptchaV2Client
	Events            EventService
}

func (*Provider) Verify 

func (p *Provider) Verify(ctx context.Context, token string) (err error)

type ProviderLogger 

type ProviderLogger struct{ *log.Logger }

func NewProviderLogger 

func NewProviderLogger(lf *log.Factory) ProviderLogger

type RecaptchaV2Client 

type RecaptchaV2Client struct {
	HTTPClient     *http.Client
	Credentials    *config.BotProtectionProviderCredentials
	VerifyEndpoint string
}

func NewRecaptchaV2Client 

func NewRecaptchaV2Client(c *config.BotProtectionProviderCredentials, e *config.EnvironmentConfig) *RecaptchaV2Client

func (*RecaptchaV2Client) Verify 

func (c *RecaptchaV2Client) Verify(ctx context.Context, token string, remoteip string) (*RecaptchaV2Response, error)

type RecaptchaV2ErrorCode 

type RecaptchaV2ErrorCode string
const (
	RecaptchaV2ErrorCodeMissingInputSecret   RecaptchaV2ErrorCode = "missing-input-secret"
	RecaptchaV2ErrorCodeInvalidInputSecret   RecaptchaV2ErrorCode = "invalid-input-secret"
	RecaptchaV2ErrorCodeMissingInputResponse RecaptchaV2ErrorCode = "missing-input-response"
	RecaptchaV2ErrorCodeInvalidInputResponse RecaptchaV2ErrorCode = "invalid-input-response"
	RecaptchaV2ErrorCodeBadRequest           RecaptchaV2ErrorCode = "bad-request"
	RecaptchaV2ErrorCodeTimeoutOrDuplicate   RecaptchaV2ErrorCode = "timeout-or-duplicate"
)

type RecaptchaV2Response 

type RecaptchaV2Response struct {
	Success *bool `json:"success,omitempty"`

	// specific to Success == false
	ErrorCodes []RecaptchaV2ErrorCode `json:"error-codes"`

	// specific to Success == true
	ChallengeTs string `json:"challenge_ts"` // timestamp of the challenge load (ISO format yyyy-MM-dd'T'HH:mm:ssZZ)
	Hostname    string `json:"hostname"`     // hostname for which the challenge was served.
}

raw API response from recaptchav2

func (*RecaptchaV2Response) Error 

func (e *RecaptchaV2Response) Error() string

returns a comma separated string of error codes

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.