Setup reCaptcha for resend confirmation

wso2 · Nov 13, 2020 · 42cb6da · 42cb6da
1 parent 0d30694
commit 42cb6da
Show file tree

Hide file tree

Showing 6 changed files with 214 additions and 29 deletions.
diff --git a/...es/org/wso2/carbon/identity/application/authentication/endpoint/i18n/Resources.properties b/...es/org/wso2/carbon/identity/application/authentication/endpoint/i18n/Resources.properties
@@ -64,7 +64,7 @@ have.account=Already have an account?
 register.now=Register Now
 register=Register
 no.confirmation.mail=Not received confirmation email?
-resend.mail=Re-Send
+resend.mail=Resend
 openid=Open ID
 openid.user.claims=OpenID User Claims
 username.or.password.invalid=Username or Password is Invalid
@@ -181,3 +181,5 @@ last.accessed=Last Accessed
 Updated.the.password.successfully=Updated the password successfully
 suspicious.authentication.attempts=Suspicious authentication attempts found
 suspicious.authentication.attempts.description=Suspicious login attempts found during the authentication process. Please try signing in again.
+resend.confirmation.page.title=Resend Confirmation Email
+resend.confirmation.page.message=Please complete the captcha below.
diff --git a/.../wso2/carbon/identity/application/authentication/endpoint/i18n/Resources_fr_FR.properties b/.../wso2/carbon/identity/application/authentication/endpoint/i18n/Resources_fr_FR.properties
@@ -179,3 +179,5 @@ browser=Navigateur
 platform=Plate-forme
 last.accessed=Dernier accès
 Updated.the.password.successfully=Mot de passe mis à jour avec succès
+resend.confirmation.page.title=Renvoyer un courriel de confirmation
+resend.confirmation.page.message=Veuillez compléter le captcha ci-dessous.
diff --git a/apps/authentication-portal/src/main/webapp/WEB-INF/web.xml b/apps/authentication-portal/src/main/webapp/WEB-INF/web.xml
@@ -160,6 +160,11 @@
         <jsp-file>/long-wait.jsp</jsp-file>
     </servlet>
 
+    <servlet>
+        <servlet-name>resend-confirmation-captcha.do</servlet-name>
+        <jsp-file>/resend-confirmation-captcha.jsp</jsp-file>
+    </servlet>
+
     <servlet>
         <servlet-name>idf-confirm.do</servlet-name>
         <jsp-file>/identifier-logout-confirm.jsp</jsp-file>
@@ -306,6 +311,11 @@
         <url-pattern>/wait.do</url-pattern>
     </servlet-mapping>
 
+    <servlet-mapping>
+        <servlet-name>resend-confirmation-captcha.do</servlet-name>
+        <url-pattern>/resend-confirmation-captcha.do</url-pattern>
+    </servlet-mapping>
+
     <servlet-mapping>
         <servlet-name>idf-confirm.do</servlet-name>
         <url-pattern>/idf-confirm.do</url-pattern>

diff --git a/apps/authentication-portal/src/main/webapp/basicauth.jsp b/apps/authentication-portal/src/main/webapp/basicauth.jsp
@@ -88,6 +88,14 @@
         };
         $('#loginForm').preventDoubleSubmission();
     });
+
+    function showResendReCaptcha() {
+        <% if (reCaptchaResendEnabled) { %>
+            window.location.href="resend-confirmation-captcha.jsp?<%=AuthenticationEndpointUtil.cleanErrorMessages(Encode.forJava(request.getQueryString()))%>";
+        <% } else { %>
+            window.location.href="login.do?resend_username=<%=Encode.forHtml(request.getParameter("failedUsername"))%>&<%=AuthenticationEndpointUtil.cleanErrorMessages(Encode.forJava(request.getQueryString()))%>";
+        <% } %>
+    }
 </script>
 
 <%!
@@ -137,11 +145,13 @@
 
         SelfUserRegistrationResource selfUserRegistrationResource = JAXRSClientFactory
                 .create(url, SelfUserRegistrationResource.class, providers);
+        String reCaptchaResponse = request.getParameter("g-recaptcha-response");
+        WebClient.client(selfUserRegistrationResource).header("g-recaptcha-response", reCaptchaResponse);
         WebClient.client(selfUserRegistrationResource).header("Authorization", header);
         Response selfRegistrationResponse = selfUserRegistrationResource.regenerateCode(selfRegistrationRequest);
         if (selfRegistrationResponse != null &&  selfRegistrationResponse.getStatus() == HttpStatus.SC_CREATED) {
 %>
-<div class="ui visible info message">
+<div class="ui visible positive message">
     <%=AuthenticationEndpointUtil.i18n(resourceBundle,Constants.ACCOUNT_RESEND_SUCCESS_RESOURCE)%>
 </div>
 <%
@@ -155,6 +165,36 @@
     }
 %>
 
+<% if (Boolean.parseBoolean(loginFailed) && !errorCode.equals(IdentityCoreConstants.USER_ACCOUNT_NOT_CONFIRMED_ERROR_CODE)) { %>
+<div class="ui visible negative message" id="error-msg" data-testid="login-page-error-message">
+    <%= AuthenticationEndpointUtil.i18n(resourceBundle, errorMessage) %>
+</div>
+<% } else if ((Boolean.TRUE.toString()).equals(request.getParameter("authz_failure"))){%>
+<div class="ui visible negative message" id="error-msg" data-testid="login-page-error-message">
+    <%=AuthenticationEndpointUtil.i18n(resourceBundle, "unauthorized.to.login")%>
+</div>
+<% } else { %>
+    <div class="ui visible negative message" style="display: none;" id="error-msg" data-testid="login-page-error-message"></div>
+<% } %>
+
+<% if (Boolean.parseBoolean(loginFailed) && errorCode.equals(IdentityCoreConstants.USER_ACCOUNT_NOT_CONFIRMED_ERROR_CODE) && request.getParameter("resend_username") == null) { %>
+    <div class="ui visible warning message" id="error-msg" data-testid="login-page-error-message">
+        <%= AuthenticationEndpointUtil.i18n(resourceBundle, errorMessage) %>
+
+        <div class="ui divider hidden"></div>
+
+        <%=AuthenticationEndpointUtil.i18n(resourceBundle, "no.confirmation.mail")%>
+
+        <a id="registerLink"
+            href="javascript:showResendReCaptcha();"
+            data-testid="login-page-resend-confirmation-email-link"
+        >
+            <%=StringEscapeUtils.escapeHtml4(AuthenticationEndpointUtil.i18n(resourceBundle, "resend.mail"))%>
+        </a>
+    </div>
+    <div class="ui divider hidden"></div>
+<% } %>
+
 <form class="ui large form" action="<%=loginFormActionURL%>" method="post" id="loginForm">
     <%
         if (loginFormActionURL.equals(samlssoURL) || loginFormActionURL.equals(oauth2AuthorizeURL)) {
@@ -164,17 +204,6 @@
         }
     %>
 
-    <% if (Boolean.parseBoolean(loginFailed)) { %>
-    <div class="ui visible negative message" id="error-msg" data-testid="login-page-error-message">
-        <%= AuthenticationEndpointUtil.i18n(resourceBundle, errorMessage) %>
-    </div>
-    <% } else if ((Boolean.TRUE.toString()).equals(request.getParameter("authz_failure"))){%>
-    <div class="ui visible negative message" id="error-msg" data-testid="login-page-error-message">
-        <%=AuthenticationEndpointUtil.i18n(resourceBundle, "unauthorized.to.login")%>
-    </div>
-    <% } else { %>
-        <div class="ui visible negative message" style="display: none;" id="error-msg" data-testid="login-page-error-message"></div>
-    <% } %>
     <% if(Boolean.parseBoolean(request.getParameter("passwordReset"))) {
     %>
         <div class="ui visible positive message" data-testid="password-reset-success-message">
@@ -375,20 +404,6 @@
         </div>
     </div>
 
-    <% if (Boolean.parseBoolean(loginFailed) && errorCode.equals(IdentityCoreConstants.USER_ACCOUNT_NOT_CONFIRMED_ERROR_CODE) && request.getParameter("resend_username") == null) { %>
-    <div class="ui divider hidden"></div>
-    <div class="field">
-        <div class="form-actions">
-            <%=AuthenticationEndpointUtil.i18n(resourceBundle, "no.confirmation.mail")%>
-            <a id="registerLink"
-                href="login.do?resend_username=<%=Encode.forHtml(request.getParameter("failedUsername"))%>&<%=AuthenticationEndpointUtil.cleanErrorMessages(Encode.forJava(request.getQueryString()))%>"
-                data-testid="login-page-resend-confirmation-email-link"
-            >
-                <%=StringEscapeUtils.escapeHtml4(AuthenticationEndpointUtil.i18n(resourceBundle, "resend.mail"))%>
-            </a>
-        </div>
-    </div>
-    <% } %>
     <%!
         private String getRecoverAccountUrl(String identityMgtEndpointContext, String urlEncodedURL,
                 boolean isUsernameRecovery, String urlParameters) {

diff --git a/apps/authentication-portal/src/main/webapp/login.jsp b/apps/authentication-portal/src/main/webapp/login.jsp
@@ -84,9 +84,14 @@
 %>
 <%
     boolean reCaptchaEnabled = false;
-    if (request.getParameter("reCaptcha") != null && "TRUE".equalsIgnoreCase(request.getParameter("reCaptcha"))) {
+    if (request.getParameter("reCaptcha") != null && Boolean.parseBoolean(request.getParameter("reCaptcha"))) {
         reCaptchaEnabled = true;
     }
+
+    boolean reCaptchaResendEnabled = false;
+    if (request.getParameter("reCaptchaResend") != null && Boolean.parseBoolean(request.getParameter("reCaptchaResend"))) {
+        reCaptchaResendEnabled = true;
+    }
 %>
 <%
     String inputType = request.getParameter("inputType");
@@ -138,7 +143,7 @@
     <% } %>
 
     <%
-        if (reCaptchaEnabled) {
+        if (reCaptchaEnabled || reCaptchaResendEnabled) {
     %>
         <script src='<%=(Encode.forJavaScriptSource(request.getParameter("reCaptchaAPI")))%>'></script>
     <%

diff --git a/apps/authentication-portal/src/main/webapp/resend-confirmation-captcha.jsp b/apps/authentication-portal/src/main/webapp/resend-confirmation-captcha.jsp
@@ -0,0 +1,151 @@
+<%--
+  ~ Copyright (c) 2020, WSO2 Inc. (http://www.wso2.org) All Rights Reserved.
+  ~
+  ~ WSO2 Inc. licenses this file to you under the Apache License,
+  ~ Version 2.0 (the "License"); you may not use this file except
+  ~ in compliance with the License.
+  ~ You may obtain a copy of the License at
+  ~
+  ~ http://www.apache.org/licenses/LICENSE-2.0
+  ~
+  ~ Unless required by applicable law or agreed to in writing,
+  ~ software distributed under the License is distributed on an
+  ~ "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+  ~ KIND, either express or implied.  See the License for the
+  ~ specific language governing permissions and limitations
+  ~ under the License.
+  --%>
+
+<%@ page language="java" contentType="text/html; charset=UTF-8" pageEncoding="UTF-8" %>
+<%@ page import="com.google.gson.Gson" %>
+<%@ page import="java.net.URLEncoder" %>
+<%@ page import="java.net.URLDecoder" %>
+<%@ page import="org.apache.commons.text.StringEscapeUtils" %>
+<%@ page import="org.owasp.encoder.Encode" %>
+<%@ page import="java.io.File" %>
+<%@ page import="java.util.ArrayList" %>
+<%@ page import="java.util.Arrays" %>
+
+<%@ include file="includes/localize.jsp" %>
+<jsp:directive.include file="includes/init-url.jsp"/>
+
+<%
+    boolean reCaptchaResendEnabled = false;
+    if (request.getParameter("reCaptchaResend") != null && Boolean.parseBoolean(request.getParameter("reCaptchaResend"))) {
+        reCaptchaResendEnabled = true;
+    }
+%>
+
+<!doctype html>
+<html>
+<head>
+    <!-- header -->
+    <%
+        File headerFile = new File(getServletContext().getRealPath("extensions/header.jsp"));
+        if (headerFile.exists()) {
+    %>
+        <jsp:include page="extensions/header.jsp"/>
+    <% } else { %>
+        <jsp:include page="includes/header.jsp"/>
+    <% } %>
+
+    <%
+        if (reCaptchaResendEnabled) {
+    %>
+        <script src='<%=(Encode.forJavaScriptSource(request.getParameter("reCaptchaAPI")))%>'></script>
+    <%
+        }
+    %>
+
+</head>
+<body class="login-portal layout authentication-portal-layout">
+    <main class="center-segment">
+        <div class="ui container medium center aligned middle aligned">
+
+            <!-- product-title -->
+            <%
+                File productTitleFile = new File(getServletContext().getRealPath("extensions/product-title.jsp"));
+                if (productTitleFile.exists()) {
+            %>
+                <jsp:include page="extensions/product-title.jsp"/>
+            <% } else { %>
+                <jsp:include page="includes/product-title.jsp"/>
+            <% } %>
+
+            <div class="ui segment">
+
+                <h3 class="ui header">
+                    <%=AuthenticationEndpointUtil.i18n(resourceBundle, "resend.confirmation.page.title")%>
+                </h3>
+
+                <form action="login.do?resend_username=<%=Encode.forHtml(request.getParameter("failedUsername"))%>&<%=AuthenticationEndpointUtil.cleanErrorMessages(Encode.forJava(request.getQueryString()))%>" method="post" id="resendForm">
+
+                    <div><%=AuthenticationEndpointUtil.i18n(resourceBundle, "resend.confirmation.page.message")%></div>
+
+                    <div class="ui divider hidden"></div>
+
+                    <div class="resend-captcha-container ui hidden" id="resend-captcha-container">
+                        <div class="field">
+                            <div class="text-center>">
+                                <div class="g-recaptcha inline"
+                                    data-sitekey="<%=Encode.forHtmlContent(request.getParameter("reCaptchaKey"))%>"
+                                    data-testid="login-page-g-recaptcha-resend"
+                                >
+                                </div>
+                            </div>
+
+                            <div class="ui divider hidden"></div>
+
+                            <div class="align-right buttons text-right">
+                                <a href="javascript:goBack()" class="ui button link-button">
+                                    <%=AuthenticationEndpointUtil.i18n(resourceBundle, "Cancel")%>
+                                </a>
+                                <button id="recoverySubmit"
+                                        class="ui primary button"
+                                        type="submit">
+                                    <%=StringEscapeUtils.escapeHtml4(AuthenticationEndpointUtil.i18n(resourceBundle, "submit"))%>
+                                </button>
+                            </div>
+                        </div>
+                    </div>
+                </form>
+            </div>
+        </div>
+    </main>
+
+    <!-- product-footer -->
+    <%
+        File productFooterFile = new File(getServletContext().getRealPath("extensions/product-footer.jsp"));
+        if (productFooterFile.exists()) {
+    %>
+        <jsp:include page="extensions/product-footer.jsp"/>
+    <% } else { %>
+        <jsp:include page="includes/product-footer.jsp"/>
+    <% } %>
+
+    <!-- footer -->
+    <%
+        File footerFile = new File(getServletContext().getRealPath("extensions/footer.jsp"));
+        if (footerFile.exists()) {
+    %>
+        <jsp:include page="extensions/footer.jsp"/>
+    <% } else { %>
+        <jsp:include page="includes/footer.jsp"/>
+    <% } %>
+
+    <script>
+        function goBack() {
+            window.history.back();
+        }
+
+        $(document).ready(function () {
+            <% if (reCaptchaResendEnabled) { %>
+                $("#resend-captcha-container").show();
+            <% } else { %> 
+                $("#resendForm").submit();
+            <% } %>
+        });
+    </script>
+
+</body>
+</html>