Show admin notice when verification has failed (#123)

* install friendlycaptcha/sdk for v2 verification * add support for v2 widget * fix client side logic to work with V2 * update friendly-captcha-sdk * add development instructions to readme * minor * Update friendly-captcha/modules/contact-form-7/script.js Co-authored-by: Guido Zuidhof <me@guido.io> * cleanup debug logging * Show admin notice when verification has failed * fix merge * expose error response in alert --------- Co-authored-by: Guido Zuidhof <me@guido.io>
FriendlyCaptcha · May 30, 2024 · bdccf0d · bdccf0d
1 parent 95fa72e
commit bdccf0d
Show file tree

Hide file tree

Showing 4 changed files with 74 additions and 9 deletions.
diff --git a/friendly-captcha/includes/admin.php b/friendly-captcha/includes/admin.php
@@ -52,9 +52,41 @@ function frcaptcha_admin_notice__not_configured()
                     Visit the <a href="<?php echo $url ?>">Friendly Captcha settings</a> and enter a valid Sitekey and API Key to complete the setup.
                 </p>
             </div>
-<?php
+        <?php
         }
 
         add_action('admin_notices', 'frcaptcha_admin_notice__not_configured');
     }
+
+    if (isset($_GET['frcaptcha-verification-failed-dismissed'])) {
+        FriendlyCaptcha_Plugin::$instance->remove_verification_failed_alert();
+    }
+
+    if (FriendlyCaptcha_Plugin::$instance->get_verification_failed_alert() != false) {
+        function frcaptcha_admin_notice__verification_failed()
+        {
+            $url = esc_url(add_query_arg(
+                'page',
+                'friendly_captcha_admin',
+                get_admin_url() . 'options-general.php'
+            ));
+
+        ?>
+            <div class="notice notice-error is-dismissible">
+                <p>
+                    <b>Friendly Captcha verification has failed!</b>
+                    <br>
+                    This is usually because you have entered an incorrect API Key. Please visit the <a href="<?php echo $url ?>">Friendly Captcha settings</a> and enter a valid Sitekey and API Key.
+                    <br><br>
+                    <code><?php echo FriendlyCaptcha_Plugin::$instance->get_verification_failed_alert(); ?></code>
+                </p>
+                <a href="?frcaptcha-verification-failed-dismissed" class="notice-dismiss" style="text-decoration: none;">
+                    <span class="screen-reader-text">Dismiss this notice.</span>
+                </a>
+            </div>
+<?php
+        }
+
+        add_action('admin_notices', 'frcaptcha_admin_notice__verification_failed');
+    }
 }
diff --git a/friendly-captcha/includes/core.php b/friendly-captcha/includes/core.php
@@ -68,6 +68,7 @@ class FriendlyCaptcha_Plugin
     public static $option_global_puzzle_endpoint_active_name = "frcaptcha_global_endpoint_active";
     public static $option_eu_puzzle_endpoint_active_name = "frcaptcha_eu_endpoint_active";
 
+    public static $option_verification_failed_alert_name = "frcaptcha_verification_failed_alert";
 
     public function init()
     {
@@ -318,6 +319,23 @@ public function get_global_puzzle_endpoint_active()
 
         return get_option(FriendlyCaptcha_Plugin::$option_global_puzzle_endpoint_active_name) == 1;
     }
+
+    /* Verification failure alert */
+
+    public function show_verification_failed_alert($response)
+    {
+        update_option(FriendlyCaptcha_Plugin::$option_verification_failed_alert_name, $response);
+    }
+
+    public function get_verification_failed_alert()
+    {
+        return get_option(FriendlyCaptcha_Plugin::$option_verification_failed_alert_name);
+    }
+
+    public function remove_verification_failed_alert()
+    {
+        delete_option(FriendlyCaptcha_Plugin::$option_verification_failed_alert_name);
+    }
 }
 
 // This creates the singleton instance

diff --git a/friendly-captcha/includes/settings.php b/friendly-captcha/includes/settings.php
@@ -684,6 +684,19 @@ function frcaptcha_settings_init()
             )
         );
 
+        add_settings_field(
+            'frcaptcha_settings_enable_v2',
+            'Use Friendly Captcha v2',
+            'frcaptcha_settings_field_callback',
+            'friendly_captcha_admin',
+            'frcaptcha_widget_settings_section',
+            array(
+                "option_name" => FriendlyCaptcha_Plugin::$option_enable_v2_name,
+                "description" => " Friendly Captcha v2 is in its alpha stage and is <b>not yet intended for production use</b>.",
+                "type" => "checkbox"
+            )
+        );
+
 
         /* Endpoint section */
 

diff --git a/friendly-captcha/includes/verification.php b/friendly-captcha/includes/verification.php
@@ -15,36 +15,37 @@ function frcaptcha_v1_verify_captcha_solution($solution, $sitekey, $api_key)
 {
     $endpoint = 'https://api.friendlycaptcha.com/api/v1/siteverify';
 
-    $response_body = array(
+    $request_body = array(
         'secret' => $api_key,
         'sitekey' => $sitekey,
         'solution' => $solution,
     );
 
-    $body = json_encode($response_body);
     $request = array(
-        'body' => $response_body,
+        'body' => $request_body,
     );
 
     $response = wp_remote_post(esc_url_raw($endpoint), $request);
     $status = wp_remote_retrieve_response_code($response);
 
     // Useful for debugging
+    // $body = json_encode($request_body);
     // trigger_error($body);
 
-    $response_body = wp_remote_retrieve_body($response);
-    $response_body = json_decode($response_body, true);
+    $raw_response_body = wp_remote_retrieve_body($response);
+    $response_body = json_decode($raw_response_body, true);
 
     if (200 != $status) {
         if (WP_DEBUG) {
             frcaptcha_log_remote_request($endpoint, $response);
         }
 
+        FriendlyCaptcha_Plugin::$instance->show_verification_failed_alert($raw_response_body);
+
         // Better safe than sorry, if the request is non-200 we can not verify the response
         // Either the user's credentials are wrong (e.g. wrong sitekey, api key) or the friendly
         // captcha servers are unresponsive.
 
-        // TODO notify site admin somehow
         return array(
             "success" => true,
             "status" => $status,
@@ -72,7 +73,6 @@ function frcaptcha_v2_verify_captcha_solution($solution, $sitekey, $api_key)
 {
     $config = new ClientConfig();
     $config->setAPIKey($api_key)->setSitekey($sitekey);
-
     if (FriendlyCaptcha_Plugin::$instance->get_eu_puzzle_endpoint_active()) {
         $config->setSiteverifyEndpoint("eu");
     }
@@ -90,11 +90,13 @@ function frcaptcha_v2_verify_captcha_solution($solution, $sitekey, $api_key)
             );
         }
 
+        $raw_response = json_encode($result->response);
+        FriendlyCaptcha_Plugin::$instance->show_verification_failed_alert($raw_response);
+
         // Better safe than sorry, when we can not verify the response
         // Either the user's credentials are wrong (e.g. wrong sitekey, api key) or the friendly
         // captcha servers are unresponsive.
 
-        // TODO notify site admin somehow
         return array(
             "success" => true,
             "status" => $result->status,