verify-token-action.php
103 lines
| 1 | <?php |
| 2 | |
| 3 | |
| 4 | namespace JFB_Modules\Captcha\Turnstile; |
| 5 | |
| 6 | // If this file is called directly, abort. |
| 7 | if ( ! defined( 'WPINC' ) ) { |
| 8 | die; |
| 9 | } |
| 10 | |
| 11 | use Jet_Form_Builder\Classes\Http\Http_Tools; |
| 12 | use Jet_Form_Builder\Exceptions\Gateway_Exception; |
| 13 | use JFB_Modules\Gateways\Actions_Abstract\Action_Application_Raw_Body_It; |
| 14 | use JFB_Modules\Gateways\Base_Gateway_Action; |
| 15 | use JFB_Modules\Captcha\Module; |
| 16 | |
| 17 | class Verify_Token_Action extends Base_Gateway_Action implements |
| 18 | Action_Application_Raw_Body_It { |
| 19 | |
| 20 | private $secret; |
| 21 | private $challenge; |
| 22 | private $ip; |
| 23 | private $action; |
| 24 | |
| 25 | public function action_endpoint() { |
| 26 | return 'siteverify'; |
| 27 | } |
| 28 | |
| 29 | public function base_url(): string { |
| 30 | return 'https://challenges.cloudflare.com/turnstile/v0/'; |
| 31 | } |
| 32 | |
| 33 | public function send_request() { |
| 34 | $response = parent::send_request(); |
| 35 | |
| 36 | $action = $response['action'] ?? ''; |
| 37 | |
| 38 | if ( $this->action === $action && ! empty( $response['success'] ) ) { |
| 39 | return $response; |
| 40 | } |
| 41 | |
| 42 | // phpcs:ignore WordPress.Security.EscapeOutput.ExceptionNotEscaped |
| 43 | throw new Gateway_Exception( 'captcha_failed', $response, $this->get_request_args() ); |
| 44 | } |
| 45 | |
| 46 | /** |
| 47 | * @throws Gateway_Exception |
| 48 | */ |
| 49 | public function before_make_request() { |
| 50 | if ( ! $this->ip ) { |
| 51 | $this->set_ip( Http_Tools::get_ip_address() ); |
| 52 | } |
| 53 | |
| 54 | if ( ! $this->action ) { |
| 55 | $this->set_action( jet_fb_live()->form_id ); |
| 56 | } |
| 57 | |
| 58 | if ( $this->ip && $this->secret && $this->challenge ) { |
| 59 | return; |
| 60 | } |
| 61 | |
| 62 | throw new Gateway_Exception( 'captcha_failed', 'Empty solution. Spammer detected' ); |
| 63 | } |
| 64 | |
| 65 | public function set_secret( string $secret ): Verify_Token_Action { |
| 66 | $this->secret = $secret; |
| 67 | |
| 68 | return $this; |
| 69 | } |
| 70 | |
| 71 | public function set_challenge( string $challenge ): Verify_Token_Action { |
| 72 | $this->challenge = $challenge; |
| 73 | |
| 74 | return $this; |
| 75 | } |
| 76 | |
| 77 | public function set_ip( string $ip ): Verify_Token_Action { |
| 78 | $this->ip = $ip; |
| 79 | |
| 80 | return $this; |
| 81 | } |
| 82 | |
| 83 | /** |
| 84 | * @param string|int $action |
| 85 | * |
| 86 | * @return Verify_Token_Action |
| 87 | */ |
| 88 | public function set_action( $action ): Verify_Token_Action { |
| 89 | $this->action = is_numeric( $action ) ? Module::PREFIX . $action : $action; |
| 90 | |
| 91 | return $this; |
| 92 | } |
| 93 | |
| 94 | public function action_body() { |
| 95 | return array( |
| 96 | 'secret' => $this->secret, |
| 97 | 'response' => $this->challenge, |
| 98 | 'remoteip' => $this->ip, |
| 99 | ); |
| 100 | } |
| 101 | |
| 102 | } |
| 103 |