/**
* Validate and decode a JSON Web Token string from a request (i.e. POST body)
*
* @param string $keyName name of the key to used to sign the token
* @param string $attributeName name of cookie that sources the token
* @param array|\Traversable $assertClaims traversable set of claims, claim => value, to assert
*
* @return object|false payload as stdClass, or false if token was invalid
*/
public static function fromRequest($keyName, $attributeName, $assertClaims = array())
{
$token = Request::getString($attributeName, '');
if (empty($token)) {
return false;
}
return static::fromString($keyName, $token, $assertClaims);
}
/**
* XoopsCaptchaRecaptcha::verify()
*
* @param mixed|null $sessionName
*
* @return bool
*/
public function verify($sessionName = null)
{
$is_valid = false;
require_once __DIR__ . '/recaptcha/recaptchalib.php';
if (!empty(Request::getString('recaptcha_response_field', '', 'POST'))) {
$resp = recaptcha_check_answer($this->config['private_key'], $_SERVER['REMOTE_ADDR'], Request::getString('recaptcha_challenge_field', '', 'POST'), Request::getString('recaptcha_response_field', '', 'POST'));
if (!$resp->is_valid) {
$this->message[] = $resp->error;
} else {
$is_valid = true;
}
}
return $is_valid;
}
/**
* XoopsCaptchaRecaptcha2::verify()
*
* @param string|null $sessionName unused for recaptcha
*
* @return bool
*/
public function verify($sessionName = null)
{
$isValid = false;
$recaptchaResponse = Request::getString('g-recaptcha-response', '');
$recaptchaVerifyURL = 'https://www.google.com/recaptcha/api/siteverify?secret=' . $this->config['secret_key'] . '&response=' . $recaptchaResponse . '&remoteip=' . IPAddress::fromRequest()->asReadable();
$usedCurl = false;
if (function_exists('curl_init') && false !== ($curlHandle = curl_init())) {
curl_setopt($curlHandle, CURLOPT_URL, $recaptchaVerifyURL);
curl_setopt($curlHandle, CURLOPT_FAILONERROR, true);
curl_setopt($curlHandle, CURLOPT_RETURNTRANSFER, 1);
curl_setopt($curlHandle, CURLOPT_CONNECTTIMEOUT, 5);
$curlReturn = curl_exec($curlHandle);
if (false === $curlReturn) {
trigger_error(curl_error($curlHandle));
} else {
$usedCurl = true;
$recaptchaCheck = json_decode($curlReturn, true);
}
curl_close($curlHandle);
}
if (false === $usedCurl) {
$recaptchaCheck = file_get_contents($recaptchaVerifyURL);
$recaptchaCheck = json_decode($recaptchaCheck, true);
}
if (isset($recaptchaCheck['success']) && $recaptchaCheck['success'] === true) {
$isValid = true;
} else {
/** @var \XoopsCaptcha $captchaInstance */
$captchaInstance = \XoopsCaptcha::getInstance();
/** @var array $recaptchaCheck */
foreach ($recaptchaCheck['error-codes'] as $msg) {
$captchaInstance->message[] = $msg;
}
}
return $isValid;
}
