src/Core/Auth/Utilities/CaptchaProtectedAttribute.cs

using Bit.Core.Auth.Models.Api;
using Bit.Core.Auth.Services;
using Bit.Core.Context;
using Bit.Core.Exceptions;
using Microsoft.AspNetCore.Mvc.Filters;
using Microsoft.Extensions.DependencyInjection;

namespace Bit.Core.Auth.Utilities;

public class CaptchaProtectedAttribute : ActionFilterAttribute
{
    public string ModelParameterName { get; set; } = "model";

    public override void OnActionExecuting(ActionExecutingContext context)
    {
        var currentContext = context.HttpContext.RequestServices.GetRequiredService<ICurrentContext>();
        var captchaValidationService = context.HttpContext.RequestServices.GetRequiredService<ICaptchaValidationService>();

        if (captchaValidationService.RequireCaptchaValidation(currentContext, null))
        {
            var captchaResponse = (context.ActionArguments[ModelParameterName] as ICaptchaProtectedModel)?.CaptchaResponse;

            if (string.IsNullOrWhiteSpace(captchaResponse))
            {
                throw new BadRequestException(captchaValidationService.SiteKeyResponseKeyName, captchaValidationService.SiteKey);
            }

            var captchaValidationResponse = captchaValidationService.ValidateCaptchaResponseAsync(captchaResponse,
                currentContext.IpAddress, null).GetAwaiter().GetResult();
            if (!captchaValidationResponse.Success || captchaValidationResponse.IsBot)
            {
                throw new BadRequestException("Captcha is invalid. Please refresh and try again");
            }
        }
    }
}
-												[PM-1188] Server owner auth migration (#2825)

* [PM-1188] add sso project to auth

* [PM-1188] move sso api models to auth

* [PM-1188] fix sso api model namespace & imports

* [PM-1188] move core files to auth

* [PM-1188] fix core sso namespace & models

* [PM-1188] move sso repository files to auth

* [PM-1188] fix sso repo files namespace & imports

* [PM-1188] move sso sql files to auth folder

* [PM-1188] move sso test files to auth folders

* [PM-1188] fix sso tests namespace & imports

* [PM-1188] move auth api files to auth folder

* [PM-1188] fix auth api files namespace & imports

* [PM-1188] move auth core files to auth folder

* [PM-1188] fix auth core files namespace & imports

* [PM-1188] move auth email templates to auth folder

* [PM-1188] move auth email folder back into shared directory

* [PM-1188] fix auth email names

* [PM-1188] move auth core models to auth folder

* [PM-1188] fix auth model namespace & imports

* [PM-1188] add entire Identity project to auth codeowners

* [PM-1188] fix auth orm files namespace & imports

* [PM-1188] move auth orm files to auth folder

* [PM-1188] move auth sql files to auth folder

* [PM-1188] move auth tests to auth folder

* [PM-1188] fix auth test files namespace & imports

* [PM-1188] move emergency access api files to auth folder

* [PM-1188] fix emergencyaccess api files namespace & imports

* [PM-1188] move emergency access core files to auth folder

* [PM-1188] fix emergency access core files namespace & imports

* [PM-1188] move emergency access orm files to auth folder

* [PM-1188] fix emergency access orm files namespace & imports

* [PM-1188] move emergency access sql files to auth folder

* [PM-1188] move emergencyaccess test files to auth folder

* [PM-1188] fix emergency access test files namespace & imports

* [PM-1188] move captcha files to auth folder

* [PM-1188] fix captcha files namespace & imports

* [PM-1188] move auth admin files into auth folder

* [PM-1188] fix admin auth files namespace & imports
- configure mvc to look in auth folders for views

* [PM-1188] remove extra imports and formatting

* [PM-1188] fix ef auth model imports

* [PM-1188] fix DatabaseContextModelSnapshot paths

* [PM-1188] fix grant import in ef

* [PM-1188] update sqlproj

* [PM-1188] move missed sqlproj files

* [PM-1188] move auth ef models out of auth folder

* [PM-1188] fix auth ef models namespace

* [PM-1188] remove auth ef models unused imports

* [PM-1188] fix imports for auth ef models

* [PM-1188] fix more ef model imports

* [PM-1188] fix file encodings
											
										
										
											2023-04-14 13:25:56 -04:00
+								using Bit.Core.Auth.Models.Api;
 								using Bit.Core.Auth.Services;
 								using Bit.Core.Context;
-												Protect user registration with captcha (#1480)

* Protect user registration with captcha

* PR feedback
											
										
										
											2021-07-22 12:29:06 -05:00
+								using Bit.Core.Exceptions;
 								using Microsoft.AspNetCore.Mvc.Filters;
 								using Microsoft.Extensions.DependencyInjection;
-												[PM-1188] Server owner auth migration (#2825)

* [PM-1188] add sso project to auth

* [PM-1188] move sso api models to auth

* [PM-1188] fix sso api model namespace & imports

* [PM-1188] move core files to auth

* [PM-1188] fix core sso namespace & models

* [PM-1188] move sso repository files to auth

* [PM-1188] fix sso repo files namespace & imports

* [PM-1188] move sso sql files to auth folder

* [PM-1188] move sso test files to auth folders

* [PM-1188] fix sso tests namespace & imports

* [PM-1188] move auth api files to auth folder

* [PM-1188] fix auth api files namespace & imports

* [PM-1188] move auth core files to auth folder

* [PM-1188] fix auth core files namespace & imports

* [PM-1188] move auth email templates to auth folder

* [PM-1188] move auth email folder back into shared directory

* [PM-1188] fix auth email names

* [PM-1188] move auth core models to auth folder

* [PM-1188] fix auth model namespace & imports

* [PM-1188] add entire Identity project to auth codeowners

* [PM-1188] fix auth orm files namespace & imports

* [PM-1188] move auth orm files to auth folder

* [PM-1188] move auth sql files to auth folder

* [PM-1188] move auth tests to auth folder

* [PM-1188] fix auth test files namespace & imports

* [PM-1188] move emergency access api files to auth folder

* [PM-1188] fix emergencyaccess api files namespace & imports

* [PM-1188] move emergency access core files to auth folder

* [PM-1188] fix emergency access core files namespace & imports

* [PM-1188] move emergency access orm files to auth folder

* [PM-1188] fix emergency access orm files namespace & imports

* [PM-1188] move emergency access sql files to auth folder

* [PM-1188] move emergencyaccess test files to auth folder

* [PM-1188] fix emergency access test files namespace & imports

* [PM-1188] move captcha files to auth folder

* [PM-1188] fix captcha files namespace & imports

* [PM-1188] move auth admin files into auth folder

* [PM-1188] fix admin auth files namespace & imports
- configure mvc to look in auth folders for views

* [PM-1188] remove extra imports and formatting

* [PM-1188] fix ef auth model imports

* [PM-1188] fix DatabaseContextModelSnapshot paths

* [PM-1188] fix grant import in ef

* [PM-1188] update sqlproj

* [PM-1188] move missed sqlproj files

* [PM-1188] move auth ef models out of auth folder

* [PM-1188] fix auth ef models namespace

* [PM-1188] remove auth ef models unused imports

* [PM-1188] fix imports for auth ef models

* [PM-1188] fix more ef model imports

* [PM-1188] fix file encodings
											
										
										
											2023-04-14 13:25:56 -04:00
+								namespace Bit.Core.Auth.Utilities;
-												Run formatting (#2230)


											
										
										
											2022-08-29 16:06:55 -04:00
-												Protect user registration with captcha (#1480)

* Protect user registration with captcha

* PR feedback
											
										
										
											2021-07-22 12:29:06 -05:00
+								public class CaptchaProtectedAttribute : ActionFilterAttribute
 								{
 								    public string ModelParameterName { get; set; } = "model";
-												Run formatting (#2230)


											
										
										
											2022-08-29 16:06:55 -04:00
-												Protect user registration with captcha (#1480)

* Protect user registration with captcha

* PR feedback
											
										
										
											2021-07-22 12:29:06 -05:00
+								    public override void OnActionExecuting(ActionExecutingContext context)
 								    {
 								        var currentContext = context.HttpContext.RequestServices.GetRequiredService<ICurrentContext>();
 								        var captchaValidationService = context.HttpContext.RequestServices.GetRequiredService<ICaptchaValidationService>();
 								        if (captchaValidationService.RequireCaptchaValidation(currentContext, null))
 								        {
 								            var captchaResponse = (context.ActionArguments[ModelParameterName] as ICaptchaProtectedModel)?.CaptchaResponse;
-												captcha scores (#1967)

* captcha scores

* some api fixes

* check bot on captcha attribute

* Update src/Core/Services/Implementations/HCaptchaValidationService.cs

Co-authored-by: e271828- <e271828-@users.noreply.github.com>

Co-authored-by: Chad Scharf <3904944+cscharf@users.noreply.github.com>
Co-authored-by: e271828- <e271828-@users.noreply.github.com>
											
										
										
											2022-05-09 12:25:13 -04:00
+								            if (string.IsNullOrWhiteSpace(captchaResponse))
-												Protect user registration with captcha (#1480)

* Protect user registration with captcha

* PR feedback
											
										
										
											2021-07-22 12:29:06 -05:00
+								            {
 								                throw new BadRequestException(captchaValidationService.SiteKeyResponseKeyName, captchaValidationService.SiteKey);
-												Revert filescoped (#2227)

* Revert "Add git blame entry (#2226)"

This reverts commit 239286737d15cb84a893703ee5a8b33a2d67ad3d.

* Revert "Turn on file scoped namespaces (#2225)"

This reverts commit 34fb4cca2aa78deb84d4cbc359992a7c6bba7ea5.
											
										
										
											2022-08-29 15:53:48 -04:00
+								            }
-												captcha scores (#1967)

* captcha scores

* some api fixes

* check bot on captcha attribute

* Update src/Core/Services/Implementations/HCaptchaValidationService.cs

Co-authored-by: e271828- <e271828-@users.noreply.github.com>

Co-authored-by: Chad Scharf <3904944+cscharf@users.noreply.github.com>
Co-authored-by: e271828- <e271828-@users.noreply.github.com>
											
										
										
											2022-05-09 12:25:13 -04:00
+								            var captchaValidationResponse = captchaValidationService.ValidateCaptchaResponseAsync(captchaResponse,
 								                currentContext.IpAddress, null).GetAwaiter().GetResult();
 								            if (!captchaValidationResponse.Success || captchaValidationResponse.IsBot)
-												Protect user registration with captcha (#1480)

* Protect user registration with captcha

* PR feedback
											
										
										
											2021-07-22 12:29:06 -05:00
+								            {
 								                throw new BadRequestException("Captcha is invalid. Please refresh and try again");
 								            }
 								        }
 								    }
 								}