[英]ReCaptcha Enterprise api call always returns score of 0 but the dashboard shows every score has been 0.8 or greater
我為我的前端創建了一個 ReCaptcha Enterprise 項目,並試圖在 AWS Lambda 中驗證評估。
ReCaptcha 項目如下所示: ReCaptcha 設置
前端代碼是一個反應應用程序,但我只是使用文檔之后的腳本。 這一切似乎都奏效了。 我可以解決驗證碼並得到答案。
const [captchaAnswer, setCaptchaAnswer] = useState<string | null>(null);
useEffect(() => {
const script = document.createElement('script');
script.src = "https://www.google.com/recaptcha/enterprise.js";
script.async = true;
script.defer = true;
document.body.appendChild(script);
return () => {
document.body.removeChild(script);
}
}, []);
window.reCaptchaCallback = function (response: string) {
setCaptchaAnswer(response);
};
const submit = () => {
//Submits the answer to my lambda
}
return (
<div className="g-recaptcha" data-sitekey="<SITEKEY>" data-callback="reCaptchaCallback" />
);
所以接下來是 lambda,它被稱為 Cognito 的觸發器。
const axios = require("axios");
const config = {
PROJECT_ID: "<PROJECTID>",
API_KEY: "<APIKEY>", //actually gotten from secret manager
SITE_KEY:"<SITEKEY>"
};
exports.handler = async (event) => {
console.log(event);
if (event.triggerSource === "PreSignUp_AdminCreateUser") {
return event;
}
if (!event.request.validationData) {
throw new Error('Missing validation data');
}
try {
const verifyResponse = await axios({
method: 'post',
url: `https://recaptchaenterprise.googleapis.com/v1beta1/projects/${config.PROJECT_ID}/assessments?key=${config.API_KEY}`,
body: {
event: {
token: event.request.validationData.token, //I have confirmed this is correctly passed from front end to here
siteKey: config.SITE_KEY
expectedAction: "" //Tried it with and without this. Documentation say it isn't being used
}
},
headers: { "Content-Type": "application/x-www-form-urlencoded" }
});
console.log(JSON.stringify(verifyResponse.data));
if (verifyResponse.data.score >= 0) {
event.response.autoConfirmUser = true;
return event;
} else {
throw new Error('Recaptcha verification failed');
}
} catch (error) {
console.error(error);
throw new Error("Recaptcha verification failed. Please retry");
}
};
這是我總是得到的回應。
{
"name": "projects/<PROJECT>/assessments/924d7fc3f0000000",
"score": 0,
"reasons": []
}
然而, recaptcha 儀表板顯示所有的評估都 >= 0.8 我不知道我做錯了什么。 感謝您的任何幫助。
根據我的經驗,響應中缺少tokenProperties
意味着 googleapis.com 未能讀取您的 POST 數據。
對於您的情況,首先預期的內容類型應該是 json:
"Content-Type": "application/json; charset=utf-8"
如果更改上述內容不能解決問題,請嘗試將 post 數據從 object/dict/json 更改為字符串。
提示:一般來說,當我們的代碼無法得到預期的響應時,我們可以嘗試在 curl 或 jmeter 等直接工具中試驗目標請求以找出問題所在,然后將解決方案復制回我們的代碼中。
這是為我工作的 curl,可能對你有幫助。 查看正文並發送評估 object,其中包括事件 object。
curl -H 'Content-Type: application/x-www-form-urlencoded' -X POST https://recaptchaenterprise.googleapis.com/v1beta1/projects/${here-is-your-id-project}/assessments?key=${here-is-your-secret-key-defined-on-credentials-api-section} -d 'assessment.event.token=${response-token-coming-from-grecaptcha.enterprise.execute-method-on-web-site}' -d 'assessment.event.site_key=${here-is-your-public-key-defined-on-recaptcha-service-section}'
這是回應:
{
"name": "projects/xxxx/assessments/xxxxx",
"event": {
"token": "${response-token-coming-from-grecaptcha.enterprise.execute-method-on-web-site}",
"siteKey": "${here-is-your-public-key-defined-on-recaptcha-service-section}",
"userAgent": "",
"userIpAddress": "",
"expectedAction": "",
"hashedAccountId": ""
},
"score": 0.9,
"tokenProperties": {
"valid": true,
"invalidReason": "INVALID_REASON_UNSPECIFIED",
"hostname": "your-host-goes-here",
"action": "login",
"createTime": "2022-02-03T19:08:01.612Z"
},
"reasons": []
}
我的 GCP 配置:
就這樣
聲明:本站的技術帖子網頁,遵循CC BY-SA 4.0協議,如果您需要轉載,請注明本站網址或者原文地址。任何問題請咨詢:yoyou2525@163.com.