From e4caaaf5d13bc4400effa43981bda1e6b7beba16 Mon Sep 17 00:00:00 2001 From: Alexander Steshuk Date: Wed, 1 Apr 2020 17:31:21 +0300 Subject: [PATCH 1/5] security-package: Added try/catch to Magento\ReCaptchaUi\Model\RequestHandler.php --- ReCaptchaUi/Model/RequestHandler.php | 18 +++++++++++++----- 1 file changed, 13 insertions(+), 5 deletions(-) diff --git a/ReCaptchaUi/Model/RequestHandler.php b/ReCaptchaUi/Model/RequestHandler.php index 530c8ed8..a1f464cf 100644 --- a/ReCaptchaUi/Model/RequestHandler.php +++ b/ReCaptchaUi/Model/RequestHandler.php @@ -74,12 +74,20 @@ public function execute( HttpResponseInterface $response, string $redirectOnFailureUrl ): void { - $reCaptchaResponse = $this->captchaResponseResolver->resolve($request); - $validationConfig = $this->validationConfigResolver->get($key); - $validationResult = $this->captchaValidator->isValid($reCaptchaResponse, $validationConfig); - if (false === $validationResult->isValid()) { - $this->messageManager->addErrorMessage($validationConfig->getValidationFailureMessage()); + try { + $reCaptchaResponse = $this->captchaResponseResolver->resolve($request); + $validationConfig = $this->validationConfigResolver->get($key); + + $validationResult = $this->captchaValidator->isValid($reCaptchaResponse, $validationConfig); + if (false === $validationResult->isValid()) { + $this->messageManager->addErrorMessage($validationConfig->getValidationFailureMessage()); + $this->actionFlag->set('', Action::FLAG_NO_DISPATCH, true); + + $response->setRedirect($redirectOnFailureUrl); + } + } catch (\Exception $e) { + $this->messageManager->addErrorMessage($e->getMessage()); $this->actionFlag->set('', Action::FLAG_NO_DISPATCH, true); $response->setRedirect($redirectOnFailureUrl); From bd53306cf07316a547fbda586597842633c51ea5 Mon Sep 17 00:00:00 2001 From: Pavel Bystritsky Date: Fri, 3 Apr 2020 13:18:14 +0300 Subject: [PATCH 2/5] security-package: Added try/catch to Magento\ReCaptchaUi\Model\RequestHandler.php --- .../Observer/AjaxLoginObserver.php | 27 +++++++++++++---- ReCaptchaUi/Model/RequestHandler.php | 30 ++++++++++++------- ReCaptchaUser/Observer/LoginObserver.php | 25 +++++++++++++--- 3 files changed, 63 insertions(+), 19 deletions(-) diff --git a/ReCaptchaCustomer/Observer/AjaxLoginObserver.php b/ReCaptchaCustomer/Observer/AjaxLoginObserver.php index 4540b93a..a496f01b 100644 --- a/ReCaptchaCustomer/Observer/AjaxLoginObserver.php +++ b/ReCaptchaCustomer/Observer/AjaxLoginObserver.php @@ -11,12 +11,14 @@ use Magento\Framework\App\ActionFlag; use Magento\Framework\Event\Observer; use Magento\Framework\Event\ObserverInterface; +use Magento\Framework\Exception\InputException; use Magento\Framework\Exception\LocalizedException; use Magento\Framework\Serialize\SerializerInterface; -use Magento\ReCaptchaUi\Model\IsCaptchaEnabledInterface; use Magento\ReCaptchaUi\Model\CaptchaResponseResolverInterface; +use Magento\ReCaptchaUi\Model\IsCaptchaEnabledInterface; use Magento\ReCaptchaUi\Model\ValidationConfigResolverInterface; use Magento\ReCaptchaValidationApi\Api\ValidatorInterface; +use Psr\Log\LoggerInterface; /** * AjaxLoginObserver @@ -53,6 +55,11 @@ class AjaxLoginObserver implements ObserverInterface */ private $isCaptchaEnabled; + /** + * @var LoggerInterface + */ + private $logger; + /** * @param CaptchaResponseResolverInterface $captchaResponseResolver * @param ValidationConfigResolverInterface $validationConfigResolver @@ -60,6 +67,7 @@ class AjaxLoginObserver implements ObserverInterface * @param ActionFlag $actionFlag * @param SerializerInterface $serializer * @param IsCaptchaEnabledInterface $isCaptchaEnabled + * @param LoggerInterface $logger */ public function __construct( CaptchaResponseResolverInterface $captchaResponseResolver, @@ -67,7 +75,8 @@ public function __construct( ValidatorInterface $captchaValidator, ActionFlag $actionFlag, SerializerInterface $serializer, - IsCaptchaEnabledInterface $isCaptchaEnabled + IsCaptchaEnabledInterface $isCaptchaEnabled, + LoggerInterface $logger ) { $this->captchaResponseResolver = $captchaResponseResolver; $this->validationConfigResolver = $validationConfigResolver; @@ -75,6 +84,7 @@ public function __construct( $this->actionFlag = $actionFlag; $this->serializer = $serializer; $this->isCaptchaEnabled = $isCaptchaEnabled; + $this->logger = $logger; } /** @@ -91,11 +101,18 @@ public function execute(Observer $observer): void $request = $controller->getRequest(); $response = $controller->getResponse(); - $reCaptchaResponse = $this->captchaResponseResolver->resolve($request); $validationConfig = $this->validationConfigResolver->get($key); + try { + $reCaptchaResponse = $this->captchaResponseResolver->resolve($request); + } catch (InputException $e) { + $reCaptchaResponse = null; + $this->logger->error($e); + } - $validationResult = $this->captchaValidator->isValid($reCaptchaResponse, $validationConfig); - if (false === $validationResult->isValid()) { + if (null !== $reCaptchaResponse) { + $validationResult = $this->captchaValidator->isValid($reCaptchaResponse, $validationConfig); + } + if (null === $reCaptchaResponse || false === $validationResult->isValid()) { $this->actionFlag->set('', Action::FLAG_NO_DISPATCH, true); $jsonPayload = $this->serializer->serialize([ diff --git a/ReCaptchaUi/Model/RequestHandler.php b/ReCaptchaUi/Model/RequestHandler.php index a1f464cf..a681a265 100644 --- a/ReCaptchaUi/Model/RequestHandler.php +++ b/ReCaptchaUi/Model/RequestHandler.php @@ -11,8 +11,10 @@ use Magento\Framework\App\ActionFlag; use Magento\Framework\App\RequestInterface; use Magento\Framework\App\Response\HttpInterface as HttpResponseInterface; +use Magento\Framework\Exception\InputException; use Magento\Framework\Message\ManagerInterface as MessageManagerInterface; use Magento\ReCaptchaValidationApi\Api\ValidatorInterface; +use Psr\Log\LoggerInterface; /** * @inheritdoc @@ -44,25 +46,33 @@ class RequestHandler implements RequestHandlerInterface */ private $actionFlag; + /** + * @var LoggerInterface + */ + private $logger; + /** * @param CaptchaResponseResolverInterface $captchaResponseResolver * @param ValidationConfigResolverInterface $validationConfigResolver * @param ValidatorInterface $captchaValidator * @param MessageManagerInterface $messageManager * @param ActionFlag $actionFlag + * @param LoggerInterface $logger */ public function __construct( CaptchaResponseResolverInterface $captchaResponseResolver, ValidationConfigResolverInterface $validationConfigResolver, ValidatorInterface $captchaValidator, MessageManagerInterface $messageManager, - ActionFlag $actionFlag + ActionFlag $actionFlag, + LoggerInterface $logger ) { $this->captchaResponseResolver = $captchaResponseResolver; $this->validationConfigResolver = $validationConfigResolver; $this->captchaValidator = $captchaValidator; $this->messageManager = $messageManager; $this->actionFlag = $actionFlag; + $this->logger = $logger; } /** @@ -74,20 +84,20 @@ public function execute( HttpResponseInterface $response, string $redirectOnFailureUrl ): void { - + $validationConfig = $this->validationConfigResolver->get($key); try { $reCaptchaResponse = $this->captchaResponseResolver->resolve($request); - $validationConfig = $this->validationConfigResolver->get($key); + } catch (InputException $e) { + $reCaptchaResponse = null; + $this->logger->error($e); + } + if (null !== $reCaptchaResponse) { $validationResult = $this->captchaValidator->isValid($reCaptchaResponse, $validationConfig); - if (false === $validationResult->isValid()) { - $this->messageManager->addErrorMessage($validationConfig->getValidationFailureMessage()); - $this->actionFlag->set('', Action::FLAG_NO_DISPATCH, true); + } - $response->setRedirect($redirectOnFailureUrl); - } - } catch (\Exception $e) { - $this->messageManager->addErrorMessage($e->getMessage()); + if (null === $reCaptchaResponse || false === $validationResult->isValid()) { + $this->messageManager->addErrorMessage($validationConfig->getValidationFailureMessage()); $this->actionFlag->set('', Action::FLAG_NO_DISPATCH, true); $response->setRedirect($redirectOnFailureUrl); diff --git a/ReCaptchaUser/Observer/LoginObserver.php b/ReCaptchaUser/Observer/LoginObserver.php index 8145af63..b49f27f7 100644 --- a/ReCaptchaUser/Observer/LoginObserver.php +++ b/ReCaptchaUser/Observer/LoginObserver.php @@ -10,12 +10,14 @@ use Magento\Framework\App\RequestInterface; use Magento\Framework\Event\Observer; use Magento\Framework\Event\ObserverInterface; +use Magento\Framework\Exception\InputException; use Magento\Framework\Exception\LocalizedException; use Magento\Framework\Exception\Plugin\AuthenticationException; -use Magento\ReCaptchaUi\Model\IsCaptchaEnabledInterface; use Magento\ReCaptchaUi\Model\CaptchaResponseResolverInterface; +use Magento\ReCaptchaUi\Model\IsCaptchaEnabledInterface; use Magento\ReCaptchaUi\Model\ValidationConfigResolverInterface; use Magento\ReCaptchaValidationApi\Api\ValidatorInterface; +use Psr\Log\LoggerInterface; /** * LoginObserver @@ -52,12 +54,18 @@ class LoginObserver implements ObserverInterface */ private $loginActionName; + /** + * @var LoggerInterface + */ + private $logger; + /** * @param CaptchaResponseResolverInterface $captchaResponseResolver * @param ValidationConfigResolverInterface $validationConfigResolver * @param ValidatorInterface $captchaValidator * @param IsCaptchaEnabledInterface $isCaptchaEnabled * @param RequestInterface $request + * @param LoggerInterface $logger * @param string $loginActionName */ public function __construct( @@ -66,6 +74,7 @@ public function __construct( ValidatorInterface $captchaValidator, IsCaptchaEnabledInterface $isCaptchaEnabled, RequestInterface $request, + LoggerInterface $logger, string $loginActionName ) { $this->captchaResponseResolver = $captchaResponseResolver; @@ -74,6 +83,7 @@ public function __construct( $this->isCaptchaEnabled = $isCaptchaEnabled; $this->request = $request; $this->loginActionName = $loginActionName; + $this->logger = $logger; } /** @@ -88,11 +98,18 @@ public function execute(Observer $observer): void if ($this->isCaptchaEnabled->isCaptchaEnabledFor($key) && $this->request->getFullActionName() === $this->loginActionName ) { - $reCaptchaResponse = $this->captchaResponseResolver->resolve($this->request); $validationConfig = $this->validationConfigResolver->get($key); + try { + $reCaptchaResponse = $this->captchaResponseResolver->resolve($this->request); + } catch (InputException $e) { + $reCaptchaResponse = null; + $this->logger->error($e); + } - $validationResult = $this->captchaValidator->isValid($reCaptchaResponse, $validationConfig); - if (false === $validationResult->isValid()) { + if (null !== $reCaptchaResponse) { + $validationResult = $this->captchaValidator->isValid($reCaptchaResponse, $validationConfig); + } + if (null === $reCaptchaResponse || false === $validationResult->isValid()) { throw new AuthenticationException(__($validationConfig->getValidationFailureMessage())); } } From dae5f03a2eae882ada7d0279df5915f54e5cdf2c Mon Sep 17 00:00:00 2001 From: Pavel Bystritsky Date: Mon, 6 Apr 2020 17:55:26 +0300 Subject: [PATCH 3/5] security-package: Added try/catch to Magento\ReCaptchaUi\Model\RequestHandler.php - PayPalObserver fix. --- ReCaptchaPaypal/Observer/PayPalObserver.php | 16 ++++++---------- 1 file changed, 6 insertions(+), 10 deletions(-) diff --git a/ReCaptchaPaypal/Observer/PayPalObserver.php b/ReCaptchaPaypal/Observer/PayPalObserver.php index c5fe8f2d..35f52057 100644 --- a/ReCaptchaPaypal/Observer/PayPalObserver.php +++ b/ReCaptchaPaypal/Observer/PayPalObserver.php @@ -14,8 +14,8 @@ use Magento\Framework\Exception\InputException; use Magento\Framework\Exception\LocalizedException; use Magento\Framework\Serialize\SerializerInterface; -use Magento\ReCaptchaUi\Model\IsCaptchaEnabledInterface; use Magento\ReCaptchaUi\Model\CaptchaResponseResolverInterface; +use Magento\ReCaptchaUi\Model\IsCaptchaEnabledInterface; use Magento\ReCaptchaUi\Model\ValidationConfigResolverInterface; use Magento\ReCaptchaValidationApi\Api\ValidatorInterface; use Psr\Log\LoggerInterface; @@ -108,19 +108,15 @@ public function execute(Observer $observer): void try { $reCaptchaResponse = $this->captchaResponseResolver->resolve($request); } catch (InputException $e) { + $reCaptchaResponse = null; $this->logger->error($e); + } - $jsonPayload = $this->serializer->serialize([ - 'success' => false, - 'error' => true, - 'error_messages' => $validationConfig->getValidationFailureMessage(), - ]); - $response->representJson($jsonPayload); - return; + if (null !== $reCaptchaResponse) { + $validationResult = $this->captchaValidator->isValid($reCaptchaResponse, $validationConfig); } - $validationResult = $this->captchaValidator->isValid($reCaptchaResponse, $validationConfig); - if (false === $validationResult->isValid()) { + if (null === $reCaptchaResponse || false === $validationResult->isValid()) { $this->actionFlag->set('', Action::FLAG_NO_DISPATCH, true); $jsonPayload = $this->serializer->serialize([ From 531166ee8f570d852a77982f6226753d29ca9efd Mon Sep 17 00:00:00 2001 From: Valerii Naida Date: Tue, 7 Apr 2020 02:05:33 -0500 Subject: [PATCH 4/5] security-package/issues/197: Recaptcha is not required for PayPal PayflowPro payment form --- .../Test/Integration/ContactFormTest.php | 108 +++++++++------ .../Observer/AjaxLoginObserver.php | 35 +++-- .../Test/Integration/AjaxLoginFormTest.php | 121 +++++++++++----- .../Integration/CreateCustomerFormTest.php | 131 +++++++++++------- .../Integration/ForgotPasswordFormTest.php | 117 ++++++++++------ .../Test/Integration/LoginFromTest.php | 118 ++++++++++------ .../Test/Integration/NewsletterFormTest.php | 93 +++++++++---- ReCaptchaPaypal/Observer/PayPalObserver.php | 38 +++-- .../Test/Integration/ReviewFormTest.php | 109 +++++++++------ .../Test/Integration/SendFriendFormTest.php | 117 ++++++++++------ ReCaptchaUi/Model/RequestHandler.php | 26 ++-- ReCaptchaUser/Observer/LoginObserver.php | 8 +- .../Integration/ForgotPasswordFormTest.php | 93 ++++++------- .../Test/Integration/LoginFormTest.php | 97 ++++++------- 14 files changed, 745 insertions(+), 466 deletions(-) diff --git a/ReCaptchaContact/Test/Integration/ContactFormTest.php b/ReCaptchaContact/Test/Integration/ContactFormTest.php index d84782a3..ffa6b2fc 100644 --- a/ReCaptchaContact/Test/Integration/ContactFormTest.php +++ b/ReCaptchaContact/Test/Integration/ContactFormTest.php @@ -9,7 +9,6 @@ use Magento\Framework\App\Request\Http as HttpRequest; use Magento\Framework\Data\Form\FormKey; -use Magento\Framework\Exception\InputException; use Magento\Framework\Message\MessageInterface; use Magento\Framework\Validation\ValidationResult; use Magento\ReCaptchaUi\Model\CaptchaResponseResolverInterface; @@ -43,7 +42,7 @@ class ContactFormTest extends AbstractController /** * @inheritDoc */ - protected function setUp() + protected function setUp(): void { parent::setUp(); $this->formKey = $this->_objectManager->get(FormKey::class); @@ -62,7 +61,7 @@ protected function setUp() * @magentoConfigFixture base_website recaptcha_frontend/type_invisible/public_key test_public_key * @magentoConfigFixture base_website recaptcha_frontend/type_invisible/private_key test_private_key */ - public function testGetRequestIfReCaptchaIsDisabled() + public function testGetRequestIfReCaptchaIsDisabled(): void { $this->setConfig(false, 'test_public_key', 'test_private_key'); @@ -76,7 +75,7 @@ public function testGetRequestIfReCaptchaIsDisabled() * It's needed for proper work of "ifconfig" in layout during tests running * @magentoConfigFixture default_store recaptcha_frontend/type_for/contact invisible */ - public function testGetRequestIfReCaptchaKeysAreNotConfigured() + public function testGetRequestIfReCaptchaKeysAreNotConfigured(): void { $this->setConfig(true, null, null); @@ -92,7 +91,7 @@ public function testGetRequestIfReCaptchaKeysAreNotConfigured() * It's needed for proper work of "ifconfig" in layout during tests running * @magentoConfigFixture default_store recaptcha_frontend/type_for/contact invisible */ - public function testGetRequestIfReCaptchaIsEnabled() + public function testGetRequestIfReCaptchaIsEnabled(): void { $this->setConfig(true, 'test_public_key', 'test_private_key'); @@ -104,22 +103,22 @@ public function testGetRequestIfReCaptchaIsEnabled() * @magentoConfigFixture base_website recaptcha_frontend/type_invisible/public_key test_public_key * @magentoConfigFixture base_website recaptcha_frontend/type_invisible/private_key test_private_key */ - public function testPostRequestIfReCaptchaIsDisabled() + public function testPostRequestIfReCaptchaIsDisabled(): void { $this->setConfig(false, 'test_public_key', 'test_private_key'); - $this->checkPostResponse(true); + $this->checkSuccessfulPostResponse(); } /** * @magentoConfigFixture default_store customer/captcha/enable 0 * @magentoConfigFixture base_website recaptcha_frontend/type_for/contact invisible */ - public function testPostRequestIfReCaptchaKeysAreNotConfigured() + public function testPostRequestIfReCaptchaKeysAreNotConfigured(): void { $this->setConfig(true, null, null); - $this->checkPostResponse(true); + $this->checkSuccessfulPostResponse(); } /** @@ -128,13 +127,12 @@ public function testPostRequestIfReCaptchaKeysAreNotConfigured() * @magentoConfigFixture base_website recaptcha_frontend/type_invisible/private_key test_private_key * @magentoConfigFixture base_website recaptcha_frontend/type_for/contact invisible */ - public function testPostRequestWithSuccessfulReCaptchaValidation() + public function testPostRequestWithSuccessfulReCaptchaValidation(): void { $this->setConfig(true, 'test_public_key', 'test_private_key'); $this->captchaValidationResultMock->expects($this->once())->method('isValid')->willReturn(true); - $this->checkPostResponse( - true, + $this->checkSuccessfulPostResponse( [CaptchaResponseResolverInterface::PARAM_RECAPTCHA => 'test'] ); } @@ -145,14 +143,11 @@ public function testPostRequestWithSuccessfulReCaptchaValidation() * @magentoConfigFixture base_website recaptcha_frontend/type_invisible/private_key test_private_key * @magentoConfigFixture base_website recaptcha_frontend/type_for/contact invisible */ - public function testPostRequestIfReCaptchaParameterIsMissed() + public function testPostRequestIfReCaptchaParameterIsMissed(): void { $this->setConfig(true, 'test_public_key', 'test_private_key'); - $this->expectException(InputException::class); - $this->expectExceptionMessage('Can not resolve reCAPTCHA parameter.'); - - $this->checkPostResponse(false); + $this->checkFailedPostResponse(); } /** @@ -161,21 +156,21 @@ public function testPostRequestIfReCaptchaParameterIsMissed() * @magentoConfigFixture base_website recaptcha_frontend/type_invisible/private_key test_private_key * @magentoConfigFixture base_website recaptcha_frontend/type_for/contact invisible */ - public function testPostRequestWithFailedReCaptchaValidation() + public function testPostRequestWithFailedReCaptchaValidation(): void { $this->setConfig(true, 'test_public_key', 'test_private_key'); $this->captchaValidationResultMock->expects($this->once())->method('isValid')->willReturn(false); - $this->checkPostResponse( - false, + $this->checkFailedPostResponse( [CaptchaResponseResolverInterface::PARAM_RECAPTCHA => 'test'] ); } /** * @param bool $shouldContainReCaptcha + * @return void */ - private function checkSuccessfulGetResponse($shouldContainReCaptcha = false) + private function checkSuccessfulGetResponse($shouldContainReCaptcha = false): void { $this->dispatch('contact/index'); $content = $this->getResponse()->getBody(); @@ -190,10 +185,41 @@ private function checkSuccessfulGetResponse($shouldContainReCaptcha = false) } /** - * @param bool $isSuccessfulRequest * @param array $postValues + * @return void + */ + private function checkSuccessfulPostResponse(array $postValues = []): void + { + $this->makePostRequest($postValues); + + $this->assertSessionMessages( + self::contains( + "Thanks for contacting us with your comments and questions. We'll respond to you very soon." + ), + MessageInterface::TYPE_SUCCESS + ); + self::assertEmpty($this->getSessionMessages(MessageInterface::TYPE_ERROR)); + } + + /** + * @param array $postValues + * @return void + */ + private function checkFailedPostResponse(array $postValues = []): void + { + $this->makePostRequest($postValues); + + $this->assertSessionMessages( + $this->equalTo(['reCAPTCHA verification failed']), + MessageInterface::TYPE_ERROR + ); + } + + /** + * @param array $postValues + * @return void */ - private function checkPostResponse(bool $isSuccessfulRequest, array $postValues = []) + private function makePostRequest(array $postValues = []): void { $this->getRequest() ->setMethod(HttpRequest::METHOD_POST) @@ -208,29 +234,14 @@ private function checkPostResponse(bool $isSuccessfulRequest, array $postValues )); $this->dispatch('contact/index/post'); - $this->assertRedirect(self::stringContains('contact/index')); - - if ($isSuccessfulRequest) { - $this->assertSessionMessages( - self::contains( - "Thanks for contacting us with your comments and questions. We'll respond to you very soon." - ), - MessageInterface::TYPE_SUCCESS - ); - self::assertEmpty($this->getSessionMessages(MessageInterface::TYPE_ERROR)); - } else { - $this->assertSessionMessages( - $this->equalTo(['reCAPTCHA verification failed']), - MessageInterface::TYPE_ERROR - ); - } } /** * @param bool $isEnabled * @param string|null $public * @param string|null $private + * @return void */ private function setConfig(bool $isEnabled, ?string $public, ?string $private): void { @@ -250,4 +261,23 @@ private function setConfig(bool $isEnabled, ?string $public, ?string $private): ScopeInterface::SCOPE_WEBSITE ); } + + public function tearDown(): void + { + $this->mutableScopeConfig->setValue( + 'recaptcha_frontend/type_for/contact', + null, + ScopeInterface::SCOPE_WEBSITE + ); + $this->mutableScopeConfig->setValue( + 'recaptcha_frontend/type_invisible/public_key', + null, + ScopeInterface::SCOPE_WEBSITE + ); + $this->mutableScopeConfig->setValue( + 'recaptcha_frontend/type_invisible/private_key', + null, + ScopeInterface::SCOPE_WEBSITE + ); + } } diff --git a/ReCaptchaCustomer/Observer/AjaxLoginObserver.php b/ReCaptchaCustomer/Observer/AjaxLoginObserver.php index a496f01b..2a2a660b 100644 --- a/ReCaptchaCustomer/Observer/AjaxLoginObserver.php +++ b/ReCaptchaCustomer/Observer/AjaxLoginObserver.php @@ -9,6 +9,7 @@ use Magento\Framework\App\Action\Action; use Magento\Framework\App\ActionFlag; +use Magento\Framework\App\ResponseInterface; use Magento\Framework\Event\Observer; use Magento\Framework\Event\ObserverInterface; use Magento\Framework\Exception\InputException; @@ -102,25 +103,35 @@ public function execute(Observer $observer): void $response = $controller->getResponse(); $validationConfig = $this->validationConfigResolver->get($key); + try { $reCaptchaResponse = $this->captchaResponseResolver->resolve($request); } catch (InputException $e) { - $reCaptchaResponse = null; $this->logger->error($e); + $this->processError($response, $validationConfig->getValidationFailureMessage()); + return; } - if (null !== $reCaptchaResponse) { - $validationResult = $this->captchaValidator->isValid($reCaptchaResponse, $validationConfig); - } - if (null === $reCaptchaResponse || false === $validationResult->isValid()) { - $this->actionFlag->set('', Action::FLAG_NO_DISPATCH, true); - - $jsonPayload = $this->serializer->serialize([ - 'errors' => true, - 'message' => $validationConfig->getValidationFailureMessage(), - ]); - $response->representJson($jsonPayload); + $validationResult = $this->captchaValidator->isValid($reCaptchaResponse, $validationConfig); + if (false === $validationResult->isValid()) { + $this->processError($response, $validationConfig->getValidationFailureMessage()); } } } + + /** + * @param ResponseInterface $response + * @param string $message + * @return void + */ + private function processError(ResponseInterface $response, string $message): void + { + $this->actionFlag->set('', Action::FLAG_NO_DISPATCH, true); + + $jsonPayload = $this->serializer->serialize([ + 'errors' => true, + 'message' => $message, + ]); + $response->representJson($jsonPayload); + } } diff --git a/ReCaptchaCustomer/Test/Integration/AjaxLoginFormTest.php b/ReCaptchaCustomer/Test/Integration/AjaxLoginFormTest.php index 79de6c8a..79e97200 100644 --- a/ReCaptchaCustomer/Test/Integration/AjaxLoginFormTest.php +++ b/ReCaptchaCustomer/Test/Integration/AjaxLoginFormTest.php @@ -10,7 +10,6 @@ use Magento\Framework\App\Request\Http; use Magento\Framework\App\ResponseInterface; use Magento\Framework\Data\Form\FormKey; -use Magento\Framework\Exception\InputException; use Magento\Framework\Message\MessageInterface; use Magento\Framework\Validation\ValidationResult; use Magento\ReCaptchaUi\Model\CaptchaResponseResolverInterface; @@ -51,7 +50,7 @@ class AjaxLoginFormTest extends AbstractController /** * @inheritDoc */ - protected function setUp() + protected function setUp(): void { parent::setUp(); $this->mutableScopeConfig = $this->_objectManager->get(MutableScopeConfig::class); @@ -71,7 +70,7 @@ protected function setUp() * @magentoConfigFixture base_website recaptcha_frontend/type_invisible/public_key test_public_key * @magentoConfigFixture base_website recaptcha_frontend/type_invisible/private_key test_private_key */ - public function testGetRequestIfReCaptchaIsDisabled() + public function testGetRequestIfReCaptchaIsDisabled(): void { $this->setConfig(false, 'test_public_key', 'test_private_key'); @@ -85,7 +84,7 @@ public function testGetRequestIfReCaptchaIsDisabled() * It's needed for proper work of "ifconfig" in layout during tests running * @magentoConfigFixture default_store recaptcha_frontend/type_for/customer_login invisible */ - public function testGetRequestIfReCaptchaKeysAreNotConfigured() + public function testGetRequestIfReCaptchaKeysAreNotConfigured(): void { $this->setConfig(true, null, null); @@ -101,7 +100,7 @@ public function testGetRequestIfReCaptchaKeysAreNotConfigured() * It's needed for proper work of "ifconfig" in layout during tests running * @magentoConfigFixture default_store recaptcha_frontend/type_for/customer_login invisible */ - public function testGetRequestIfReCaptchaIsEnabled() + public function testGetRequestIfReCaptchaIsEnabled(): void { $this->setConfig(true, 'test_public_key', 'test_private_key'); @@ -113,30 +112,39 @@ public function testGetRequestIfReCaptchaIsEnabled() * @magentoConfigFixture base_website recaptcha_frontend/type_invisible/public_key test_public_key * @magentoConfigFixture base_website recaptcha_frontend/type_invisible/private_key test_private_key */ - public function testPostRequestIfReCaptchaIsDisabled() + public function testPostRequestIfReCaptchaIsDisabled(): void { $this->setConfig(false, 'test_public_key', 'test_private_key'); - $this->checkPostResponse(false, 'Login successful.', [CaptchaResponseResolverInterface::PARAM_RECAPTCHA => 'test']); + $this->checkSuccessfulPostResponse( + [CaptchaResponseResolverInterface::PARAM_RECAPTCHA => 'test'] + ); } /** * @magentoConfigFixture default_store customer/captcha/enable 0 * @magentoConfigFixture base_website recaptcha_frontend/type_for/customer_login invisible */ - public function testPostRequestIfReCaptchaKeysAreNotConfigured() + public function testPostRequestIfReCaptchaKeysAreNotConfigured(): void { $this->setConfig(true, null, null); - $this->checkPostResponse(false, 'Login successful.', [CaptchaResponseResolverInterface::PARAM_RECAPTCHA => 'test']); + $this->checkSuccessfulPostResponse( + [CaptchaResponseResolverInterface::PARAM_RECAPTCHA => 'test'] + ); } - public function testPostRequestWithSuccessfulReCaptchaValidation() + /** + * @magentoConfigFixture default_store customer/captcha/enable 0 + */ + public function testPostRequestWithSuccessfulReCaptchaValidation(): void { $this->setConfig(true, 'test_public_key', 'test_private_key'); $this->captchaValidationResultMock->expects($this->once())->method('isValid')->willReturn(true); - $this->checkPostResponse(false, 'Login successful.', [CaptchaResponseResolverInterface::PARAM_RECAPTCHA => 'test']); + $this->checkSuccessfulPostResponse( + [CaptchaResponseResolverInterface::PARAM_RECAPTCHA => 'test'] + ); } /** @@ -145,14 +153,11 @@ public function testPostRequestWithSuccessfulReCaptchaValidation() * @magentoConfigFixture base_website recaptcha_frontend/type_invisible/private_key test_private_key * @magentoConfigFixture base_website recaptcha_frontend/type_for/customer_login invisible */ - public function testPostRequestIfReCaptchaParameterIsMissed() + public function testPostRequestIfReCaptchaParameterIsMissed(): void { $this->setConfig(true, 'test_public_key', 'test_private_key'); - $this->expectException(InputException::class); - $this->expectExceptionMessage('Can not resolve reCAPTCHA response.'); - - $this->checkPostResponse(null, null); + $this->checkFailedPostResponse(); } /** @@ -161,18 +166,21 @@ public function testPostRequestIfReCaptchaParameterIsMissed() * @magentoConfigFixture base_website recaptcha_frontend/type_invisible/private_key test_private_key * @magentoConfigFixture base_website recaptcha_frontend/type_for/customer_login invisible */ - public function testPostRequestWithFailedReCaptchaValidation() + public function testPostRequestWithFailedReCaptchaValidation(): void { $this->setConfig(true, 'test_public_key', 'test_private_key'); $this->captchaValidationResultMock->expects($this->once())->method('isValid')->willReturn(false); - $this->checkPostResponse(true, 'reCAPTCHA verification failed', [CaptchaResponseResolverInterface::PARAM_RECAPTCHA => 'test']); + $this->checkFailedPostResponse( + [CaptchaResponseResolverInterface::PARAM_RECAPTCHA => 'test'] + ); } /** * @param bool $shouldContainReCaptcha + * @return void */ - private function checkSuccessfulGetResponse($shouldContainReCaptcha = false) + private function checkSuccessfulGetResponse($shouldContainReCaptcha = false): void { $this->dispatch('/'); $content = $this->getResponse()->getBody(); @@ -187,13 +195,46 @@ private function checkSuccessfulGetResponse($shouldContainReCaptcha = false) } /** - * @param bool|null $errors - * @param string|null $message + * @param array $postValues + * @return void + */ + private function checkSuccessfulPostResponse(array $postValues = []): void + { + $this->makePostRequest($postValues); + + $expected = json_encode(['errors' => false, 'message' => 'Login successful.']); + + $this->assertEquals( + $expected, + $this->response->getContent() + ); + } + + /** + * @param array $postValues + * @return void */ - private function checkPostResponse(?bool $errors, ?string $message, array $postValues = []) + private function checkFailedPostResponse(array $postValues = []): void + { + $this->makePostRequest($postValues); + + $expected = json_encode(['errors' => true, 'message' => 'reCAPTCHA verification failed']); + + $this->assertEquals( + $expected, + $this->response->getContent() + ); + } + + /** + * @param array $postValues + * @return void + */ + private function makePostRequest(array $postValues = []): void { $data = array_replace_recursive( [ + 'form_key' => $this->formKey->getFormKey(), 'username' => 'customer@example.com', 'password' => 'password', 'captcha_form_id' => 'user_login', @@ -207,26 +248,13 @@ private function checkPostResponse(?bool $errors, ?string $message, array $postV ->setContent(json_encode($data)); $this->dispatch('customer/ajax/login'); - - $code = $this->response->getHttpResponseCode(); - $this->assertEquals( - 200, - $code, - 'Incorrect response code' - ); - - $expected = json_encode(['errors' => $errors, 'message' => $message]); - - $this->assertEquals( - $expected, - $this->response->getContent() - ); } /** * @param bool $isEnabled * @param string|null $public * @param string|null $private + * @return void */ private function setConfig(bool $isEnabled, ?string $public, ?string $private): void { @@ -246,4 +274,25 @@ private function setConfig(bool $isEnabled, ?string $public, ?string $private): ScopeInterface::SCOPE_WEBSITE ); } + + protected function tearDown(): void + { + parent::tearDown(); + + $this->mutableScopeConfig->setValue( + 'recaptcha_frontend/type_for/customer_login', + null, + ScopeInterface::SCOPE_WEBSITE + ); + $this->mutableScopeConfig->setValue( + 'recaptcha_frontend/type_invisible/public_key', + null, + ScopeInterface::SCOPE_WEBSITE + ); + $this->mutableScopeConfig->setValue( + 'recaptcha_frontend/type_invisible/private_key', + null, + ScopeInterface::SCOPE_WEBSITE + ); + } } diff --git a/ReCaptchaCustomer/Test/Integration/CreateCustomerFormTest.php b/ReCaptchaCustomer/Test/Integration/CreateCustomerFormTest.php index ec79e14f..3155ca6e 100644 --- a/ReCaptchaCustomer/Test/Integration/CreateCustomerFormTest.php +++ b/ReCaptchaCustomer/Test/Integration/CreateCustomerFormTest.php @@ -10,8 +10,6 @@ use Magento\Customer\Api\CustomerRepositoryInterface; use Magento\Framework\App\Request\Http; use Magento\Framework\Data\Form\FormKey; -use Magento\Framework\Exception\InputException; -use Magento\Framework\Exception\LocalizedException; use Magento\Framework\Exception\NoSuchEntityException; use Magento\Framework\Message\MessageInterface; use Magento\Framework\Registry; @@ -63,7 +61,7 @@ class CreateCustomerFormTest extends AbstractController /** * @inheritDoc */ - protected function setUp() + protected function setUp(): void { parent::setUp(); $this->mutableScopeConfig = $this->_objectManager->get(MutableScopeConfig::class); @@ -86,7 +84,7 @@ protected function setUp() * @magentoConfigFixture base_website recaptcha_frontend/type_invisible/public_key test_public_key * @magentoConfigFixture base_website recaptcha_frontend/type_invisible/private_key test_private_key */ - public function testGetRequestIfReCaptchaIsDisabled() + public function testGetRequestIfReCaptchaIsDisabled(): void { $this->setConfig(false, 'test_public_key', 'test_private_key'); @@ -100,7 +98,7 @@ public function testGetRequestIfReCaptchaIsDisabled() * It's needed for proper work of "ifconfig" in layout during tests running * @magentoConfigFixture default_store recaptcha_frontend/type_for/customer_create invisible */ - public function testGetRequestIfReCaptchaKeysAreNotConfigured() + public function testGetRequestIfReCaptchaKeysAreNotConfigured(): void { $this->setConfig(true, null, null); @@ -116,7 +114,7 @@ public function testGetRequestIfReCaptchaKeysAreNotConfigured() * It's needed for proper work of "ifconfig" in layout during tests running * @magentoConfigFixture default_store recaptcha_frontend/type_for/customer_create invisible */ - public function testGetRequestIfReCaptchaIsEnabled() + public function testGetRequestIfReCaptchaIsEnabled(): void { $this->setConfig(true, 'test_public_key', 'test_private_key'); @@ -128,22 +126,22 @@ public function testGetRequestIfReCaptchaIsEnabled() * @magentoConfigFixture base_website recaptcha_frontend/type_invisible/public_key test_public_key * @magentoConfigFixture base_website recaptcha_frontend/type_invisible/private_key test_private_key */ - public function testPostRequestIfReCaptchaIsDisabled() + public function testPostRequestIfReCaptchaIsDisabled(): void { $this->setConfig(false, 'test_public_key', 'test_private_key'); - $this->checkPostResponse(true); + $this->checkSuccessfulPostResponse(); } /** * @magentoConfigFixture default_store customer/captcha/enable 0 * @magentoConfigFixture base_website recaptcha_frontend/type_for/customer_create invisible */ - public function testPostRequestIfReCaptchaKeysAreNotConfigured() + public function testPostRequestIfReCaptchaKeysAreNotConfigured(): void { $this->setConfig(true, null, null); - $this->checkPostResponse(true); + $this->checkSuccessfulPostResponse(); } /** @@ -152,13 +150,12 @@ public function testPostRequestIfReCaptchaKeysAreNotConfigured() * @magentoConfigFixture base_website recaptcha_frontend/type_invisible/private_key test_private_key * @magentoConfigFixture base_website recaptcha_frontend/type_for/customer_create invisible */ - public function testPostRequestWithSuccessfulReCaptchaValidation() + public function testPostRequestWithSuccessfulReCaptchaValidation(): void { $this->setConfig(true, 'test_public_key', 'test_private_key'); $this->captchaValidationResultMock->expects($this->once())->method('isValid')->willReturn(true); - $this->checkPostResponse( - true, + $this->checkSuccessfulPostResponse( [CaptchaResponseResolverInterface::PARAM_RECAPTCHA => 'test'] ); } @@ -169,14 +166,11 @@ public function testPostRequestWithSuccessfulReCaptchaValidation() * @magentoConfigFixture base_website recaptcha_frontend/type_invisible/private_key test_private_key * @magentoConfigFixture base_website recaptcha_frontend/type_for/customer_create invisible */ - public function testPostRequestIfReCaptchaParameterIsMissed() + public function testPostRequestIfReCaptchaParameterIsMissed(): void { $this->setConfig(true, 'test_public_key', 'test_private_key'); - $this->expectException(InputException::class); - $this->expectExceptionMessage('Can not resolve reCAPTCHA parameter.'); - - $this->checkPostResponse(false); + $this->checkFailedPostResponse(); } /** @@ -185,21 +179,21 @@ public function testPostRequestIfReCaptchaParameterIsMissed() * @magentoConfigFixture base_website recaptcha_frontend/type_invisible/private_key test_private_key * @magentoConfigFixture base_website recaptcha_frontend/type_for/customer_create invisible */ - public function testPostRequestWithFailedReCaptchaValidation() + public function testPostRequestWithFailedReCaptchaValidation(): void { $this->setConfig(true, 'test_public_key', 'test_private_key'); $this->captchaValidationResultMock->expects($this->once())->method('isValid')->willReturn(false); - $this->checkPostResponse( - false, + $this->checkFailedPostResponse( [CaptchaResponseResolverInterface::PARAM_RECAPTCHA => 'test'] ); } /** * @param bool $shouldContainReCaptcha + * @return void */ - private function checkSuccessfulGetResponse($shouldContainReCaptcha = false) + private function checkSuccessfulGetResponse($shouldContainReCaptcha = false): void { $this->dispatch('customer/account/create'); $content = $this->getResponse()->getBody(); @@ -214,14 +208,46 @@ private function checkSuccessfulGetResponse($shouldContainReCaptcha = false) } /** - * @param bool $isSuccessfulRequest * @param array $postValues + * @return void */ - private function checkPostResponse(bool $isSuccessfulRequest, array $postValues = []) + private function checkSuccessfulPostResponse(array $postValues = []): void { - $email = 'dummy@dummy.com'; - $password = 'Password1'; + $this->makePostRequest($postValues); + + $this->assertRedirect(self::equalTo($this->url->getRouteUrl('customer/account'))); + $customer = $this->customerRepository->get('dummy@dummy.com'); + self::assertNotNull($customer->getId()); + self::assertEmpty($this->getSessionMessages(MessageInterface::TYPE_ERROR)); + } + /** + * @param array $postValues + * @return void + */ + private function checkFailedPostResponse(array $postValues = []): void + { + $this->makePostRequest($postValues); + + $this->assertRedirect(self::equalTo($this->url->getRouteUrl('customer/account/create'))); + try { + $this->customerRepository->get('dummy@dummy.com'); + self::fail('Customer should not be created'); + } catch (NoSuchEntityException $e) { + // Customer should not be created + } + $this->assertSessionMessages( + self::equalTo(['reCAPTCHA verification failed']), + MessageInterface::TYPE_ERROR + ); + } + + /** + * @param array $postValues + * @return void + */ + private function makePostRequest(array $postValues = []): void + { $this->getRequest() ->setMethod(Http::METHOD_POST) ->setPostValue( @@ -229,9 +255,9 @@ private function checkPostResponse(bool $isSuccessfulRequest, array $postValues [ 'firstname' => 'first_name', 'lastname' => 'last_name', - 'email' => $email, - 'password' => $password, - 'password_confirmation' => $password, + 'email' => 'dummy@dummy.com', + 'password' => 'Password1', + 'password_confirmation' => 'Password1', 'form_key' => $this->formKey->getFormKey() ], $postValues @@ -239,31 +265,13 @@ private function checkPostResponse(bool $isSuccessfulRequest, array $postValues ); $this->dispatch('customer/account/createpost'); - - if ($isSuccessfulRequest) { - $this->assertRedirect(self::equalTo($this->url->getRouteUrl('customer/account'))); - $customer = $this->customerRepository->get($email); - self::assertNotNull($customer->getId()); - self::assertEmpty($this->getSessionMessages(MessageInterface::TYPE_ERROR)); - } else { - $this->assertRedirect(self::equalTo($this->url->getRouteUrl('customer/account/create'))); - try { - $this->customerRepository->get($email); - self::fail('Customer should not be created'); - } catch (NoSuchEntityException $e) { - // Customer should not be created - } - $this->assertSessionMessages( - self::equalTo(['reCAPTCHA verification failed']), - MessageInterface::TYPE_ERROR - ); - } } /** * @param bool $isEnabled * @param string|null $public * @param string|null $private + * @return void */ private function setConfig(bool $isEnabled, ?string $public, ?string $private): void { @@ -284,7 +292,26 @@ private function setConfig(bool $isEnabled, ?string $public, ?string $private): ); } - public function tearDown() + private function resetConfig(): void + { + $this->mutableScopeConfig->setValue( + 'recaptcha_frontend/type_for/customer_create', + null, + ScopeInterface::SCOPE_WEBSITE + ); + $this->mutableScopeConfig->setValue( + 'recaptcha_frontend/type_invisible/public_key', + null, + ScopeInterface::SCOPE_WEBSITE + ); + $this->mutableScopeConfig->setValue( + 'recaptcha_frontend/type_invisible/private_key', + null, + ScopeInterface::SCOPE_WEBSITE + ); + } + + private function deleteCustomer(): void { $email = 'dummy@dummy.com'; try { @@ -298,7 +325,13 @@ public function tearDown() $this->customerRepository->delete($customer); $this->registry->unregister('isSecureArea'); $this->registry->register('isSecureArea', false); + } + public function tearDown(): void + { + parent::tearDown(); + $this->resetConfig(); + $this->deleteCustomer(); } } diff --git a/ReCaptchaCustomer/Test/Integration/ForgotPasswordFormTest.php b/ReCaptchaCustomer/Test/Integration/ForgotPasswordFormTest.php index 8752b4be..55d40b15 100644 --- a/ReCaptchaCustomer/Test/Integration/ForgotPasswordFormTest.php +++ b/ReCaptchaCustomer/Test/Integration/ForgotPasswordFormTest.php @@ -9,7 +9,6 @@ use Magento\Framework\App\Request\Http; use Magento\Framework\Data\Form\FormKey; -use Magento\Framework\Exception\InputException; use Magento\Framework\Message\MessageInterface; use Magento\Framework\UrlInterface; use Magento\Framework\Validation\ValidationResult; @@ -56,14 +55,14 @@ class ForgotPasswordFormTest extends AbstractController /** * @inheritDoc */ - protected function setUp() + protected function setUp(): void { parent::setUp(); $this->mutableScopeConfig = $this->_objectManager->get(MutableScopeConfig::class); $this->formKey = $this->_objectManager->get(FormKey::class); - $this->url = $this->_objectManager->get(UrlInterface::class); $this->transportMock = $this->_objectManager->get(TransportBuilderMock::class); + $this->captchaValidationResultMock = $this->createMock(ValidationResult::class); $captchaValidationResultMock = $this->createMock(Validator::class); $captchaValidationResultMock->expects($this->any()) @@ -77,7 +76,7 @@ protected function setUp() * @magentoConfigFixture base_website recaptcha_frontend/type_invisible/public_key test_public_key * @magentoConfigFixture base_website recaptcha_frontend/type_invisible/private_key test_private_key */ - public function testGetRequestIfReCaptchaIsDisabled() + public function testGetRequestIfReCaptchaIsDisabled(): void { $this->setConfig(false, 'test_public_key', 'test_private_key'); @@ -91,7 +90,7 @@ public function testGetRequestIfReCaptchaIsDisabled() * It's needed for proper work of "ifconfig" in layout during tests running * @magentoConfigFixture default_store recaptcha_frontend/type_for/customer_forgot_password invisible */ - public function testGetRequestIfReCaptchaKeysAreNotConfigured() + public function testGetRequestIfReCaptchaKeysAreNotConfigured(): void { $this->setConfig(true, null, null); @@ -107,7 +106,7 @@ public function testGetRequestIfReCaptchaKeysAreNotConfigured() * It's needed for proper work of "ifconfig" in layout during tests running * @magentoConfigFixture default_store recaptcha_frontend/type_for/customer_forgot_password invisible */ - public function testGetRequestIfReCaptchaIsEnabled() + public function testGetRequestIfReCaptchaIsEnabled(): void { $this->setConfig(true, 'test_public_key', 'test_private_key'); @@ -119,22 +118,22 @@ public function testGetRequestIfReCaptchaIsEnabled() * @magentoConfigFixture base_website recaptcha_frontend/type_invisible/public_key test_public_key * @magentoConfigFixture base_website recaptcha_frontend/type_invisible/private_key test_private_key */ - public function testPostRequestIfReCaptchaIsDisabled() + public function testPostRequestIfReCaptchaIsDisabled(): void { $this->setConfig(false, 'test_public_key', 'test_private_key'); - $this->checkPostResponse(true); + $this->checkSuccessfulPostResponse(); } /** * @magentoConfigFixture default_store customer/captcha/enable 0 * @magentoConfigFixture base_website recaptcha_frontend/type_for/customer_forgot_password invisible */ - public function testPostRequestIfReCaptchaKeysAreNotConfigured() + public function testPostRequestIfReCaptchaKeysAreNotConfigured(): void { $this->setConfig(true, null, null); - $this->checkPostResponse(true); + $this->checkSuccessfulPostResponse(); } /** @@ -143,13 +142,12 @@ public function testPostRequestIfReCaptchaKeysAreNotConfigured() * @magentoConfigFixture base_website recaptcha_frontend/type_invisible/private_key test_private_key * @magentoConfigFixture base_website recaptcha_frontend/type_for/customer_forgot_password invisible */ - public function testPostRequestWithSuccessfulReCaptchaValidation() + public function testPostRequestWithSuccessfulReCaptchaValidation(): void { $this->setConfig(true, 'test_public_key', 'test_private_key'); $this->captchaValidationResultMock->expects($this->once())->method('isValid')->willReturn(true); - $this->checkPostResponse( - true, + $this->checkSuccessfulPostResponse( [ CaptchaResponseResolverInterface::PARAM_RECAPTCHA => 'test', ] @@ -162,14 +160,11 @@ public function testPostRequestWithSuccessfulReCaptchaValidation() * @magentoConfigFixture base_website recaptcha_frontend/type_invisible/private_key test_private_key * @magentoConfigFixture base_website recaptcha_frontend/type_for/customer_forgot_password invisible */ - public function testPostRequestIfReCaptchaParameterIsMissed() + public function testPostRequestIfReCaptchaParameterIsMissed(): void { $this->setConfig(true, 'test_public_key', 'test_private_key'); - $this->expectException(InputException::class); - $this->expectExceptionMessage('Can not resolve reCAPTCHA parameter.'); - - $this->checkPostResponse(false); + $this->checkFailedPostResponse(); } /** @@ -178,21 +173,21 @@ public function testPostRequestIfReCaptchaParameterIsMissed() * @magentoConfigFixture base_website recaptcha_frontend/type_invisible/private_key test_private_key * @magentoConfigFixture base_website recaptcha_frontend/type_for/customer_forgot_password invisible */ - public function testPostRequestWithFailedReCaptchaValidation() + public function testPostRequestWithFailedReCaptchaValidation(): void { $this->setConfig(true, 'test_public_key', 'test_private_key'); $this->captchaValidationResultMock->expects($this->once())->method('isValid')->willReturn(false); - $this->checkPostResponse( - false, + $this->checkFailedPostResponse( [CaptchaResponseResolverInterface::PARAM_RECAPTCHA => 'test'] ); } /** * @param bool $shouldContainReCaptcha + * @return void */ - private function checkSuccessfulGetResponse($shouldContainReCaptcha = false) + private function checkSuccessfulGetResponse($shouldContainReCaptcha = false): void { $this->dispatch('customer/account/forgotpassword'); $content = $this->getResponse()->getBody(); @@ -207,19 +202,51 @@ private function checkSuccessfulGetResponse($shouldContainReCaptcha = false) } /** - * @param bool $isSuccessfulRequest * @param array $postValues + * @return void */ - private function checkPostResponse(bool $isSuccessfulRequest, array $postValues = []) + private function checkSuccessfulPostResponse(array $postValues = []): void { - $email = 'customer@example.com'; + $this->makePostRequest($postValues); + $this->assertRedirect(self::equalTo($this->url->getRouteUrl('customer/account'))); + self::assertEmpty($this->getSessionMessages(MessageInterface::TYPE_ERROR)); + + $message = $this->transportMock->getSentMessage(); + self::assertNotEmpty($message); + self::assertEquals('Reset your Main Website Store password', $message->getSubject()); + } + + /** + * @param array $postValues + * @return void + */ + private function checkFailedPostResponse(array $postValues = []): void + { + $this->makePostRequest($postValues); + + $this->assertRedirect(self::equalTo($this->url->getRouteUrl('customer/account/forgotpassword'))); + $this->assertSessionMessages( + self::equalTo(['reCAPTCHA verification failed']), + MessageInterface::TYPE_ERROR + ); + + $message = $this->transportMock->getSentMessage(); + self::assertEmpty($message); + } + + /** + * @param array $postValues + * @return void + */ + private function makePostRequest(array $postValues = []): void + { $this->getRequest() ->setMethod(Http::METHOD_POST) ->setPostValue( array_merge_recursive( [ - 'email' => $email, + 'email' => 'customer@example.com', 'form_key' => $this->formKey->getFormKey(), ], $postValues @@ -227,28 +254,13 @@ private function checkPostResponse(bool $isSuccessfulRequest, array $postValues ); $this->dispatch('customer/account/forgotpasswordpost'); - - $message = $this->transportMock->getSentMessage(); - - if ($isSuccessfulRequest) { - $this->assertRedirect(self::equalTo($this->url->getRouteUrl('customer/account'))); - self::assertEmpty($this->getSessionMessages(MessageInterface::TYPE_ERROR)); - self::assertNotEmpty($message); - self::assertEquals('Reset your Main Website Store password', $message->getSubject()); - } else { - $this->assertRedirect(self::equalTo($this->url->getRouteUrl('customer/account/forgotpassword'))); - $this->assertSessionMessages( - self::equalTo(['reCAPTCHA verification failed']), - MessageInterface::TYPE_ERROR - ); - self::assertEmpty($message); - } } /** * @param bool $isEnabled * @param string|null $public * @param string|null $private + * @return void */ private function setConfig(bool $isEnabled, ?string $public, ?string $private): void { @@ -268,4 +280,25 @@ private function setConfig(bool $isEnabled, ?string $public, ?string $private): ScopeInterface::SCOPE_WEBSITE ); } + + protected function tearDown(): void + { + parent::tearDown(); + + $this->mutableScopeConfig->setValue( + 'recaptcha_frontend/type_for/customer_forgot_password', + null, + ScopeInterface::SCOPE_WEBSITE + ); + $this->mutableScopeConfig->setValue( + 'recaptcha_frontend/type_invisible/public_key', + null, + ScopeInterface::SCOPE_WEBSITE + ); + $this->mutableScopeConfig->setValue( + 'recaptcha_frontend/type_invisible/private_key', + null, + ScopeInterface::SCOPE_WEBSITE + ); + } } diff --git a/ReCaptchaCustomer/Test/Integration/LoginFromTest.php b/ReCaptchaCustomer/Test/Integration/LoginFromTest.php index 4385522e..dafa8f28 100644 --- a/ReCaptchaCustomer/Test/Integration/LoginFromTest.php +++ b/ReCaptchaCustomer/Test/Integration/LoginFromTest.php @@ -10,7 +10,6 @@ use Magento\Customer\Model\Session; use Magento\Framework\App\Request\Http; use Magento\Framework\Data\Form\FormKey; -use Magento\Framework\Exception\InputException; use Magento\Framework\Message\MessageInterface; use Magento\Framework\UrlInterface; use Magento\Framework\Validation\ValidationResult; @@ -56,12 +55,11 @@ class LoginFromTest extends AbstractController /** * @inheritDoc */ - protected function setUp() + protected function setUp(): void { parent::setUp(); $this->mutableScopeConfig = $this->_objectManager->get(MutableScopeConfig::class); $this->formKey = $this->_objectManager->get(FormKey::class); - $this->session = $this->_objectManager->get(Session::class); $this->url = $this->_objectManager->get(UrlInterface::class); @@ -78,7 +76,7 @@ protected function setUp() * @magentoConfigFixture base_website recaptcha_frontend/type_invisible/public_key test_public_key * @magentoConfigFixture base_website recaptcha_frontend/type_invisible/private_key test_private_key */ - public function testGetRequestIfReCaptchaIsDisabled() + public function testGetRequestIfReCaptchaIsDisabled(): void { $this->setConfig(false, 'test_public_key', 'test_private_key'); @@ -92,7 +90,7 @@ public function testGetRequestIfReCaptchaIsDisabled() * It's needed for proper work of "ifconfig" in layout during tests running * @magentoConfigFixture default_store recaptcha_frontend/type_for/customer_login invisible */ - public function testGetRequestIfReCaptchaKeysAreNotConfigured() + public function testGetRequestIfReCaptchaKeysAreNotConfigured(): void { $this->setConfig(true, null, null); @@ -108,7 +106,7 @@ public function testGetRequestIfReCaptchaKeysAreNotConfigured() * It's needed for proper work of "ifconfig" in layout during tests running * @magentoConfigFixture default_store recaptcha_frontend/type_for/customer_login invisible */ - public function testGetRequestIfReCaptchaIsEnabled() + public function testGetRequestIfReCaptchaIsEnabled(): void { $this->setConfig(true, 'test_public_key', 'test_private_key'); @@ -120,22 +118,22 @@ public function testGetRequestIfReCaptchaIsEnabled() * @magentoConfigFixture base_website recaptcha_frontend/type_invisible/public_key test_public_key * @magentoConfigFixture base_website recaptcha_frontend/type_invisible/private_key test_private_key */ - public function testPostRequestIfReCaptchaIsDisabled() + public function testPostRequestIfReCaptchaIsDisabled(): void { $this->setConfig(false, 'test_public_key', 'test_private_key'); - $this->checkPostResponse(true); + $this->checkSuccessfulPostResponse(); } /** * @magentoConfigFixture default_store customer/captcha/enable 0 * @magentoConfigFixture base_website recaptcha_frontend/type_for/customer_login invisible */ - public function testPostRequestIfReCaptchaKeysAreNotConfigured() + public function testPostRequestIfReCaptchaKeysAreNotConfigured(): void { $this->setConfig(true, null, null); - $this->checkPostResponse(true); + $this->checkSuccessfulPostResponse(); } /** @@ -144,13 +142,12 @@ public function testPostRequestIfReCaptchaKeysAreNotConfigured() * @magentoConfigFixture base_website recaptcha_frontend/type_invisible/private_key test_private_key * @magentoConfigFixture base_website recaptcha_frontend/type_for/customer_login invisible */ - public function testPostRequestWithSuccessfulReCaptchaValidation() + public function testPostRequestWithSuccessfulReCaptchaValidation(): void { $this->setConfig(true, 'test_public_key', 'test_private_key'); $this->captchaValidationResultMock->expects($this->once())->method('isValid')->willReturn(true); - $this->checkPostResponse( - true, + $this->checkSuccessfulPostResponse( [CaptchaResponseResolverInterface::PARAM_RECAPTCHA => 'test'] ); } @@ -161,14 +158,11 @@ public function testPostRequestWithSuccessfulReCaptchaValidation() * @magentoConfigFixture base_website recaptcha_frontend/type_invisible/private_key test_private_key * @magentoConfigFixture base_website recaptcha_frontend/type_for/customer_login invisible */ - public function testPostRequestIfReCaptchaParameterIsMissed() + public function testPostRequestIfReCaptchaParameterIsMissed(): void { $this->setConfig(true, 'test_public_key', 'test_private_key'); - $this->expectException(InputException::class); - $this->expectExceptionMessage('Can not resolve reCAPTCHA parameter.'); - - $this->checkPostResponse(false); + $this->checkFailedPostResponse(); } /** @@ -177,23 +171,23 @@ public function testPostRequestIfReCaptchaParameterIsMissed() * @magentoConfigFixture base_website recaptcha_frontend/type_invisible/private_key test_private_key * @magentoConfigFixture base_website recaptcha_frontend/type_for/customer_login invisible */ - public function testPostRequestWithFailedReCaptchaValidation() + public function testPostRequestWithFailedReCaptchaValidation(): void { $this->setConfig(true, 'test_public_key', 'test_private_key'); $this->captchaValidationResultMock->expects($this->once())->method('isValid')->willReturn(false); $this->session->setBeforeAuthUrl($this->url->getRouteUrl('customer/account/login')); - $this->checkPostResponse( - false, + $this->checkFailedPostResponse( [CaptchaResponseResolverInterface::PARAM_RECAPTCHA => 'test'] ); } /** * @param bool $shouldContainReCaptcha + * @return void */ - private function checkSuccessfulGetResponse($shouldContainReCaptcha = false) + private function checkSuccessfulGetResponse($shouldContainReCaptcha = false): void { $this->dispatch('customer/account/login'); $content = $this->getResponse()->getBody(); @@ -208,14 +202,44 @@ private function checkSuccessfulGetResponse($shouldContainReCaptcha = false) } /** - * @param bool $isSuccessfulRequest * @param array $postValues + * @return void + */ + private function checkSuccessfulPostResponse(array $postValues = []): void + { + $this->makePostRequest($postValues); + + $this->assertRedirect(self::equalTo($this->url->getRouteUrl('customer/account'))); + self::assertEmpty($this->getSessionMessages(MessageInterface::TYPE_ERROR)); + + $sessionCustomerId = $this->session->getCustomerId(); + $fixtureCustomerId = 1; + self::assertEquals($fixtureCustomerId, $sessionCustomerId); + } + + /** + * @param array $postValues + * @return void */ - private function checkPostResponse(bool $isSuccessfulRequest, array $postValues = []) + private function checkFailedPostResponse(array $postValues = []): void { - $username = 'customer@example.com'; - $password = 'password'; + $this->makePostRequest($postValues); + + $this->assertRedirect(self::equalTo($this->url->getRouteUrl('customer/account/login'))); + $this->assertSessionMessages( + self::equalTo(['reCAPTCHA verification failed']), + MessageInterface::TYPE_ERROR + ); + + self::assertNull($this->session->getCustomerId()); + } + /** + * @param array $postValues + * @return void + */ + private function makePostRequest(array $postValues = []): void + { $this->getRequest() ->setMethod(Http::METHOD_POST) ->setPostValue( @@ -223,8 +247,8 @@ private function checkPostResponse(bool $isSuccessfulRequest, array $postValues [ 'form_key' => $this->formKey->getFormKey(), 'login' => [ - 'username' => $username, - 'password' => $password, + 'username' => 'customer@example.com', + 'password' => 'password', ] ], $postValues @@ -232,28 +256,13 @@ private function checkPostResponse(bool $isSuccessfulRequest, array $postValues ); $this->dispatch('customer/account/loginpost'); - - $sessionCustomerId = $this->session->getCustomerId(); - - if ($isSuccessfulRequest) { - $this->assertRedirect(self::equalTo($this->url->getRouteUrl('customer/account'))); - $fixtureCustomerId = 1; - self::assertEquals($fixtureCustomerId, $sessionCustomerId); - self::assertEmpty($this->getSessionMessages(MessageInterface::TYPE_ERROR)); - } else { - $this->assertRedirect(self::equalTo($this->url->getRouteUrl('customer/account/login'))); - self::assertNull($sessionCustomerId); - $this->assertSessionMessages( - self::equalTo(['reCAPTCHA verification failed']), - MessageInterface::TYPE_ERROR - ); - } } /** * @param bool $isEnabled * @param string|null $public * @param string|null $private + * @return void */ private function setConfig(bool $isEnabled, ?string $public, ?string $private): void { @@ -273,4 +282,25 @@ private function setConfig(bool $isEnabled, ?string $public, ?string $private): ScopeInterface::SCOPE_WEBSITE ); } + + protected function tearDown(): void + { + parent::tearDown(); + + $this->mutableScopeConfig->setValue( + 'recaptcha_frontend/type_for/customer_login', + null, + ScopeInterface::SCOPE_WEBSITE + ); + $this->mutableScopeConfig->setValue( + 'recaptcha_frontend/type_invisible/public_key', + null, + ScopeInterface::SCOPE_WEBSITE + ); + $this->mutableScopeConfig->setValue( + 'recaptcha_frontend/type_invisible/private_key', + null, + ScopeInterface::SCOPE_WEBSITE + ); + } } diff --git a/ReCaptchaNewsletter/Test/Integration/NewsletterFormTest.php b/ReCaptchaNewsletter/Test/Integration/NewsletterFormTest.php index 1a56fe0d..3eef2a76 100644 --- a/ReCaptchaNewsletter/Test/Integration/NewsletterFormTest.php +++ b/ReCaptchaNewsletter/Test/Integration/NewsletterFormTest.php @@ -9,7 +9,6 @@ use Magento\Framework\App\Request\Http; use Magento\Framework\Data\Form\FormKey; -use Magento\Framework\Exception\InputException; use Magento\Framework\Message\MessageInterface; use Magento\Framework\UrlInterface; use Magento\Framework\Validation\ValidationResult; @@ -122,7 +121,7 @@ public function testPostRequestIfReCaptchaIsDisabled() { $this->setConfig(false, 'test_public_key', 'test_private_key'); - $this->checkPostResponse(true); + $this->checkSuccessfulPostResponse(); } /** @@ -133,7 +132,7 @@ public function testPostRequestIfReCaptchaKeysAreNotConfigured() { $this->setConfig(true, null, null); - $this->checkPostResponse(true); + $this->checkSuccessfulPostResponse(); } /** @@ -147,8 +146,7 @@ public function testPostRequestWithSuccessfulReCaptchaValidation() $this->setConfig(true, 'test_public_key', 'test_private_key'); $this->captchaValidationResultMock->expects($this->once())->method('isValid')->willReturn(true); - $this->checkPostResponse( - true, + $this->checkSuccessfulPostResponse( [CaptchaResponseResolverInterface::PARAM_RECAPTCHA => 'test'] ); } @@ -163,10 +161,7 @@ public function testPostRequestIfReCaptchaParameterIsMissed() { $this->setConfig(true, 'test_public_key', 'test_private_key'); - $this->expectException(InputException::class); - $this->expectExceptionMessage('Can not resolve reCAPTCHA parameter.'); - - $this->checkPostResponse(false); + $this->checkFailedPostResponse(); } /** @@ -180,16 +175,16 @@ public function testPostRequestWithFailedReCaptchaValidation() $this->setConfig(true, 'test_public_key', 'test_private_key'); $this->captchaValidationResultMock->expects($this->once())->method('isValid')->willReturn(false); - $this->checkPostResponse( - false, + $this->checkFailedPostResponse( [CaptchaResponseResolverInterface::PARAM_RECAPTCHA => 'test'] ); } /** * @param bool $shouldContainReCaptcha + * @return void */ - private function checkSuccessfulGetResponse($shouldContainReCaptcha = false) + private function checkSuccessfulGetResponse($shouldContainReCaptcha = false): void { $this->dispatch($this->url->getRouteUrl()); $content = $this->getResponse()->getBody(); @@ -204,10 +199,47 @@ private function checkSuccessfulGetResponse($shouldContainReCaptcha = false) } /** - * @param bool $isSuccessfulRequest * @param array $postValues + * @return void + */ + private function checkSuccessfulPostResponse(array $postValues = []): void + { + $this->makePostRequest($postValues); + + $this->assertSessionMessages( + self::contains( + 'Thank you for your subscription.' + ), + MessageInterface::TYPE_SUCCESS + ); + self::assertEmpty($this->getSessionMessages(MessageInterface::TYPE_ERROR)); + self::assertNotEmpty( + $this->subscriberFactory->create()->loadBySubscriberEmail('user@example.com', 1)->getId() + ); + } + + /** + * @param array $postValues + * @return void */ - private function checkPostResponse(bool $isSuccessfulRequest, array $postValues = []) + private function checkFailedPostResponse(array $postValues = []): void + { + $this->makePostRequest($postValues); + + $this->assertSessionMessages( + self::equalTo(['reCAPTCHA verification failed']), + MessageInterface::TYPE_ERROR + ); + self::assertEmpty( + $this->subscriberFactory->create()->loadBySubscriberEmail('user@example.com', 1)->getId() + ); + } + + /** + * @param array $postValues + * @return void + */ + private function makePostRequest(array $postValues = []): void { $this->getRequest() ->setMethod(Http::METHOD_POST) @@ -220,29 +252,14 @@ private function checkPostResponse(bool $isSuccessfulRequest, array $postValues )); $this->dispatch('newsletter/subscriber/new'); - $this->assertRedirect(self::equalTo($this->url->getRouteUrl())); - - if ($isSuccessfulRequest) { - $this->assertSessionMessages( - self::contains( - 'Thank you for your subscription.' - ), - MessageInterface::TYPE_SUCCESS - ); - self::assertEmpty($this->getSessionMessages(MessageInterface::TYPE_ERROR)); - } else { - $this->assertSessionMessages( - self::equalTo(['reCAPTCHA verification failed']), - MessageInterface::TYPE_ERROR - ); - } } /** * @param bool $isEnabled * @param string|null $public * @param string|null $private + * @return void */ private function setConfig(bool $isEnabled, ?string $public, ?string $private): void { @@ -267,6 +284,22 @@ protected function tearDown(): void { parent::tearDown(); + $this->mutableScopeConfig->setValue( + 'recaptcha_frontend/type_for/newsletter', + null, + ScopeInterface::SCOPE_WEBSITE + ); + $this->mutableScopeConfig->setValue( + 'recaptcha_frontend/type_invisible/public_key', + null, + ScopeInterface::SCOPE_WEBSITE + ); + $this->mutableScopeConfig->setValue( + 'recaptcha_frontend/type_invisible/private_key', + null, + ScopeInterface::SCOPE_WEBSITE + ); + $this->subscriberFactory->create()->loadBySubscriberEmail('user@example.com', 1)->delete(); } } diff --git a/ReCaptchaPaypal/Observer/PayPalObserver.php b/ReCaptchaPaypal/Observer/PayPalObserver.php index 35f52057..d299050f 100644 --- a/ReCaptchaPaypal/Observer/PayPalObserver.php +++ b/ReCaptchaPaypal/Observer/PayPalObserver.php @@ -9,6 +9,7 @@ use Magento\Framework\App\Action\Action; use Magento\Framework\App\ActionFlag; +use Magento\Framework\App\ResponseInterface; use Magento\Framework\Event\Observer; use Magento\Framework\Event\ObserverInterface; use Magento\Framework\Exception\InputException; @@ -108,25 +109,32 @@ public function execute(Observer $observer): void try { $reCaptchaResponse = $this->captchaResponseResolver->resolve($request); } catch (InputException $e) { - $reCaptchaResponse = null; $this->logger->error($e); + $this->processError($response, $validationConfig->getValidationFailureMessage()); + return; } - if (null !== $reCaptchaResponse) { - $validationResult = $this->captchaValidator->isValid($reCaptchaResponse, $validationConfig); - } - - if (null === $reCaptchaResponse || false === $validationResult->isValid()) { - $this->actionFlag->set('', Action::FLAG_NO_DISPATCH, true); - - $jsonPayload = $this->serializer->serialize([ - 'success' => false, - 'error' => true, - 'error_messages' => $validationConfig->getValidationFailureMessage(), - ]); - - $response->representJson($jsonPayload); + $validationResult = $this->captchaValidator->isValid($reCaptchaResponse, $validationConfig); + if (false === $validationResult->isValid()) { + $this->processError($response, $validationConfig->getValidationFailureMessage()); } } } + + /** + * @param ResponseInterface $response + * @param string $message + * @return void + */ + private function processError(ResponseInterface $response, string $message): void + { + $this->actionFlag->set('', Action::FLAG_NO_DISPATCH, true); + + $jsonPayload = $this->serializer->serialize([ + 'success' => false, + 'errors' => true, + 'error_messages' => $message, + ]); + $response->representJson($jsonPayload); + } } diff --git a/ReCaptchaReview/Test/Integration/ReviewFormTest.php b/ReCaptchaReview/Test/Integration/ReviewFormTest.php index 0df69b12..0eb4c2a1 100644 --- a/ReCaptchaReview/Test/Integration/ReviewFormTest.php +++ b/ReCaptchaReview/Test/Integration/ReviewFormTest.php @@ -10,7 +10,6 @@ use Magento\Framework\App\Request\Http; use Magento\Framework\App\Response\RedirectInterface; use Magento\Framework\Data\Form\FormKey; -use Magento\Framework\Exception\InputException; use Magento\Framework\Message\MessageInterface; use Magento\Framework\Validation\ValidationResult; use Magento\ReCaptchaUi\Model\CaptchaResponseResolverInterface; @@ -51,7 +50,7 @@ class ReviewFormTest extends AbstractController /** * @inheritDoc */ - protected function setUp() + protected function setUp(): void { parent::setUp(); $this->mutableScopeConfig = $this->_objectManager->get(MutableScopeConfig::class); @@ -72,7 +71,7 @@ protected function setUp() * @magentoConfigFixture base_website recaptcha_frontend/type_invisible/public_key test_public_key * @magentoConfigFixture base_website recaptcha_frontend/type_invisible/private_key test_private_key */ - public function testGetRequestIfReCaptchaIsDisabled() + public function testGetRequestIfReCaptchaIsDisabled(): void { $this->setConfig(false, 'test_public_key', 'test_private_key'); @@ -86,7 +85,7 @@ public function testGetRequestIfReCaptchaIsDisabled() * It's needed for proper work of "ifconfig" in layout during tests running * @magentoConfigFixture default_store recaptcha_frontend/type_for/product_review invisible */ - public function testGetRequestIfReCaptchaKeysAreNotConfigured() + public function testGetRequestIfReCaptchaKeysAreNotConfigured(): void { $this->setConfig(true, null, null); @@ -102,7 +101,7 @@ public function testGetRequestIfReCaptchaKeysAreNotConfigured() * It's needed for proper work of "ifconfig" in layout during tests running * @magentoConfigFixture default_store recaptcha_frontend/type_for/product_review invisible */ - public function testGetRequestIfReCaptchaIsEnabled() + public function testGetRequestIfReCaptchaIsEnabled(): void { $this->setConfig(true, 'test_public_key', 'test_private_key'); @@ -114,22 +113,22 @@ public function testGetRequestIfReCaptchaIsEnabled() * @magentoConfigFixture base_website recaptcha_frontend/type_invisible/public_key test_public_key * @magentoConfigFixture base_website recaptcha_frontend/type_invisible/private_key test_private_key */ - public function testPostRequestIfReCaptchaIsDisabled() + public function testPostRequestIfReCaptchaIsDisabled(): void { $this->setConfig(false, 'test_public_key', 'test_private_key'); - $this->checkPostResponse(true); + $this->checkSuccessfulPostResponse(); } /** * @magentoConfigFixture default_store customer/captcha/enable 0 * @magentoConfigFixture base_website recaptcha_frontend/type_for/product_review invisible */ - public function testPostRequestIfReCaptchaKeysAreNotConfigured() + public function testPostRequestIfReCaptchaKeysAreNotConfigured(): void { $this->setConfig(true, null, null); - $this->checkPostResponse(true); + $this->checkSuccessfulPostResponse(); } /** @@ -138,13 +137,12 @@ public function testPostRequestIfReCaptchaKeysAreNotConfigured() * @magentoConfigFixture base_website recaptcha_frontend/type_invisible/private_key test_private_key * @magentoConfigFixture base_website recaptcha_frontend/type_for/product_review invisible */ - public function testPostRequestWithSuccessfulReCaptchaValidation() + public function testPostRequestWithSuccessfulReCaptchaValidation(): void { $this->setConfig(true, 'test_public_key', 'test_private_key'); $this->captchaValidationResultMock->expects($this->once())->method('isValid')->willReturn(true); - $this->checkPostResponse( - true, + $this->checkSuccessfulPostResponse( [CaptchaResponseResolverInterface::PARAM_RECAPTCHA => 'test'] ); } @@ -155,14 +153,11 @@ public function testPostRequestWithSuccessfulReCaptchaValidation() * @magentoConfigFixture base_website recaptcha_frontend/type_invisible/private_key test_private_key * @magentoConfigFixture base_website recaptcha_frontend/type_for/product_review invisible */ - public function testPostRequestIfReCaptchaParameterIsMissed() + public function testPostRequestIfReCaptchaParameterIsMissed(): void { $this->setConfig(true, 'test_public_key', 'test_private_key'); - $this->expectException(InputException::class); - $this->expectExceptionMessage('Can not resolve reCAPTCHA parameter.'); - - $this->checkPostResponse(false); + $this->checkFailedPostResponse(); } /** @@ -171,21 +166,21 @@ public function testPostRequestIfReCaptchaParameterIsMissed() * @magentoConfigFixture base_website recaptcha_frontend/type_invisible/private_key test_private_key * @magentoConfigFixture base_website recaptcha_frontend/type_for/product_review invisible */ - public function testPostRequestWithFailedReCaptchaValidation() + public function testPostRequestWithFailedReCaptchaValidation(): void { $this->setConfig(true, 'test_public_key', 'test_private_key'); $this->captchaValidationResultMock->expects($this->once())->method('isValid')->willReturn(false); - $this->checkPostResponse( - false, + $this->checkFailedPostResponse( [CaptchaResponseResolverInterface::PARAM_RECAPTCHA => 'test'] ); } /** * @param bool $shouldContainReCaptcha + * @return void */ - private function checkSuccessfulGetResponse($shouldContainReCaptcha = false) + private function checkSuccessfulGetResponse($shouldContainReCaptcha = false): void { $this->dispatch('/simple-product.html'); $content = $this->getResponse()->getBody(); @@ -200,10 +195,43 @@ private function checkSuccessfulGetResponse($shouldContainReCaptcha = false) } /** - * @param bool $isSuccessfulRequest * @param array $postValues + * @return void */ - private function checkPostResponse(bool $isSuccessfulRequest, array $postValues = []) + private function checkSuccessfulPostResponse(array $postValues = []): void + { + $this->makePostRequest($postValues); + + $this->assertSessionMessages( + self::contains( + 'You submitted your review for moderation.' + ), + MessageInterface::TYPE_SUCCESS + ); + self::assertEmpty($this->getSessionMessages(MessageInterface::TYPE_ERROR)); + self::assertEquals(1, $this->reviewResourceModel->getTotalReviews(1)); + } + + /** + * @param array $postValues + * @return void + */ + private function checkFailedPostResponse(array $postValues = []): void + { + $this->makePostRequest($postValues); + + $this->assertSessionMessages( + self::equalTo(['reCAPTCHA verification failed']), + MessageInterface::TYPE_ERROR + ); + self::assertEquals(0, $this->reviewResourceModel->getTotalReviews(1)); + } + + /** + * @param array $postValues + * @return void + */ + private function makePostRequest(array $postValues = []): void { $expectedRedirectUrl = 'http://localhost/index.php/simple-product.html'; @@ -221,31 +249,14 @@ private function checkPostResponse(bool $isSuccessfulRequest, array $postValues )); $this->dispatch('review/product/post/id/1'); - $this->assertRedirect(self::equalTo($expectedRedirectUrl)); - - if ($isSuccessfulRequest) { - $this->assertSessionMessages( - self::contains( - 'You submitted your review for moderation.' - ), - MessageInterface::TYPE_SUCCESS - ); - self::assertEmpty($this->getSessionMessages(MessageInterface::TYPE_ERROR)); - self::assertEquals(1, $this->reviewResourceModel->getTotalReviews(1)); - } else { - $this->assertSessionMessages( - self::equalTo(['reCAPTCHA verification failed']), - MessageInterface::TYPE_ERROR - ); - self::assertEquals(0, $this->reviewResourceModel->getTotalReviews(1)); - } } /** * @param bool $isEnabled * @param string|null $public * @param string|null $private + * @return void */ private function setConfig(bool $isEnabled, ?string $public, ?string $private): void { @@ -270,6 +281,22 @@ protected function tearDown(): void { parent::tearDown(); + $this->mutableScopeConfig->setValue( + 'recaptcha_frontend/type_for/product_review', + null, + ScopeInterface::SCOPE_WEBSITE + ); + $this->mutableScopeConfig->setValue( + 'recaptcha_frontend/type_invisible/public_key', + null, + ScopeInterface::SCOPE_WEBSITE + ); + $this->mutableScopeConfig->setValue( + 'recaptcha_frontend/type_invisible/private_key', + null, + ScopeInterface::SCOPE_WEBSITE + ); + $this->reviewResourceModel->deleteReviewsByProductId(1); } } diff --git a/ReCaptchaSendFriend/Test/Integration/SendFriendFormTest.php b/ReCaptchaSendFriend/Test/Integration/SendFriendFormTest.php index 2458ce3e..adab3eab 100644 --- a/ReCaptchaSendFriend/Test/Integration/SendFriendFormTest.php +++ b/ReCaptchaSendFriend/Test/Integration/SendFriendFormTest.php @@ -10,7 +10,6 @@ use Magento\Framework\App\Request\Http; use Magento\Framework\App\Response\RedirectInterface; use Magento\Framework\Data\Form\FormKey; -use Magento\Framework\Exception\InputException; use Magento\Framework\Message\MessageInterface; use Magento\Framework\Validation\ValidationResult; use Magento\ReCaptchaUi\Model\CaptchaResponseResolverInterface; @@ -51,7 +50,7 @@ class SendFriendFormTest extends AbstractController /** * @inheritDoc */ - protected function setUp() + protected function setUp(): void { parent::setUp(); $this->mutableScopeConfig = $this->_objectManager->get(MutableScopeConfig::class); @@ -74,7 +73,7 @@ protected function setUp() * @magentoConfigFixture base_website recaptcha_frontend/type_invisible/public_key test_public_key * @magentoConfigFixture base_website recaptcha_frontend/type_invisible/private_key test_private_key */ - public function testGetRequestIfReCaptchaIsDisabled() + public function testGetRequestIfReCaptchaIsDisabled(): void { $this->setConfig(false, 'test_public_key', 'test_private_key'); @@ -91,7 +90,7 @@ public function testGetRequestIfReCaptchaIsDisabled() * It's needed for proper work of "ifconfig" in layout during tests running * @magentoConfigFixture default_store recaptcha_frontend/type_for/sendfriend invisible */ - public function testGetRequestIfReCaptchaKeysAreNotConfigured() + public function testGetRequestIfReCaptchaKeysAreNotConfigured(): void { $this->setConfig(true, null, null); @@ -110,7 +109,7 @@ public function testGetRequestIfReCaptchaKeysAreNotConfigured() * It's needed for proper work of "ifconfig" in layout during tests running * @magentoConfigFixture default_store recaptcha_frontend/type_for/sendfriend invisible */ - public function testGetRequestIfReCaptchaIsEnabled() + public function testGetRequestIfReCaptchaIsEnabled(): void { $this->setConfig(true, 'test_public_key', 'test_private_key'); @@ -125,11 +124,11 @@ public function testGetRequestIfReCaptchaIsEnabled() * @magentoConfigFixture base_website recaptcha_frontend/type_invisible/public_key test_public_key * @magentoConfigFixture base_website recaptcha_frontend/type_invisible/private_key test_private_key */ - public function testPostRequestIfReCaptchaIsDisabled() + public function testPostRequestIfReCaptchaIsDisabled(): void { $this->setConfig(false, 'test_public_key', 'test_private_key'); - $this->checkPostResponse(true); + $this->checkSuccessfulPostResponse(); } /** @@ -139,11 +138,11 @@ public function testPostRequestIfReCaptchaIsDisabled() * * @magentoConfigFixture base_website recaptcha_frontend/type_for/sendfriend invisible */ - public function testPostRequestIfReCaptchaKeysAreNotConfigured() + public function testPostRequestIfReCaptchaKeysAreNotConfigured(): void { $this->setConfig(true, null, null); - $this->checkPostResponse(true); + $this->checkSuccessfulPostResponse(); } /** @@ -155,13 +154,12 @@ public function testPostRequestIfReCaptchaKeysAreNotConfigured() * @magentoConfigFixture base_website recaptcha_frontend/type_invisible/private_key test_private_key * @magentoConfigFixture base_website recaptcha_frontend/type_for/sendfriend invisible */ - public function testPostRequestWithSuccessfulReCaptchaValidation() + public function testPostRequestWithSuccessfulReCaptchaValidation(): void { $this->setConfig(true, 'test_public_key', 'test_private_key'); $this->captchaValidationResultMock->expects($this->once())->method('isValid')->willReturn(true); - $this->checkPostResponse( - true, + $this->checkSuccessfulPostResponse( [CaptchaResponseResolverInterface::PARAM_RECAPTCHA => 'test'] ); } @@ -175,14 +173,11 @@ public function testPostRequestWithSuccessfulReCaptchaValidation() * @magentoConfigFixture base_website recaptcha_frontend/type_invisible/private_key test_private_key * @magentoConfigFixture base_website recaptcha_frontend/type_for/sendfriend invisible */ - public function testPostRequestIfReCaptchaParameterIsMissed() + public function testPostRequestIfReCaptchaParameterIsMissed(): void { $this->setConfig(true, 'test_public_key', 'test_private_key'); - $this->expectException(InputException::class); - $this->expectExceptionMessage('Can not resolve reCAPTCHA parameter.'); - - $this->checkPostResponse(false); + $this->checkFailedPostResponse(); } /** @@ -194,21 +189,21 @@ public function testPostRequestIfReCaptchaParameterIsMissed() * @magentoConfigFixture base_website recaptcha_frontend/type_invisible/private_key test_private_key * @magentoConfigFixture base_website recaptcha_frontend/type_for/sendfriend invisible */ - public function testPostRequestWithFailedReCaptchaValidation() + public function testPostRequestWithFailedReCaptchaValidation(): void { $this->setConfig(true, 'test_public_key', 'test_private_key'); $this->captchaValidationResultMock->expects($this->once())->method('isValid')->willReturn(false); - $this->checkPostResponse( - false, + $this->checkFailedPostResponse( [CaptchaResponseResolverInterface::PARAM_RECAPTCHA => 'test'] ); } /** * @param bool $shouldContainReCaptcha + * @return void */ - private function checkSuccessfulGetResponse($shouldContainReCaptcha = false) + private function checkSuccessfulGetResponse($shouldContainReCaptcha = false): void { $this->dispatch('sendfriend/product/send/id/1'); $content = $this->getResponse()->getBody(); @@ -223,10 +218,46 @@ private function checkSuccessfulGetResponse($shouldContainReCaptcha = false) } /** - * @param bool $isSuccessfulRequest * @param array $postValues + * @return void + */ + private function checkSuccessfulPostResponse(array $postValues = []): void + { + $this->makePostRequest($postValues); + + $this->assertSessionMessages( + self::contains( + 'The link to a friend was sent.' + ), + MessageInterface::TYPE_SUCCESS + ); + self::assertEmpty($this->getSessionMessages(MessageInterface::TYPE_ERROR)); + + $message = $this->transportMock->getSentMessage(); + self::assertNotEmpty($message); + self::assertEquals((string)__('Welcome, Recipient'), $message->getSubject()); + } + + /** + * @param array $postValues + * @return void + */ + private function checkFailedPostResponse(array $postValues = []): void + { + $this->makePostRequest($postValues); + + $this->assertSessionMessages( + self::equalTo(['reCAPTCHA verification failed']), + MessageInterface::TYPE_ERROR + ); + self::assertEmpty($this->transportMock->getSentMessage()); + } + + /** + * @param array $postValues + * @return void */ - private function checkPostResponse(bool $isSuccessfulRequest, array $postValues = []) + private function makePostRequest(array $postValues = []): void { $expectedUrl = 'http://localhost/index.php/simple-product.html'; @@ -254,28 +285,7 @@ private function checkPostResponse(bool $isSuccessfulRequest, array $postValues )); $this->dispatch('sendfriend/product/sendmail/id/1'); - $this->assertRedirect(self::equalTo($expectedUrl)); - - if ($isSuccessfulRequest) { - $this->assertSessionMessages( - self::contains( - 'The link to a friend was sent.' - ), - MessageInterface::TYPE_SUCCESS - ); - self::assertEmpty($this->getSessionMessages(MessageInterface::TYPE_ERROR)); - - $message = $this->transportMock->getSentMessage(); - self::assertNotEmpty($message); - self::assertEquals((string)__('Welcome, Recipient'), $message->getSubject()); - } else { - $this->assertSessionMessages( - self::equalTo(['reCAPTCHA verification failed']), - MessageInterface::TYPE_ERROR - ); - self::assertEmpty($this->transportMock->getSentMessage()); - } } /** @@ -301,4 +311,23 @@ private function setConfig(bool $isEnabled, ?string $public, ?string $private): ScopeInterface::SCOPE_WEBSITE ); } + + public function tearDown(): void + { + $this->mutableScopeConfig->setValue( + 'recaptcha_frontend/type_for/sendfriend', + null, + ScopeInterface::SCOPE_WEBSITE + ); + $this->mutableScopeConfig->setValue( + 'recaptcha_frontend/type_invisible/public_key', + null, + ScopeInterface::SCOPE_WEBSITE + ); + $this->mutableScopeConfig->setValue( + 'recaptcha_frontend/type_invisible/private_key', + null, + ScopeInterface::SCOPE_WEBSITE + ); + } } diff --git a/ReCaptchaUi/Model/RequestHandler.php b/ReCaptchaUi/Model/RequestHandler.php index a681a265..ba1560e0 100644 --- a/ReCaptchaUi/Model/RequestHandler.php +++ b/ReCaptchaUi/Model/RequestHandler.php @@ -85,22 +85,32 @@ public function execute( string $redirectOnFailureUrl ): void { $validationConfig = $this->validationConfigResolver->get($key); + try { $reCaptchaResponse = $this->captchaResponseResolver->resolve($request); } catch (InputException $e) { - $reCaptchaResponse = null; $this->logger->error($e); + $this->processError($response, $validationConfig->getValidationFailureMessage(), $redirectOnFailureUrl); + return; } - if (null !== $reCaptchaResponse) { - $validationResult = $this->captchaValidator->isValid($reCaptchaResponse, $validationConfig); + $validationResult = $this->captchaValidator->isValid($reCaptchaResponse, $validationConfig); + if (false === $validationResult->isValid()) { + $this->processError($response, $validationConfig->getValidationFailureMessage(), $redirectOnFailureUrl); } + } - if (null === $reCaptchaResponse || false === $validationResult->isValid()) { - $this->messageManager->addErrorMessage($validationConfig->getValidationFailureMessage()); - $this->actionFlag->set('', Action::FLAG_NO_DISPATCH, true); + /** + * @param HttpResponseInterface $response + * @param string $message + * @param string $redirectOnFailureUrl + * @return void + */ + private function processError(HttpResponseInterface $response, string $message, string $redirectOnFailureUrl): void + { + $this->messageManager->addErrorMessage($message); + $this->actionFlag->set('', Action::FLAG_NO_DISPATCH, true); - $response->setRedirect($redirectOnFailureUrl); - } + $response->setRedirect($redirectOnFailureUrl); } } diff --git a/ReCaptchaUser/Observer/LoginObserver.php b/ReCaptchaUser/Observer/LoginObserver.php index b49f27f7..9ed191db 100644 --- a/ReCaptchaUser/Observer/LoginObserver.php +++ b/ReCaptchaUser/Observer/LoginObserver.php @@ -102,14 +102,12 @@ public function execute(Observer $observer): void try { $reCaptchaResponse = $this->captchaResponseResolver->resolve($this->request); } catch (InputException $e) { - $reCaptchaResponse = null; $this->logger->error($e); + throw new AuthenticationException(__($validationConfig->getValidationFailureMessage())); } - if (null !== $reCaptchaResponse) { - $validationResult = $this->captchaValidator->isValid($reCaptchaResponse, $validationConfig); - } - if (null === $reCaptchaResponse || false === $validationResult->isValid()) { + $validationResult = $this->captchaValidator->isValid($reCaptchaResponse, $validationConfig); + if (false === $validationResult->isValid()) { throw new AuthenticationException(__($validationConfig->getValidationFailureMessage())); } } diff --git a/ReCaptchaUser/Test/Integration/ForgotPasswordFormTest.php b/ReCaptchaUser/Test/Integration/ForgotPasswordFormTest.php index 10048ab9..d7af7752 100644 --- a/ReCaptchaUser/Test/Integration/ForgotPasswordFormTest.php +++ b/ReCaptchaUser/Test/Integration/ForgotPasswordFormTest.php @@ -48,7 +48,7 @@ class ForgotPasswordFormTest extends AbstractController /** * @inheritDoc */ - protected function setUp() + protected function setUp(): void { parent::setUp(); $this->formKey = $this->_objectManager->get(FormKey::class); @@ -68,7 +68,7 @@ protected function setUp() * @magentoAdminConfigFixture recaptcha_backend/type_invisible/public_key test_public_key * @magentoAdminConfigFixture recaptcha_backend/type_invisible/private_key test_private_key */ - public function testGetRequestIfReCaptchaIsDisabled() + public function testGetRequestIfReCaptchaIsDisabled(): void { $this->checkSuccessfulGetResponse(); } @@ -80,7 +80,7 @@ public function testGetRequestIfReCaptchaIsDisabled() * It's needed for proper work of "ifconfig" in layout during tests running * @magentoConfigFixture default_store recaptcha_backend/type_for/user_forgot_password invisible */ - public function testGetRequestIfReCaptchaKeysAreNotConfigured() + public function testGetRequestIfReCaptchaKeysAreNotConfigured(): void { $this->checkSuccessfulGetResponse(); } @@ -94,7 +94,7 @@ public function testGetRequestIfReCaptchaKeysAreNotConfigured() * It's needed for proper work of "ifconfig" in layout during tests running * @magentoConfigFixture default_store recaptcha_backend/type_for/user_forgot_password invisible */ - public function testGetRequestIfReCaptchaIsEnabled() + public function testGetRequestIfReCaptchaIsEnabled(): void { $this->checkSuccessfulGetResponse(true); } @@ -104,7 +104,7 @@ public function testGetRequestIfReCaptchaIsEnabled() * @magentoAdminConfigFixture recaptcha_backend/type_invisible/public_key test_public_key * @magentoAdminConfigFixture recaptcha_backend/type_invisible/private_key test_private_key */ - public function testPostRequestIfReCaptchaIsDisabled() + public function testPostRequestIfReCaptchaIsDisabled(): void { $this->checkSuccessfulPostResponse(); } @@ -114,7 +114,7 @@ public function testPostRequestIfReCaptchaIsDisabled() * @magentoAdminConfigFixture admin/captcha/always_for/backend_forgotpassword 0 * @magentoAdminConfigFixture recaptcha_backend/type_for/user_forgot_password invisible */ - public function testPostRequestIfReCaptchaKeysAreNotConfigured() + public function testPostRequestIfReCaptchaKeysAreNotConfigured(): void { $this->checkSuccessfulPostResponse(); } @@ -125,7 +125,7 @@ public function testPostRequestIfReCaptchaKeysAreNotConfigured() * @magentoAdminConfigFixture recaptcha_backend/type_invisible/private_key test_private_key * @magentoAdminConfigFixture recaptcha_backend/type_for/user_forgot_password invisible */ - public function testPostRequestWithSuccessfulReCaptchaValidation() + public function testPostRequestWithSuccessfulReCaptchaValidation(): void { $this->captchaValidationResultMock->expects($this->once())->method('isValid')->willReturn(true); @@ -141,22 +141,10 @@ public function testPostRequestWithSuccessfulReCaptchaValidation() * @magentoAdminConfigFixture recaptcha_backend/type_invisible/public_key test_public_key * @magentoAdminConfigFixture recaptcha_backend/type_invisible/private_key test_private_key * @magentoAdminConfigFixture recaptcha_backend/type_for/user_forgot_password invisible - * @expectedException \Magento\Framework\Exception\InputException - * @expectedExceptionMessage Can not resolve reCAPTCHA parameter. */ - public function testPostRequestIfReCaptchaParameterIsMissed() + public function testPostRequestIfReCaptchaParameterIsMissed(): void { - $this->getRequest() - ->setMethod(Http::METHOD_POST) - ->setPostValue( - [ - 'form_key' => $this->formKey->getFormKey(), - 'email' => 'adminUser@example.com' - ] - ); - $this->dispatch('backend/admin/auth/forgotpassword'); - - self::assertEmpty($this->transportMock->getSentMessage()); + $this->checkFailedPostResponse(); } /** @@ -165,32 +153,18 @@ public function testPostRequestIfReCaptchaParameterIsMissed() * @magentoAdminConfigFixture recaptcha_backend/type_invisible/private_key test_private_key * @magentoAdminConfigFixture recaptcha_backend/type_for/user_forgot_password invisible */ - public function testPostRequestWithFailedReCaptchaValidation() + public function testPostRequestWithFailedReCaptchaValidation(): void { $this->captchaValidationResultMock->expects($this->once())->method('isValid')->willReturn(false); - $this->getRequest() - ->setMethod(Http::METHOD_POST) - ->setPostValue( - [ - 'form_key' => $this->formKey->getFormKey(), - 'email' => 'adminUser@example.com', - CaptchaResponseResolverInterface::PARAM_RECAPTCHA => 'test', - ] - ); - $this->dispatch('backend/admin/auth/forgotpassword'); - - $this->assertSessionMessages( - self::equalTo(['reCAPTCHA verification failed']), - MessageInterface::TYPE_ERROR - ); - self::assertEmpty($this->transportMock->getSentMessage()); + $this->checkFailedPostResponse([CaptchaResponseResolverInterface::PARAM_RECAPTCHA => 'test']); } /** * @param bool $shouldContainReCaptcha + * @return void */ - private function checkSuccessfulGetResponse($shouldContainReCaptcha = false) + private function checkSuccessfulGetResponse($shouldContainReCaptcha = false): void { $this->dispatch('backend/admin/auth/forgotpassword'); $content = $this->getResponse()->getBody(); @@ -206,8 +180,40 @@ private function checkSuccessfulGetResponse($shouldContainReCaptcha = false) /** * @param array $postValues + * @return void */ - private function checkSuccessfulPostResponse(array $postValues = []) + private function checkSuccessfulPostResponse(array $postValues = []): void + { + $this->makePostRequest($postValues); + + $this->assertRedirect(self::equalTo($this->backendUrl->getRouteUrl('adminhtml'))); + self::assertEmpty($this->getSessionMessages(MessageInterface::TYPE_ERROR)); + + $message = $this->transportMock->getSentMessage(); + self::assertNotEmpty($message); + self::assertEquals((string)__('Password Reset Confirmation for %1', ['John Doe']), $message->getSubject()); + } + + /** + * @param array $postValues + * @return void + */ + private function checkFailedPostResponse(array $postValues = []): void + { + $this->makePostRequest($postValues); + + $this->assertSessionMessages( + self::equalTo(['reCAPTCHA verification failed']), + MessageInterface::TYPE_ERROR + ); + self::assertEmpty($this->transportMock->getSentMessage()); + } + + /** + * @param array $postValues + * @return void + */ + private function makePostRequest(array $postValues = []): void { $this->getRequest() ->setMethod(Http::METHOD_POST) @@ -219,12 +225,5 @@ private function checkSuccessfulPostResponse(array $postValues = []) $postValues )); $this->dispatch('backend/admin/auth/forgotpassword'); - - $this->assertRedirect(self::equalTo($this->backendUrl->getRouteUrl('adminhtml'))); - self::assertEmpty($this->getSessionMessages(MessageInterface::TYPE_ERROR)); - - $message = $this->transportMock->getSentMessage(); - self::assertNotEmpty($message); - self::assertEquals((string)__('Password Reset Confirmation for %1', ['John Doe']), $message->getSubject()); } } diff --git a/ReCaptchaUser/Test/Integration/LoginFormTest.php b/ReCaptchaUser/Test/Integration/LoginFormTest.php index 4d9d8527..bc136d96 100644 --- a/ReCaptchaUser/Test/Integration/LoginFormTest.php +++ b/ReCaptchaUser/Test/Integration/LoginFormTest.php @@ -51,7 +51,7 @@ class LoginFormTest extends AbstractController /** * @inheritDoc */ - protected function setUp() + protected function setUp(): void { parent::setUp(); $this->auth = $this->_objectManager->get(Auth::class); @@ -72,7 +72,7 @@ protected function setUp() * @magentoAdminConfigFixture recaptcha_backend/type_invisible/public_key test_public_key * @magentoAdminConfigFixture recaptcha_backend/type_invisible/private_key test_private_key */ - public function testGetRequestIfReCaptchaIsDisabled() + public function testGetRequestIfReCaptchaIsDisabled(): void { $this->checkSuccessfulGetResponse(); } @@ -85,7 +85,7 @@ public function testGetRequestIfReCaptchaIsDisabled() * It's needed for proper work of "ifconfig" in layout during tests running * @magentoConfigFixture default_store recaptcha_backend/type_for/user_login invisible */ - public function testGetRequestIfReCaptchaKeysAreNotConfigured() + public function testGetRequestIfReCaptchaKeysAreNotConfigured(): void { $this->checkSuccessfulGetResponse(); } @@ -100,7 +100,7 @@ public function testGetRequestIfReCaptchaKeysAreNotConfigured() * It's needed for proper work of "ifconfig" in layout during tests running * @magentoConfigFixture default_store recaptcha_backend/type_for/user_login invisible */ - public function testGetRequestIfReCaptchaIsEnabled() + public function testGetRequestIfReCaptchaIsEnabled(): void { $this->checkSuccessfulGetResponse(true); } @@ -111,7 +111,7 @@ public function testGetRequestIfReCaptchaIsEnabled() * @magentoAdminConfigFixture recaptcha_backend/type_invisible/public_key test_public_key * @magentoAdminConfigFixture recaptcha_backend/type_invisible/private_key test_private_key */ - public function testPostRequestIfReCaptchaIsDisabled() + public function testPostRequestIfReCaptchaIsDisabled(): void { $this->checkSuccessfulPostResponse(); } @@ -121,7 +121,7 @@ public function testPostRequestIfReCaptchaIsDisabled() * @magentoAdminConfigFixture admin/captcha/enable 0 * @magentoAdminConfigFixture recaptcha_backend/type_for/user_login invisible */ - public function testPostRequestIfReCaptchaKeysAreNotConfigured() + public function testPostRequestIfReCaptchaKeysAreNotConfigured(): void { $this->checkSuccessfulPostResponse(); } @@ -133,7 +133,7 @@ public function testPostRequestIfReCaptchaKeysAreNotConfigured() * @magentoAdminConfigFixture recaptcha_backend/type_invisible/private_key test_private_key * @magentoAdminConfigFixture recaptcha_backend/type_for/user_login invisible */ - public function testPostRequestWithSuccessfulReCaptchaValidation() + public function testPostRequestWithSuccessfulReCaptchaValidation(): void { $this->captchaValidationResultMock->expects($this->once())->method('isValid')->willReturn(true); @@ -151,28 +151,9 @@ public function testPostRequestWithSuccessfulReCaptchaValidation() * @magentoAdminConfigFixture recaptcha_backend/type_invisible/private_key test_private_key * @magentoAdminConfigFixture recaptcha_backend/type_for/user_login invisible */ - public function testPostRequestIfReCaptchaParameterIsMissed() + public function testPostRequestIfReCaptchaParameterIsMissed(): void { - $this->getRequest() - ->setMethod(Http::METHOD_POST) - ->setPostValue( - [ - 'form_key' => $this->formKey->getFormKey(), - 'login' => [ - 'username' => Bootstrap::ADMIN_NAME, - 'password' => Bootstrap::ADMIN_PASSWORD, - ], - ] - ); - $this->dispatch('backend/admin/index/index'); - - // Location header is different than in the successful case - $this->assertRedirect(self::equalTo($this->backendUrl->getUrl('admin'))); - $this->assertSessionMessages( - self::equalTo(['Can not resolve reCAPTCHA parameter.']), - MessageInterface::TYPE_ERROR - ); - self::assertFalse($this->auth->isLoggedIn()); + $this->checkFailedPostResponse(); } /** @@ -182,35 +163,16 @@ public function testPostRequestIfReCaptchaParameterIsMissed() * @magentoAdminConfigFixture recaptcha_backend/type_invisible/private_key test_private_key * @magentoAdminConfigFixture recaptcha_backend/type_for/user_login invisible */ - public function testPostRequestWithFailedReCaptchaValidation() + public function testPostRequestWithFailedReCaptchaValidation(): void { $this->captchaValidationResultMock->expects($this->once())->method('isValid')->willReturn(false); - $this->getRequest() - ->setMethod(Http::METHOD_POST) - ->setPostValue( - [ - 'form_key' => $this->formKey->getFormKey(), - 'login' => [ - 'username' => Bootstrap::ADMIN_NAME, - 'password' => Bootstrap::ADMIN_PASSWORD, - ], - CaptchaResponseResolverInterface::PARAM_RECAPTCHA => 'test', - ] - ); - $this->dispatch('backend/admin/index/index'); - - // Location header is different than in the successful case - $this->assertRedirect(self::equalTo($this->backendUrl->getUrl('admin'))); - $this->assertSessionMessages( - self::equalTo(['reCAPTCHA verification failed']), - MessageInterface::TYPE_ERROR - ); - self::assertFalse($this->auth->isLoggedIn()); + $this->checkFailedPostResponse([CaptchaResponseResolverInterface::PARAM_RECAPTCHA => 'test']); } /** * @param bool $shouldContainReCaptcha + * @return void */ private function checkSuccessfulGetResponse($shouldContainReCaptcha = false): void { @@ -230,8 +192,39 @@ private function checkSuccessfulGetResponse($shouldContainReCaptcha = false): vo /** * @param array $postValues + * @return void */ private function checkSuccessfulPostResponse(array $postValues = []): void + { + $this->makePostRequest($postValues); + + $this->assertRedirect(self::equalTo('backend/admin/index/index')); + self::assertEmpty($this->getSessionMessages(MessageInterface::TYPE_ERROR)); + self::assertTrue($this->auth->isLoggedIn()); + } + + /** + * @param array $postValues + * @return void + */ + private function checkFailedPostResponse(array $postValues = []): void + { + $this->makePostRequest($postValues); + + // Location header is different than in the successful case + $this->assertRedirect(self::equalTo($this->backendUrl->getUrl('admin'))); + $this->assertSessionMessages( + self::equalTo(['reCAPTCHA verification failed']), + MessageInterface::TYPE_ERROR + ); + self::assertFalse($this->auth->isLoggedIn()); + } + + /** + * @param array $postValues + * @return void + */ + private function makePostRequest(array $postValues = []): void { $this->getRequest() ->setMethod(Http::METHOD_POST) @@ -246,9 +239,5 @@ private function checkSuccessfulPostResponse(array $postValues = []): void $postValues )); $this->dispatch('backend/admin/index/index'); - - $this->assertRedirect(self::equalTo('backend/admin/index/index')); - self::assertEmpty($this->getSessionMessages(MessageInterface::TYPE_ERROR)); - self::assertTrue($this->auth->isLoggedIn()); } } From d330813634b14b16895d4ff3a4df2b9f51e4cf5f Mon Sep 17 00:00:00 2001 From: Valerii Naida Date: Tue, 7 Apr 2020 15:03:29 -0500 Subject: [PATCH 5/5] security-package/issues/197: Recaptcha is not required for PayPal PayflowPro payment form --- ReCaptchaCustomer/Test/Integration/LoginFromTest.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/ReCaptchaCustomer/Test/Integration/LoginFromTest.php b/ReCaptchaCustomer/Test/Integration/LoginFromTest.php index dafa8f28..5f31ed30 100644 --- a/ReCaptchaCustomer/Test/Integration/LoginFromTest.php +++ b/ReCaptchaCustomer/Test/Integration/LoginFromTest.php @@ -225,7 +225,7 @@ private function checkFailedPostResponse(array $postValues = []): void { $this->makePostRequest($postValues); - $this->assertRedirect(self::equalTo($this->url->getRouteUrl('customer/account/login'))); + $this->assertRedirect(self::stringStartsWith($this->url->getRouteUrl('customer/account/login'))); $this->assertSessionMessages( self::equalTo(['reCAPTCHA verification failed']), MessageInterface::TYPE_ERROR