add v2 support

Author: bert-w

README.md

@@ -1,31 +1,59 @@
-# Livewire ReCAPTCHA v3
+# Livewire ReCAPTCHA v3/v2/v2-invisible
+
 [![Latest Version on Packagist](https://img.shields.io/packagist/v/dutchcodingcompany/livewire-recaptcha.svg?style=flat-square)](https://packagist.org/packages/dutchcodingcompany/livewire-recaptcha)
 [![GitHub Tests Action Status](https://img.shields.io/github/workflow/status/dutchcodingcompany/livewire-recaptcha/run-tests?label=tests)](https://github.com/dutchcodingcompany/livewire-recaptcha/actions?query=workflow%3Arun-tests+branch%3Amain)
 [![GitHub Code Style Action Status](https://img.shields.io/github/workflow/status/dutchcodingcompany/livewire-recaptcha/Check%20&%20fix%20styling?label=code%20style)](https://github.com/dutchcodingcompany/livewire-recaptcha/actions?query=workflow%3A"Check+%26+fix+styling"+branch%3Amain)
 [![Total Downloads](https://img.shields.io/packagist/dt/dutchcodingcompany/livewire-recaptcha.svg?style=flat-square)](https://packagist.org/packages/dutchcodingcompany/livewire-recaptcha)
 
-This package provides a custom Livewire directive to protect your Livewire functions with a _Google reCAPTCHA v3_ check.
+This package provides a custom Livewire directive to protect your Livewire functions with a _Google reCAPTCHA (v2 + v2
+invisible + v3)_ check.
 
 ## Installation
+
 ```shell
 composer require dutchcodingcompany/livewire-recaptcha
 ```
 
 ## Configuration
-Next, read https://developers.google.com/recaptcha/docs/v3 on how to create your own key pair.
 
-The site key and secret key should be defined in your `config/services.php` file:
+Read https://developers.google.com/recaptcha/intro on how to create your own key pair for the specific ReCaptcha
+version you are going to implement.
+
+This package supports the following versions. Note that each version requires a different sitekey/secretkey pair:
+
+| **Version**          | **Docs**                                                          | **Notes**                   |
+|----------------------|-------------------------------------------------------------------|-----------------------------|
+| **v3** (recommended) | [V3 Docs](https://developers.google.com/recaptcha/docs/v3)        |                             |
+| **v2**               | [V2 Docs](https://developers.google.com/recaptcha/docs/display)   |                             |
+| **v2 invisible**     | [V2 Docs](https://developers.google.com/recaptcha/docs/invisible) | Use `'size' => 'invisible'` |
+
+Your options should reside in the `config/services.php` file:
 
 ```php
-// ...
-'google' => [
-    'recaptcha' => [
-        'site_key' => env('GOOGLE_RECAPTCHA_SITE_KEY'),
-        'secret_key' => env('GOOGLE_RECAPTCHA_SECRET_KEY'),
-    ]
-],
+    // V3 config:
+    'google' => [
+        'recaptcha' => [
+            'site_key' => env('GOOGLE_RECAPTCHA_SITE_KEY'),
+            'secret_key' => env('GOOGLE_RECAPTCHA_SECRET_KEY'),
+            'version' => 'v3',
+            'score' => 0.5, // An integer between 0 and 1, that indicates the minimum score to pass the Captcha challenge.
+        ],
+    ],
+
+    // V2 config:
+    'google' => [
+        'recaptcha' => [
+            'site_key' => env('GOOGLE_RECAPTCHA_SITE_KEY'),
+            'secret_key' => env('GOOGLE_RECAPTCHA_SECRET_KEY'),
+            'version' => 'v2',
+            'size' => 'normal', // 'normal', 'compact' or 'invisible'.
+            'theme' => 'light', // 'light' or 'dark'.
+        ],
+    ],
 ```
+
 #### Component
+
 In your Livewire component, at your form submission method, add the `#[ValidatesRecaptcha]` attribute:
 
 ```php
@@ -46,26 +74,29 @@ class SomeComponent extends Component
     }
 }
 ```
-For fine-grained control, you can pass manual site and secret keys using:
+
+For fine-grained control, you can pass a custom secret key and minimum score (applies only to V3) using:
+
 ```php
-#[ValidatesRecaptcha(siteKey: 'mysitekey', secretKey: 'mysecretkey')]
+#[ValidatesRecaptcha(secretKey: 'mysecretkey', score: 0.9)]
 ```
-If you do not pass these, by default, the values are read from the `config/services.php` file.
 
 #### View
+
 On the view side, you have to include the Blade directive `@livewireRecaptcha`. This adds two scripts to the page,
 one for the reCAPTCHA script and one for the custom Livewire directive to hook into the form submission.
 
 Preferrably these scripts are only added to the page that has the Captcha-protected form (alternatively, you can add
 the `@livewireRecaptcha` directive on a higher level, lets say your layout).
 
 Secondly, add the new directive `wire:recaptcha` to the form element that you want to protect.
+
 ```html
 <!-- some-livewire-component.blade.php -->
 
 <!-- (optional) Add error handling -->
 @if($errors->has('gRecaptchaResponse'))
-    <div class="alert alert-danger">{{ $errors->first('gRecaptchaResponse') }}</div>
+<div class="alert alert-danger">{{ $errors->first('gRecaptchaResponse') }}</div>
 @endif
 
 <!-- Add the `wire:recaptcha` Livewire directive -->
@@ -78,16 +109,24 @@ Secondly, add the new directive `wire:recaptcha` to the form element that you wa
 @livewireRecaptcha
 ```
 
-Also here, you are able to set the site-key manually for the directive using:
+You can override any of the configuration values using:
+
 ```html
-@livewireRecaptcha('mysitekey')
+@livewireRecaptcha(
+version: 'v2',
+siteKey: 'abcd_efgh-hijk_LMNOP',
+theme: 'dark',
+size: 'compact',
+)
 ```
 
 #### Finishing up
-The Google reCAPTCHA protection will automatically occur before the actual form is submitted. Before the `save()` method
-is executed, a serverside request will be sent to Google to verify the invisible Captcha challenge. Once the reCAPTCHA response
-has been successful, the actual `save()` method will be executed.
+
+The Google ReCAPTCHA validation will automatically occur before the actual form is submitted. Before the `save()` method
+is executed, a serverside request will be sent to Google to verify the Captcha challenge. Once the reCAPTCHA
+response has been successful, your actual Livewire component method will be executed.
 
 #### Error handling
+
 When an error occurs with the Captcha validation, a ValidationException is thrown for the key `gRecaptchaResponse`.
-There is a translatable error message for `'livewire-recaptcha::recaptcha.invalid_response'`.
+There is a translatable error message available under `'livewire-recaptcha::recaptcha.invalid_response'`.

phpstan-baseline.neon

@@ -1,6 +0,0 @@
-parameters:
-	ignoreErrors:
-		-
-			message: "#^Access to an undefined property Livewire\\\\Component\\:\\:\\$gRecaptchaResponse\\.$#"
-			count: 1
-			path: src/ValidatesRecaptcha.php

src/LivewireRecaptcha.php

@@ -0,0 +1,32 @@
+<?php
+
+namespace DutchCodingCompany\LivewireRecaptcha;
+
+use Illuminate\Support\Facades\Blade;
+use RuntimeException;
+
+class LivewireRecaptcha
+{
+    /**
+     * @param string|null $siteKey
+     * @param 'v2'|'v3'|null $version
+     * @param 'normal'|'compact'|'invisible'|null $size
+     * @param 'light'|'dark'|null $theme
+     * @return string
+     */
+    public static function directive(
+        string $version = null,
+        string $siteKey = null,
+        string $theme = null,
+        string $size = null,
+    ): string {
+        $version ??= config('services.google.recaptcha.version') ?? 'v3';
+
+        return Blade::render(file_get_contents($path = __DIR__."/directive.recaptcha.$version.blade.php") ?: throw new RuntimeException("Failed to load '$path'."),
+            [
+                'siteKey' => $siteKey ?? config('services.google.recaptcha.site_key'),
+                'theme' => $theme ?? config('services.google.recaptcha.theme') ?? 'light',
+                'size' => $size ?? config('services.google.recaptcha.size') ?? 'normal',
+            ]);
+    }
+}

src/LivewireRecaptchaServiceProvider.php

@@ -2,6 +2,7 @@
 
 namespace DutchCodingCompany\LivewireRecaptcha;
 
+use Illuminate\Support\Facades\Blade;
 use Illuminate\Support\ServiceProvider;
 
 class LivewireRecaptchaServiceProvider extends ServiceProvider
@@ -15,6 +16,11 @@ public function boot(): void
         }
 
         $this->loadTranslationsFrom(__DIR__.'/../resources/lang', 'livewire-recaptcha');
+
+        Blade::directive(
+            'livewireRecaptcha',
+            static fn (string $expression): string => "<?php echo \DutchCodingCompany\LivewireRecaptcha\LivewireRecaptcha::directive($expression) ?>",
+        );
     }
 
     public function register(): void

src/ValidatesRecaptcha.php

@@ -4,8 +4,6 @@
 
 use Attribute;
 use Closure;
-use DutchCodingCompany\LivewireRecaptcha\Exceptions\LivewireRecaptchaException;
-use Illuminate\Support\Facades\Blade;
 use Illuminate\Support\Facades\Http;
 use Illuminate\Validation\ValidationException;
 use Livewire\Features\SupportAttributes\Attribute as LivewireAttribute;
@@ -16,27 +14,11 @@
 class ValidatesRecaptcha extends LivewireAttribute
 {
     public function __construct(
-        public ?string $siteKey = null,
         public ?string $secretKey = null,
+        public ?float $score = null,
     ) {
-        $this->siteKey ??= config('services.google.recaptcha.site_key');
         $this->secretKey ??= config('services.google.recaptcha.secret_key');
-    }
-
-    public function boot(): void
-    {
-        Blade::directive(
-            'livewireRecaptcha',
-            function (string $expression) {
-                $siteKey = ! empty($expression) ? str_replace(['"', '\''], '', $expression) : $this->siteKey;
-
-                return str_replace(
-                    '__SITEKEY__',
-                    e($siteKey),
-                    file_get_contents($path = __DIR__.'/directive.recaptcha.php') ?: throw new LivewireRecaptchaException("Failed to load '$path'."),
-                );
-            },
-        );
+        $this->score ??= config('services.google.recaptcha.score') ?? 0.5;
     }
 
     /**
@@ -46,13 +28,16 @@ function (string $expression) {
      */
     public function call(array $params, Closure $returnEarly): void
     {
-        $response = Http::asForm()->post('https://www.google.com/recaptcha/api/siteverify', [
-            'secret' => $this->secretKey,
-            'response' => $this->component->gRecaptchaResponse,
-            'remoteip' => request()->ip(),
-        ])->json();
+        if (isset($this->component->gRecaptchaResponse)) {
+            $response = Http::asForm()->post('https://www.google.com/recaptcha/api/siteverify', [
+                'secret' => $this->secretKey,
+                'response' => $this->component->gRecaptchaResponse,
+                'remoteip' => request()->ip(),
+            ])->json();
+        }
 
-        if ($response['success'] ?? false) {
+        // Check success value and score. The score falls back to 1 since it is not present for v2.
+        if (($response['success'] ?? false) && ($response['score'] ?? 1) >= $this->score) {
             $returnEarly(
                 wrap($this->component)->{$this->subName}(...$params)
             );

src/directive.recaptcha.v2.blade.php

@@ -0,0 +1,48 @@
+<script>
+    let resolver = null;
+    window.googleRecaptchaResponse = new Promise((resolve) => resolver = resolve);
+
+    window.googleRecaptchaOnloadCallback = function () {
+        grecaptcha.render('g-recaptcha-element', {
+            sitekey: @json($siteKey),
+            theme: @json($theme),
+            size: @json($size),
+            callback: resolver,
+        });
+    };
+
+
+    document.addEventListener('livewire:init', () => {
+        Livewire.hook('morph.updated', ({ el, component }) => {
+            grecaptcha.reset();
+        });
+
+        Livewire.directive('recaptcha', ({ el, directive, component, cleanup }) => {
+            const submitExpression = (() => {
+                for (const attr of el.attributes) {
+                    if (attr.name.startsWith('wire:submit')) {
+                        return attr.value;
+                    }
+                }
+            })();
+
+            const onSubmit = async (e) => {
+                e.preventDefault();
+                e.stopImmediatePropagation();
+
+                @if($size === 'invisible')
+                    await grecaptcha.execute();
+                @endif
+
+                const token = await window.googleRecaptchaResponse;
+
+                await component.$wire.$set('gRecaptchaResponse', token);
+
+                Alpine.evaluate(el, "$wire." + submitExpression, { scope: { $event: e } });
+            }
+
+            el.addEventListener('submit', onSubmit, { capture: true });
+        });
+    });
+</script>
+<script src="https://www.google.com/recaptcha/api.js?onload=googleRecaptchaOnloadCallback&render=explicit" async defer></script>

src/directive.recaptcha.php renamed to src/directive.recaptcha.v3.blade.php

@@ -1,10 +1,9 @@
-<script src="https://www.google.com/recaptcha/api.js?render=__SITEKEY__"></script>
 <script>
     document.addEventListener('livewire:init', () => {
         Livewire.directive('recaptcha', ({ el, directive, component, cleanup }) => {
             const submitExpression = (() => {
-                for(const attr of el.attributes) {
-                    if(attr.name.startsWith('wire:submit')) {
+                for (const attr of el.attributes) {
+                    if (attr.name.startsWith('wire:submit')) {
                         return attr.value;
                     }
                 }
@@ -14,11 +13,11 @@
                 e.preventDefault();
                 e.stopImmediatePropagation();
 
-                grecaptcha.ready(() => {
-                    grecaptcha.execute('__SITEKEY__', {action: 'submit'}).then((token) => {
-                        component.$wire.$set('gRecaptchaResponse', token).then(() => {
-                            Alpine.evaluate(el, "$wire." + submitExpression, { scope: { $event: e } });
-                        });
+                grecaptcha.ready(async () => {
+                    const token = await grecaptcha.execute(@json($siteKey), { action: 'submit' });
+
+                    component.$wire.$set('gRecaptchaResponse', token).then(() => {
+                        Alpine.evaluate(el, "$wire." + submitExpression, { scope: { $event: e } });
                     });
                 });
             }
@@ -27,3 +26,4 @@
         });
     });
 </script>
+<script src="https://www.google.com/recaptcha/api.js?render={{ $siteKey }}"></script>

tests/CaptchaTest.php

@@ -51,7 +51,8 @@ public function testInvalidCaptchaResponse(bool $isValid, array $captchaResponse
     public static function provideCaptchaData(): array
     {
         return [
-            'valid response' => [true, ['success' => true]],
+            'valid response' => [true, ['success' => true, 'score' => 0.9]],
+            'valid response, low score' => [false, ['success' => true, 'score' => 0.1]],
             'invalid response' => [false, ['success' => false]],
         ];
     }

tests/Fixtures/MyTestComponent.php

@@ -15,7 +15,7 @@ public function mount(): void
         //
     }
 
-    #[ValidatesRecaptcha(siteKey: 'mysitekey', secretKey: 'mysecretkey')]
+    #[ValidatesRecaptcha]
     public function save(): void
     {
         //

tests/Fixtures/my-test-component.blade.php

@@ -1,9 +1,8 @@
 <div>
 	<form wire:submit="save" wire:recaptcha>
-		<!-- The rest of your form -->
 		<input type="text" />
 		<button type="submit">Submit</button>
 	</form>
 
 	@livewireRecaptcha
-</div>
+</div>