Use base Altcha payload for challenge verification

Author: Fabinatix97

captchaservice-backend/src/main/java/de/muenchen/captchaservice/data/ExtendedPayload.java

@@ -14,4 +14,18 @@ public class ExtendedPayload extends Altcha.Payload {
      */
     private Long took;
 
+    /**
+     * Converts this {@code ExtendedPayload} instance into a plain {@link Altcha.Payload}
+     * object that contains only the standard fields required for validation.
+     */
+    public Altcha.Payload toBasePayload() {
+        Altcha.Payload base = new Altcha.Payload();
+        base.algorithm = this.algorithm;
+        base.challenge = this.challenge;
+        base.number = this.number;
+        base.salt = this.salt;
+        base.signature = this.signature;
+        return base;
+    }
+
 }

captchaservice-backend/src/main/java/de/muenchen/captchaservice/service/captcha/CaptchaService.java

@@ -57,7 +57,8 @@ public boolean verify(final String siteKey, final ExtendedPayload payload, final
             return false;
         }
         try {
-            final boolean isValid = Altcha.verifySolution(payload, captchaProperties.hmacKey(), true);
+            Altcha.Payload base = payload.toBasePayload();
+            final boolean isValid = Altcha.verifySolution(base, captchaProperties.hmacKey(), true);
             if (isValid) {
                 metricsService.recordVerifySuccess(siteKey, sourceAddress);