Centralise and allow override of site verify URL

Author: rowan-m

src/ReCaptcha/ReCaptcha.php

@@ -37,12 +37,30 @@ class ReCaptcha
      */
     const VERSION = 'php_1.2';
 
+    /**
+     * URL for reCAPTCHA sitevrerify API
+     * @const string
+     */
+    const SITE_VERIFY_URL = 'https://www.google.com/recaptcha/api/siteverify';
+
     /**
      * Invalid JSON received
      * @const string
      */
     const E_INVALID_JSON = 'invalid-json';
 
+    /**
+     * Could not connect to service
+     * @const string
+     */
+    const E_BAD_CONNECTION = 'bad-connection';
+
+    /**
+     * Did not receive a 200 from the service
+     * @const string
+     */
+    const E_BAD_RESPONSE = 'bad-response';
+
     /**
      * Not a success, but no error codes received!
      * @const string
@@ -115,12 +133,7 @@ public function __construct($secret, RequestMethod $requestMethod = null)
         }
 
         $this->secret = $secret;
-
-        if (!is_null($requestMethod)) {
-            $this->requestMethod = $requestMethod;
-        } else {
-            $this->requestMethod = new RequestMethod\Post();
-        }
+        $this->requestMethod = (is_null($requestMethod)) ? new RequestMethod\Post() : $requestMethod;
     }
 
     /**

src/ReCaptcha/RequestMethod/CurlPost.php

@@ -26,6 +26,7 @@
 
 namespace ReCaptcha\RequestMethod;
 
+use ReCaptcha\ReCaptcha;
 use ReCaptcha\RequestMethod;
 use ReCaptcha\RequestParameters;
 
@@ -36,25 +37,28 @@
  */
 class CurlPost implements RequestMethod
 {
-    /**
-     * URL to which requests are sent via cURL.
-     * @const string
-     */
-    const SITE_VERIFY_URL = 'https://www.google.com/recaptcha/api/siteverify';
-
     /**
      * Curl connection to the reCAPTCHA service
      * @var Curl
      */
     private $curl;
 
-    public function __construct(Curl $curl = null)
+    /**
+     * URL for reCAPTCHA sitevrerify API
+     * @var string
+     */
+    private $siteVerifyUrl;
+
+    /**
+     * Only needed if you want to override the defaults
+     *
+     * @param Curl $curl Curl resource
+     * @param string $siteVerifyUrl URL for reCAPTCHA sitevrerify API
+     */
+    public function __construct(Curl $curl = null, $siteVerifyUrl = null)
     {
-        if (!is_null($curl)) {
-            $this->curl = $curl;
-        } else {
-            $this->curl = new Curl();
-        }
+        $this->curl = (is_null($curl)) ? new Curl() : $curl;
+        $this->siteVerifyUrl = (is_null($siteVerifyUrl)) ? ReCaptcha::SITE_VERIFY_URL : $siteVerifyUrl;
     }
 
     /**
@@ -65,7 +69,7 @@ public function __construct(Curl $curl = null)
      */
     public function submit(RequestParameters $params)
     {
-        $handle = $this->curl->init(self::SITE_VERIFY_URL);
+        $handle = $this->curl->init($this->siteVerifyUrl);
 
         $options = array(
             CURLOPT_POST => true,

src/ReCaptcha/RequestMethod/Post.php

@@ -26,6 +26,7 @@
 
 namespace ReCaptcha\RequestMethod;
 
+use ReCaptcha\ReCaptcha;
 use ReCaptcha\RequestMethod;
 use ReCaptcha\RequestParameters;
 
@@ -35,10 +36,20 @@
 class Post implements RequestMethod
 {
     /**
-     * URL to which requests are POSTed.
-     * @const string
+     * URL for reCAPTCHA sitevrerify API
+     * @var string
      */
-    const SITE_VERIFY_URL = 'https://www.google.com/recaptcha/api/siteverify';
+    private $siteVerifyUrl;
+
+    /**
+     * Only needed if you want to override the defaults
+     *
+     * @param string $siteVerifyUrl URL for reCAPTCHA sitevrerify API
+     */
+    public function __construct($siteVerifyUrl = null)
+    {
+        $this->siteVerifyUrl = (is_null($siteVerifyUrl)) ? ReCaptcha::SITE_VERIFY_URL : $siteVerifyUrl;
+    }
 
     /**
      * Submit the POST request with the specified parameters.
@@ -48,23 +59,16 @@ class Post implements RequestMethod
      */
     public function submit(RequestParameters $params)
     {
-        /**
-         * PHP 5.6.0 changed the way you specify the peer name for SSL context options.
-         * Using "CN_name" will still work, but it will raise deprecated errors.
-         */
-        $peer_key = version_compare(PHP_VERSION, '5.6.0', '<') ? 'CN_name' : 'peer_name';
         $options = array(
             'http' => array(
                 'header' => "Content-type: application/x-www-form-urlencoded\r\n",
                 'method' => 'POST',
                 'content' => $params->toQueryString(),
                 // Force the peer to validate (not needed in 5.6.0+, but still works)
                 'verify_peer' => true,
-                // Force the peer validation to use www.google.com
-                $peer_key => 'www.google.com',
             ),
         );
         $context = stream_context_create($options);
-        return file_get_contents(self::SITE_VERIFY_URL, false, $context);
+        return file_get_contents($this->siteVerifyUrl, false, $context);
     }
 }

src/ReCaptcha/RequestMethod/SocketPost.php

@@ -26,6 +26,7 @@
 
 namespace ReCaptcha\RequestMethod;
 
+use ReCaptcha\ReCaptcha;
 use ReCaptcha\RequestMethod;
 use ReCaptcha\RequestParameters;
 
@@ -36,26 +37,15 @@
  */
 class SocketPost implements RequestMethod
 {
-    /**
-     * reCAPTCHA service host.
-     * @const string
-     */
-    const RECAPTCHA_HOST = 'www.google.com';
-
-    /**
-     * @const string reCAPTCHA service path
-     */
-    const SITE_VERIFY_PATH = '/recaptcha/api/siteverify';
-
     /**
      * @const string Bad request error
      */
-    const BAD_REQUEST = '{"success": false, "error-codes": ["invalid-request"]}';
+    const BAD_CONNECTION = '{"success": false, "error-codes": ["'.ReCaptcha::E_BAD_CONNECTION.'"]}';
 
     /**
      * @const string Bad response error
      */
-    const BAD_RESPONSE = '{"success": false, "error-codes": ["invalid-response"]}';
+    const BAD_RESPONSE = '{"success": false, "error-codes": ["'.ReCaptcha::E_BAD_RESPONSE.'"]}';
 
     /**
      * Socket to the reCAPTCHA service
@@ -64,17 +54,15 @@ class SocketPost implements RequestMethod
     private $socket;
 
     /**
-     * Constructor
+     * Only needed if you want to override the defaults
      *
      * @param \ReCaptcha\RequestMethod\Socket $socket optional socket, injectable for testing
+     * @param string $siteVerifyUrl URL for reCAPTCHA sitevrerify API
      */
-    public function __construct(Socket $socket = null)
+    public function __construct(Socket $socket = null, $siteVerifyUrl = null)
     {
-        if (!is_null($socket)) {
-            $this->socket = $socket;
-        } else {
-            $this->socket = new Socket();
-        }
+        $this->socket = (is_null($socket)) ? new Socket() : $socket;
+        $this->siteVerifyUrl = (is_null($siteVerifyUrl)) ? ReCaptcha::SITE_VERIFY_URL : $siteVerifyUrl;
     }
 
     /**
@@ -87,15 +75,16 @@ public function submit(RequestParameters $params)
     {
         $errno = 0;
         $errstr = '';
+        $urlParsed = parse_url($this->siteVerifyUrl);
 
-        if (false === $this->socket->fsockopen('ssl://' . self::RECAPTCHA_HOST, 443, $errno, $errstr, 30)) {
-            return self::BAD_REQUEST;
+        if (false === $this->socket->fsockopen('ssl://' . $urlParsed['host'], 443, $errno, $errstr, 30)) {
+            return self::BAD_CONNECTION;
         }
 
         $content = $params->toQueryString();
 
-        $request = "POST " . self::SITE_VERIFY_PATH . " HTTP/1.1\r\n";
-        $request .= "Host: " . self::RECAPTCHA_HOST . "\r\n";
+        $request = "POST " . $urlParsed['path'] . " HTTP/1.1\r\n";
+        $request .= "Host: " . $urlParsed['host'] . "\r\n";
         $request .= "Content-Type: application/x-www-form-urlencoded\r\n";
         $request .= "Content-length: " . strlen($content) . "\r\n";
         $request .= "Connection: close\r\n\r\n";

tests/ReCaptcha/RequestMethod/CurlPostTest.php

@@ -62,4 +62,30 @@ public function testSubmit()
         $response = $pc->submit(new RequestParameters("secret", "response"));
         $this->assertEquals('RESPONSEBODY', $response);
     }
+
+    public function testOverrideSiteVerifyUrl()
+    {
+        $url = 'OVERRIDE';
+
+        $curl = $this->getMockBuilder(\ReCaptcha\RequestMethod\Curl::class)
+            ->disableOriginalConstructor()
+            ->setMethods(array('init', 'setoptArray', 'exec', 'close'))
+            ->getMock();
+        $curl->expects($this->once())
+                ->method('init')
+                ->with($url)
+                ->willReturn(new \stdClass);
+        $curl->expects($this->once())
+                ->method('setoptArray')
+                ->willReturn(true);
+        $curl->expects($this->once())
+                ->method('exec')
+                ->willReturn('RESPONSEBODY');
+        $curl->expects($this->once())
+                ->method('close');
+
+        $pc = new CurlPost($curl, $url);
+        $response = $pc->submit(new RequestParameters("secret", "response"));
+        $this->assertEquals('RESPONSEBODY', $response);
+    }
 }

tests/ReCaptcha/RequestMethod/PostTest.php

@@ -61,6 +61,20 @@ public function testSSLContextOptions()
         $this->assertEquals(1, $this->runcount, "The assertion was ran");
     }
 
+    public function testOverrideVerifyUrl()
+    {
+        $req = new Post('https://over.ride/some/path');
+        self::$assert = array($this, 'overrideUrlOptions');
+        $req->submit($this->parameters);
+        $this->assertEquals(1, $this->runcount, "The assertion was ran");
+    }
+
+    public function overrideUrlOptions(array $args)
+    {
+        $this->runcount++;
+        $this->assertEquals('https://over.ride/some/path', $args[0]);
+    }
+
     public function httpContextOptionsCallback(array $args)
     {
         $this->runcount++;
@@ -93,11 +107,6 @@ public function sslContextOptionsCallback(array $args)
         $this->assertArrayHasKey('http', $options);
         $this->assertArrayHasKey('verify_peer', $options['http']);
         $this->assertTrue($options['http']['verify_peer']);
-
-        $key = version_compare(PHP_VERSION, "5.6.0", "<") ? "CN_name" : "peer_name";
-
-        $this->assertArrayHasKey($key, $options['http']);
-        $this->assertEquals("www.google.com", $options['http'][$key]);
     }
 
     protected function assertCommonOptions(array $args)

tests/ReCaptcha/RequestMethod/SocketPostTest.php

@@ -57,6 +57,34 @@ public function testSubmitSuccess()
         $this->assertEquals('RESPONSEBODY', $response);
     }
 
+    public function testOverrideSiteVerifyUrl()
+    {
+        $socket = $this->getMockBuilder(\ReCaptcha\RequestMethod\Socket::class)
+            ->disableOriginalConstructor()
+            ->setMethods(array('fsockopen', 'fwrite', 'fgets', 'feof', 'fclose'))
+            ->getMock();
+        $socket->expects($this->once())
+                ->method('fsockopen')
+                ->with('ssl://over.ride', 443, 0, '', 30)
+                ->willReturn(true);
+        $socket->expects($this->once())
+                ->method('fwrite')
+                ->with($this->matchesRegularExpression('/^POST \/some\/path.*Host: over\.ride/s'));
+        $socket->expects($this->once())
+                ->method('fgets')
+                ->willReturn("HTTP/1.1 200 OK\n\nRESPONSEBODY");
+        $socket->expects($this->exactly(2))
+                ->method('feof')
+                ->will($this->onConsecutiveCalls(false, true));
+        $socket->expects($this->once())
+                ->method('fclose')
+                ->willReturn(true);
+
+        $ps = new SocketPost($socket, 'https://over.ride/some/path');
+        $response = $ps->submit(new RequestParameters("secret", "response", "remoteip", "version"));
+        $this->assertEquals('RESPONSEBODY', $response);
+    }
+
     public function testSubmitBadResponse()
     {
         $socket = $this->getMockBuilder(\ReCaptcha\RequestMethod\Socket::class)
@@ -94,6 +122,6 @@ public function testSubmitBadRequest()
                 ->willReturn(false);
         $ps = new SocketPost($socket);
         $response = $ps->submit(new RequestParameters("secret", "response", "remoteip", "version"));
-        $this->assertEquals(SocketPost::BAD_REQUEST, $response);
+        $this->assertEquals(SocketPost::BAD_CONNECTION, $response);
     }
 }