public async Task ValidateToken <T>(RecaptchaRequest <T> request)
{
if (request == null)
{
throw new Exception("Invalid recaptcha request");
}
var uri = $"{_verificationUrl}?secret={_secret}&response={request.Token}";
var requestPayload = new HttpRequestMessage(HttpMethod.Post, uri);
var responseMessage = await httpClient.SendAsync(requestPayload);
responseMessage.EnsureSuccessStatusCode();
var responseString = await responseMessage.Content.ReadAsStringAsync();
var response = JsonConvert.DeserializeObject <RecaptchaResponse>(responseString);
if (!response.Success)
{
throw new Exception($"Recaptcha Verification Failed: {responseString}");
}
else if (response.Score < _minScore)
{
throw new Exception($"Recaptcha Score Too Low: {responseString}");
}
}
public async Task <GenericResponse <decimal?> > GetSmartSpotQuoteAsync(RecaptchaRequest <LoadshopSmartSpotQuoteRequest> request)
{
await _recaptchaService.ValidateToken(request);
AssertConfig();
var response = new GenericResponse <decimal?>();
var awsModel = await MapFromLoadshopSmartSpotQuoteRequest(request.Data, response);
if (!response.IsSuccess)
{
return(response);
}
response.Data = await RequestQuoteFromAWS(awsModel);
_db.Add(new SmartSpotPriceQuoteLogEntity
{
SmartSpotPriceQuoteLogId = Guid.NewGuid(),
Miles = awsModel.DirectMiles,
Weight = awsModel.Weight,
EquipmentId = awsModel.EquipmentId,
OrigState = awsModel.OrigState,
Orig3Zip = awsModel.O3Zip,
DestState = awsModel.DestState,
Dest3Zip = awsModel.D3Zip,
PkupDate = awsModel.PkupDate,
SmartSpotPrice = response.Data ?? 0,
UserId = _userContext.UserId
});
await _db.SaveChangesAsync(_userContext.UserName);
return(response);
}
public RecaptchaResponse Validate(RecaptchaRequest recaptchaRequest)
{
var result = new RecaptchaResponse
{
Success = false
};
var request = new FormUrlEncodedContent(new[]
{
new KeyValuePair<string, string>("secret", _configurationManager.GetAppSettingAs<string>(AppSettingsRecaptchaSecretKey)),
new KeyValuePair<string, string>("response", recaptchaRequest.Token),
new KeyValuePair<string, string>("remoteip", recaptchaRequest.IpAddress)
});
var response = _client.PostAsync(ApiUrl, request).Result;
if (response.IsSuccessStatusCode)
{
var contents = response.Content.ReadAsStringAsync().Result;
if (!string.IsNullOrEmpty(contents))
{
result = JsonConvert.DeserializeObject<RecaptchaResponse>(contents, new StringEnumConverter());
}
}
return result;
}
public bool RecaptchaValidate(RecaptchaRequest model)
{
if (string.IsNullOrEmpty(model.Secret) || string.IsNullOrEmpty(model.Response)) return false;
var client = new System.Net.WebClient();
var googleReply = client.DownloadString($"https://www.google.com/recaptcha/api/siteverify?secret={model.Secret}&response={model.Response}");
return JsonConvert.DeserializeObject<GoogleRecaptchaResponse>(googleReply).Success;
}
private bool IsCaptchaValid(RecaptchaRequest captchaRequest)
{
using (var httpClient = new HttpClient())
{
var request = new HttpRequestMessage(HttpMethod.Post, "https://www.google.com/recaptcha/api/siteverify");
request.Content = new FormUrlEncodedContent(new[]
{
new KeyValuePair <string, string>("secret", captchaRequest.Secret),
new KeyValuePair <string, string>("response", captchaRequest.Response),
new KeyValuePair <string, string>("remoteip", captchaRequest.RemoteIp)
});
var response = httpClient.SendAsync(request).Result;
request.Dispose();
if (response != null && response.Content != null && response.IsSuccessStatusCode)
{
var responseContent = response.Content.ReadAsStringAsync().Result;
response.Dispose();
if (responseContent != null)
{
var recaptchaResponse = JsonConvert.DeserializeObject <RecaptchaResponse>(responseContent);
return(recaptchaResponse.Success);
}
}
return(false);
}
}
public void MissingRequest()
{
_request = null;
_service.Awaiting(x => x.ValidateToken(_request))
.Should()
.Throw <Exception>()
.WithMessage("Invalid recaptcha request");
}
public async Task <IActionResult> QuoteAsync([FromBody] RecaptchaRequest <LoadshopSmartSpotQuoteRequest> request)
{
var response = await _svc.GetSmartSpotQuoteAsync(request);
if (!response.IsSuccess)
{
var problemDetails = new ValidationProblemDetails(response.ModelState)
{
Title = "Send \"In Transit\" Status",
Detail = "One or more errors occurred when trying to retrieve the Smart Spot Quote. See form for error details",
Status = (int)HttpStatusCode.BadRequest,
Instance = $"urn:kbxl:error:{Guid.NewGuid()}"
};
return(BadRequest(problemDetails));
}
return(Success(response.Data));
}
public ValidateToken(TestFixture testFixture)
{
_httpHandler = new Mock <HttpMessageHandler>();
_mockConfig = new Mock <IConfigurationRoot>();
_mockConfig.SetupGet(x => x["GoogleReCaptchaAcceptableScore"]).Returns("0.8");
_mockConfig.SetupGet(x => x["GoogleReCaptchaSiteVerify"]).Returns(URL);
_mockConfig.SetupGet(x => x["GoogleReCaptchaV3Secret"]).Returns("SECRET");
_mockConfig.SetupGet(x => x["ProxyAddress"]).Returns((string)null);
_request = new RecaptchaRequest <object>
{
Token = "RECAPTCHA_TOKEN",
Data = null
};
InitService();
}
public HttpResponseMessage sendCaptcha(RecaptchaRequest model)
{
if (!ModelState.IsValid)
{
return(Request.CreateErrorResponse(HttpStatusCode.BadRequest, ModelState));
}
ItemResponse <bool> response = new ItemResponse <bool>();
string key = model.secret;
string request = model.response;
bool isCaptchaValid = RecaptchaService.Validate(request, key);
response.Item = isCaptchaValid;
return(Request.CreateResponse(HttpStatusCode.OK, response));
}
public bool Validate([FromBody] RecaptchaRequest request)
{
if (string.IsNullOrEmpty(request.Response))
{
return(false);
}
var secret = "6Lf_riMUAAAAAMSczpv9Ll0DZVynuoKVCDbl3Jvs";
if (string.IsNullOrEmpty(secret))
{
return(false);
}
var client = new System.Net.WebClient();
var googleReply = client.DownloadString(
$"https://www.google.com/recaptcha/api/siteverify?secret={secret}&response={request.Response}&remoteip={request.RemoteIp}");
return(JsonConvert.DeserializeObject <RecaptchaResponse>(googleReply).Success);
}
public ActionResult AddSession(SessionSubmissionViewModel viewModel)
{
try
{
var recaptchaRequest = new RecaptchaRequest
{
Secret = ConfigurationManager.AppSettings["Google.ReCaptcha.Secret"],
Response = Request.Form["g-recaptcha-response"],
RemoteIp = Request.UserHostAddress
};
if (TryValidateModel(viewModel) && IsCaptchaValid(recaptchaRequest))
{
if (_sessionSubmissionService.AddSession(viewModel))
{
return(new RedirectResult("https://www.dddmelbourne.com/submit-a-session/success/"));
}
}
}
catch (Exception) {}
return(new RedirectResult("https://www.dddmelbourne.com/submit-a-session/failure/"));
}
public GetSmartSpotQuote(TestFixture fixture)
{
_config = new SmartSpotPriceConfig
{
ApiUrl = URL,
AccessKeyId = "access-key-id",
SecretAccessKey = "secret-access-key",
Service = "service-name",
Region = "us-east-1"
};
_db = new MockDbBuilder()
.Build();
_mapper = fixture.Mapper;
_httpHandler = new Mock <HttpMessageHandler>();
var expectedResponse = new HttpResponseMessage(HttpStatusCode.OK)
{
Content = new StringContent(JsonConvert.SerializeObject(new AWSSmartSpotPriceResponse {
Results = new List <decimal> {
EXPECTED_SPOT_PRICE_0
}
}))
};
_httpHandler.SetupRequest(HttpMethod.Post, URL)
.ReturnsAsync(expectedResponse);
_userContext = new Mock <IUserContext>();
_userContext.SetupGet(_ => _.UserId).Returns(USER_ID);
_userContext.SetupGet(_ => _.UserName).Returns(USER_NAME);
_recaptchaService = new Mock <IRecaptchaService>();
_mileageService = new Mock <IMileageService>();
_mileageService.Setup(_ => _.GetDirectMiles(It.IsAny <MileageRequestData>())).Returns(100);
_securityService = new Mock <ISecurityService>();
_securityService.Setup(_ => _.GetContractedCarriersByPrimaryCustomerIdAsync()).ReturnsAsync(CARRIERS.AsReadOnly());
_shippingService = new Mock <IShippingService>();
_loadCarrierGroupService = new Mock <ILoadCarrierGroupService>();
InitService();
_request = new RecaptchaRequest <LoadshopSmartSpotQuoteRequest>
{
Token = "RECAPTCHA_TOKEN",
Data = new LoadshopSmartSpotQuoteRequest
{
OriginCity = "Mosinee",
OriginState = "WI",
OriginPostalCode = "54455",
OriginCountry = "USA",
DestinationCity = "Stevens Point",
DestinationState = "WI",
DestinationPostalCode = "54481",
DestinationCountry = "USA",
EquipmentId = "53TF102",
Weight = 1000,
PickupDate = new DateTime(2020, 02, 01)
}
};
}
