public async Task <AkismetResponse> IsSpam(HttpRequest req, Comment comment, FormContents formContents)
{
var userAgent = req.Headers["User-Agent"];
var blog = new Uri(_settings.AkismetBlogUrl);
using (var akismetClient = new AkismetClient(_settings.AkismetApiKey, blog, userAgent))
{
var akismetResult = await akismetClient.IsSpam2(new AkismetComment
{
Blog = blog,
CommentAuthor = comment.Name,
CommentAuthorEmail = formContents.Fields.Email,
CommentContent = comment.Body,
CommentType = "comment", // https://akismet.com/development/api/#comment-check
Permalink = formContents.Options.Origin,
Referrer = req.Headers["Referer"],
UserAgent = userAgent,
UserIp = req.HttpContext.Connection.RemoteIpAddress.ToString()
});
var response = new AkismetResponse
{
IsSpam = akismetResult.IsSpam,
Text = akismetResult.Text,
ProTip = akismetResult.ProTip,
DebugHelp = akismetResult.DebugHelp
};
_log.LogDebug("Akismet result: {0}", response);
return(response);
}
}
public void ThrowsInvalidResponseWhenApiKeyInvalid()
{
// arrange
string userAgent = GetExpectedUserAgent();
var checkUrl = new Uri("http://myapikey.rest.akismet.com/1.1/comment-check");
string parameters = "blog=" + HttpUtility.UrlEncode("http://haacked.com/")
+ "&user_ip=192.168.200.201"
+ "&user_agent=" + HttpUtility.UrlEncode("Mozilla (My Silly Browser)");
var httpClient = new Mock <HttpClient>();
var comment = new Mock <IComment>();
//We'll try a mix of nulls and empty strings.
SetupCallsAnComment(comment
, string.Empty
, string.Empty
, IPAddress.Parse("192.168.200.201")
, "Mozilla (My Silly Browser)"
, null
, null
, null
, null
, string.Empty
, null);
httpClient.Setup(hc => hc.PostRequest(checkUrl, userAgent, 5000, parameters)).Returns("invalid");
var client = new AkismetClient("myapikey", new Uri("http://haacked.com/"), httpClient.Object);
// act, assert
UnitTestHelper.AssertThrows <InvalidResponseException>(() => client.CheckCommentForSpam(comment.Object));
}
public void CanCheckCommentForSpamWithoutOptionalParams()
{
string userAgent = GetExpectedUserAgent();
var checkUrl = new Uri("http://myapikey.rest.akismet.com/1.1/comment-check");
string parameters = "blog=" + HttpUtility.UrlEncode("http://haacked.com/")
+ "&user_ip=192.168.200.201"
+ "&user_agent=" + HttpUtility.UrlEncode("Mozilla (My Silly Browser)");
var httpClient = new Mock <HttpClient>();
var comment = new Mock <IComment>();
//We'll try a mix of nulls and empty strings.
SetupCallsAnComment(comment
, string.Empty
, string.Empty
, IPAddress.Parse("192.168.200.201")
, "Mozilla (My Silly Browser)"
, null
, null
, null
, null
, string.Empty
, null);
httpClient.Setup(hc => hc.PostRequest(checkUrl, userAgent, 5000, parameters)).Returns("true");
var client = new AkismetClient("myapikey", new Uri("http://haacked.com/"), httpClient.Object);
Assert.IsTrue(client.CheckCommentForSpam(comment.Object),
"If the request returns 'false' then we should return false!");
}
public async Task CheckCommentAsyncShouldReturnOkForTheComment()
{
// Arrange
AkismetCredentials akismetCreds = RetrieveAkismetCredentials();
using (AkismetClient akismetClient = new AkismetClient(akismetCreds.ApiKey, akismetCreds.Blog))
{
AkismetCommentRequestModel requestModel = new AkismetCommentRequestModel
{
UserIp = "127.0.0.1",
UserAgent = "Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2) Gecko/20100115 Firefox/3.6",
Referrer = "http://www.google.com",
Permalink = string.Concat(akismetCreds.Blog, "blog/post=1"),
CommentType = "comment",
CommentAuthor = "Tugberk",
CommentAuthorEmail = "*****@*****.**",
CommentAuthorUrl = "http://tugberk.me",
CommentContent = "What do you mean by this? How can we integrate this into our pojects?"
};
// Act
AkismetResponse<bool> response = await akismetClient.CheckCommentAsync(requestModel);
// Assert
Assert.Equal(true, response.IsSuccessStatusCode);
Assert.Equal(false, response.Entity);
}
}
public async Task CheckCommentAsyncShouldReturnSpamForASpamComment()
{
// Arrange
AkismetCredentials akismetCreds = RetrieveAkismetCredentials();
using (AkismetClient akismetClient = new AkismetClient(akismetCreds.ApiKey, akismetCreds.Blog))
{
AkismetCommentRequestModel requestModel = new AkismetCommentRequestModel
{
UserIp = "127.0.0.1",
UserAgent = "Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2) Gecko/20100115 Firefox/3.6",
Referrer = "http://www.google.com/",
Permalink = string.Concat(akismetCreds.Blog, "blog/post=1"),
CommentType = "comment",
CommentAuthor = "best viagra site",
CommentAuthorEmail = "*****@*****.**",
CommentAuthorUrl = "http://bestedpillsonline.net/",
CommentContent = "That's an ingenious way of thinking about it."
};
// Act
AkismetResponse<bool> response = await akismetClient.CheckCommentAsync(requestModel);
// Assert
Assert.Equal(true, response.IsSuccessStatusCode);
Assert.Equal(true, response.Entity);
}
}
public void ConstructorSetsApiKeyAndUrl()
{
var client = new AkismetClient("fake-key", new Uri("http://haacked.com/"), new HttpClient());
Assert.AreEqual(new Uri("http://haacked.com/"), client.BlogUrl);
Assert.AreEqual("fake-key", client.ApiKey);
UnitTestHelper.AssertSimpleProperties(client, "ApiKey");
}
public void CheckCommentForSpam_WithNullComment_ThrowsArgumentNullException()
{
// arrange
var client = new AkismetClient("fake-key", new Uri("http://haacked.com/"), new HttpClient());
// act, assert
UnitTestHelper.AssertThrowsArgumentNullException(() => client.CheckCommentForSpam(null));
}
private void btnVerify_Click(object sender, EventArgs e)
{
try
{
client = new AkismetClient(this.txtApiKey.Text, new Uri(this.txtBlogUrl.Text));
this.txtResponse.Text = client.VerifyApiKey().ToString();
}
catch (Exception exc)
{
this.txtResponse.Text = exc.Message;
}
}
public AkismetSpamService(string apiKey, Blog blog, AkismetClient akismetClient, BlogUrlHelper urlHelper)
{
_blog = blog;
_akismet = akismetClient ?? new AkismetClient(apiKey, urlHelper.BlogUrl().ToFullyQualifiedUrl(blog));
IWebProxy proxy = HttpHelper.GetProxy();
if (proxy != null)
{
_akismet.Proxy = proxy;
}
_urlHelper = urlHelper ?? new BlogUrlHelper(null, null);
}
public HomeController(IQueryProcessorAsync qpa,
ICommandProcessorAsync cp,
ILogger <HomeController> logger,
IOptions <BagomboSettings> options,
AkismetClient akismetClient)
{
_logger = logger;
_qpa = qpa;
_cp = cp;
_settings = options.Value;
_akismetClient = akismetClient;
}
private void btnVerify_Click(object sender, EventArgs e)
{
try
{
client = new AkismetClient(this.txtApiKey.Text, new Uri(this.txtBlogUrl.Text));
this.txtResponse.Text = client.VerifyApiKey().ToString();
}
catch(Exception exc)
{
this.txtResponse.Text = exc.Message;
}
}
public PublicEntryController(IEntryRepository entryRepository,
IUnitOfWork unitOfWork,
AkismetClient akismet,
IConfiguration config,
IHttpContextAccessor contextAccessor,
IMapper mapper)
{
_entryRepository = entryRepository;
_unitOfWork = unitOfWork;
_akismet = akismet;
_config = config;
_contextAccessor = contextAccessor;
_mapper = mapper;
}
public void CanVerifyApiKeyIsWrong()
{
//act
string userAgent = GetExpectedUserAgent();
var verifyUrl = new Uri("http://rest.akismet.com/1.1/verify-key");
string parameters = "key=" + HttpUtility.UrlEncode("wrong-key") + "&blog=" +
HttpUtility.UrlEncode("http://haacked.com/");
var httpClient = new Mock <HttpClient>();
httpClient.Setup(hc => hc.PostRequest(verifyUrl, userAgent, 5000, parameters, null)).Returns("invalid");
var client = new AkismetClient("wrong-key", new Uri("http://haacked.com/"), httpClient.Object);
//act
bool isVerified = client.VerifyApiKey();
//assert
Assert.IsFalse(isVerified, "If the request returns 'invalid' then we should return false!");
}
public void CanCheckCommentWithArbitraryServerParams()
{
string userAgent = GetExpectedUserAgent();
var checkUrl = new Uri("http://myapikey.rest.akismet.com/1.1/comment-check");
string parameters = "blog=" + HttpUtility.UrlEncode("http://haacked.com/")
+ "&user_ip=192.168.200.201"
+ "&user_agent=" + HttpUtility.UrlEncode("Mozilla (My Silly Browser)")
+ "&Making=" + HttpUtility.UrlEncode("This-Stuff")
+ "&Up=" + HttpUtility.UrlEncode("As I-Go-Along");
var httpClient = new Mock <HttpClient>();
var comment = new Mock <IComment>();
var extendedProps = new NameValueCollection();
extendedProps.Add("Making", "This-Stuff");
extendedProps.Add("Up", "As I-Go-Along");
//We'll try a mix of nulls and empty strings.
SetupCallsAnComment(comment
, string.Empty
, string.Empty
, IPAddress.Parse("192.168.200.201")
, "Mozilla (My Silly Browser)"
, null
, null
, null
, null
, string.Empty
, extendedProps);
httpClient.Setup(hc => hc.PostRequest(checkUrl, userAgent, 5000, parameters)).Returns("false");
var client = new AkismetClient("myapikey", new Uri("http://haacked.com/"), httpClient.Object);
Assert.IsFalse(client.CheckCommentForSpam(comment.Object),
"If the request returns 'false' then we should return false!");
}
public void SubmitHamTest(string urlEnding, bool isHam)
{
string userAgent = GetExpectedUserAgent();
var checkUrl = new Uri("http://myapikey.rest.akismet.com/1.1/" + urlEnding);
string parameters = "blog=" + HttpUtility.UrlEncode("http://haacked.com/")
+ "&user_ip=192.168.200.201"
+ "&user_agent=" + HttpUtility.UrlEncode("Mozilla (My Silly Browser)");
var httpClient = new Mock <HttpClient>();
var comment = new Mock <IComment>();
//We'll try a mix of nulls and empty strings.
SetupCallsAnComment(comment
, string.Empty
, string.Empty
, IPAddress.Parse("192.168.200.201")
, "Mozilla (My Silly Browser)"
, null
, null
, null
, null
, string.Empty
, null);
httpClient.Setup(hc => hc.PostRequest(checkUrl, userAgent, 5000, parameters)).Returns(string.Empty);
var client = new AkismetClient("myapikey", new Uri("http://haacked.com/"), httpClient.Object);
if (isHam)
{
client.SubmitHam(comment.Object);
}
else
{
client.SubmitSpam(comment.Object);
}
}
public void CanCheckCommentForSpam()
{
string userAgent = GetExpectedUserAgent();
var checkUrl = new Uri("http://myapikey.rest.akismet.com/1.1/comment-check");
string parameters = "blog=" + HttpUtility.UrlEncode("http://haacked.com/")
+ "&user_ip=10.0.0.1"
+ "&user_agent=" + HttpUtility.UrlEncode("Mozilla (My Silly Browser)")
+ "&referer=" + HttpUtility.UrlEncode("http://example.com/none-of-your-business/")
+ "&permalink=" + HttpUtility.UrlEncode("http://example.com/i-am-right-you-are-wrong/")
+ "&comment_type=comment"
+ "&comment_author=Your+Mama"
+ "&comment_author_email=" + HttpUtility.UrlEncode("*****@*****.**")
+ "&comment_author_url=" + HttpUtility.UrlEncode("http://mysite.example.com/foo/")
+ "&comment_content=" +
HttpUtility.UrlEncode("This is my rifle. There are many like it, but this one is MINE.");
var httpClient = new Mock <HttpClient>();
var comment = new Mock <IComment>();
SetupCallsAnComment(comment
, "Your Mama"
, "*****@*****.**"
, IPAddress.Parse("10.0.0.1")
, "Mozilla (My Silly Browser)"
, "http://example.com/none-of-your-business/"
, new Uri("http://example.com/i-am-right-you-are-wrong/")
, "comment"
, new Uri("http://mysite.example.com/foo/")
, "This is my rifle. There are many like it, but this one is MINE."
, null);
httpClient.Setup(hc => hc.PostRequest(checkUrl, userAgent, 5000, parameters)).Returns("true");
var client = new AkismetClient("myapikey", new Uri("http://haacked.com/"), httpClient.Object);
Assert.IsTrue(client.CheckCommentForSpam(comment.Object),
"If the request returns 'false' then we should return false!");
}
public async Task <IActionResult> New(int threadID, IFormCollection collection)
{
var thread = _context.Threads
.Include(t => t.Posts)
.ThenInclude(p => p.User)
.Where(t => t.ID == threadID)
.FirstOrDefault();
var user = await _userManager.GetUserAsync(HttpContext.User);
var canBump = Util.CanBump(
thread.Posts.FirstOrDefault().User, thread.Posts.FirstOrDefault().IP, user, Util.GetCurrentIPString(Request));
var isOP = Util.IsOP(
thread.Posts.FirstOrDefault().User, thread.Posts.FirstOrDefault().IP, user, Util.GetCurrentIPString(Request));
collection.TryGetValue("Text", out StringValues text);
if (Util.IsBanned(user, Util.GetCurrentIPString(Request), _context))
{
return(RedirectToAction("Error", "Home"));
}
var client = new HttpClient();
var akismet = new AkismetClient("https://ignorama.azurewebsites.net/", Util.AkismetKey, client);
var akismetComment = new AkismetComment()
{
Blog = "https://ignorama.azurewebsites.net/",
UserIp = Util.GetCurrentIPString(Request),
UserAgent = Request.Headers["User-Agent"].ToString(),
Referrer = Request.Headers["Referer"].ToString(),
Permalink = "https://ignorama.azurewebsites.net/Threads/View/" + threadID.ToString(),
CommentType = "reply",
Author = user?.UserName,
AuthorEmail = null,
AuthorUrl = null,
Content = text,
};
var isSpam = await akismet.IsCommentSpam(akismetComment);
if (!isSpam)
{
try
{
var roles = Util.GetRoles(user, _userManager);
if (!thread.Locked || roles.Contains("Moderator"))
{
collection.TryGetValue("Anonymous", out StringValues anonymous);
collection.TryGetValue("Bump", out StringValues bump);
collection.TryGetValue("RevealOP", out StringValues revealOP);
var post = new Post
{
Thread = thread,
User = user,
IP = Util.GetCurrentIPString(Request),
Text = text,
Time = DateTime.UtcNow,
Deleted = false,
Anonymous = anonymous == "on" ? true : false,
Bump = bump == "on" && canBump ? true : false,
RevealOP = revealOP == "on" && isOP ? true : false,
};
await _context.AddAsync(post);
await _context.SaveChangesAsync();
return(new OkObjectResult(collection));
}
else
{
return(new JsonResult(new { error = "Cannot post reply: thread locked." }));
}
}
catch
{
return(new BadRequestObjectResult(collection));
}
}
else
{
return(new JsonResult(new
{
error = "Cannot post reply: Spam detected. If this was in error, please contact the administrator."
}));
}
}
public AkismetSpamBlockingService(string apiKey, string blogUrl)
{
akismetClient = new AkismetClient(apiKey, new Uri(blogUrl));
}
public async Task <IActionResult> New(NewThreadViewModel model)
{
var user = await _userManager.GetUserAsync(HttpContext.User);
if (Util.IsBanned(user, Util.GetCurrentIPString(Request), _context))
{
return(RedirectToAction("Error", "Home"));
}
if (ModelState.IsValid)
{
var client = new HttpClient();
var akismet = new AkismetClient("https://ignorama.azurewebsites.net/", Util.AkismetKey, client);
var akismetComment = new AkismetComment()
{
Blog = "https://ignorama.azurewebsites.net/",
UserIp = Util.GetCurrentIPString(Request),
UserAgent = Request.Headers["User-Agent"].ToString(),
Referrer = Request.Headers["Referer"].ToString(),
Permalink = "https://ignorama.azurewebsites.net/",
CommentType = "forum-post",
Author = user?.UserName,
AuthorEmail = null,
AuthorUrl = null,
Content = model.Text,
};
var isSpam = await akismet.IsCommentSpam(akismetComment);
if (!isSpam)
{
var thread = new Thread
{
Title = model.Title,
Stickied = false,
Locked = false,
Deleted = false,
Tag = _context.Tags
.Include(tag => tag.WriteRole)
.Where(tag => tag.ID == model.TagID)
.FirstOrDefault()
};
if (!Util.GetRoles(user, _userManager).Contains(thread.Tag.WriteRole.Name))
{
return(RedirectToAction("Error", "Home"));
}
var post = new Post
{
Thread = thread,
User = user,
Text = model.Text,
Time = DateTime.UtcNow,
Deleted = false,
Bump = true,
RevealOP = true,
Anonymous = model.Anonymous,
IP = Util.GetCurrentIPString(Request)
};
_context.Threads.Add(thread);
_context.Posts.Add(post);
await _context.SaveChangesAsync();
return(RedirectToAction("View", "Threads", new { threadID = thread.ID }));
}
else
{
return(RedirectToAction("Spam", "Home"));
}
}
return(RedirectToAction());
}
