Merge pull request #219 from mgiraud/verify-url-timeout

Add timeout for the reCAPTCHA verification
excelwebzone · Jan 21, 2019 · 0ab8775 · 0ab8775
2 parents 110f85a + 08d61d8
commit 0ab8775
Show file tree

Hide file tree

Showing 5 changed files with 39 additions and 5 deletions.
diff --git a/src/DependencyInjection/Configuration.php b/src/DependencyInjection/Configuration.php
@@ -35,6 +35,7 @@ public function getConfigTreeBuilder()
                 ->scalarNode('locale_key')->defaultValue('%kernel.default_locale%')->end()
                 ->scalarNode('api_host')->defaultValue('www.google.com')->end()
                 ->booleanNode('locale_from_request')->defaultFalse()->end()
+                ->integerNode('timeout')->min(0)->defaultNull()->end()
 				->arrayNode('trusted_roles')->prototype('scalar')->treatNullLike(array())->end()
             ->end()
         ;

diff --git a/src/Extension/ReCaptcha/RequestMethod/Post.php b/src/Extension/ReCaptcha/RequestMethod/Post.php
@@ -17,14 +17,22 @@ class Post implements RequestMethod
      */
     private $recaptchaVerifyUrl;
 
+    /**
+     * The timeout for the reCAPTCHA verification.
+     *
+     * @var int|null
+     */
+    private $timeout;
+
     /**
      * Constructor
      *
      * @param string $recaptchaVerifyServer
      */
-    public function __construct($recaptchaVerifyServer)
+    public function __construct($recaptchaVerifyServer, $timeout)
     {
         $this->recaptchaVerifyUrl = ($recaptchaVerifyServer ?: 'https://www.google.com').'/recaptcha/api/siteverify';
+        $this->timeout = $timeout;
     }
 
     /**
@@ -51,6 +59,9 @@ public function submit(RequestParameters $params)
                 $peer_key => 'www.google.com',
             ),
         );
+        if (null !== $this->timeout) {
+            $options['http']['timeout'] = $this->timeout;
+        }
         $context = stream_context_create($options);
         return file_get_contents($this->recaptchaVerifyUrl, false, $context);
     }

diff --git a/src/Extension/ReCaptcha/RequestMethod/ProxyPost.php b/src/Extension/ReCaptcha/RequestMethod/ProxyPost.php
@@ -24,16 +24,24 @@ class ProxyPost implements RequestMethod
      */
     private $recaptchaVerifyUrl;
 
+    /**
+     * The timeout for the reCAPTCHA verification.
+     *
+     * @var int|null
+     */
+    private $timeout;
+
     /**
      * Constructor
      *
      * @param array $httpProxy proxy data to connect to
      * @param string $recaptchaVerifyServer
      */
-    public function __construct(array $httpProxy, $recaptchaVerifyServer)
+    public function __construct(array $httpProxy, $recaptchaVerifyServer, $timeout)
     {
         $this->httpProxy = $httpProxy;
         $this->recaptchaVerifyUrl = ($recaptchaVerifyServer ?: 'https://www.google.com').'/recaptcha/api/siteverify';
+        $this->timeout = $timeout;
     }
 
     /**
@@ -64,6 +72,9 @@ public function submit(RequestParameters $params)
                 'request_fulluri' => true,
             ),
         );
+        if (null !== $this->timeout) {
+            $options['http']['timeout'] = $this->timeout;
+        }
         $context = stream_context_create($options);
         return file_get_contents($this->recaptchaVerifyUrl, false, $context);
     }

diff --git a/src/Resources/config/services.yml b/src/Resources/config/services.yml
@@ -31,5 +31,6 @@ services:
             - '@?security.authorization_checker'
             - '%ewz_recaptcha.trusted_roles%'
             - '%ewz_recaptcha.api_host%'
+            - '%ewz_recaptcha.timeout%'
         tags:
             - { name: validator.constraint_validator, alias: 'ewz_recaptcha.true' }
diff --git a/src/Validator/Constraints/IsTrueValidator.php b/src/Validator/Constraints/IsTrueValidator.php
@@ -69,6 +69,13 @@ class IsTrueValidator extends ConstraintValidator
      */
     protected $recaptchaVerifyServer;
 
+    /**
+     * The timeout for the reCAPTCHA verification.
+     *
+     * @var int|null
+     */
+    private $timeout;
+
     /**
      * @param bool                               $enabled
      * @param string                             $privateKey
@@ -78,6 +85,7 @@ class IsTrueValidator extends ConstraintValidator
      * @param AuthorizationCheckerInterface|null $authorizationChecker
      * @param array                              $trustedRoles
      * @param string                             $apiHost
+     * @param int|null                           $timeout
      */
     public function __construct(
         $enabled,
@@ -87,7 +95,8 @@ public function __construct(
         $verifyHost,
         AuthorizationCheckerInterface $authorizationChecker = null,
         array $trustedRoles = array(),
-        $apiHost = 'www.google.com')
+        $apiHost = 'www.google.com',
+        $timeout = null)
     {
         $this->enabled = $enabled;
         $this->privateKey = $privateKey;
@@ -97,6 +106,7 @@ public function __construct(
         $this->authorizationChecker = $authorizationChecker;
         $this->trustedRoles = $trustedRoles;
         $this->recaptchaVerifyServer = 'https://'.$apiHost;
+        $this->timeout = $timeout;
     }
 
     /**
@@ -123,9 +133,9 @@ public function validate($value, Constraint $constraint)
 
         // Verify user response with Google
         if (null !== $this->httpProxy['host'] && null !== $this->httpProxy['port']) {
-            $requestMethod = new ProxyPost($this->httpProxy, $this->recaptchaVerifyServer);
+            $requestMethod = new ProxyPost($this->httpProxy, $this->recaptchaVerifyServer, $this->timeout);
         } else {
-            $requestMethod = new Post($this->recaptchaVerifyServer);
+            $requestMethod = new Post($this->recaptchaVerifyServer, $this->timeout);
         }
         $recaptcha = new ReCaptcha($this->privateKey, $requestMethod);
         $response = $recaptcha->verify($answer, $remoteip);