Refactor

wso2-extensions · May 27, 2024 · 0396df1 · 0396df1
1 parent 1659602
commit 0396df1
Show file tree

Hide file tree

Showing 2 changed files with 34 additions and 15 deletions.
diff --git a/...recovery/src/main/java/org/wso2/carbon/identity/recovery/endpoint/Utils/RecoveryUtil.java b/...recovery/src/main/java/org/wso2/carbon/identity/recovery/endpoint/Utils/RecoveryUtil.java
@@ -403,7 +403,10 @@ private static Properties validateCaptchaConfigs(Properties properties) {
      * @param reCaptchaResponse ReCaptcha response token
      * @param properties        ReCaptcha properties
      * @return httpResponse
+     *
+     * @deprecated Please create a new method with apache httpclient 5.x version
      */
+    @Deprecated
     public static HttpResponse makeCaptchaVerificationHttpRequest(ReCaptchaResponseTokenDTO reCaptchaResponse,
                                                                   Properties properties) {
 

diff --git a/.../src/main/java/org/wso2/carbon/identity/recovery/endpoint/impl/CaptchaApiServiceImpl.java b/.../src/main/java/org/wso2/carbon/identity/recovery/endpoint/impl/CaptchaApiServiceImpl.java
@@ -18,12 +18,15 @@
 package org.wso2.carbon.identity.recovery.endpoint.impl;
 
 import com.google.gson.JsonObject;
-import com.google.gson.JsonParser;
-import org.apache.commons.io.IOUtils;
 import org.apache.commons.logging.Log;
 import org.apache.commons.logging.LogFactory;
-import org.apache.http.HttpEntity;
-import org.apache.http.HttpResponse;
+import org.apache.hc.client5.http.classic.methods.HttpPost;
+import org.apache.hc.client5.http.impl.classic.CloseableHttpClient;
+import org.wso2.carbon.http.client.ClientUtils;
+import org.wso2.carbon.http.client.HttpClientConstants;
+import org.wso2.carbon.http.client.exception.HttpClientException;
+import org.wso2.carbon.http.client.handler.JsonResponseHandler;
+import org.wso2.carbon.http.client.request.HttpPostRequest;
 import org.wso2.carbon.identity.captcha.util.CaptchaConstants;
 import org.wso2.carbon.identity.recovery.endpoint.CaptchaApiService;
 import org.wso2.carbon.identity.recovery.endpoint.Constants;
@@ -33,7 +36,8 @@
 import org.wso2.carbon.identity.recovery.endpoint.dto.ReCaptchaVerificationResponseDTO;
 
 import java.io.IOException;
-import java.io.InputStream;
+import java.util.HashMap;
+import java.util.Map;
 import java.util.Properties;
 import javax.ws.rs.core.Response;
 
@@ -85,17 +89,11 @@ public Response verifyCaptcha(ReCaptchaResponseTokenDTO reCaptchaResponse, Strin
             RecoveryUtil.handleBadRequest("ReCaptcha is disabled", Constants.INVALID);
         }
 
-        HttpResponse response = RecoveryUtil.makeCaptchaVerificationHttpRequest(reCaptchaResponse, properties);
-        HttpEntity entity = response.getEntity();
+        HttpPost httpPost = makeCaptchaVerificationHttpRequest(reCaptchaResponse, properties);
         ReCaptchaVerificationResponseDTO reCaptchaVerificationResponseDTO = new ReCaptchaVerificationResponseDTO();
 
-        if (entity == null) {
-            RecoveryUtil.handleBadRequest("ReCaptcha verification response is not received.",
-                    Constants.STATUS_INTERNAL_SERVER_ERROR_MESSAGE_DEFAULT);
-        }
-        try (InputStream in = entity.getContent()) {
-            JsonObject verificationResponse = new JsonParser().parse(IOUtils.toString(in)).getAsJsonObject();
-
+        try (CloseableHttpClient client = ClientUtils.createClient()) {
+            JsonObject verificationResponse = client.execute(httpPost, new JsonResponseHandler());
             if (CaptchaConstants.RE_CAPTCHA_TYPE_ENTERPRISE.equals(reCaptchaType)) {
                 // For Recaptcha Enterprise.
                 JsonObject tokenProperties = verificationResponse.get(CaptchaConstants.CAPTCHA_TOKEN_PROPERTIES)
@@ -107,12 +105,30 @@ public Response verifyCaptcha(ReCaptchaResponseTokenDTO reCaptchaResponse, Strin
                 reCaptchaVerificationResponseDTO.setSuccess(verificationResponse.get(
                         CaptchaConstants.CAPTCHA_SUCCESS).getAsBoolean());
             }
-        } catch (IOException e) {
+        } catch (HttpClientException e) {
+            if (HttpClientConstants.Error.RESPONSE_ENTITY_EMPTY.getCode().equals(e.getErrorCode())) {
+                RecoveryUtil.handleBadRequest("ReCaptcha verification response is not received.",
+                        Constants.STATUS_INTERNAL_SERVER_ERROR_MESSAGE_DEFAULT);
+            }
             log.error("Unable to read the verification response.", e);
             RecoveryUtil.handleBadRequest("Unable to read the verification response.",
                     Constants.STATUS_INTERNAL_SERVER_ERROR_MESSAGE_DEFAULT);
+        } catch (IOException e) {
+            RecoveryUtil.handleBadRequest(String.format("Unable to get the verification response : %s", e.getMessage()),
+                    Constants.STATUS_INTERNAL_SERVER_ERROR_MESSAGE_DEFAULT);
         }
 
         return Response.ok(reCaptchaVerificationResponseDTO).build();
     }
+
+    private HttpPost makeCaptchaVerificationHttpRequest(ReCaptchaResponseTokenDTO reCaptchaResponse,
+                                                                  Properties properties) {
+
+        String reCaptchaSecretKey = properties.getProperty(CaptchaConstants.RE_CAPTCHA_SECRET_KEY);
+        String reCaptchaVerifyUrl = properties.getProperty(CaptchaConstants.RE_CAPTCHA_VERIFY_URL);
+        Map<String, String> params = new HashMap<>();
+        params.put("secret", reCaptchaSecretKey);
+        params.put("response", reCaptchaResponse.getToken());
+        return HttpPostRequest.createUrlEncodedRequest(reCaptchaVerifyUrl, params);
+    }
 }