ReCaptcha企业应用编程接口调用始终返回0分,但仪表板显示每个分数等于或大于0.8
ReCaptcha企业应用编程接口调用始终返回0分,但仪表板显示每个分数等于或大于0.8
提问于 2021-05-18 01:28:48
我为我的前端创建了一个AWS Enterprise项目,并且正在尝试验证ReCaptcha Lambda中的评估。
ReCaptcha项目如下所示:ReCaptcha Settings
前端代码是一个react应用程序,但我只是按照文档使用脚本。这一切似乎都奏效了。我可以解开验证码并得到答案。
const [captchaAnswer, setCaptchaAnswer] = useState<string | null>(null);
useEffect(() => {
const script = document.createElement('script');
script.src = "https://www.google.com/recaptcha/enterprise.js";
script.async = true;
script.defer = true;
document.body.appendChild(script);
return () => {
document.body.removeChild(script);
}
}, []);
window.reCaptchaCallback = function (response: string) {
setCaptchaAnswer(response);
};
const submit = () => {
//Submits the answer to my lambda
}
return (
<div className="g-recaptcha" data-sitekey="<SITEKEY>" data-callback="reCaptchaCallback" />
);接下来是lambda,它被Cognito作为触发器调用。
const axios = require("axios");
const config = {
PROJECT_ID: "<PROJECTID>",
API_KEY: "<APIKEY>", //actually gotten from secret manager
SITE_KEY:"<SITEKEY>"
};
exports.handler = async (event) => {
console.log(event);
if (event.triggerSource === "PreSignUp_AdminCreateUser") {
return event;
}
if (!event.request.validationData) {
throw new Error('Missing validation data');
}
try {
const verifyResponse = await axios({
method: 'post',
url: `https://recaptchaenterprise.googleapis.com/v1beta1/projects/${config.PROJECT_ID}/assessments?key=${config.API_KEY}`,
body: {
event: {
token: event.request.validationData.token, //I have confirmed this is correctly passed from front end to here
siteKey: config.SITE_KEY
expectedAction: "" //Tried it with and without this. Documentation say it isn't being used
}
},
headers: { "Content-Type": "application/x-www-form-urlencoded" }
});
console.log(JSON.stringify(verifyResponse.data));
if (verifyResponse.data.score >= 0) {
event.response.autoConfirmUser = true;
return event;
} else {
throw new Error('Recaptcha verification failed');
}
} catch (error) {
console.error(error);
throw new Error("Recaptcha verification failed. Please retry");
}
};这是我总是得到的回应。
{
"name": "projects/<PROJECT>/assessments/924d7fc3f0000000",
"score": 0,
"reasons": []
}然而,recaptcha dashboard显示所有的评估都是>= 0.8,我不知道我做错了什么。谢谢你的帮助。
回答 3
Stack Overflow用户
发布于 2021-07-16 12:57:55
根据我的经验,响应中缺少tokenProperties意味着googleapis.com无法读取您的帖子数据。
对于您的情况,首先预期的内容类型应该是json:
"Content-Type": "application/json; charset=utf-8"如果更改上面的设置不能解决问题,那么尝试将post数据从object/dict/json改为string。
提示:通常,当我们在代码中无法获得预期的响应时,我们可以尝试在curl或jmeter等简单的工具中尝试目标请求,以找出问题所在,然后将解决方案复制回我们的代码中。
Stack Overflow用户
发布于 2022-02-04 10:00:52
这是为我工作的卷发,也许可以帮助你。在您的代码中,检查正文并发送一个“event”对象,其中包含“event”对象。
curl -H 'Content-Type: application/x-www-form-urlencoded' -X POST https://recaptchaenterprise.googleapis.com/v1beta1/projects/${here-is-your-id-project}/assessments?key=${here-is-your-secret-key-defined-on-credentials-api-section} -d 'assessment.event.token=${response-token-coming-from-grecaptcha.enterprise.execute-method-on-web-site}' -d 'assessment.event.site_key=${here-is-your-public-key-defined-on-recaptcha-service-section}'这是响应:
{
"name": "projects/xxxx/assessments/xxxxx",
"event": {
"token": "${response-token-coming-from-grecaptcha.enterprise.execute-method-on-web-site}",
"siteKey": "${here-is-your-public-key-defined-on-recaptcha-service-section}",
"userAgent": "",
"userIpAddress": "",
"expectedAction": "",
"hashedAccountId": ""
},
"score": 0.9,
"tokenProperties": {
"valid": true,
"invalidReason": "INVALID_REASON_UNSPECIFIED",
"hostname": "your-host-goes-here",
"action": "login",
"createTime": "2022-02-03T19:08:01.612Z"
},
"reasons": []
}我的GCP配置:
创建一个recaptcha服务并从此处获取公共站点密钥(https://console.cloud.google.com/security/recaptcha)。我在curl中使用过 ApiKey 'assessment.event.site_key=${here-is-your-public-key-defined-on-recaptcha-service-section}'
- create a ApiKey到凭证服务中,并将其与以前的recaptcha服务绑定。我在key=${here-is-your-secret-key-defined-on-credentials-api-section} https://console.cloud.google.com/apis/credentials/key
的卷发中用过
就这样
Stack Overflow用户
发布于 2022-02-16 10:17:51
我也遇到了同样的问题。如果有人现在就拥有它,那么答案是:使用.post将axios调用更改为一个
const { data } = await axios.post(
`https://recaptchaenterprise.googleapis.com/v1beta1/projects/${CAPTCHA_PROJECT_ID}/assessments?key=${CAPTCHA_API_KEY}`,
{
event: {
token: tokenValue,
siteKey: CAPTCHA_SITE_KEY,
expectedAction: "YOUR_ACTION",
},
},
{
headers: {
"Content-Type": "application/json; charset=utf-8",
},
});页面原文内容由Stack Overflow提供。腾讯云小微IT领域专用引擎提供翻译支持
原文链接:
https://stackoverflow.com/questions/67574429
复制相关文章
相似问题
腾讯云开发者
