Feature/use hcaptcha if bot (#430)

* Handle hcaptch required identity response * Refactor iframe component for captcha and webauthn * Send captcha token to server * Add captcha callback * Clear captcha state * Remove captcha storage * linter fixes * Rename iframe components to include IFrame * Remove callback in favor of extenting submit * Limit publickey credentials access * Use captcha bypass token to bypass captcha for twofactor auth flows * Linter fixes * Set iframe version in components
2026-01-08 19:43:45 +00:00 · 2021-07-21 07:55:26 -05:00
parent 00acbce556
commit 1006f50ef3
13 changed files with 143 additions and 47 deletions
--- a/common/src/models/request/tokenRequest.ts
+++ b/common/src/models/request/tokenRequest.ts
@@ -13,10 +13,11 @@ export class TokenRequest {
    token: string;
    provider: TwoFactorProviderType;
    remember: boolean;
+    captchaToken: string;
    device?: DeviceRequest;

    constructor(credentials: string[], codes: string[], clientIdClientSecret: string[], provider: TwoFactorProviderType,
-        token: string, remember: boolean, device?: DeviceRequest) {
+        token: string, remember: boolean, captchaToken: string, device?: DeviceRequest) {
        if (credentials != null && credentials.length > 1) {
            this.email = credentials[0];
            this.masterPasswordHash = credentials[1];
@@ -32,6 +33,7 @@ export class TokenRequest {
        this.provider = provider;
        this.remember = remember;
        this.device = device != null ? device : null;
+        this.captchaToken = captchaToken;
    }

    toIdentityToken(clientId: string) {
@@ -71,6 +73,11 @@ export class TokenRequest {
            obj.twoFactorRemember = this.remember ? '1' : '0';
        }

+        if (this.captchaToken != null) {
+            obj.captchaResponse = this.captchaToken;
+        }
+
+
        return obj;
    }