Commit 500370208c37f70f430104f0851e1d33beaff3b5

Authored by Fernando Ribeiro
Exists in DSpace52++

Merge branch 'recaptcha' into 'DSpace52++'

Requesting Item now need ReCaptcha to be filled

Dspace reads key form dspace.cfg

See merge request !16
dspace-api/pom.xml
... ... @@ -676,6 +676,11 @@
676 676 <version>1</version>
677 677 <type>jar</type>
678 678 </dependency>
  679 + <dependency>
  680 + <groupId>org.glassfish</groupId>
  681 + <artifactId>javax.json</artifactId>
  682 + <version>1.0.2</version>
  683 + </dependency>
679 684 </dependencies>
680 685  
681 686 </project>
... ...
dspace-api/src/main/java/pt/uminho/sdum/utils/VerifyRecaptcha.java
... ... @@ -0,0 +1,80 @@
  1 +package pt.uminho.sdum.utils;
  2 +
  3 +
  4 +import org.dspace.core.ConfigurationManager;
  5 +
  6 +import java.io.BufferedReader;
  7 +import java.io.DataOutputStream;
  8 +import java.io.IOException;
  9 +import java.io.InputStreamReader;
  10 +import java.io.StringReader;
  11 +import java.net.URL;
  12 +
  13 +import javax.json.Json;
  14 +import javax.json.JsonObject;
  15 +import javax.json.JsonReader;
  16 +import javax.net.ssl.HttpsURLConnection;
  17 +
  18 +public class VerifyRecaptcha {
  19 +
  20 + public static final String url = "https://www.google.com/recaptcha/api/siteverify";
  21 + private static final String secret = ConfigurationManager.getProperty("rcaap.google.recaptcha.secret");
  22 + private final static String USER_AGENT = "Mozilla/5.0";
  23 +
  24 + public static boolean verify(String gRecaptchaResponse) throws IOException {
  25 + if(secret==null || secret.equals(""))
  26 + return true;
  27 +
  28 + if (gRecaptchaResponse == null || "".equals(gRecaptchaResponse)) {
  29 + return false;
  30 + }
  31 +
  32 + try {
  33 + URL obj = new URL(url);
  34 + HttpsURLConnection con = (HttpsURLConnection) obj.openConnection();
  35 +
  36 + // add reuqest header
  37 + con.setRequestMethod("POST");
  38 + con.setRequestProperty("User-Agent", USER_AGENT);
  39 + con.setRequestProperty("Accept-Language", "en-US,en;q=0.5");
  40 +
  41 + String postParams = "secret=" + secret + "&response="
  42 + + gRecaptchaResponse;
  43 +
  44 + // Send post request
  45 + con.setDoOutput(true);
  46 + DataOutputStream wr = new DataOutputStream(con.getOutputStream());
  47 + wr.writeBytes(postParams);
  48 + wr.flush();
  49 + wr.close();
  50 +
  51 + int responseCode = con.getResponseCode();
  52 + System.out.println("\nSending 'POST' request to URL : " + url);
  53 + System.out.println("Post parameters : " + postParams);
  54 + System.out.println("Response Code : " + responseCode);
  55 +
  56 + BufferedReader in = new BufferedReader(new InputStreamReader(
  57 + con.getInputStream()));
  58 + String inputLine;
  59 + StringBuilder response = new StringBuilder();
  60 +
  61 + while ((inputLine = in.readLine()) != null) {
  62 + response.append(inputLine);
  63 + }
  64 + in.close();
  65 +
  66 + // print result
  67 + System.out.println(response.toString());
  68 +
  69 + //parse JSON response and return 'success' value
  70 + JsonReader jsonReader = Json.createReader(new StringReader(response.toString()));
  71 + JsonObject jsonObject = jsonReader.readObject();
  72 + jsonReader.close();
  73 +
  74 + return jsonObject.getBoolean("success");
  75 + } catch (Exception e) {
  76 + e.printStackTrace();
  77 + return false;
  78 + }
  79 + }
  80 +}
... ...
dspace-jspui/src/main/java/org/dspace/app/webui/servlet/FeedbackServlet.java
... ... @@ -27,6 +27,7 @@ import org.dspace.core.Email;
27 27 import org.dspace.core.I18nUtil;
28 28 import org.dspace.core.LogManager;
29 29 import org.dspace.eperson.EPerson;
  30 +import pt.uminho.sdum.utils.VerifyRecaptcha;
30 31  
31 32 /**
32 33 * Servlet for handling user feedback
... ... @@ -91,12 +92,18 @@ public class FeedbackServlet extends DSpaceServlet
91 92 // Has the user just posted their feedback?
92 93 if (request.getParameter("submit") != null)
93 94 {
  95 +
  96 + String gRecaptchaResponse = request
  97 + .getParameter("g-recaptcha-response");
  98 + boolean verify = VerifyRecaptcha.verify(gRecaptchaResponse);
  99 +
94 100 EmailValidator ev = EmailValidator.getInstance();
95 101 String feedback = request.getParameter("feedback");
96 102  
97 103 // Check all data is there
98 104 if ((formEmail == null) || formEmail.equals("")
99   - || (feedback == null) || feedback.equals("") || !ev.isValid(formEmail))
  105 + || (feedback == null) || feedback.equals("") || !ev.isValid(formEmail)
  106 + || !verify)
100 107 {
101 108 log.info(LogManager.getHeader(context, "show_feedback_form",
102 109 "problem=true"));
... ...
dspace-jspui/src/main/java/org/dspace/app/webui/servlet/RequestItemServlet.java
... ... @@ -26,6 +26,7 @@ import org.dspace.storage.bitstore.BitstreamStorageManager;
26 26 import org.dspace.storage.rdbms.DatabaseManager;
27 27 import org.dspace.storage.rdbms.TableRow;
28 28 import org.dspace.utils.DSpace;
  29 +import pt.uminho.sdum.utils.VerifyRecaptcha;
29 30  
30 31 import javax.mail.MessagingException;
31 32 import javax.servlet.ServletException;
... ... @@ -175,6 +176,10 @@ public class RequestItemServlet extends DSpaceServlet
175 176  
176 177 if (request.getParameter("submit") != null)
177 178 {
  179 + String gRecaptchaResponse = request
  180 + .getParameter("g-recaptcha-response");
  181 + boolean verify = VerifyRecaptcha.verify(gRecaptchaResponse);
  182 +
178 183 String reqname = request.getParameter("reqname");
179 184 String coment = request.getParameter("coment");
180 185 if (coment == null || coment.equals(""))
... ... @@ -183,7 +188,8 @@ public class RequestItemServlet extends DSpaceServlet
183 188  
184 189 // Check all data is there
185 190 if (requesterEmail == null || requesterEmail.equals("") ||
186   - reqname == null || reqname.equals(""))
  191 + reqname == null || reqname.equals("") ||
  192 + !verify)
187 193 {
188 194 request.setAttribute("handle",handle);
189 195 request.setAttribute("bitstream-id", bitstream_id);
... ... @@ -255,6 +261,7 @@ public class RequestItemServlet extends DSpaceServlet
255 261 ""), me);
256 262 JSPManager.showInternalError(request, response);
257 263 }
  264 +
258 265 }
259 266 else
260 267 {
... ...
dspace-jspui/src/main/resources/Messages_pt_PT.properties
... ... @@ -475,6 +475,7 @@ jsp.recent-submission.see = Ver
475 475 #Feedback
476 476 jsp.display-item.feedback = D&ecirc; a sua opini&atilde;o sobre este registo.
477 477 jsp.feedback.form.item-msg = Gostaria de deixar coment\u00e1rio sobre o registo:
  478 +jsp.feedback.form.text2 = Por favor, preencha todos os campos abaixo.
478 479  
479 480 #Statistics
480 481 jsp.collection-home.display-statistics = <span class="glyphicon glyphicon-stats"></span>
... ...
dspace-jspui/src/main/webapp/feedback/form.jsp
... ... @@ -17,33 +17,31 @@
17 17  
18 18 <%@ page contentType="text/html;charset=UTF-8" %>
19 19 <%@ page import="org.apache.commons.lang.StringEscapeUtils" %>
  20 +<%@ page import="org.dspace.core.ConfigurationManager" %>
20 21 <%@ taglib uri="http://java.sun.com/jsp/jstl/fmt" prefix="fmt" %>
21 22 <%@ taglib uri="http://www.dspace.org/dspace-tags.tld" prefix="dspace" %>
  23 +<script src='https://www.google.com/recaptcha/api.js'></script>
22 24  
23 25 <%
24   - boolean problem = (request.getParameter("feedback.problem") != null);
  26 + boolean problem = (request.getAttribute("feedback.problem") != null);
25 27 String email = request.getParameter("email");
26 28  
27   - if (email == null || email.equals(""))
28   - {
  29 + if (email == null || email.equals("")) {
29 30 email = (String) request.getAttribute("authenticated.email");
30 31 }
31 32  
32   - if (email == null)
33   - {
  33 + if (email == null) {
34 34 email = "";
35 35 }
36 36  
37 37 String feedback = request.getParameter("feedback");
38   - if (feedback == null)
39   - {
  38 + if (feedback == null) {
40 39 feedback = "";
41 40 }
42 41  
43 42 String fromPage = request.getParameter("fromPage");
44   - if (fromPage == null)
45   - {
46   - fromPage = "";
  43 + if (fromPage == null) {
  44 + fromPage = "";
47 45 }
48 46 %>
49 47  
... ... @@ -55,29 +53,46 @@
55 53 DSpace system. Your comments are appreciated!</p> --%>
56 54 <p><fmt:message key="jsp.feedback.form.text1"/></p>
57 55  
58   -<%
59   - if (problem)
60   - {
61   -%>
62   - <%-- <p><strong>Please fill out all of the information below.</strong></p> --%>
63   - <p><strong><fmt:message key="jsp.feedback.form.text2"/></strong></p>
64   -<%
65   - }
66   -%>
  56 + <%
  57 + if (problem) {
  58 + %>
  59 + <%-- <p><strong>Please fill out all of the information below.</strong></p> --%>
  60 + <div class="alert alert-warning"><p><strong><fmt:message key="jsp.feedback.form.text2"/></strong></p></div>
  61 + <%
  62 + }
  63 + %>
67 64 <form action="<%= request.getContextPath() %>/feedback" method="post">
68 65 <center>
69 66 <table>
70 67 <tr>
71   - <td class="submitFormLabel"><label for="temail"><fmt:message key="jsp.feedback.form.email"/></label></td>
72   - <td><input type="text" name="email" id="temail" size="50" value="<%=StringEscapeUtils.escapeHtml(email)%>" /></td>
  68 + <td class="submitFormLabel"><label for="temail"><fmt:message key="jsp.feedback.form.email"/></label>
  69 + </td>
  70 + <td><input type="text" name="email" id="temail" size="50"
  71 + value="<%=StringEscapeUtils.escapeHtml(email)%>"/></td>
73 72 </tr>
74 73 <tr>
75   - <td class="submitFormLabel"><label for="tfeedback"><fmt:message key="jsp.feedback.form.comment"/></label></td>
76   - <td><textarea name="feedback" id="tfeedback" rows="6" cols="50"><%=StringEscapeUtils.escapeHtml(feedback)%></textarea></td>
  74 + <td class="submitFormLabel"><label for="tfeedback"><fmt:message
  75 + key="jsp.feedback.form.comment"/></label></td>
  76 + <td><textarea name="feedback" id="tfeedback" rows="6"
  77 + cols="50"><%=StringEscapeUtils.escapeHtml(feedback)%></textarea></td>
77 78 </tr>
  79 +
  80 + <%
  81 + String key = ConfigurationManager.getProperty("rcaap.google.recaptcha.sitekey");
  82 + if (key != null && !key.equals("")) {
  83 + %>
  84 + <tr>
  85 + <td>
  86 + <div align="center" class="g-recaptcha" data-sitekey="<%=key%>"></div>
  87 + </td>
  88 + </tr>
  89 + <%
  90 + }
  91 + %>
  92 +
78 93 <tr>
79 94 <td colspan="2" align="center">
80   - <input type="submit" name="submit" value="<fmt:message key="jsp.feedback.form.send"/>" />
  95 + <input type="submit" name="submit" value="<fmt:message key="jsp.feedback.form.send"/>"/>
81 96 </td>
82 97 </tr>
83 98 </table>
... ...
dspace-jspui/src/main/webapp/requestItem/request-form.jsp
... ... @@ -22,7 +22,9 @@
22 22 <%@ taglib uri="http://java.sun.com/jsp/jstl/fmt" prefix="fmt" %>
23 23  
24 24 <%@ page import="org.dspace.app.webui.servlet.RequestItemServlet"%>
  25 +<%@ page import="org.dspace.core.ConfigurationManager"%>
25 26 <%@ page import="javax.servlet.jsp.jstl.fmt.LocaleSupport" %>
  27 +<script src='https://www.google.com/recaptcha/api.js'></script>
26 28  
27 29 <%
28 30 request.setCharacterEncoding("UTF-8");
... ... @@ -104,6 +106,16 @@
104 106 <input type="hidden" name="handle" value='<%= handle %>' />
105 107 <input type="hidden" name="bitstream-id" value='<%= bitstream_id %>' />
106 108 <input type="hidden" name="step" value="<%=RequestItemServlet.ENTER_FORM_PAGE %>" />
  109 + <%
  110 + String key = ConfigurationManager.getProperty("rcaap.google.recaptcha.sitekey");
  111 + if (key != null && !key.equals(""))
  112 + {
  113 + %>
  114 +
  115 + <div align="right" class="g-recaptcha" data-sitekey="<%=key%>"></div>
  116 + <%
  117 + }
  118 + %>
107 119 <div class="btn btn-group col-md-4 pull-right row">
108 120 <a class="btn btn-default col-md-6" href="<%=request.getContextPath()%>/handle/<%=handle %>"><fmt:message key="jsp.request.item.request-form.cancel" /></a>
109 121 <button type="submit" name="submit" class="btn btn-primary col-md-6" value="true"><fmt:message key="jsp.request.item.request-form.go"/></button>
... ...
dspace/config/dspace.cfg
... ... @@ -2289,3 +2289,7 @@ sharing.degois.class = pt.keep.dspace.sharing.app.DegoisSharing
2289 2289  
2290 2290 ############## RENATES URI
2291 2291 renatesURI = http://renates.dgeec.mec.pt/ws/renatesws.asmx/Tese
  2292 +
  2293 +##############Google Recaptcha
  2294 +rcaap.google.recaptcha.secret =
  2295 +rcaap.google.recaptcha.sitekey =
... ...