davidxia
diff --git a/‎recaptcha_enterprise/demosite/app/backend/create_recaptcha_assessment.py
Lines changed: 7 additions & 37 deletions b/‎recaptcha_enterprise/demosite/app/backend/create_recaptcha_assessment.py
Lines changed: 7 additions & 37 deletions
diff --git a/‎recaptcha_enterprise/demosite/app/config.ini
Lines changed: 6 additions & 0 deletions b/‎recaptcha_enterprise/demosite/app/config.ini
Lines changed: 6 additions & 0 deletions
diff --git a/‎recaptcha_enterprise/demosite/app/main.py
Lines changed: 16 additions & 1 deletion b/‎recaptcha_enterprise/demosite/app/main.py
Lines changed: 16 additions & 1 deletion
diff --git a/‎recaptcha_enterprise/demosite/app/static/scripts/component.js
Lines changed: 3 additions & 4 deletions b/‎recaptcha_enterprise/demosite/app/static/scripts/component.js
Lines changed: 3 additions & 4 deletions
diff --git a/‎recaptcha_enterprise/demosite/app/static/scripts/global.js
Lines changed: 110 additions & 33 deletions b/‎recaptcha_enterprise/demosite/app/static/scripts/global.js
Lines changed: 110 additions & 33 deletions
diff --git a/‎recaptcha_enterprise/demosite/app/static/styles/local.css
Lines changed: 0 additions & 14 deletions b/‎recaptcha_enterprise/demosite/app/static/styles/local.css
Lines changed: 0 additions & 14 deletions
diff --git a/‎recaptcha_enterprise/demosite/app/templates/comment.html
Lines changed: 6 additions & 11 deletions b/‎recaptcha_enterprise/demosite/app/templates/comment.html
Lines changed: 6 additions & 11 deletions
diff --git a/‎recaptcha_enterprise/demosite/app/templates/home.html
Lines changed: 4 additions & 9 deletions b/‎recaptcha_enterprise/demosite/app/templates/home.html
Lines changed: 4 additions & 9 deletions
@@ -12,23 +12,21 @@
 # See the License for the specific language governing permissions and
 # limitations under the License.
 
-from typing import List
-
-from flask import jsonify
 from google.cloud import recaptchaenterprise_v1
+from google.cloud.recaptchaenterprise_v1 import Assessment
 
 
 def create_assessment(
-    project_id: str, recaptcha_site_key: str, token: str, recaptcha_action: str
-) -> [float, List[str]]:
+    project_id: str, recaptcha_site_key: str, token: str
+) -> Assessment:
     """Create an assessment to analyze the risk of a UI action.
     Args:
-        project_id: GCloud Project ID
+        project_id: Google Cloud Project ID
         recaptcha_site_key: Site key obtained by registering a domain/app to use recaptcha services.
         token: The token obtained from the client on passing the recaptchaSiteKey.
-        recaptcha_action: Action name corresponding to the token.
+    Returns: Assessment response.
     """
-    sample_threshold_score = 0.50
+
     # <!-- ATTENTION: reCAPTCHA Example (Server Part 2/2) Starts -->
     client = recaptchaenterprise_v1.RecaptchaEnterpriseServiceClient()
 
@@ -48,34 +46,6 @@ def create_assessment(
     request.parent = project_name
 
     response = client.create_assessment(request)
-
-    # Check if the token is valid.
-    if not response.token_properties.valid:
-        raise ValueError(
-            f"The Create Assessment call failed because the token was invalid for the following reasons: "
-            f"{response.token_properties.invalid_reason}"
-        )
-
-    # Check if the expected action was executed.
-    if response.token_properties.action != recaptcha_action:
-        raise ValueError(
-            "The action attribute in your reCAPTCHA tag does not match the action you are expecting to score. "
-            "Please check your action attribute !"
-        )
     # <!-- ATTENTION: reCAPTCHA Example (Server Part 2/2) Ends -->
 
-    # Return the risk score.
-    verdict = (
-        "Bad"
-        if response.risk_analysis.score < sample_threshold_score
-        else "Not Bad"
-    )
-    return jsonify(
-        {
-            "data": {
-                "score": "{:.1f}".format(response.risk_analysis.score),
-                "verdict": verdict,
-            },
-            "success": "true",
-        }
-    )
+    return response
@@ -0,0 +1,6 @@
+[recaptcha_actions]
+home = "home"
+login = "log_in"
+signup = "sign_up"
+store = "check_out"
+comment = "send_comment"
@@ -18,14 +18,29 @@
 
 app = Flask(__name__)
 
+# Template URL rules.
 app.add_url_rule(rule="/", methods=["GET"], view_func=urls.home)
 app.add_url_rule(rule="/store", methods=["GET"], view_func=urls.store)
 app.add_url_rule(rule="/login", methods=["GET"], view_func=urls.login)
 app.add_url_rule(rule="/comment", methods=["GET"], view_func=urls.comment)
 app.add_url_rule(rule="/signup", methods=["GET"], view_func=urls.signup)
 app.add_url_rule(rule="/game", methods=["GET"], view_func=urls.game)
+
+# Submit action URL rules.
+app.add_url_rule(
+    rule="/on_homepage_load", methods=["POST"], view_func=urls.on_homepage_load
+)
+app.add_url_rule(
+    rule="/on_login", methods=["POST"], view_func=urls.on_login
+)
+app.add_url_rule(
+    rule="/on_signup", methods=["POST"], view_func=urls.on_signup
+)
+app.add_url_rule(
+    rule="/on_store_checkout", methods=["POST"], view_func=urls.on_store_checkout
+)
 app.add_url_rule(
-    rule="/create_assessment", methods=["POST"], view_func=urls.create_assessment
+    rule="/on_comment_submit", methods=["POST"], view_func=urls.on_comment_submit
 )
 
 if __name__ == "__main__":
 
@@ -12,7 +12,6 @@
 // See the License for the specific language governing permissions and
 // limitations under the License.
 
-// TODO: productionize dependencies; network cascade is too slow
 import {
   LitElement,
   css,
@@ -29,7 +28,7 @@ import "https://unpkg.com/@material/mwc-icon@0.27.0/mwc-icon.js?module";
 
 const STEPS = ["home", "signup", "login", "store", "comment", "game"];
 
-const ACTIONS = {
+export const RECAPTCHA_ACTIONS = {
   comment: "send_comment",
   home: "home",
   login: "log_in",
@@ -1407,7 +1406,7 @@ class RecaptchaDemo extends LitElement {
     return `
     {
       "event": {
-        "expectedAction": "${ACTIONS[this.step]}",
+        "expectedAction": "${RECAPTCHA_ACTIONS[this.step]}",
         ...
       },
       ...
@@ -1416,7 +1415,7 @@ class RecaptchaDemo extends LitElement {
         "score": "${this.score || "?.?"}"
       },
       "tokenProperties": {
-        "action": "${ACTIONS[this.step]}",
+        "action": "${RECAPTCHA_ACTIONS[this.step]}",
         ...
         "valid": true
       },
 
@@ -12,47 +12,126 @@
 // See the License for the specific language governing permissions and
 // limitations under the License.
 
-// ATTENTION: reCAPTCHA Example (Part 3) Starts
-// SEE: https://cloud.google.com/recaptcha-enterprise/docs/create-assessment
-// SEE: If using a library or famework, can use event handlers its usual way
+const SUBMIT_URLS = {
+  comment: "on_comment_submit",
+  home: "on_homepage_load",
+  login: "on_login",
+  signup: "on_signup",
+  store: "on_store_checkout",
+  game: undefined,
+};
 
-function createAssessment({ action, token }) {
-  // SEE: Code for fetching the assessment from backend goes here
-  // SEE: Refer to demo app backend code for more information
-  // SEE: If using a library or framework, can fetch its usual way
-  return fetchDemoAssessment({ action, token });
+async function homepage({token}) {
+  const json_body = JSON.stringify({
+    recaptcha_cred: {
+      token: token,
+    },
+  });
+  // Fetch the demo assessment from backend.
+  const score = await fetchDemoAssessment({
+    url: SUBMIT_URLS.home,
+    json_body: json_body,
+  });
+  useAssessment(score);
 }
 
-function useAssessment(score) {
-  // SEE: Code for handling the assessment goes here
-  showAssessmentInDemo(score);
+async function signup({token}) {
+  // Do not pass plain text credentials. Always encrypt and follow security standards.
+  // Obtain the values from your form data.
+  const json_body = JSON.stringify({
+    recaptcha_cred: {
+      token: token,
+      username: "",
+      password: "",
+    },
+  });
+  // Fetch the demo assessment from backend.
+  const score = await fetchDemoAssessment({
+    url: SUBMIT_URLS.signup,
+    json_body: json_body,
+  });
+  useAssessment(score);
+}
+
+async function login({token}) {
+  // Do not pass plain text credentials. Always encrypt and follow security standards.
+  // Obtain the values from your form data.
+  const json_body = JSON.stringify({
+    recaptcha_cred: {
+      token: token,
+      username: "",
+      password: "",
+    },
+  });
+  // Fetch the demo assessment from backend.
+  const score = await fetchDemoAssessment({
+    url: SUBMIT_URLS.login,
+    json_body: json_body,
+  });
+  useAssessment(score);
 }
 
-// ATTENTION: reCAPTCHA Example (Part 3) Ends
+async function store({token}) {
+  // Do not pass plain text credentials. Always encrypt and follow security standards.
+  // Obtain the values from your form data.
+  const json_body = JSON.stringify({
+    recaptcha_cred: {
+      token: token,
+      items: {}.toString(),
+    },
+  });
+  // Fetch the demo assessment from backend.
+  const score = await fetchDemoAssessment({
+    url: SUBMIT_URLS.store,
+    json_body: json_body,
+  });
+  useAssessment(score);
+}
 
-function fetchDemoAssessment({ action, token }) {
-  const body = JSON.stringify({
+async function comment({token}) {
+  // Do not pass plain text credentials. Always encrypt and follow security standards.
+  // Obtain the values from your form data.
+  const json_body = JSON.stringify({
     recaptcha_cred: {
-      action,
-      token,
+      token: token,
+      comment: "",
     },
   });
-  return fetch("/create_assessment", {
-    body,
+  // Fetch the demo assessment from backend.
+  const score = await fetchDemoAssessment({
+    url: SUBMIT_URLS.comment,
+    json_body: json_body,
+  });
+  useAssessment(score);
+}
+
+function fetchDemoAssessment({ url, json_body}) {
+  // Code for fetching the assessment from backend goes here.
+  // Refer to demo app backend code for more information.
+  // See if using a library or framework, can use event handlers its usual way.
+  // See: https://cloud.google.com/recaptcha-enterprise/docs/create-assessment
+  return fetch(`/${url}`, {
+    body: json_body,
     method: "POST",
+    headers: new Headers({'content-type': 'application/json'}),
   })
-    .then((response) => {
-      const { ok, body: { data = {} } = {} } = response;
-      if (ok) {
-        return response.json();
-      }
-    })
-    .then((data) => {
-      return data;
-    })
-    .catch((error) => {
-      throw new Error(error);
-    });
+      .then((response) => {
+        const { ok, body: { data = {} } = {} } = response;
+        if (ok) {
+          return response.json();
+        }
+      })
+      .then((data) => {
+        return data;
+      })
+      .catch((error) => {
+        throw new Error(error);
+      });
+}
+
+function useAssessment(score) {
+  // Code for handling the assessment goes here.
+  showAssessmentInDemo(score);
 }
 
 function showAssessmentInDemo(score) {
@@ -61,6 +140,4 @@ function showAssessmentInDemo(score) {
     demoElement.setAttribute("score", score?.data?.score);
     demoElement.setAttribute("verdict", score?.data?.verdict);
   }
-}
-
-// TODO: possible global getToken with ready/execute
+}
@@ -58,8 +58,8 @@
     <link href="../static/styles/global.css" rel="stylesheet" />
     <script type="module" src="../static/scripts/component.js"></script>
     <script type="text/javascript" src="../static/scripts/global.js"></script>
-    <!-- ATTENTION: reCAPTCHA Example (Part 1) Starts -->
-    <!-- SEE: https://cloud.google.com/recaptcha-enterprise/docs/instrument-web-pages#user-action -->
+    <!-- ATTENTION: reCAPTCHA Example (Client Part 1/2) Starts -->
+    <!-- See: https://cloud.google.com/recaptcha-enterprise/docs/instrument-web-pages#user-action -->
     <script src="https://www.google.com/recaptcha/enterprise.js?render={{context.site_key}}"></script>
     <script type="text/javascript">
       function handleClick(event) {
@@ -71,22 +71,17 @@
               action: "send_comment",
             }
           );
-          // SEE: https://cloud.google.com/recaptcha-enterprise/docs/create-assessment
-          const score = await createAssessment({
-            action: "send_comment",
-            token,
-          });
-          useAssessment(score);
+          await comment({token});
         });
       }
     </script>
-    <!-- ATTENTION: reCAPTCHA Example (Part 1) Ends -->
+    <!-- ATTENTION: reCAPTCHA Example (Client Part 1/2) Ends -->
   </head>
   <body>
     <recaptcha-demo step="comment">
-      <!-- ATTENTION: reCAPTCHA Example (Part 2) Starts -->
+      <!-- ATTENTION: reCAPTCHA Example (Client Part 2/2) Starts -->
       <button onclick="handleClick(event)">Send comment</button>
-      <!-- ATTENTION: reCAPTCHA Example (Part 2) Ends -->
+      <!-- ATTENTION: reCAPTCHA Example (Client Part 2/2) Ends -->
     </recaptcha-demo>
   </body>
 </html>
@@ -58,8 +58,8 @@
     <link href="../static/styles/global.css" rel="stylesheet" />
     <script type="module" src="../static/scripts/component.js"></script>
     <script type="text/javascript" src="../static/scripts/global.js"></script>
-    <!-- ATTENTION: reCAPTCHA Example (Part 1) Starts -->
-    <!-- SEE: https://cloud.google.com/recaptcha-enterprise/docs/instrument-web-pages#page-load -->
+    <!-- ATTENTION: reCAPTCHA Example (Client Part 1/1) Starts -->
+    <!-- See: https://cloud.google.com/recaptcha-enterprise/docs/instrument-web-pages#page-load -->
     <script src="https://www.google.com/recaptcha/enterprise.js?render={{context.site_key}}"></script>
     <script type="text/javascript">
       grecaptcha.enterprise.ready(async () => {
@@ -69,15 +69,10 @@
             action: "home",
           }
         );
-        // SEE: https://cloud.google.com/recaptcha-enterprise/docs/create-assessment
-        const score = await createAssessment({
-          action: "home",
-          token,
-        });
-        useAssessment(score);
+        await homepage({token});
       });
     </script>
-    <!-- ATTENTION: reCAPTCHA Example (Part 1) Ends -->
+    <!-- ATTENTION: reCAPTCHA Example (Client Part 1/1) Ends -->
   </head>
   <body>
     <recaptcha-demo step="home"></recaptcha-demo>