Add platform tag to invalid HCaptcha reason metric

2026-04-20 04:28:02 +01:00 · 2024-09-04 15:17:50 -07:00
parent 11601fd091
commit d6acfa56c2
11 changed files with 49 additions and 36 deletions
--- a/service/src/main/java/org/whispersystems/textsecuregcm/captcha/CaptchaChecker.java
+++ b/service/src/main/java/org/whispersystems/textsecuregcm/captcha/CaptchaChecker.java
@@ -50,6 +50,7 @@ public class CaptchaChecker {
   * @param input          expected to contain a prefix indicating the captcha scheme, sitekey, token, and action. The
   *                       expected format is {@code version-prefix.sitekey.action.token}
   * @param ip             IP of the solver
+   * @param userAgent      User-Agent of the solver
   * @return An {@link AssessmentResult} indicating whether the solution should be accepted, and a score that can be
   * used for metrics
   * @throws IOException         if there is an error validating the captcha with the underlying service
@@ -58,7 +59,8 @@ public class CaptchaChecker {
  public AssessmentResult verify(
      final Action expectedAction,
      final String input,
-      final String ip) throws IOException {
+      final String ip,
+      final String userAgent) throws IOException {
    final String[] parts = input.split("\\" + SEPARATOR, 4);

    // we allow missing actions, if we're missing 1 part, assume it's the action
@@ -102,7 +104,7 @@ public class CaptchaChecker {
      throw new BadRequestException("invalid captcha site-key");
    }

-    final AssessmentResult result = client.verify(siteKey, parsedAction, token, ip);
+    final AssessmentResult result = client.verify(siteKey, parsedAction, token, ip, userAgent);
    Metrics.counter(ASSESSMENTS_COUNTER_NAME,
            "action", action,
            "score", result.getScoreString(),
--- a/service/src/main/java/org/whispersystems/textsecuregcm/captcha/CaptchaClient.java
+++ b/service/src/main/java/org/whispersystems/textsecuregcm/captcha/CaptchaClient.java
@@ -26,10 +26,11 @@ public interface CaptchaClient {
  /**
   * Verify a provided captcha solution
   *
-   * @param siteKey identifying string for the captcha service
-   * @param action  an action indicating the purpose of the captcha
-   * @param token   the captcha solution that will be verified
-   * @param ip      the ip of the captcha solver
+   * @param siteKey   identifying string for the captcha service
+   * @param action    an action indicating the purpose of the captcha
+   * @param token     the captcha solution that will be verified
+   * @param ip        the ip of the captcha solver
+   * @param userAgent the User-Agent string of the captcha solver
   * @return An {@link AssessmentResult} indicating whether the solution should be accepted
   * @throws IOException if the underlying captcha provider returns an error
   */
@@ -37,5 +38,6 @@ public interface CaptchaClient {
      final String siteKey,
      final Action action,
      final String token,
-      final String ip) throws IOException;
+      final String ip,
+      final String userAgent) throws IOException;
 }
--- a/service/src/main/java/org/whispersystems/textsecuregcm/captcha/HCaptchaClient.java
+++ b/service/src/main/java/org/whispersystems/textsecuregcm/captcha/HCaptchaClient.java
@@ -27,6 +27,8 @@ import java.util.concurrent.ExecutorService;
 import java.util.concurrent.Executors;
 import java.util.concurrent.ScheduledExecutorService;
 import javax.ws.rs.core.Response;
+import io.micrometer.core.instrument.Tag;
+import io.micrometer.core.instrument.Tags;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
 import org.whispersystems.textsecuregcm.configuration.CircuitBreakerConfiguration;
@@ -34,6 +36,7 @@ import org.whispersystems.textsecuregcm.configuration.RetryConfiguration;
 import org.whispersystems.textsecuregcm.configuration.dynamic.DynamicCaptchaConfiguration;
 import org.whispersystems.textsecuregcm.configuration.dynamic.DynamicConfiguration;
 import org.whispersystems.textsecuregcm.http.FaultTolerantHttpClient;
+import org.whispersystems.textsecuregcm.metrics.UserAgentTagUtil;
 import org.whispersystems.textsecuregcm.storage.DynamicConfigurationManager;
 import org.whispersystems.textsecuregcm.util.ExceptionUtils;
 import org.whispersystems.textsecuregcm.util.SystemMapper;
@@ -100,7 +103,8 @@ public class HCaptchaClient implements CaptchaClient {
      final String siteKey,
      final Action action,
      final String token,
-      final String ip)
+      final String ip,
+      final String userAgent)
      throws IOException {

    final DynamicCaptchaConfiguration config = dynamicConfigurationManager.getConfiguration().getCaptchaConfiguration();
@@ -134,9 +138,11 @@ public class HCaptchaClient implements CaptchaClient {

    if (!hCaptchaResponse.success) {
      for (String errorCode : hCaptchaResponse.errorCodes) {
-        Metrics.counter(INVALID_REASON_COUNTER_NAME,
-            "action", action.getActionName(),
-            "reason", errorCode).increment();
+        Metrics.counter(INVALID_REASON_COUNTER_NAME, Tags.of(
+            Tag.of("action", action.getActionName()),
+            Tag.of("reason", errorCode),
+            UserAgentTagUtil.getPlatformTag(userAgent)
+        )).increment();
      }
      return AssessmentResult.invalid();
    }
--- a/service/src/main/java/org/whispersystems/textsecuregcm/captcha/RegistrationCaptchaManager.java
+++ b/service/src/main/java/org/whispersystems/textsecuregcm/captcha/RegistrationCaptchaManager.java
@@ -17,10 +17,10 @@ public class RegistrationCaptchaManager {
  }

  @SuppressWarnings("OptionalUsedAsFieldOrParameterType")
-  public Optional<AssessmentResult> assessCaptcha(final Optional<String> captcha, final String sourceHost)
+  public Optional<AssessmentResult> assessCaptcha(final Optional<String> captcha, final String sourceHost, final String userAgent)
      throws IOException {
    return captcha.isPresent()
-        ? Optional.of(captchaChecker.verify(Action.REGISTRATION, captcha.get(), sourceHost))
+        ? Optional.of(captchaChecker.verify(Action.REGISTRATION, captcha.get(), sourceHost, userAgent))
        : Optional.empty();
  }
 }
--- a/service/src/main/java/org/whispersystems/textsecuregcm/controllers/VerificationController.java
+++ b/service/src/main/java/org/whispersystems/textsecuregcm/controllers/VerificationController.java
@@ -386,7 +386,7 @@ public class VerificationController {
    try {

      assessmentResult = registrationCaptchaManager.assessCaptcha(
-              Optional.of(updateVerificationSessionRequest.captcha()), sourceHost)
+              Optional.of(updateVerificationSessionRequest.captcha()), sourceHost, userAgent)
          .orElseThrow(() -> new ServerErrorException(Response.Status.INTERNAL_SERVER_ERROR));

      Metrics.counter(CAPTCHA_ATTEMPT_COUNTER_NAME, Tags.of(
--- a/service/src/main/java/org/whispersystems/textsecuregcm/limits/RateLimitChallengeManager.java
+++ b/service/src/main/java/org/whispersystems/textsecuregcm/limits/RateLimitChallengeManager.java
@@ -67,7 +67,7 @@ public class RateLimitChallengeManager {

    rateLimiters.getCaptchaChallengeAttemptLimiter().validate(account.getUuid());

-    final boolean challengeSuccess = captchaChecker.verify(Action.CHALLENGE, captcha, mostRecentProxyIp).isValid(scoreThreshold);
+    final boolean challengeSuccess = captchaChecker.verify(Action.CHALLENGE, captcha, mostRecentProxyIp, userAgent).isValid(scoreThreshold);

    final Tags tags = Tags.of(
        Tag.of(SOURCE_COUNTRY_TAG_NAME, Util.getCountryCode(account.getNumber())),