Add platform tag to invalid HCaptcha reason metric

2026-04-21 02:28:06 +01:00 · 2024-09-04 15:17:50 -07:00
parent 11601fd091
commit d6acfa56c2
11 changed files with 49 additions and 36 deletions
--- a/service/src/test/java/org/whispersystems/textsecuregcm/captcha/CaptchaCheckerTest.java
+++ b/service/src/test/java/org/whispersystems/textsecuregcm/captcha/CaptchaCheckerTest.java
@@ -34,6 +34,7 @@ public class CaptchaCheckerTest {
  private static final String PREFIX = "prefix";
  private static final String PREFIX_A = "prefix-a";
  private static final String PREFIX_B = "prefix-b";
+  private static final String USER_AGENT = "user-agent";

  static Stream<Arguments> parseInputToken() {
    return Stream.of(
@@ -65,7 +66,7 @@ public class CaptchaCheckerTest {
    when(captchaClient.scheme()).thenReturn(prefix);
    when(captchaClient.validSiteKeys(eq(Action.CHALLENGE))).thenReturn(Collections.singleton(CHALLENGE_SITE_KEY));
    when(captchaClient.validSiteKeys(eq(Action.REGISTRATION))).thenReturn(Collections.singleton(REG_SITE_KEY));
-    when(captchaClient.verify(any(), any(), any(), any())).thenReturn(AssessmentResult.invalid());
+    when(captchaClient.verify(any(), any(), any(), any(), any())).thenReturn(AssessmentResult.invalid());
    return captchaClient;
  }

@@ -78,8 +79,8 @@ public class CaptchaCheckerTest {
      final String siteKey,
      final Action expectedAction) throws IOException {
    final CaptchaClient captchaClient = mockClient(PREFIX);
-    new CaptchaChecker(null, List.of(captchaClient)).verify(expectedAction, input, null);
-    verify(captchaClient, times(1)).verify(eq(siteKey), eq(expectedAction), eq(expectedToken), any());
+    new CaptchaChecker(null, List.of(captchaClient)).verify(expectedAction, input, null, USER_AGENT);
+    verify(captchaClient, times(1)).verify(eq(siteKey), eq(expectedAction), eq(expectedToken), any(), eq(USER_AGENT));
  }

  @ParameterizedTest
@@ -106,11 +107,11 @@ public class CaptchaCheckerTest {
    final CaptchaClient a = mockClient(PREFIX_A);
    final CaptchaClient b = mockClient(PREFIX_B);

-    new CaptchaChecker(null, List.of(a, b)).verify(Action.CHALLENGE, ainput, null);
-    verify(a, times(1)).verify(any(), any(), any(), any());
+    new CaptchaChecker(null, List.of(a, b)).verify(Action.CHALLENGE, ainput, null, USER_AGENT);
+    verify(a, times(1)).verify(any(), any(), any(), any(), any());

-    new CaptchaChecker(null, List.of(a, b)).verify(Action.CHALLENGE, binput, null);
-    verify(b, times(1)).verify(any(), any(), any(), any());
+    new CaptchaChecker(null, List.of(a, b)).verify(Action.CHALLENGE, binput, null, USER_AGENT);
+    verify(b, times(1)).verify(any(), any(), any(), any(), any());
  }

  static Stream<Arguments> badArgs() {
@@ -131,7 +132,7 @@ public class CaptchaCheckerTest {
  public void badArgs(final String input) throws IOException {
    final CaptchaClient cc = mockClient(PREFIX);
    assertThrows(BadRequestException.class,
-        () -> new CaptchaChecker(null, List.of(cc)).verify(Action.CHALLENGE, input, null));
+        () -> new CaptchaChecker(null, List.of(cc)).verify(Action.CHALLENGE, input, null, USER_AGENT));

  }

@@ -141,8 +142,8 @@ public class CaptchaCheckerTest {
    final ShortCodeExpander retriever = mock(ShortCodeExpander.class);
    when(retriever.retrieve("abc")).thenReturn(Optional.of(TOKEN));
    final String input = String.join(SEPARATOR, PREFIX + "-short", REG_SITE_KEY, "registration", "abc");
-    new CaptchaChecker(retriever, List.of(captchaClient)).verify(Action.REGISTRATION, input, null);
-    verify(captchaClient, times(1)).verify(eq(REG_SITE_KEY), eq(Action.REGISTRATION), eq(TOKEN), any());
+    new CaptchaChecker(retriever, List.of(captchaClient)).verify(Action.REGISTRATION, input, null, USER_AGENT);
+    verify(captchaClient, times(1)).verify(eq(REG_SITE_KEY), eq(Action.REGISTRATION), eq(TOKEN), any(), any());

  }
 }
--- a/service/src/test/java/org/whispersystems/textsecuregcm/captcha/HCaptchaClientTest.java
+++ b/service/src/test/java/org/whispersystems/textsecuregcm/captcha/HCaptchaClientTest.java
@@ -30,6 +30,7 @@ public class HCaptchaClientTest {

  private static final String SITE_KEY = "site-key";
  private static final String TOKEN = "token";
+  private static final String USER_AGENT = "user-agent";


  static Stream<Arguments> captchaProcessed() {
@@ -56,7 +57,7 @@ public class HCaptchaClientTest {
        success, 1 - score)); // hCaptcha scores are inverted compared to recaptcha scores. (low score is good)

    final AssessmentResult result = new HCaptchaClient("fake", client, mockConfig(true, 0.5))
-        .verify(SITE_KEY, Action.CHALLENGE, TOKEN, null);
+        .verify(SITE_KEY, Action.CHALLENGE, TOKEN, null, USER_AGENT);
    if (!success) {
      assertThat(result).isEqualTo(AssessmentResult.invalid());
    } else {
@@ -68,7 +69,7 @@ public class HCaptchaClientTest {
  public void errorResponse() throws IOException, InterruptedException {
    final FaultTolerantHttpClient httpClient = mockResponder(503, "");
    final HCaptchaClient client = new HCaptchaClient("fake", httpClient, mockConfig(true, 0.5));
-    assertThrows(IOException.class, () -> client.verify(SITE_KEY, Action.CHALLENGE, TOKEN, null));
+    assertThrows(IOException.class, () -> client.verify(SITE_KEY, Action.CHALLENGE, TOKEN, null, USER_AGENT));
  }

  @Test
@@ -77,7 +78,7 @@ public class HCaptchaClientTest {
        {"success" : true, "score": 1.1}
        """);
    final HCaptchaClient client = new HCaptchaClient("fake", httpClient, mockConfig(true, 0.5));
-    assertThat(client.verify(SITE_KEY, Action.CHALLENGE, TOKEN, null)).isEqualTo(AssessmentResult.invalid());
+    assertThat(client.verify(SITE_KEY, Action.CHALLENGE, TOKEN, null, USER_AGENT)).isEqualTo(AssessmentResult.invalid());
  }

  @Test
@@ -86,7 +87,7 @@ public class HCaptchaClientTest {
        {"success" : true,
        """);
    final HCaptchaClient client = new HCaptchaClient("fake", httpClient, mockConfig(true, 0.5));
-    assertThrows(IOException.class, () -> client.verify(SITE_KEY, Action.CHALLENGE, TOKEN, null));
+    assertThrows(IOException.class, () -> client.verify(SITE_KEY, Action.CHALLENGE, TOKEN, null, USER_AGENT));
  }

  @Test
--- a/service/src/test/java/org/whispersystems/textsecuregcm/configuration/StubHCaptchaClientFactory.java
+++ b/service/src/test/java/org/whispersystems/textsecuregcm/configuration/StubHCaptchaClientFactory.java
@@ -49,8 +49,9 @@ public class StubHCaptchaClientFactory implements HCaptchaClientFactory {
    }

    @Override
-    public AssessmentResult verify(final String siteKey, final Action action, final String token, final String ip)
-        throws IOException {
+    public AssessmentResult verify(final String siteKey, final Action action, final String token, final String ip,
+        final String userAgent)
+    throws IOException {
      return AssessmentResult.alwaysValid();
    }
  }
--- a/service/src/test/java/org/whispersystems/textsecuregcm/controllers/VerificationControllerTest.java
+++ b/service/src/test/java/org/whispersystems/textsecuregcm/controllers/VerificationControllerTest.java
@@ -465,7 +465,7 @@ class VerificationControllerTest {
                Collections.emptyList(), null, null, false, clock.millis(), clock.millis(),
                registrationServiceSession.expiration()))));

-    when(registrationCaptchaManager.assessCaptcha(any(), any()))
+    when(registrationCaptchaManager.assessCaptcha(any(), any(), any()))
        .thenReturn(Optional.of(AssessmentResult.invalid()));

    when(verificationSessionManager.update(any(), any()))
@@ -637,7 +637,7 @@ class VerificationControllerTest {
                Collections.emptyList(), null, null, false, clock.millis(), clock.millis(),
                registrationServiceSession.expiration()))));

-    when(registrationCaptchaManager.assessCaptcha(any(), any()))
+    when(registrationCaptchaManager.assessCaptcha(any(), any(), any()))
        .thenReturn(Optional.of(AssessmentResult.alwaysValid()));

    when(verificationSessionManager.update(any(), any()))
@@ -685,7 +685,7 @@ class VerificationControllerTest {
                Collections.emptyList(), null, null, false, clock.millis(), clock.millis(),
                registrationServiceSession.expiration()))));

-    when(registrationCaptchaManager.assessCaptcha(any(), any()))
+    when(registrationCaptchaManager.assessCaptcha(any(), any(), any()))
        .thenReturn(Optional.of(AssessmentResult.alwaysValid()));

    when(verificationSessionManager.update(any(), any()))
@@ -732,7 +732,7 @@ class VerificationControllerTest {
                Collections.emptyList(), null, null, false, clock.millis(), clock.millis(),
                registrationServiceSession.expiration()))));

-    when(registrationCaptchaManager.assessCaptcha(any(), any()))
+    when(registrationCaptchaManager.assessCaptcha(any(), any(), any()))
        .thenThrow(new IOException("expected service error"));

    when(verificationSessionManager.update(any(), any()))
--- a/service/src/test/java/org/whispersystems/textsecuregcm/limits/RateLimitChallengeManagerTest.java
+++ b/service/src/test/java/org/whispersystems/textsecuregcm/limits/RateLimitChallengeManagerTest.java
@@ -85,7 +85,7 @@ class RateLimitChallengeManagerTest {
    when(account.getNumber()).thenReturn("+18005551234");
    when(account.getUuid()).thenReturn(UUID.randomUUID());

-    when(captchaChecker.verify(eq(Action.CHALLENGE), any(), any()))
+    when(captchaChecker.verify(eq(Action.CHALLENGE), any(), any(), any()))
        .thenReturn(AssessmentResult.fromScore(actualScore, DEFAULT_SCORE_THRESHOLD));

    when(rateLimiters.getCaptchaChallengeAttemptLimiter()).thenReturn(mock(RateLimiter.class));