in src/createAssessment.ts [127:217]
export async function createPartialEventWithSiteInfo(context: RecaptchaContext, req: EdgeRequest): Promise<Event> {
const event: Event = {};
const actionToken = req.getHeader("X-Recaptcha-Token");
if (context.config.actionSiteKey && actionToken) {
// WAF action token in the header.
event.token = actionToken;
event.siteKey = context.config.actionSiteKey;
event.wafTokenAssessment = true;
context.debug_trace.site_key_used = "action";
context.log("debug", "siteKind: action");
return event;
}
const cookieMap = new Map<string, string>();
let challengeToken: string | undefined;
let sessionToken: string | undefined;
for (const cookie of req.getHeader("cookie")?.split(";") ?? []) {
const delim = cookie.indexOf("=");
const key = cookie.substring(0, delim);
const value = cookie.substring(delim + 1);
cookieMap.set(key.trim(), value.trim());
// Non-strict cookie parsing will match any 'recaptcha-*-t' token.
// This is useful for using an existing key in a different WAF than registered
// specifically for testing.
if (!context.config.strict_cookie) {
if (picomatch.isMatch(key.trim(), "recaptcha-*-t")) {
sessionToken = value.trim();
} else if (picomatch.isMatch(key.trim(), "recaptcha-*-e")) {
challengeToken = value.trim();
}
}
}
if (!challengeToken) {
challengeToken = cookieMap.get(context.challengePageCookie);
}
if (!sessionToken) {
sessionToken = cookieMap.get(context.sessionPageCookie);
}
if (context.config.debug) {
// eslint-disable-next-line @typescript-eslint/no-unused-vars
for (const [key, value] of cookieMap.entries()) {
if (key.startsWith("recaptcha") && key !== context.challengePageCookie && key !== context.sessionPageCookie) {
context.log(
"info",
"An unused reCAPTCHA cookie in the request matches a different environment: " +
key +
". This may signify a misconfiguration.",
);
}
}
}
if (context.config.enterpriseSiteKey && req.method === "POST") {
const recaptchaToken = await getTokenFromBody(context, req);
if (recaptchaToken) {
event.token = recaptchaToken;
event.siteKey = context.config.enterpriseSiteKey;
event.wafTokenAssessment = false;
context.debug_trace.site_key_used = "enterprise";
context.log("debug", "siteKind: action-regular");
} else {
// TODO: Handle the case where the token is not found or malformed.
context.log("error", "g-recaptcha-response not found in the request body.");
}
} else if (context.config.challengePageSiteKey && challengeToken) {
event.token = challengeToken;
event.siteKey = context.config.challengePageSiteKey;
event.wafTokenAssessment = true;
context.debug_trace.site_key_used = "challenge";
context.log("debug", "siteKind: challenge");
} else if (context.config.sessionSiteKey && sessionToken) {
event.token = sessionToken;
event.siteKey = context.config.sessionSiteKey;
event.wafTokenAssessment = true;
context.debug_trace.site_key_used = "session";
context.log("debug", "siteKind: session");
} else if (context.config.expressSiteKey) {
event.siteKey = context.config.expressSiteKey;
event.express = true;
context.debug_trace.site_key_used = "express";
context.log("debug", "siteKind: express");
} else {
context.debug_trace.site_key_used = "none";
throw new error.RecaptchaError(
"No site key was found matching the incoming request token, and express is not enabled.",
action.createAllowAction(),
);
}
return event;
}