add main project files

internal/api/server.go

@@ -0,0 +1,177 @@
+package api
+
+import (
+	"context"
+	"encoding/base64"
+	"encoding/json"
+	"fmt"
+	"net/http"
+	"time"
+
+	"forge.cadoles.com/cadoles/altcha-server/internal/client"
+	"forge.cadoles.com/cadoles/altcha-server/internal/config"
+	"github.com/go-chi/chi/v5"
+	"github.com/go-chi/chi/v5/middleware"
+	"github.com/go-chi/render"
+	"gitlab.com/wpetit/goweb/logger"
+)
+
+type Server struct {
+	port	string
+	client	client.Client
+}
+
+func (s *Server) Run(ctx context.Context) {
+	r := chi.NewRouter()
+
+	r.Use(middleware.Logger)
+	r.Use(middleware.Recoverer)
+	r.Use(corsMiddleware)
+	r.Use(render.SetContentType(render.ContentTypeJSON))
+	
+	r.Get("/", func(w http.ResponseWriter, r *http.Request) {
+		w.Write([]byte("root."))
+	})
+	r.Get("/request", s.requestHandler)
+	r.Get("/verify", s.submitHandler)
+	r.Get("/verify-spam-filter", s.submitSpamFilterHandler)
+	
+	logger.Info(ctx, "altcha server listening on port "+s.port)
+	if err := http.ListenAndServe(":"+s.port, r); err != nil {
+		logger.Error(ctx, err.Error())
+	}
+}
+
+func (s *Server) requestHandler(w http.ResponseWriter, r *http.Request) {
+	challenge, err := s.client.Generate()
+
+	if err != nil {
+		http.Error(w, fmt.Sprintf("Failed to create challenge : %s", err), http.StatusInternalServerError)
+		return
+	}
+
+	writeJSON(w, challenge)
+}
+
+func (s *Server) submitHandler(w http.ResponseWriter, r *http.Request) {
+	if r.Method != http.MethodPost {
+		http.Error(w, "Method not allowed", http.StatusMethodNotAllowed)
+		return
+	}
+
+	formData := r.FormValue("altcha")
+	if formData == "" {
+		 http.Error(w, "Atlcha payload missing", http.StatusBadRequest)
+		 return
+	}
+
+	decodedPayload, err := base64.StdEncoding.DecodeString(formData)
+	if err != nil {
+		http.Error(w, "Failed to decode Altcha payload", http.StatusBadRequest)
+		return
+	}
+
+	var payload map[string]interface{}
+	if err := json.Unmarshal(decodedPayload, &payload); err != nil {
+		http.Error(w, "Failed to parse Altcha payload", http.StatusBadRequest)
+		return
+	}
+
+	verified, err := s.client.VerifySolution(payload)
+	
+	if err != nil || !verified {
+		http.Error(w, "Invalid Altcha payload", http.StatusBadRequest)
+		return
+	}
+
+	writeJSON(w, map[string]interface{}{
+		"success":	true,
+		"data":		formData,
+	})
+}
+
+func (s *Server) submitSpamFilterHandler(w http.ResponseWriter, r *http.Request) {
+	if r.Method != http.MethodPost {
+		http.Error(w, "Method not allowed", http.StatusMethodNotAllowed)
+		return
+	}
+
+	formData, err := formToMap(r)
+	if err != nil {
+		http.Error(w, "Cannot read form data", http.StatusBadRequest)
+	}
+
+	payload := r.FormValue("altcha")
+	if payload == "" {
+		http.Error(w, "Atlcha payload missing", http.StatusBadRequest)
+	}
+
+	verified, verificationData, err := s.client.VerifyServerSignature(payload)
+	if err != nil || !verified {
+		http.Error(w, "Invalid Altcha payload", http.StatusBadRequest)
+		return
+	}
+
+	if verificationData.Verified && verificationData.Expire > time.Now().Unix() {
+		if verificationData.Classification == "BAD" {
+			http.Error(w, "Classified as spam", http.StatusBadRequest)
+			return
+		}
+
+		if verificationData.FieldsHash != "" {
+			verified, err := s.client.VerifyFieldsHash(formData, verificationData.Fields, verificationData.FieldsHash)
+			if err != nil || !verified {
+				http.Error(w, "Invalid fields hash", http.StatusBadRequest)
+				return
+			}
+		}
+
+		writeJSON(w, map[string]interface{}{
+			"success":			true,
+			"data":				formData,
+			"verificationData":	verificationData,
+		})
+		return
+	}
+
+	http.Error(w, "Invalid Altcha payload", http.StatusBadRequest)
+}
+
+func corsMiddleware(next http.Handler) http.Handler {
+	return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
+		w.Header().Set("Access-Control-Allow-Origin", "*")
+		w.Header().Set("Access-Control-Allow-Methods", "GET, POST, OPTIONS")
+		w.Header().Set("Access-Control-Allow-Headers", "*")
+
+		if r.Method == http.MethodOptions {
+			w.WriteHeader(http.StatusOK)
+			return
+		}
+
+		next.ServeHTTP(w, r)
+	})
+}
+
+func writeJSON(w http.ResponseWriter, data interface{}) {
+	w.Header().Set("Content-Type", "application/json")
+	if err := json.NewEncoder(w).Encode(data); err != nil {
+		http.Error(w, "Failed to encode JSON", http.StatusInternalServerError)
+	}
+}
+
+func formToMap(r *http.Request) (map[string][]string, error) {
+	if err := r.ParseForm(); err != nil {
+		return nil, err
+	}
+
+	return r.Form, nil
+}
+
+func NewServer(cfg config.Config) *Server {
+	client := *client.NewClient(cfg.HmacKey, cfg.MaxNumber, cfg.Algorithm, cfg.Salt, cfg.Expire, cfg.CheckExpire)
+
+	return &Server {
+		port:	cfg.Port,
+		client:	client,
+	}
+}

internal/client/main.go

@@ -0,0 +1,61 @@
+package client
+
+import (
+	"time"
+
+	"github.com/altcha-org/altcha-lib-go"
+)
+
+type Client struct {
+	hmacKey		string
+	maxNumber	int64
+	algorithm	altcha.Algorithm
+	salt		string
+	expire		string
+	checkExpire	bool
+}
+
+func NewClient(hmacKey string, maxNumber int64, algorithm string, salt string, expire string, checkExpire bool) *Client {
+	return &Client {
+		hmacKey:		hmacKey,
+		maxNumber:		maxNumber,
+		algorithm:		altcha.Algorithm(algorithm),
+		salt:			salt,
+		expire:			expire,
+		checkExpire:	checkExpire,
+	}
+}
+
+func (c *Client) Generate() (altcha.Challenge, error) {
+	expirationDuration, _ := time.ParseDuration(c.expire+"s")
+	expiration := time.Now().Add(expirationDuration)
+	
+	options := altcha.ChallengeOptions{
+		HMACKey:	c.hmacKey,
+		MaxNumber:	c.maxNumber,
+		Algorithm:	c.algorithm,
+		Expires: 	&expiration,
+	}
+
+	if len(c.salt) > 0 {
+		options.Salt = c.salt
+	}
+
+	return altcha.CreateChallenge(options)
+}
+
+func (c *Client) Solve(challenge string) (*altcha.Solution, error) {
+	return altcha.SolveChallenge(challenge, c.salt, c.algorithm, int(c.maxNumber), 0, make(<-chan struct{}))
+}
+
+func (c *Client) VerifySolution(payload interface{}) (bool, error) {
+	return altcha.VerifySolution(payload, c.hmacKey, c.checkExpire)
+}
+
+func (c *Client) VerifyServerSignature(payload interface{}) (bool, altcha.ServerSignatureVerificationData, error) {
+	return altcha.VerifyServerSignature(payload, c.hmacKey)
+}
+
+func (c *Client) VerifyFieldsHash(formData map[string][]string, fields []string, fieldsHash string) (bool, error) {
+	return altcha.VerifyFieldsHash(formData, fields, fieldsHash, c.algorithm)
+}

internal/command/common/flags.go

@@ -0,0 +1,7 @@
+package common
+
+import "github.com/urfave/cli/v2"
+
+func Flags() []cli.Flag {
+	return []cli.Flag{}
+}

internal/command/generate.go

@@ -0,0 +1,40 @@
+package command
+
+import (
+	"fmt"
+
+	"forge.cadoles.com/cadoles/altcha-server/internal/client"
+	"forge.cadoles.com/cadoles/altcha-server/internal/command/common"
+	"forge.cadoles.com/cadoles/altcha-server/internal/config"
+	"github.com/caarlos0/env/v11"
+	"github.com/urfave/cli/v2"
+	"gitlab.com/wpetit/goweb/logger"
+)
+
+func GenerateCommand() *cli.Command {
+	flags := common.Flags()
+
+	return &cli.Command{
+		Name:	"generate",
+		Usage:	"generate a challenge",
+		Flags:	flags,
+		Action:	func(ctx *cli.Context) error {
+			cfg := config.Config{}
+			if err := env.Parse(&cfg); err != nil {
+				fmt.Printf("%+v\n", err)
+			}
+			
+			c := client.NewClient(cfg.HmacKey, cfg.MaxNumber, cfg.Algorithm, cfg.Salt, cfg.Expire, cfg.CheckExpire)
+			
+			challenge, err := c.Generate()
+			if err != nil {
+				logger.Error(ctx.Context, err.Error())
+				return err
+			}
+
+			fmt.Printf("%+v\n", challenge)
+
+			return nil
+		},
+	}
+}

internal/command/main.go

@@ -0,0 +1,49 @@
+package command
+
+import (
+	"context"
+	"fmt"
+	"os"
+	"sort"
+
+	"github.com/urfave/cli/v2"
+)
+
+func Main(commands ...*cli.Command) {
+	ctx := context.Background()
+
+	app := &cli.App {
+		Version:	"1",
+		Name: 		"altcha-server",
+		Usage:		"create challenges and validate solutions for atlcha captcha",
+		Commands: commands,
+		Flags: []cli.Flag{
+			&cli.BoolFlag{
+				Name:		"debug",
+				EnvVars:	[]string{"ALTCHA_DEBUG"},
+				Value: 		false,
+			},
+		},
+	}
+
+	app.ExitErrHandler = func (ctx *cli.Context, err error) {
+		if err == nil {
+			return
+		}
+
+		debug := ctx.Bool("debug")
+
+		if !debug {
+			fmt.Printf("[ERROR] %v\n", err)
+		} else {
+			fmt.Printf("%+v", err)
+		}
+	}
+
+	sort.Sort(cli.FlagsByName(app.Flags))
+	sort.Sort(cli.CommandsByName(app.Commands))
+
+	if err := app.RunContext(ctx, os.Args); err  != nil {
+		os.Exit(1)
+	}
+}

internal/command/run.go

@@ -0,0 +1,30 @@
+package command
+
+import (
+	"fmt"
+
+	"forge.cadoles.com/cadoles/altcha-server/internal/api"
+	"forge.cadoles.com/cadoles/altcha-server/internal/command/common"
+	"forge.cadoles.com/cadoles/altcha-server/internal/config"
+	"github.com/caarlos0/env/v11"
+	"github.com/urfave/cli/v2"
+)
+
+func RunCommand() *cli.Command {
+	flags := common.Flags()
+	
+	return &cli.Command{
+		Name:	"run",
+		Usage:	"run the atlcha api server",
+		Flags:	flags,
+		Action:	func(ctx *cli.Context) error {
+			cfg := config.Config{}
+			if err := env.Parse(&cfg); err != nil {
+				fmt.Printf("%+v\n", err)
+			}
+
+			api.NewServer(cfg).Run(ctx.Context)
+			return nil
+		},
+	}
+}

internal/command/solve.go

@@ -0,0 +1,47 @@
+package command
+
+import (
+	"fmt"
+
+	"forge.cadoles.com/cadoles/altcha-server/internal/client"
+	"forge.cadoles.com/cadoles/altcha-server/internal/command/common"
+	"forge.cadoles.com/cadoles/altcha-server/internal/config"
+	"github.com/caarlos0/env/v11"
+	"github.com/urfave/cli/v2"
+	"gitlab.com/wpetit/goweb/logger"
+)
+
+func SolveCommand() *cli.Command {
+	flags := common.Flags()
+
+	return &cli.Command{
+		Name:		"solve",
+		Usage:		"solve the challenge and return the solution",
+		Flags:		flags,
+		Args: 		true,
+		ArgsUsage:	"[CHALLENGE] [SALT]",
+		Action:	func(ctx *cli.Context) error {
+			cfg := config.Config{}
+			if err := env.Parse(&cfg); err != nil {
+				fmt.Printf("%+v\n", err)
+			}
+
+			challenge := ctx.Args().Get(0)
+			salt := ctx.Args().Get(1)
+
+			c := client.NewClient(cfg.HmacKey, cfg.MaxNumber, cfg.Algorithm, salt, cfg.Expire, cfg.CheckExpire)
+
+			
+			solution, err := c.Solve(challenge)
+			
+			if err != nil {
+				logger.Error(ctx.Context, err.Error())
+				return nil
+			}
+			
+			fmt.Printf("%+v\n", solution)
+
+			return nil
+		},
+	}
+}

internal/command/verify.go

@@ -0,0 +1,56 @@
+package command
+
+import (
+	"fmt"
+	"strconv"
+
+	"forge.cadoles.com/cadoles/altcha-server/internal/client"
+	"forge.cadoles.com/cadoles/altcha-server/internal/command/common"
+	"forge.cadoles.com/cadoles/altcha-server/internal/config"
+	"github.com/altcha-org/altcha-lib-go"
+	"github.com/caarlos0/env/v11"
+	"github.com/urfave/cli/v2"
+)
+
+func VerifyCommand() *cli.Command {
+	flags := common.Flags()
+
+	return &cli.Command{
+		Name:	"verify",
+		Usage:	"verify the solution",
+		Flags:	flags,
+		Args:	true,
+		ArgsUsage: "[challenge] [salt] [signature] [solution]",
+		Action: func(ctx *cli.Context) error {
+			cfg := config.Config{}
+			if err := env.Parse(&cfg); err != nil {
+				fmt.Printf("%+v\n", err)
+			}
+
+			challenge := ctx.Args().Get(0)
+			salt := ctx.Args().Get(1)
+			signature := ctx.Args().Get(2)
+			solution, _ := strconv.ParseInt(ctx.Args().Get(3), 10, 64)
+			
+			c := client.NewClient(cfg.HmacKey, cfg.MaxNumber, cfg.Algorithm, cfg.Salt, cfg.Expire, cfg.CheckExpire)
+
+			payload := altcha.Payload{
+				Algorithm:	cfg.Algorithm,
+				Challenge:	challenge,
+				Number:		solution,
+				Salt:		salt,
+				Signature:	signature,
+			}
+
+			verified, err := c.VerifySolution(payload)
+
+			if err != nil {
+				return err
+			}
+
+			fmt.Print(verified)
+
+			return nil
+		},
+	}
+}

internal/config/config.go

@@ -0,0 +1,11 @@
+package config
+
+type Config struct {
+	Port 		string	`env:"ALTCHA_PORT" envDefault:"3333"`
+	HmacKey		string	`env:"ALTCHA_HMAC_KEY"`
+	MaxNumber	int64	`env:"ALTCHA_MAX_NUMBER" envDefault:"1000000"`
+	Algorithm	string	`env:"ALTCHA_ALGORITHM" envDefault:"SHA-256"`
+	Salt		string	`env:"ALTCHA_SALT"`
+	Expire		string	`env:"ALTCHA_EXPIRE" envDefault:"600"`
+	CheckExpire	bool	`env:"ALTCHA_CHECK_EXPIRE" envDefault:"1"`
+}