diff --git a/service/src/main/java/org/whispersystems/textsecuregcm/captcha/HCaptchaClient.java b/service/src/main/java/org/whispersystems/textsecuregcm/captcha/HCaptchaClient.java index 46435e77d..a081bc6c1 100644 --- a/service/src/main/java/org/whispersystems/textsecuregcm/captcha/HCaptchaClient.java +++ b/service/src/main/java/org/whispersystems/textsecuregcm/captcha/HCaptchaClient.java @@ -9,6 +9,7 @@ import static org.whispersystems.textsecuregcm.metrics.MetricsUtil.name; import io.micrometer.core.instrument.Metrics; import java.io.IOException; +import java.math.BigDecimal; import java.net.URI; import java.net.URLEncoder; import java.net.http.HttpClient; @@ -109,6 +110,8 @@ public class HCaptchaClient implements CaptchaClient { "reason", reason, "score", scoreString).increment(); } - return new AssessmentResult(score >= config.getScoreFloor().floatValue(), scoreString); + + final BigDecimal threshold = config.getScoreFloorByAction().getOrDefault(action, config.getScoreFloor()); + return new AssessmentResult(score >= threshold.floatValue(), scoreString); } } diff --git a/service/src/main/java/org/whispersystems/textsecuregcm/captcha/RecaptchaClient.java b/service/src/main/java/org/whispersystems/textsecuregcm/captcha/RecaptchaClient.java index d53931b33..de1c7ffeb 100644 --- a/service/src/main/java/org/whispersystems/textsecuregcm/captcha/RecaptchaClient.java +++ b/service/src/main/java/org/whispersystems/textsecuregcm/captcha/RecaptchaClient.java @@ -18,6 +18,7 @@ import com.google.recaptchaenterprise.v1.RiskAnalysis; import io.micrometer.core.instrument.Metrics; import java.io.ByteArrayInputStream; import java.io.IOException; +import java.math.BigDecimal; import java.nio.charset.StandardCharsets; import java.util.Objects; import javax.annotation.Nonnull; @@ -99,8 +100,9 @@ public class RecaptchaClient implements CaptchaClient { "reason", reason.name()) .increment(); } + final BigDecimal threshold = config.getScoreFloorByAction().getOrDefault(expectedAction, config.getScoreFloor()); return new AssessmentResult( - score >= config.getScoreFloor().floatValue(), + score >= threshold.floatValue(), AssessmentResult.scoreString(score)); } else { Metrics.counter(INVALID_REASON_COUNTER_NAME, diff --git a/service/src/main/java/org/whispersystems/textsecuregcm/configuration/dynamic/DynamicCaptchaConfiguration.java b/service/src/main/java/org/whispersystems/textsecuregcm/configuration/dynamic/DynamicCaptchaConfiguration.java index fe0751af4..b85ec3358 100644 --- a/service/src/main/java/org/whispersystems/textsecuregcm/configuration/dynamic/DynamicCaptchaConfiguration.java +++ b/service/src/main/java/org/whispersystems/textsecuregcm/configuration/dynamic/DynamicCaptchaConfiguration.java @@ -9,6 +9,7 @@ import com.fasterxml.jackson.annotation.JsonProperty; import com.google.common.annotations.VisibleForTesting; import java.math.BigDecimal; import java.util.Collections; +import java.util.Map; import java.util.Set; import javax.validation.constraints.DecimalMax; import javax.validation.constraints.DecimalMin; @@ -28,6 +29,11 @@ public class DynamicCaptchaConfiguration { @JsonProperty private boolean allowRecaptcha = true; + + @JsonProperty + @NotNull + private Map scoreFloorByAction = Collections.emptyMap(); + @JsonProperty @NotNull private Set signupCountryCodes = Collections.emptySet(); @@ -66,6 +72,10 @@ public class DynamicCaptchaConfiguration { return allowRecaptcha; } + public Map getScoreFloorByAction() { + return scoreFloorByAction; + } + @VisibleForTesting public void setAllowHCaptcha(final boolean allowHCaptcha) { this.allowHCaptcha = allowHCaptcha; diff --git a/service/src/test/java/org/whispersystems/textsecuregcm/configuration/dynamic/DynamicConfigurationTest.java b/service/src/test/java/org/whispersystems/textsecuregcm/configuration/dynamic/DynamicConfigurationTest.java index 29da4a158..4362a5f7b 100644 --- a/service/src/test/java/org/whispersystems/textsecuregcm/configuration/dynamic/DynamicConfigurationTest.java +++ b/service/src/test/java/org/whispersystems/textsecuregcm/configuration/dynamic/DynamicConfigurationTest.java @@ -262,6 +262,9 @@ class DynamicConfigurationTest { signupCountryCodes: - 1 scoreFloor: 0.9 + scoreFloorByAction: + challenge: 0.1 + registration: 0.2 """; final DynamicCaptchaConfiguration config = @@ -270,6 +273,8 @@ class DynamicConfigurationTest { assertEquals(Set.of("1"), config.getSignupCountryCodes()); assertEquals(0.9f, config.getScoreFloor().floatValue()); + assertEquals(0.1f, config.getScoreFloorByAction().get("challenge").floatValue()); + assertEquals(0.2f, config.getScoreFloorByAction().get("registration").floatValue()); } }