Closed pkong-ds closed 1 day ago
Added recaptchav2 & cloudflare clients; Blocked by intent state transition problem, will continue tmr
As per offline discussion with @louischan-oursky , realized current accept.go
logic would not support input validation of bot protection.
Hence, will close this PR and create another one with below approach:
In target branches Intents (or Nodes), add below pseudocode to ReactTo
func (i *IntentXYZ) ReactTo(...) (*authflow.Node, error) {
var bpResult *BotProtectionResult
bpRequired = IsBotProtectionRequired(i)
if bpRequired {
bpResult, err := botprotectionutils.Verify(i)
}
// return bpResult.Error() in all core logic, non-error return
return nextNode, bpResult.Error() // special error for accept.go manipulation on session
}
func (r *BotProtectionVerificationResult) Error() error{
if r == nil {
return nil
}
switch r.status {
...
}
}
What's in this PR?
spawn IntentBotProtection subflow if cu1rrent branch require bot_protection
@louischan-oursky can help review 99bae6a9e5b1e2fdb482b65b66bb251b6ff370c9 🙏 This commit is my attempt to add bot protection logic to an existing intent.
If this commit looks good to you, I will replicate this implementation across all other
flows->steps->branches
that supports bot_protection