new configuration version

DEFAULT-ADN-AGOV-PROJECT/DEFAULT-ADN-AGOV-INV/auth-sts/etc/nevis/k8s-nevisauth-sts-4bad2fe3ccc54716cc87138f.yaml

@@ -40,7 +40,7 @@ spec:
   podDisruptionBudget:
     maxUnavailable: "50%"
   git:
-    tag: "r-01fcdea9b5e524c965c7f0b885a21df0258ff783"
+    tag: "r-76a9542c5c919177c7b3c1903a1140c1e7274683"
     dir: "DEFAULT-ADN-AGOV-PROJECT/DEFAULT-ADN-AGOV-INV/auth-sts"
     credentials: "git-credentials"
   keystores:

DEFAULT-ADN-AGOV-PROJECT/DEFAULT-ADN-AGOV-INV/auth-sts/var/opt/nevisauth/default/conf/logging.yml

@@ -22,6 +22,8 @@ Configuration:
       level: "FATAL"
     - name: "AGOV-ACCT"
       level: "DEBUG"
+    - name: "AgovCaptcha"
+      level: "DEBUG"
     - name: "AuthEngine"
       level: "INFO"
     - name: "AuthPerf"

DEFAULT-ADN-AGOV-PROJECT/DEFAULT-ADN-AGOV-INV/auth/etc/nevis/k8s-nevisauth-7022472ae407577ae604bbb8.yaml

@@ -40,7 +40,7 @@ spec:
   podDisruptionBudget:
     maxUnavailable: "50%"
   git:
-    tag: "r-01fcdea9b5e524c965c7f0b885a21df0258ff783"
+    tag: "r-76a9542c5c919177c7b3c1903a1140c1e7274683"
     dir: "DEFAULT-ADN-AGOV-PROJECT/DEFAULT-ADN-AGOV-INV/auth"
     credentials: "git-credentials"
   keystores:

DEFAULT-ADN-AGOV-PROJECT/DEFAULT-ADN-AGOV-INV/auth/var/opt/nevisauth/default/conf/esauth4.xml

@@ -229,7 +229,7 @@
                 <Arg name="ch.nevis.isiweb4.response.status" value="403"/>
             </Response>
             <!-- source: pattern://887ada57500885703a4a9408 -->
-            <property name="session:agov.fido2.X-ReCAPTCHA-Integration" value=""/>
+            <property name="sesss:agov.fido2.X-ReCAPTCHA-Integration" value=""/>
             <!-- source: pattern://887ada57500885703a4a9408 -->
             <property name="removeOnEmptyValue" value="true"/>
         </AuthState>
@@ -280,6 +280,8 @@
             <!-- source: pattern://f39352769cb2a1c88e1a176d -->
             <property name="parameter.url" value="https://utility.agov-d.azure.adnovum.net/utility/api/v1/configinfo"/>
             <!-- source: pattern://f39352769cb2a1c88e1a176d -->
+            <property name="scriptTraceGroup" value="AgovCaptcha"/>
+            <!-- source: pattern://f39352769cb2a1c88e1a176d -->
             <property name="script" value="file:///var/opt/nevisauth/default/conf/fido2_fetchcaptchainfos.groovy"/>
         </AuthState>
         <AuthState name="Auth_Realm_Main_IDP_FidoUAF_VariableStep" class="ch.nevis.esauth.auth.states.standard.TransformAttributes" final="false">
@@ -383,11 +385,9 @@
                     <!-- source: pattern://e3cac41e75980361d7d26bde -->
                     <GuiElem name="captchaSettings.enabled" type="hidden" value="${sess:agov.fido2.json.captchaSettings.enabled}" optional="true"/>
                     <!-- source: pattern://e3cac41e75980361d7d26bde -->
-                    <GuiElem name="captchaSettings.reCaptchaInvisibleSiteKey" type="hidden" value="${sess:agov.fido2.json.captchaSettings.reCaptchaInvisibleSiteKey}" optional="true"/>
+                    <GuiElem name="friendlyCaptchaSettings.siteKey" type="hidden" value="${sess:agov.fido2.json.captchaSettings.siteKey}" optional="true"/>
                     <!-- source: pattern://e3cac41e75980361d7d26bde -->
-                    <GuiElem name="captchaSettings.reCaptchaVisibleSiteKey" type="hidden" value="${sess:agov.fido2.json.captchaSettings.reCaptchaVisibleSiteKey}" optional="true"/>
-                    <!-- source: pattern://e3cac41e75980361d7d26bde -->
-                    <GuiElem name="X-ReCAPTCHA-Integration" type="hidden" value="${sess:agov.fido2.X-ReCAPTCHA-Integration}" optional="true"/>
+                    <GuiElem name="friendlyCaptchaSettings.puzzleUrl" type="hidden" value="${sess:agov.fido2.json.captchaSettings.puzzleUrl}" optional="true"/>
                     <!-- source: pattern://e3cac41e75980361d7d26bde -->
                     <GuiElem name="cancelFido2" type="submit" label="cancel.button.label" value="cancelFido2"/>
                     <!-- source: pattern://e3cac41e75980361d7d26bde -->
@@ -477,11 +477,9 @@
                 <Arg name="ch.nevis.isiweb4.response.status" value="403"/>
             </Response>
             <!-- source: pattern://699f22cf1cd4ad08bd973f31 -->
-            <property name="parameter.ip" value="#{inctx.get('connection.HttpHeader.X-Real-IP')}"/>
+            <property name="parameter.url" value="https://utility.agov-d.azure.adnovum.net/utility/api/v2/captcha/"/>
             <!-- source: pattern://699f22cf1cd4ad08bd973f31 -->
-            <property name="parameter.url" value="https://utility.agov-d.azure.adnovum.net/utility/api/v1/captcha/"/>
-            <!-- source: pattern://699f22cf1cd4ad08bd973f31 -->
-            <property name="parameter.userAgent" value="#{inctx.get('connection.HttpHeader.user-agent')}"/>
+            <property name="scriptTraceGroup" value="AgovCaptcha"/>
             <!-- source: pattern://699f22cf1cd4ad08bd973f31 -->
             <property name="script" value="file:///var/opt/nevisauth/default/conf/fido2_fetchcaptcharesult.groovy"/>
         </AuthState>
@@ -1696,7 +1694,7 @@
             <!-- source: pattern://717094cbd4ddbadeab4b2cc1 -->
             <property name="parameter.ip" value="#{inctx.get('connection.HttpHeader.X-Real-IP')}"/>
             <!-- source: pattern://717094cbd4ddbadeab4b2cc1 -->
-            <property name="parameter.url" value="https://utility.agov-d.azure.adnovum.net/utility/api/v1/captcha/"/>
+            <property name="parameter.url" value="https://utility.agov-d.azure.adnovum.net/utility/api/v2/captcha/"/>
             <!-- source: pattern://717094cbd4ddbadeab4b2cc1 -->
             <property name="parameter.userAgent" value="#{inctx.get('connection.HttpHeader.user-agent')}"/>
             <!-- source: pattern://717094cbd4ddbadeab4b2cc1 -->

DEFAULT-ADN-AGOV-PROJECT/DEFAULT-ADN-AGOV-INV/auth/var/opt/nevisauth/default/conf/fido2_fetchcaptchainfos.groovy

@@ -3,7 +3,9 @@ import groovy.json.JsonSlurper
 def url = parameters.get('url')
 
 try {
+  //TODO/haburger/2024-AUG-20: remove if reCaptcha is not needed anymore
   session.remove('agov.fido2.X-ReCAPTCHA-Integration')
+
   def jsonSlurper = new JsonSlurper()
   def httpClient = HttpClients.create(parameters)
   def httpResponse = Http.get().url(url).build().send(httpClient)
@@ -15,14 +17,22 @@ try {
     def json = jsonSlurper.parseText(httpResponse.bodyAsString())
     response.setSessionAttribute('agov.fido2.json.accountUrl', json.accountUrl)
     response.setSessionAttribute('agov.fido2.json.registrationUrl', json.registrationUrl)
-    response.setSessionAttribute('agov.fido2.json.captchaSettings.enabled', String.valueOf(json.captchaSettings.enabled))
-    response.setSessionAttribute('agov.fido2.json.captchaSettings.reCaptchaInvisibleSiteKey', json.captchaSettings.reCaptchaInvisibleSiteKey)
-    response.setSessionAttribute('agov.fido2.json.captchaSettings.reCaptchaVisibleSiteKey', json.captchaSettings.reCaptchaVisibleSiteKey)
-    if (session.get('agov.fido2.X-ReCAPTCHA-Integration') == null) {
-      response.setSessionAttribute('agov.fido2.X-ReCAPTCHA-Integration', 'INVISIBLE')
-    } else {
-      response.setSessionAttribute('agov.fido2.X-ReCAPTCHA-Integration', 'VISIBLE')
-    }
+
+    // TODO/haburger/2024-AUG-20: remove if reCaptcha is not needed anymore
+    // response.setSessionAttribute('agov.fido2.json.captchaSettings.enabled', String.valueOf(json.captchaSettings.enabled))
+    // response.setSessionAttribute('agov.fido2.json.captchaSettings.reCaptchaInvisibleSiteKey', json.captchaSettings.reCaptchaInvisibleSiteKey)
+    // response.setSessionAttribute('agov.fido2.json.captchaSettings.reCaptchaVisibleSiteKey', json.captchaSettings.reCaptchaVisibleSiteKey)
+	// 
+    // if (session.get('agov.fido2.X-ReCAPTCHA-Integration') == null) {
+    //   response.setSessionAttribute('agov.fido2.X-ReCAPTCHA-Integration', 'INVISIBLE')
+    // } else {
+    //   response.setSessionAttribute('agov.fido2.X-ReCAPTCHA-Integration', 'VISIBLE')
+    // }
+
+    response.setSessionAttribute('agov.fido2.json.captchaSettings.enabled', String.valueOf(json.friendlyCaptureClientSettings.enabled))
+    response.setSessionAttribute('agov.fido2.json.captchaSettings.siteKey', json.friendlyCaptureClientSettings.siteKey)
+    response.setSessionAttribute('agov.fido2.json.captchaSettings.puzzleUrl', json.friendlyCaptureClientSettings.puzzleUrl)
+
     response.setResult('ok')
   } else {
     LOG.error('Unexcpected HTTP response code: ' + httpResponse.code())

DEFAULT-ADN-AGOV-PROJECT/DEFAULT-ADN-AGOV-INV/auth/var/opt/nevisauth/default/conf/fido2_fetchcaptcharesult.groovy

@@ -1,14 +1,13 @@
-
 def url = parameters.get('url')
-def email = inargs['email']
+
+def email = inargs['userInputValue_prompt.email']
 def ip = request.getLoginContext()['connection.HttpHeader.X-Real-IP'] ?: 'unknown'
 def userAgent = request.getLoginContext()['connection.HttpHeader.user-agent'] ?: request.getLoginContext()['connection.HttpHeader.User-Agent'] ?: 'unknown'
 
-def payload = '{ "email": "' + inargs['userInputValue_prompt.email'] + '", "action": "LOGIN", "userIp": "' + ip + '", "userAgent": "' + userAgent + '"}'
+def payload = "{ \"userIp\": \"${ip}\", \"email\": \"${email}\", \"userAgent\": \"${userAgent}\" }"
 
-LOG.info('Token: ' + inargs['recaptcha_response'])
-LOG.info('Integration: ' + session['agov.fido2.X-ReCAPTCHA-Integration'])
-LOG.info('Payload: ' + payload)
+LOG.debug('Token: ' + inargs['recaptcha_response'])
+LOG.debug('Payload: ' + payload)
 
 try {
 
@@ -16,38 +15,85 @@ try {
   def httpResponse = Http.post()
           .url(url)
           .header("Accept", "application/json")
-          .header("X-ReCAPTCHA-Token", inargs['recaptcha_response'])
-          .header("X-ReCAPTCHA-Integration", session['agov.fido2.X-ReCAPTCHA-Integration'])
+          .header("X-FriendlyCAPTCHA-Token", inargs['recaptcha_response'])
           .entity(Http.entity()
                   .content(payload)
                   .contentType("application/json")
-               //   .charSet("utf-8")
                   .build())
           .build()
           .send(httpClient)
 
-  LOG.info('Response Message: ' + httpResponse.reasonPhrase())
-  LOG.info('Response Status Code: ' + httpResponse.code())
-  LOG.info('Response: ' + httpResponse.bodyAsString())
+  LOG.debug('Response Message: ' + httpResponse.reasonPhrase())
+  LOG.debug('Response Status Code: ' + httpResponse.code())
+  LOG.debug('Response: ' + httpResponse.bodyAsString())
 
   if (httpResponse.code() == 200) {
       if (httpResponse.bodyAsString().contains('SUCCESSFUL')) {
           response.setResult('ok')
           return
        } else {
-
-       response.setSessionAttribute('agov.fido2.X-ReCAPTCHA-Integration', 'VISIBLE')
+       LOG.warn("Friendly captcha not successful for '{ \"userIp\": \"${ip}\", \"email\": \"${email}\", \"userAgent\": \"${userAgent}\" }'")
        response.setResult('exit.1')
        return      
      }
   } else {
-    LOG.error('Unexcpected HTTP response code: ' + httpResponse.code())
+    LOG.error("Friendly captcha failed with statuscode ${httpResponse.code()} for '{ \"userIp\": \"${ip}\", \"email\": \"${email}\", \"userAgent\": \"${userAgent}\" }'")
     response.setResult('error')
     response.setError(1, 'Unexpected HTTP reponse')
   }
 } catch (all) {
   // Handle exception and set the transition
-  LOG.error('error: ' + all, all)
+  LOG.error("Friendly captcha failed with a general error '${all}' for '{ \"userIp\": \"${ip}\", \"email\": \"${email}\", \"userAgent\": \"${userAgent}\" }', service-url: ${url}")
   response.setResult('error')
   response.setError(1, 'Exception during HTTP call')
-}
+}
+
+
+// TODO/haburger/2024-AUG-20: remove if reCaptcha is not needed anymore
+//
+// def payload = '{ "email": "' + inargs['userInputValue_prompt.email'] + '", "action": "LOGIN", "userIp": "' + ip + '", "userAgent": "' + userAgent + '"}'
+// 
+// LOG.info('Token: ' + inargs['recaptcha_response'])
+// LOG.info('Integration: ' + session['agov.fido2.X-ReCAPTCHA-Integration'])
+// LOG.info('Payload: ' + payload)
+// 
+// try {
+// 
+//   def httpClient = HttpClients.create(parameters)
+//   def httpResponse = Http.post()
+//           .url(url)
+//           .header("Accept", "application/json")
+//           .header("X-ReCAPTCHA-Token", inargs['recaptcha_response'])
+//           .header("X-ReCAPTCHA-Integration", session['agov.fido2.X-ReCAPTCHA-Integration'])
+//           .entity(Http.entity()
+//                   .content(payload)
+//                   .contentType("application/json")
+//                   .build())
+//           .build()
+//           .send(httpClient)
+// 
+//   LOG.info('Response Message: ' + httpResponse.reasonPhrase())
+//   LOG.info('Response Status Code: ' + httpResponse.code())
+//   LOG.info('Response: ' + httpResponse.bodyAsString())
+// 
+//   if (httpResponse.code() == 200) {
+//       if (httpResponse.bodyAsString().contains('SUCCESSFUL')) {
+//           response.setResult('ok')
+//           return
+//        } else {
+// 
+//        response.setSessionAttribute('agov.fido2.X-ReCAPTCHA-Integration', 'VISIBLE')
+//        response.setResult('exit.1')
+//        return      
+//      }
+//   } else {
+//     LOG.error('Unexcpected HTTP response code: ' + httpResponse.code())
+//     response.setResult('error')
+//     response.setError(1, 'Unexpected HTTP reponse')
+//   }
+// } catch (all) {
+//   // Handle exception and set the transition
+//   LOG.error('error: ' + all, all)
+//   response.setResult('error')
+//   response.setError(1, 'Exception during HTTP call')
+// }

DEFAULT-ADN-AGOV-PROJECT/DEFAULT-ADN-AGOV-INV/auth/var/opt/nevisauth/default/conf/logging.yml

@@ -22,6 +22,8 @@ Configuration:
       level: "FATAL"
     - name: "AGOV-ACCT"
       level: "DEBUG"
+    - name: "AgovCaptcha"
+      level: "DEBUG"
     - name: "AuthEngine"
       level: "INFO"
     - name: "AuthPerf"

DEFAULT-ADN-AGOV-PROJECT/DEFAULT-ADN-AGOV-INV/logrend/etc/nevis/k8s-nevislogrend-097929211988398a87bcbb0c.yaml

@@ -40,7 +40,7 @@ spec:
   podDisruptionBudget:
     maxUnavailable: "50%"
   git:
-    tag: "r-5560b9df58bc00fcf3fc92f29f5f7840af9dbf26"
+    tag: "r-76a9542c5c919177c7b3c1903a1140c1e7274683"
     dir: "DEFAULT-ADN-AGOV-PROJECT/DEFAULT-ADN-AGOV-INV/logrend"
     credentials: "git-credentials"
   podSecurity:

DEFAULT-ADN-AGOV-PROJECT/DEFAULT-ADN-AGOV-INV/logrend/var/opt/nevislogrend/default/data/applications/Auth_Realm_Main_IDP/webdata/template/footer.vm

@@ -3,7 +3,7 @@
 			$text.get("footer.text")
 			<a target="_blank" class='text-hyperlink dark:text-dark-hyperlink underline' href='$text.get("footer.link")'>$text.get("footer.link.label")</a>
 		</div>
-		<p>1.6.0.2137-20240812T051256Z</p>
+		<p>1.6.0.local-20240814T114715Z-haburger: Tue Aug 20 09:49:43 CEST 2024</p>
 	</footer>
 	<script src="${login.appDataPath}/static/bundle.js"></script>
 </body>

DEFAULT-ADN-AGOV-PROJECT/DEFAULT-ADN-AGOV-INV/logrend/var/opt/nevislogrend/default/data/applications/Auth_Realm_Main_IDP/webdata/template/recovery_intro_email.vm

@@ -67,106 +67,43 @@
 					<span class="font-body-semi">$text.get("recovery_intro_email.important")</span>
                     $text.get("recovery_intro_email.process")
 				</p>
-                #if ($utils.escapeHtmlAttribute($gui.getGuiElem("X-ReCAPTCHA-Integration").value) == "INVISIBLE")
-                    #set ($isCaptchaVisible = true)
-                #else
-                    #set ($isCaptchaVisible = false)
-                #end
 
-                #if ($isCaptchaVisible)
-                    #set ($captcha = $gui.getGuiElem("captchaSettings.reCaptchaInvisibleSiteKey"))
-					<input type="hidden" name="recaptcha_sitekey" value="$captcha.value"/>
-					<input type="hidden" name="recaptcha_response" value="captcha">
-					<script src="https://www.google.com/recaptcha/enterprise.js?render=$captcha.value"></script>
-
-					<script>
-						function emailCaptcha(event) {
-							event.preventDefault();
-							if (validateEmail.validateForm(event)) {
-								grecaptcha.enterprise.ready(async () => {
-									await grecaptcha.enterprise.execute('$captcha.value', { action: 'LOGIN' })
-											.then((token) => {
-												document.querySelector('input[name="recaptcha_response"]').value = token;
-												addButton();
-											});
-								});
-							}
-							return false;
-						}
-
-						function addButton() {
-							let btn = document.createElement("button");
-							btn.type = "submit";
-							btn.name = "continue";
-							btn.value = "continue";
-							btn.style.display = "none";
-							document.querySelector('#$gui.name').appendChild(btn);
-							btn.click()
-						}
-					</script>
-                #else
-                    #set ($captcha = $gui.getGuiElem("captchaSettings.reCaptchaVisibleSiteKey"))
-					<input type="hidden" name="recaptcha_sitekey" value="$captcha.value"/>
-					<input type="hidden" name="recaptcha_response" value="captcha">
-					<script src="https://www.google.com/recaptcha/enterprise.js?onload=onloadCallback&render=explicit" async
-							defer></script>
-
-					<script>
-						var verifyCallback = function (response) {
-							document.querySelector('input[name="recaptcha_response"]').value = response;
-						};
-
-						var expiredCallback = function () {
-							document.querySelector('input[name="recaptcha_response"]').value = 'captcha';
-						};
-
-						var onloadCallback = function () {
-							grecaptcha.enterprise.render(document.getElementById('captchaRender'), {
-								'sitekey': '$captcha.value',
-								'action': 'LOGIN',
-								'callback': verifyCallback,
-								'expired-callback': expiredCallback
-							});
-						};
-					</script>
-                #end
+				#set ($siteKey = $gui.getGuiElem("friendlyCaptchaSettings.siteKey"))
+				#set ($puzzleUrl = $gui.getGuiElem("friendlyCaptchaSettings.puzzleUrl"))
 
 				<div class="font-body text-body-l mb-4">
-                    #if ($isCaptchaVisible)
-						<div class="text-disabled-grey dark:text-silver">
-                            $text.get("recovery_intro_email.siteProtectedWithRecaptcha")
+					<div class="text-disabled-grey dark:text-silver">
+						$text.get("recovery_intro_email.siteProtectedWithRecaptcha")
+					</div>
+					<div class="flex mt-8">
+						<script>
+							function onSolution() {
+								document.getElementById("submit").disabled = false;
+							}
+						</script>
+						<div class="frc-captcha"
+							 data-puzzle-endpoint="$puzzleUrl.value"
+							 data-sitekey="$siteKey.value"
+							 data-start="auto"
+							 data-lang="en"
+							 data-callback="onSolution"
+							 data-solution-field-name="captcha_response">
 						</div>
-                    #else
-						<div class="flex mt-8" id="captchaRender"></div>
-                    #end
-
+					</div>
 				</div>
 
 				<div class="w-full sm:static mt-auto mb-6 sm:mb-0">
 					<div class="flex flex-col sm:flex-row-reverse gap-4">
-                        #if ($isCaptchaVisible)
-							<agov-button
-									class="block basis-full"
-									data-name="continue"
-									data-value="continue"
-									data-id="continue"
-									data-label="$text.get("general.continue")"
-									data-type="submit"
-									data-fullwidth="true"
-									onclick="return emailCaptcha(event)">
-							</agov-button>
-                        #else
-							<agov-button
-									class="block basis-full"
-									data-name="continue"
-									data-value="continue"
-									data-id="continue"
-									data-label="$text.get("general.continue")"
-									data-type="submit"
-									data-fullwidth="true"
-									onclick="validateEmail.validateForm(event, true)">
-							</agov-button>
-                        #end
+						<agov-button
+								disabled="true"
+								class="block basis-full"
+								data-name="continue"
+								data-value="continue"
+								data-id="continue"
+								data-label="$text.get("general.continue")"
+								data-type="submit"
+								data-fullwidth="true">
+						</agov-button>
 						<agov-button
 								class="block basis-full"
 								data-style="secondary"

DEFAULT-ADN-AGOV-PROJECT/DEFAULT-ADN-AGOV-INV/logrend/var/opt/nevislogrend/default/data/applications/Auth_Realm_Main_IDP/webdata/template/user_input.vm

@@ -39,106 +39,42 @@
 						data-email_required="$text.get("user_input.invalid.email.required")">
 				</agov-input>
 
-                #if ($gui.getGuiElem("X-ReCAPTCHA-Integration").value == "INVISIBLE")
-                    #set ($isCaptchaVisible = true)
-                #else
-                    #set ($isCaptchaVisible = false)
-                #end
-
-                #if ($isCaptchaVisible)
-                    #set ($captcha = $gui.getGuiElem("captchaSettings.reCaptchaInvisibleSiteKey"))
-					<input type="hidden" name="recaptcha_sitekey" value="$captcha.value"/>
-					<input type="hidden" name="recaptcha_response" value="captcha">
-					<script src="https://www.google.com/recaptcha/enterprise.js?render=$captcha.value"></script>
-
-					<script>
-						function emailCaptcha(event) {
-							event.preventDefault();
-							if (validateEmail.validateForm(event)) {
-								grecaptcha.enterprise.ready(async () => {
-									await grecaptcha.enterprise.execute('$captcha.value', { action: 'LOGIN' })
-											.then((token) => {
-												document.querySelector('input[name="recaptcha_response"]').value = token;
-												addButton();
-											});
-								});
-							}
-							return false;
-						}
-
-						function addButton() {
-							let btn = document.createElement("button");
-							btn.type = "submit";
-							btn.name = "submit";
-							btn.value = "submit";
-							btn.style.display = "none";
-							document.querySelector('#$gui.name').appendChild(btn);
-							btn.click()
-						}
-					</script>
-                #else
-                    #set ($captcha = $gui.getGuiElem("captchaSettings.reCaptchaVisibleSiteKey"))
-					<input type="hidden" name="recaptcha_sitekey" value="$captcha.value"/>
-					<input type="hidden" name="recaptcha_response" value="captcha">
-					<script src="https://www.google.com/recaptcha/enterprise.js?onload=onloadCallback&render=explicit" async
-							defer></script>
-
-					<script>
-						var verifyCallback = function (response) {
-							document.querySelector('input[name="recaptcha_response"]').value = response;
-						};
-
-						var expiredCallback = function () {
-							document.querySelector('input[name="recaptcha_response"]').value = 'captcha';
-						};
-
-						var onloadCallback = function () {
-							grecaptcha.enterprise.render(document.getElementById('captchaRender'), {
-								'sitekey': '$captcha.value',
-								'action': 'LOGIN',
-								'callback': verifyCallback,
-								'expired-callback': expiredCallback
-							});
-						};
-					</script>
-                #end
+				#set ($siteKey = $gui.getGuiElem("friendlyCaptchaSettings.siteKey"))
+				#set ($puzzleUrl = $gui.getGuiElem("friendlyCaptchaSettings.puzzleUrl"))
 
 				<div class="font-body text-body-l mb-4">
-                    #if ($isCaptchaVisible)
-						<div class="text-disabled-grey dark:text-silver">
-                            $text.get("recovery_intro_email.siteProtectedWithRecaptcha")
+					<div class="text-disabled-grey dark:text-silver">
+						$text.get("recovery_intro_email.siteProtectedWithRecaptcha")
+					</div>
+					<div class="flex mt-8">
+						<script>
+							function onSolution() {
+								document.getElementById("submit").disabled = false;
+							}
+						</script>
+						<div class="frc-captcha"
+							 data-puzzle-endpoint="$puzzleUrl.value"
+							 data-sitekey="$siteKey.value"
+							 data-start="auto"
+							 data-lang="en"
+							 data-callback="onSolution"
+							 data-solution-field-name="captcha_response">
 						</div>
-                    #else
-						<div class="flex mt-8" id="captchaRender"></div>
-                    #end
-
+					</div>
 				</div>
 
 				<div class="w-full sm:static mt-auto mb-6 sm:mb-0">
 					<div class="flex flex-col sm:flex-row-reverse gap-4">
-                        #if ($isCaptchaVisible)
-							<agov-button
-									class="block basis-full"
-									data-name="submit"
-									data-value="submit"
-									data-id="submit"
-									data-label="$text.get("general.login")"
-									data-type="submit"
-									data-fullwidth="true"
-									onclick="return emailCaptcha(event)">
-							</agov-button>
-                        #else
-							<agov-button
-									class="block basis-full"
-									data-name="submit"
-									data-value="submit"
-									data-id="submit"
-									data-label="$text.get("general.login")"
-									data-type="submit"
-									data-fullwidth="true"
-									onclick="validateEmail.validateForm(event)">
-							</agov-button>
-                        #end
+						<agov-button
+								disabled="true"
+								class="block basis-full"
+								data-name="submit"
+								data-value="submit"
+								data-id="submit"
+								data-label="$text.get("general.login")"
+								data-type="submit"
+								data-fullwidth="true">
+						</agov-button>
 						<agov-button
 								class="block basis-full"
 								data-style="secondary"

DEFAULT-ADN-AGOV-PROJECT/DEFAULT-ADN-AGOV-INV/logrend/var/opt/nevislogrend/default/data/applications/Auth_Realm_Recovery/webdata/template/footer.vm

@@ -3,7 +3,7 @@
 			$text.get("footer.text")
 			<a target="_blank" class='text-hyperlink dark:text-dark-hyperlink underline' href='$text.get("footer.link")'>$text.get("footer.link.label")</a>
 		</div>
-		<p>1.6.0.2137-20240812T051256Z</p>
+		<p>1.6.0.local-20240814T114715Z-haburger: Tue Aug 20 09:49:43 CEST 2024</p>
 	</footer>
 	<script src="${login.appDataPath}/static/bundle.js"></script>
 </body>

DEFAULT-ADN-AGOV-PROJECT/DEFAULT-ADN-AGOV-INV/logrend/var/opt/nevislogrend/default/data/applications/Auth_Realm_Recovery/webdata/template/recovery_intro_email.vm

@@ -67,106 +67,43 @@
 					<span class="font-body-semi">$text.get("recovery_intro_email.important")</span>
                     $text.get("recovery_intro_email.process")
 				</p>
-                #if ($utils.escapeHtmlAttribute($gui.getGuiElem("X-ReCAPTCHA-Integration").value) == "INVISIBLE")
-                    #set ($isCaptchaVisible = true)
-                #else
-                    #set ($isCaptchaVisible = false)
-                #end
 
-                #if ($isCaptchaVisible)
-                    #set ($captcha = $gui.getGuiElem("captchaSettings.reCaptchaInvisibleSiteKey"))
-					<input type="hidden" name="recaptcha_sitekey" value="$captcha.value"/>
-					<input type="hidden" name="recaptcha_response" value="captcha">
-					<script src="https://www.google.com/recaptcha/enterprise.js?render=$captcha.value"></script>
-
-					<script>
-						function emailCaptcha(event) {
-							event.preventDefault();
-							if (validateEmail.validateForm(event)) {
-								grecaptcha.enterprise.ready(async () => {
-									await grecaptcha.enterprise.execute('$captcha.value', { action: 'LOGIN' })
-											.then((token) => {
-												document.querySelector('input[name="recaptcha_response"]').value = token;
-												addButton();
-											});
-								});
-							}
-							return false;
-						}
-
-						function addButton() {
-							let btn = document.createElement("button");
-							btn.type = "submit";
-							btn.name = "continue";
-							btn.value = "continue";
-							btn.style.display = "none";
-							document.querySelector('#$gui.name').appendChild(btn);
-							btn.click()
-						}
-					</script>
-                #else
-                    #set ($captcha = $gui.getGuiElem("captchaSettings.reCaptchaVisibleSiteKey"))
-					<input type="hidden" name="recaptcha_sitekey" value="$captcha.value"/>
-					<input type="hidden" name="recaptcha_response" value="captcha">
-					<script src="https://www.google.com/recaptcha/enterprise.js?onload=onloadCallback&render=explicit" async
-							defer></script>
-
-					<script>
-						var verifyCallback = function (response) {
-							document.querySelector('input[name="recaptcha_response"]').value = response;
-						};
-
-						var expiredCallback = function () {
-							document.querySelector('input[name="recaptcha_response"]').value = 'captcha';
-						};
-
-						var onloadCallback = function () {
-							grecaptcha.enterprise.render(document.getElementById('captchaRender'), {
-								'sitekey': '$captcha.value',
-								'action': 'LOGIN',
-								'callback': verifyCallback,
-								'expired-callback': expiredCallback
-							});
-						};
-					</script>
-                #end
+				#set ($siteKey = $gui.getGuiElem("friendlyCaptchaSettings.siteKey"))
+				#set ($puzzleUrl = $gui.getGuiElem("friendlyCaptchaSettings.puzzleUrl"))
 
 				<div class="font-body text-body-l mb-4">
-                    #if ($isCaptchaVisible)
-						<div class="text-disabled-grey dark:text-silver">
-                            $text.get("recovery_intro_email.siteProtectedWithRecaptcha")
+					<div class="text-disabled-grey dark:text-silver">
+						$text.get("recovery_intro_email.siteProtectedWithRecaptcha")
+					</div>
+					<div class="flex mt-8">
+						<script>
+							function onSolution() {
+								document.getElementById("submit").disabled = false;
+							}
+						</script>
+						<div class="frc-captcha"
+							 data-puzzle-endpoint="$puzzleUrl.value"
+							 data-sitekey="$siteKey.value"
+							 data-start="auto"
+							 data-lang="en"
+							 data-callback="onSolution"
+							 data-solution-field-name="captcha_response">
 						</div>
-                    #else
-						<div class="flex mt-8" id="captchaRender"></div>
-                    #end
-
+					</div>
 				</div>
 
 				<div class="w-full sm:static mt-auto mb-6 sm:mb-0">
 					<div class="flex flex-col sm:flex-row-reverse gap-4">
-                        #if ($isCaptchaVisible)
-							<agov-button
-									class="block basis-full"
-									data-name="continue"
-									data-value="continue"
-									data-id="continue"
-									data-label="$text.get("general.continue")"
-									data-type="submit"
-									data-fullwidth="true"
-									onclick="return emailCaptcha(event)">
-							</agov-button>
-                        #else
-							<agov-button
-									class="block basis-full"
-									data-name="continue"
-									data-value="continue"
-									data-id="continue"
-									data-label="$text.get("general.continue")"
-									data-type="submit"
-									data-fullwidth="true"
-									onclick="validateEmail.validateForm(event, true)">
-							</agov-button>
-                        #end
+						<agov-button
+								disabled="true"
+								class="block basis-full"
+								data-name="continue"
+								data-value="continue"
+								data-id="continue"
+								data-label="$text.get("general.continue")"
+								data-type="submit"
+								data-fullwidth="true">
+						</agov-button>
 						<agov-button
 								class="block basis-full"
 								data-style="secondary"

DEFAULT-ADN-AGOV-PROJECT/DEFAULT-ADN-AGOV-INV/logrend/var/opt/nevislogrend/default/data/applications/Auth_Realm_Recovery/webdata/template/user_input.vm

@@ -39,106 +39,42 @@
 						data-email_required="$text.get("user_input.invalid.email.required")">
 				</agov-input>
 
-                #if ($gui.getGuiElem("X-ReCAPTCHA-Integration").value == "INVISIBLE")
-                    #set ($isCaptchaVisible = true)
-                #else
-                    #set ($isCaptchaVisible = false)
-                #end
-
-                #if ($isCaptchaVisible)
-                    #set ($captcha = $gui.getGuiElem("captchaSettings.reCaptchaInvisibleSiteKey"))
-					<input type="hidden" name="recaptcha_sitekey" value="$captcha.value"/>
-					<input type="hidden" name="recaptcha_response" value="captcha">
-					<script src="https://www.google.com/recaptcha/enterprise.js?render=$captcha.value"></script>
-
-					<script>
-						function emailCaptcha(event) {
-							event.preventDefault();
-							if (validateEmail.validateForm(event)) {
-								grecaptcha.enterprise.ready(async () => {
-									await grecaptcha.enterprise.execute('$captcha.value', { action: 'LOGIN' })
-											.then((token) => {
-												document.querySelector('input[name="recaptcha_response"]').value = token;
-												addButton();
-											});
-								});
-							}
-							return false;
-						}
-
-						function addButton() {
-							let btn = document.createElement("button");
-							btn.type = "submit";
-							btn.name = "submit";
-							btn.value = "submit";
-							btn.style.display = "none";
-							document.querySelector('#$gui.name').appendChild(btn);
-							btn.click()
-						}
-					</script>
-                #else
-                    #set ($captcha = $gui.getGuiElem("captchaSettings.reCaptchaVisibleSiteKey"))
-					<input type="hidden" name="recaptcha_sitekey" value="$captcha.value"/>
-					<input type="hidden" name="recaptcha_response" value="captcha">
-					<script src="https://www.google.com/recaptcha/enterprise.js?onload=onloadCallback&render=explicit" async
-							defer></script>
-
-					<script>
-						var verifyCallback = function (response) {
-							document.querySelector('input[name="recaptcha_response"]').value = response;
-						};
-
-						var expiredCallback = function () {
-							document.querySelector('input[name="recaptcha_response"]').value = 'captcha';
-						};
-
-						var onloadCallback = function () {
-							grecaptcha.enterprise.render(document.getElementById('captchaRender'), {
-								'sitekey': '$captcha.value',
-								'action': 'LOGIN',
-								'callback': verifyCallback,
-								'expired-callback': expiredCallback
-							});
-						};
-					</script>
-                #end
+				#set ($siteKey = $gui.getGuiElem("friendlyCaptchaSettings.siteKey"))
+				#set ($puzzleUrl = $gui.getGuiElem("friendlyCaptchaSettings.puzzleUrl"))
 
 				<div class="font-body text-body-l mb-4">
-                    #if ($isCaptchaVisible)
-						<div class="text-disabled-grey dark:text-silver">
-                            $text.get("recovery_intro_email.siteProtectedWithRecaptcha")
+					<div class="text-disabled-grey dark:text-silver">
+						$text.get("recovery_intro_email.siteProtectedWithRecaptcha")
+					</div>
+					<div class="flex mt-8">
+						<script>
+							function onSolution() {
+								document.getElementById("submit").disabled = false;
+							}
+						</script>
+						<div class="frc-captcha"
+							 data-puzzle-endpoint="$puzzleUrl.value"
+							 data-sitekey="$siteKey.value"
+							 data-start="auto"
+							 data-lang="en"
+							 data-callback="onSolution"
+							 data-solution-field-name="captcha_response">
 						</div>
-                    #else
-						<div class="flex mt-8" id="captchaRender"></div>
-                    #end
-
+					</div>
 				</div>
 
 				<div class="w-full sm:static mt-auto mb-6 sm:mb-0">
 					<div class="flex flex-col sm:flex-row-reverse gap-4">
-                        #if ($isCaptchaVisible)
-							<agov-button
-									class="block basis-full"
-									data-name="submit"
-									data-value="submit"
-									data-id="submit"
-									data-label="$text.get("general.login")"
-									data-type="submit"
-									data-fullwidth="true"
-									onclick="return emailCaptcha(event)">
-							</agov-button>
-                        #else
-							<agov-button
-									class="block basis-full"
-									data-name="submit"
-									data-value="submit"
-									data-id="submit"
-									data-label="$text.get("general.login")"
-									data-type="submit"
-									data-fullwidth="true"
-									onclick="validateEmail.validateForm(event)">
-							</agov-button>
-                        #end
+						<agov-button
+								disabled="true"
+								class="block basis-full"
+								data-name="submit"
+								data-value="submit"
+								data-id="submit"
+								data-label="$text.get("general.login")"
+								data-type="submit"
+								data-fullwidth="true">
+						</agov-button>
 						<agov-button
 								class="block basis-full"
 								data-style="secondary"

DEFAULT-ADN-AGOV-PROJECT/DEFAULT-ADN-AGOV-INV/proxy-idp/etc/nevis/k8s-nevisproxy-idp-0ceb05c56644a59d648c13b9.yaml

@@ -41,7 +41,7 @@ spec:
   podDisruptionBudget:
     maxUnavailable: "50%"
   git:
-    tag: "r-01fcdea9b5e524c965c7f0b885a21df0258ff783"
+    tag: "r-76a9542c5c919177c7b3c1903a1140c1e7274683"
     dir: "DEFAULT-ADN-AGOV-PROJECT/DEFAULT-ADN-AGOV-INV/proxy-idp"
     credentials: "git-credentials"
   keystores: