This module implements various methods for obtaining or creating CAPTCHAs.
Module Overview:
bridgedb.captcha
|- CaptchaExpired - Raised if a solution is given for a stale CAPTCHA.
|- CaptchaKeyError - Raised if a CAPTCHA system's keys are invalid/missing.
|- GimpCaptchaError - Raised when a Gimp CAPTCHA can't be retrieved.
|
\_ ICaptcha - Zope Interface specification for a generic CAPTCHA.
|
Captcha - Generic base class implementation for obtaining a CAPTCHA.
| |- image - The CAPTCHA image.
| |- challenge - A unique string associated with this CAPTCHA image.
| |- publicKey - The public key for this CAPTCHA system.
| |- secretKey - The secret key for this CAPTCHA system.
| \_ get() - Get a new pair of CAPTCHA image and challenge strings.
|
|- ReCaptcha - Obtain reCaptcha images and challenge strings.
| \_ get() - Request an image and challenge from a reCaptcha API server.
|
\_ GimpCaptcha - Class for obtaining a CAPTCHA from a local cache.
|- hmacKey - A client-specific key for HMAC generation.
|- cacheDir - The path to the local CAPTCHA cache directory.
|- sched - A class for timing out CAPTCHAs after an interval.
\_ get() - Get a CAPTCHA image from the cache and create a challenge.
There are two types of CAPTCHAs which BridgeDB knows how to serve: those
obtained by from a reCaptcha API server with
Raptcha
, and those which have been generated with
gimp-captcha and then cached locally.
CaptchaExpired
[source]¶Bases: exceptions.ValueError
Raised when a client’s CAPTCHA is too stale.
CaptchaKeyError
[source]¶Bases: exceptions.Exception
Raised if a CAPTCHA system’s keys are invalid or missing.
GimpCaptchaError
[source]¶Bases: exceptions.Exception
General exception raised when a Gimp CAPTCHA cannot be retrieved.
ICaptcha
[source]¶Interface specification for CAPTCHAs.
image
¶A string containing the contents of a CAPTCHA image file.
challenge
¶A unique string associated with the dispursal of this CAPTCHA.
publicKey
¶A public key used for encrypting CAPTCHA challenge strings.
secretKey
¶A private key used for decrypting challenge strings during CAPTCHAsolution verification.
get
()¶Retrieve a new CAPTCHA image.
Captcha
(publicKey=None, secretKey=None)[source]¶Bases: object
A generic CAPTCHA base class.
Variables: |
|
---|
Obtain a new CAPTCHA for a client.
ReCaptcha
(publicKey=None, secretKey=None)[source]¶Bases: bridgedb.captcha.Captcha
A CAPTCHA obtained from a remote reCaptcha API server.
Variables: |
|
---|
Create a new ReCaptcha CAPTCHA.
Parameters: |
---|
get
()[source]¶Retrieve a CAPTCHA from the reCaptcha API server.
This simply requests a new CAPTCHA from
recaptcha.client.captcha.API_SSL_SERVER
and parses the returned
HTML to extract the CAPTCHA image and challenge string. The image is
stored at ReCaptcha.image
and the challenge string at
ReCaptcha.challenge
.
Raises: |
|
---|
GimpCaptcha
(publicKey=None, secretKey=None, hmacKey=None, cacheDir=None)[source]¶Bases: bridgedb.captcha.Captcha
A locally cached CAPTCHA image which was created with gimp-captcha.
Variables: |
|
---|
Create a GimpCaptcha
which retrieves images from cacheDir.
Parameters: |
|
---|---|
Raises: |
|
sched
= <bridgedb.schedule.ScheduledInterval object>¶check
(challenge, solution, secretKey, hmacKey)[source]¶Check a client’s CAPTCHA solution against the challenge.
Parameters: |
|
---|---|
Raises CaptchaExpired: | |
if the solution was for a stale CAPTCHA. |
|
Return type: | |
Returns: |
|
createChallenge
(answer)[source]¶Encrypt-then-HMAC a timestamp plus the CAPTCHA answer.
A challenge string consists of a URL-safe, base64-encoded string which
contains an HMAC
concatenated with an ENC_BLOB
, in the
following form:
CHALLENGE := B64( HMAC | ENC_BLOB )
ENC_BLOB := RSA_ENC( ANSWER_BLOB )
ANSWER_BLOB := ( TIMESTAMP | ANSWER )
B64
is a URL-safe base64-encode function,RSA_ENC
is the PKCS#1 RSA-OAEP encryption function,Field | Description | Length |
---|---|---|
HMAC | An HMAC of the ENC_BLOB , created with
the client-specific hmacKey , by
applying getHMAC() to the
ENC_BLOB . |
20 bytes |
ENC_BLOB | An encrypted ANSWER_BLOB , created with
a PKCS#1 OAEP-padded RSA publicKey . |
varies |
ANSWER_BLOB | Contains the concatenated TIMESTAMP
and ANSWER . |
varies |
TIMESTAMP | A Unix Epoch timestamp, in seconds, left-padded with “0”s. | 12 bytes |
ANSWER | A string containing answer to this
CAPTCHA image . |
8 bytes |
The steps taken to produce a CHALLENGE
are then:
TIMESTAMP
, and pad it on the left with ``0``s to 12
bytes in length.image
and
concatenate the padded TIMESTAMP
and the ANSWER
, forming
an ANSWER_BLOB
.ANSWER_BLOB
to publicKey
to
create the ENC_BLOB
.hmacKey
to apply the
getHMAC()
function to the ENC_BLOB
, obtaining
an HMAC
.CHALLENGE
string by concatenating the
HMAC
and ENC_BLOB
, then base64-encoding the result.Parameters: | answer (str) – The answer to a CAPTCHA. |
---|---|
Return type: | str |
Returns: | A challenge string. |
get
()[source]¶Get a random CAPTCHA from the cache directory.
This chooses a random CAPTCHA image file from the cache directory, and
reads the contents of the image into a string. Next, it creates a
challenge string for the CAPTCHA, via createChallenge()
.
Raises GimpCaptchaError: | |
---|---|
if the chosen CAPTCHA image file could not
be read, or if the cacheDir is empty. |
|
Return type: | tuple |
Returns: | A 2-tuple containing the image file contents as a string, and a challenge string (used for checking the client’s solution). |