LG-12713: Remove reCAPTCHA checkbox fallback

app/components/captcha_submit_button_component.html.erb

@@ -1,11 +1,10 @@
 <%= content_tag(
       :'lg-captcha-submit-button',
       **tag_options,
-      'recaptcha-site-key': IdentityConfig.store.recaptcha_site_key_v3,
+      'recaptcha-site-key': IdentityConfig.store.recaptcha_site_key,
       'recaptcha-action': action,
       'recaptcha-enterprise': recaptcha_enterprise?,
     ) do %>
-  <%= f.error(:recaptcha_token) %>
   <% if show_mock_score_field? %>
     <%= f.input(:recaptcha_token, as: :hidden, input_html: { value: 'mock_token' }) %>
     <%= render AlertComponent.new(text_tag: :div, class: 'margin-top-0 margin-bottom-2') do %>

app/components/captcha_submit_button_component.rb

@@ -18,16 +18,15 @@ def show_mock_score_field?
 
   def recaptcha_script_src
     return @recaptcha_script_src if defined?(@recaptcha_script_src)
-    @recaptcha_script_src = begin
-      if IdentityConfig.store.recaptcha_site_key_v3.present?
+    @recaptcha_script_src =
+      if IdentityConfig.store.recaptcha_site_key.present?
         UriService.add_params(
           recaptcha_enterprise? ?
             'https://www.google.com/recaptcha/enterprise.js' :
             'https://www.google.com/recaptcha/api.js',
-          render: IdentityConfig.store.recaptcha_site_key_v3,
+          render: IdentityConfig.store.recaptcha_site_key,
         )
       end
-    end
   end
 
   def recaptcha_enterprise?

app/controllers/concerns/recaptcha_concern.rb

@@ -11,10 +11,6 @@ module RecaptchaConcern
     'https://recaptcha.google.com/recaptcha/',
   ].freeze
 
-  def recoverable_recaptcha_error?(result)
-    result.errors.keys == [:recaptcha_token]
-  end
-
   def allow_csp_recaptcha_src
     policy = current_content_security_policy
     policy.script_src(*policy.script_src, *RECAPTCHA_SCRIPT_SRC)

app/controllers/users/phone_setup_controller.rb

@@ -35,9 +35,8 @@ def create
 
       if result.success?
         handle_create_success(@new_phone_form.phone)
-      elsif recoverable_recaptcha_error?(result)
-        render :spam_protection
       else
+        flash.now[:error] = result.first_error_message(:recaptcha_token)
         render :index
       end
     end
@@ -131,7 +130,6 @@ def new_phone_form_params
         :otp_delivery_preference,
         :otp_make_default_number,
         :recaptcha_token,
-        :recaptcha_version,
         :recaptcha_mock_score,
       )
     end

app/forms/new_phone_form.rb

@@ -24,7 +24,6 @@ class NewPhoneForm
               :otp_make_default_number,
               :setup_voice_preference,
               :recaptcha_token,
-              :recaptcha_version,
               :recaptcha_mock_score
 
   alias_method :setup_voice_preference?, :setup_voice_preference
@@ -35,7 +34,6 @@ def initialize(user:, analytics: nil, setup_voice_preference: false)
     @otp_delivery_preference = user.otp_delivery_preference
     @otp_make_default_number = false
     @setup_voice_preference = setup_voice_preference
-    @recaptcha_version = 3
   end
 
   def submit(params)
@@ -145,7 +143,7 @@ def recaptcha_validator
   end
 
   def recaptcha_validator_args
-    args = { recaptcha_version:, analytics: }
+    args = { analytics: }
     if IdentityConfig.store.phone_recaptcha_mock_validator
       args.merge(validator_class: RecaptchaMockValidator, score: recaptcha_mock_score)
     elsif FeatureManagement.recaptcha_enterprise?
@@ -173,7 +171,6 @@ def ingest_submitted_params(params)
     @otp_delivery_preference = delivery_prefs if delivery_prefs
     @otp_make_default_number = true if default_prefs
     @recaptcha_token = params[:recaptcha_token]
-    @recaptcha_version = 2 if params[:recaptcha_version].to_i == 2
     @recaptcha_mock_score = params[:recaptcha_mock_score].to_f if params.key?(:recaptcha_mock_score)
   end
 

app/services/analytics_events.rb

@@ -4609,15 +4609,13 @@ def reactivate_account_visit
   # @param [String] validator_class Class name of validator
   # @param [String, nil] exception_class Class name of exception, if error occurred
   # @param [String, nil] phone_country_code Country code associated with reCAPTCHA phone result
-  # @param [String] recaptcha_version
   def recaptcha_verify_result_received(
     recaptcha_result:,
     score_threshold:,
     evaluated_as_valid:,
     validator_class:,
     exception_class:,
     phone_country_code: nil,
-    recaptcha_version: nil,
     **extra
   )
     track_event(
@@ -4629,7 +4627,6 @@ def recaptcha_verify_result_received(
         validator_class:,
         exception_class:,
         phone_country_code:,
-        recaptcha_version:,
         **extra,
       }.compact,
     )

app/services/form_response.rb

@@ -39,10 +39,10 @@ def merge(other)
     end
   end
 
-  def first_error_message
+  def first_error_message(key = nil)
     return if errors.blank?
-    _key, message_or_messages = errors.first
-    Array(message_or_messages).first
+    key ||= errors.keys.first
+    errors[key].first
   end
 
   def ==(other)

app/services/recaptcha_enterprise_validator.rb

@@ -22,7 +22,7 @@ def recaptcha_result(recaptcha_token)
       {
         event: {
           token: recaptcha_token,
-          siteKey: recaptcha_site_key,
+          siteKey: IdentityConfig.store.recaptcha_site_key,
           expectedAction: recaptcha_action,
         },
       },
@@ -52,13 +52,4 @@ def faraday
       conn.response :json
     end
   end
-
-  def recaptcha_site_key
-    case recaptcha_version
-    when 2
-      IdentityConfig.store.recaptcha_site_key_v2
-    when 3
-      IdentityConfig.store.recaptcha_site_key_v3
-    end
-  end
 end

app/services/recaptcha_validator.rb

@@ -3,10 +3,8 @@
 class RecaptchaValidator
   VERIFICATION_ENDPOINT = 'https://www.google.com/recaptcha/api/siteverify'
   RESULT_ERRORS = ['missing-input-secret', 'invalid-input-secret'].freeze
-  VALID_RECAPTCHA_VERSIONS = [2, 3].freeze
 
-  attr_reader :recaptcha_version,
-              :recaptcha_action,
+  attr_reader :recaptcha_action,
               :score_threshold,
               :analytics,
               :extra_analytics_properties
@@ -20,20 +18,13 @@ def initialize(success:, score: nil, errors: [], reasons: [])
   end
 
   def initialize(
-    recaptcha_version: 3,
     recaptcha_action: nil,
     score_threshold: 0.0,
     analytics: nil,
     extra_analytics_properties: {}
   )
-    if !VALID_RECAPTCHA_VERSIONS.include?(recaptcha_version)
-      raise ArgumentError, "Invalid reCAPTCHA version #{recaptcha_version}, expected one of " \
-                           "#{VALID_RECAPTCHA_VERSIONS}"
-    end
-
     @score_threshold = score_threshold
     @analytics = analytics
-    @recaptcha_version = recaptcha_version
     @recaptcha_action = recaptcha_action
     @extra_analytics_properties = extra_analytics_properties
   end
@@ -79,21 +70,12 @@ def recaptcha_result_valid?(result)
     return true if result.blank?
 
     if result.success?
-      recaptcha_score_meets_threshold?(result.score)
+      result.score >= score_threshold
     else
       result.errors.present?
     end
   end
 
-  def recaptcha_score_meets_threshold?(score)
-    case recaptcha_version
-    when 2
-      true
-    when 3
-      score >= score_threshold
-    end
-  end
-
   def is_result_error?(error_code)
     RESULT_ERRORS.include?(error_code)
   end
@@ -102,7 +84,6 @@ def log_analytics(result: nil, error: nil)
     analytics&.recaptcha_verify_result_received(
       recaptcha_result: result.to_h.presence,
       score_threshold:,
-      recaptcha_version:,
       evaluated_as_valid: recaptcha_result_valid?(result),
       exception_class: error&.class&.name,
       validator_class: self.class.name,
@@ -111,11 +92,6 @@ def log_analytics(result: nil, error: nil)
   end
 
   def recaptcha_secret_key
-    case recaptcha_version
-    when 2
-      IdentityConfig.store.recaptcha_secret_key_v2
-    when 3
-      IdentityConfig.store.recaptcha_secret_key_v3
-    end
+    IdentityConfig.store.recaptcha_secret_key
   end
 end

config/application.yml.default

@@ -268,10 +268,8 @@ raise_on_missing_title: false
 reauthn_window: 1200
 recaptcha_enterprise_api_key: ''
 recaptcha_enterprise_project_id: ''
-recaptcha_site_key_v2: ''
-recaptcha_site_key_v3: ''
-recaptcha_secret_key_v2: ''
-recaptcha_secret_key_v3: ''
+recaptcha_site_key: ''
+recaptcha_secret_key: ''
 recovery_code_length: 4
 redis_throttle_url: redis://localhost:6379/1
 redis_url: redis://localhost:6379/0

config/locales/errors/en.yml

@@ -69,7 +69,9 @@ en:
       invalid_phone_number:
         international: Enter a phone number with the correct number of digits.
         us: Enter a 10 digit phone number.
-      invalid_recaptcha_token: You must complete the spam prevention challenge.
+      invalid_recaptcha_token: We’re sorry, but your computer or network may be
+        sending automated queries. To protect our users, we can’t process your
+        request right now.
       invalid_sms_number: The phone number entered doesn’t support text messaging. Try
         the Phone call option.
       invalid_voice_number: Invalid phone number. Check that you’ve entered the

config/locales/errors/es.yml

@@ -74,7 +74,9 @@ es:
       invalid_phone_number:
         international: Ingrese un número de teléfono con el número correcto de dígitos.
         us: Ingrese un número de teléfono de 10 dígitos.
-      invalid_recaptcha_token: Debes superar el desafío de prevención de spam.
+      invalid_recaptcha_token: Lo sentimos, pero es posible que tu computadora o red
+        te estén enviando consultas automáticas. Para proteger a nuestros
+        usuarios, no podemos procesar tu solicitud en este momento.
       invalid_sms_number: El número de teléfono ingresado no admite mensajes de texto.
         Pruebe la opción de llamada telefónica.
       invalid_voice_number: Numero de telefono invalido. Verifique que haya ingresado

config/locales/errors/fr.yml

@@ -82,7 +82,9 @@ fr:
       invalid_phone_number:
         international: Saisissez un numéro de téléphone avec le nombre correct de chiffres.
         us: Entrez un numéro de téléphone à 10 chiffres.
-      invalid_recaptcha_token: Vous devez relever le défi de la prévention du pourriel.
+      invalid_recaptcha_token: Désolé, il est possible que votre ordinateur ou votre
+        réseau envoie des requêtes automatiques. Pour protéger nos utilisateurs,
+        nous ne pouvons pas traiter votre demande pour le moment.
       invalid_sms_number: Le numéro de téléphone saisi ne prend pas en charge les
         messages textuels. Veuillez essayer l’option d’appel téléphonique.
       invalid_voice_number: Numéro de téléphone invalide. Vérifiez que vous avez entré

config/locales/forms/en.yml

@@ -93,9 +93,6 @@ en:
       labels:
         email: Enter your email address
         email_language: Select your email language preference
-    spam_protection:
-      description: We use reCAPTCHA to protect against automated spam. Check the box
-        below to continue.
     ssn:
       show: Show Social Security number
     totp_setup:

config/locales/forms/es.yml

@@ -98,9 +98,6 @@ es:
       labels:
         email: Ingrese su dirección de correo electrónico
         email_language: Seleccione su preferencia de idioma de correo electrónico
-    spam_protection:
-      description: Utilizamos reCAPTCHA como protección contra el correo no deseado
-        automatizado. Marque la casilla de abajo para continuar.
     ssn:
       show: Mostrar Número de Seguro Social
     totp_setup:

config/locales/forms/fr.yml

@@ -99,9 +99,6 @@ fr:
       labels:
         email: Entrez votre adresse email
         email_language: Sélectionnez votre préférence de langue pour les e-mails
-    spam_protection:
-      description: Nous utilisons reCAPTCHA pour nous protéger contre les pourriels
-        automatisés. Cochez la case ci-dessous pour continuer.
     ssn:
       show: Afficher le numéro de sécurité sociale
     totp_setup:

config/locales/titles/en.yml

@@ -76,7 +76,6 @@ en:
       completion_new_sp: You are now signing in for the first time
       completion_reverified_consent: Share your updated information with %{sp}
       confirmation: Continue to sign in
-    spam_protection: Protecting against spam
     totp_setup:
       new: Add authentication app
     two_factor_setup: Two-factor authentication setup

config/locales/titles/es.yml

@@ -78,7 +78,6 @@ es:
       completion_new_sp: Acabas de iniciar sesión por primera vez
       completion_reverified_consent: Proporciónale tu información actualizada a %{sp}
       confirmation: Continuar para iniciar sesión
-    spam_protection: Protección contra el correo no deseado
     totp_setup:
       new: Agregar aplicación de autenticación
     two_factor_setup: Configuración de autenticación de dos factores