Embedding reCAPTCHA verification in an Info Map mechanism

Embedding reCAPTCHA verification in an Info Map mechanism

We can embed reCAPTCHA verification in Info Map mechanism instances.
The Site Key and Secret Key configured in the reCAPTCHA Verification mechanism are made available to the Info Map mechanism via two default macros: @RECAPTCHASITEKEY@ and @RECAPTCHASECRETKEY@.
For information about configuring reCAPTCHA support, see Configure the reCAPTCHA Verification authentication mechanism.
In the HTML template:

Include the reCAPTCHA JavaScript in the head of your template
Include the reCAPTCHA element in the form

For example:
... <SCRIPT SRC="https://www.google.com/recaptcha/api.js" ASYNC DEFER></SCRIPT> ... <DIV CLASS="g-recaptcha" DATA-SITEKEY="@RECAPTCHASITEKEY@"></DIV> ...

In the JavaScript mapping rule:

The reCAPTCHA response is received in a request parameter named g-recaptcha-response
Verification can be performed in the JavaScript mapping rule

For example:
importClass(Packages.com.ibm.security.access.recaptcha.RecaptchaClient); ... // Retrieve the reCAPTCHA response from the request. var captchaResponse = context.get(Scope.REQUEST, "urn:ibm:security:asf:request:parameter", "g-recaptcha-response"); // Verify captchaResponse with Google, using @RECAPTCHASECRETKEY@. The third parameter allows us to overload Google's verify endpoint URL, passing null will use the default. var captchaVerified = (captchaResponse != null) && RecaptchaClient.verify(captchaResponse, macros.get("@RECAPTCHASECRETKEY@"), null);

Parent topic: Configure an Info Map authentication mechanism