The reCAPTCHA feature built into User Self Service is currently broken in multiple places, both client and API.
Steps to Reproduce
- Create a new realm.
- Create a User Self Service on the new realm (using defaults, and enable User Registration)
- Enter the test reCAPTCHA site and secret key as detailed in https://developers.google.com/recaptcha/docs/faq#id-like-to-run-automated-tests-with-recaptcha-v2-what-should-i-do
- Enable reCAPTCHA for User Registration
- Logout, and in a new browser session navigate to the login page for the newly created realm
- Click "Register as a new User" and you will be navigated to reCAPTCHA page
- Click the reCAPTCHA check box
After a short pause, you are redirected to the User Details pages.
When the JS error is resolved, the API throws a HTTP 500 error during submission is the form.
For the client side, the handleCaptchaCallback function within the captcha templates makes use of old RequireJS require which no longer works in AM 6+. No tests cover this functionality so this was never detected. The client requires a simple change to use native JS to resolve this issue.
For the API, I was unable to go back far enough to find if this worked pre-Webpack changes (building 5.5.0 wasn't possible).