Problem with google recaptcha v3 verification

I receive this issue as well when looking at my websites in Google Cloud that I’ve setup with Google ReCaptcha. It is not a problem exclusive to CF7 because I use my themes (Divi) native contact form modules and see the same error messages about assessments. I was browsing the internet and these forums in hopes of finding more information on this issue. When you follow the link for instructions it gives a few different options to create an assessment with code for each method.

It seems to finish the backend setup a little more developer knowledge is required. There is php provided and I know WordPress is built on that I just need to know where to paste these functions. The most obvious choice would be to paste it into the functions.php file of my child theme but decided I should seek the communities expertise first.

Integrate with your backend:

1. To verify the token sent by reCAPTCHA and assess the risk, create assessments from your backend server.
2. Interpret the assessment scores and the associated risk, and define how to handle users, for example, allow the user to log in only when the score is high and the risk is low.

Create Assessment PHP

  <?php

  // Include Google Cloud dependencies using Composer
  // composer require google/cloud-recaptcha-enterprise
  require 'vendor/autoload.php';

  use Google\Cloud\RecaptchaEnterprise\V1\RecaptchaEnterpriseServiceClient;
  use Google\Cloud\RecaptchaEnterprise\V1\Event;
  use Google\Cloud\RecaptchaEnterprise\V1\Assessment;
  use Google\Cloud\RecaptchaEnterprise\V1\TokenProperties\InvalidReason;

  /**
  * Create an assessment to analyze the risk of a UI action.
  * @param string $siteKey The key ID for the reCAPTCHA key (See https://cloud.google.com/recaptcha/docs/create-key)
  * @param string $token The user's response token for which you want to receive a reCAPTCHA score. (See https://cloud.google.com/recaptcha/docs/create-assessment#retrieve_token)
  * @param string $project Your Google Cloud project ID
  */
  function create_assessment(
     string $siteKey,
     string $token,
     string $project
  ): void {
  // TODO: To avoid memory issues, move this client generation outside
  // of this example, and cache it (recommended) or call client.close()
  // before exiting this method.
  $client = new RecaptchaEnterpriseServiceClient();
  $projectName = $client->projectName($project);

     $event = (new Event())
         ->setSiteKey($siteKey)
         ->setToken($token);

     $assessment = (new Assessment())
         ->setEvent($event);

     try {
         $response = $client->createAssessment(
             $projectName,
             $assessment
         );

         // You can use the score only if the assessment is valid,
         // In case of failures like re-submitting the same token, getValid() will return false
         if ($response->getTokenProperties()->getValid() == false) {
             printf('The CreateAssessment() call failed because the token was invalid for the following reason: ');
             printf(InvalidReason::name($response->getTokenProperties()->getInvalidReason()));
         } else {
             printf('The score for the protection action is:');
             printf($response->getRiskAnalysis()->getScore());

             // Optional: You can use the following methods to get more data about the token
             // Action name provided at token generation.
             // printf($response->getTokenProperties()->getAction() . PHP_EOL);
             // The timestamp corresponding to the generation of the token.
             // printf($response->getTokenProperties()->getCreateTime()->getSeconds() . PHP_EOL);
             // The hostname of the page on which the token was generated.
             // printf($response->getTokenProperties()->getHostname() . PHP_EOL);
         }
     } catch (exception $e) {
         printf('CreateAssessment() call failed with the following error: ');
         printf($e);
     }
  }

  // TODO(Developer): Replace the following before running the sample
  create_assessment(
     'YOUR_RECAPTCHA_KEY',
     'YOUR_USER_RESPONSE_TOKEN',
     'YOUR_GOOGLE_CLOUD_PROJECT_ID'
  );
?>

After your backend submits a user’s reCAPTCHA response token to reCAPTCHA, you receive an assessment as a JSON response as shown in the following example.

To interpret an assessment, consider the following parameters:

• valid: indicates whether the provided user response token is valid. When valid = false, the reason is specified in invalidReason. valid = false can also indicate that a user has failed to solve a challenge or there is a siteKey mismatch.
• invalidReason: Reason associated with the response when valid = false.
• action: a user interaction that triggered reCAPTCHA verification.
• expectedAction: the expected action from a user that you specified when creating the assessment.
• score: level of risk the user interaction poses.
• reasons: additional information about how reCAPTCHA has interpreted the user interaction.

{
 "event":{
    "expectedAction":"EXPECTED_ACTION",
    "hashedAccountId":"ACCOUNT_ID",
    "siteKey":"KEY_ID",
    "token":"TOKEN",
    "userAgent":"(USER-PROVIDED STRING)",
    "userIpAddress":"USER_PROVIDED_IP_ADDRESS"
 },
 "name":"ASSESSMENT_ID",
 "riskAnalysis":{
   "reasons":[],
   "score":"SCORE"
 },
 "tokenProperties":{
   "action":"USER_INTERACTION",
   "createTime":"TIMESTAMP",
   "hostname":"HOSTNAME",
   "invalidReason":"(ENUM)",
   "valid":(BOOLEAN)
 }
}

I don’t really understand the JSON response part where you would find it or how to use it but hopefully someone in the community can shine some light on this topic.

Thanks,

Lucas Rodriguez