'reCAPTCHA Enterprise, getting invalid_reason: 6

I am developing a web application with reCAPTCHA enterprise (score based, not checklist based). Everything has been integrated, and when I test it I often get reCAPTCHA error with invalid_reason "6". "6" however is not registered in the Google Cloud API Go library I am using. It is beyond the supported enum values in the library (extracted from the package recaptchaenterprise package):

TokenProperties_InvalidReason_name = map[int32]string{
        0: "INVALID_REASON_UNSPECIFIED",
        1: "UNKNOWN_INVALID_REASON",
        2: "MALFORMED",
        3: "EXPIRED",
        4: "DUPE",
        5: "MISSING",
    }

This is from the v1 package. The v1beta1 package, I guess, will make use of the v1beta1 API. Using this package, I got invalid_reason "7", again outside the supported enum values:

    TokenProperties_InvalidReason_name = map[int32]string{
        0: "INVALID_REASON_UNSPECIFIED",
        1: "UNKNOWN_INVALID_REASON",
        2: "MALFORMED",
        3: "EXPIRED",
        4: "DUPE",
        5: "SITE_MISMATCH",
        6: "MISSING",
    }

Looking at the documentation at https://cloud.google.com/recaptcha-enterprise/docs/reference/rest/v1/projects.assessments#invalidreason, there are 7 possible values for InvalidReason. The error is probably BROWSER_ERROR, something which I am not sure why.

This is not always the case though. Sometimes assessment can be made and the score is returned. This is a development site key that is configured to always return 0 score. Many times however I got that weird response.

A pattern that I have been seeing is that it succeeds in one network, and it fails in the other. I tried to create a setup in localhost with my web service and backend service running, and it succeeds with wifi connection, and it doesn't with mobile connection. Deploying the site to somewhere else I also get the same error. For now all I know is this error is flaky, not sure if it's related to network or not.

I have disabled domain verification for this key.

EDIT: I have created another key that is not a testing key. The result is still the same. I have modified the domain verification countless times, changing domains countless times, and the result is still the same.

A pattern that I have observed is the grecaptcha.enterprise.execute sometimes throw Timeout errors. This is an exception, and so the script will break. I don't know what it is doing but if, for the first time, execute runs for a few seconds, a token will be generated, but it will fail during assessment. If for the first time a token is generated quickly (less than a second), it will succeed. Successful tries mostly happen only in local deployment, in which I use the same domain (I used static DNS by putting the domain in /etc/hosts).

None of the documentation mention how to solve this issue. It does seem that we are better off using hCaptcha instead.

gorecaptcharecaptcha-enterprise


Sources

This article follows the attribution requirements of Stack Overflow and is licensed under CC BY-SA 3.0.

Source: Stack Overflow

Solution Source

Related Questions

How do I find the size of the array in go

How to cache the compiled regex in Go

Adding metric labels in prometheus on the fly

Golang http request results in EOF errors when making multiple requests successively

Chromedp with Golang has deadline exceeded if element doesnt exist. Is there a way to extend the context timeout after a deadline?

Is a Go goroutine a coroutine?

How to delete an element from a Slice in Golang

Need help on creating a UDF, returning "Unable to create a new Lua state"

chromedp - Go - Show invalid printer settings error (-32000) - When setting WithMarginTop

How to sort map by value and if value equals then by key in Go?

How to correctly set Mock Row and Query for go-sqlmock

Mock functions in Go

How do I reverse an array in Go?

Increase Heap size in GO

Go linter in VS code not working for packages across multiple files?