This is an educational Custom Label Extension example in an Oracle Intelligent Advisor project, which follows the article about using alternative Captcha controls in Intelligent Advisor Interview Screens. It completes the overview provided in the article, and can serve as a learning platform for your own tests and experiments.
The project is made up of two parts – the server-side PHP file and the Oracle Intelligent Advisor project. The project contains a simple Screen where hCaptcha is used to shield the rest of the interview from unwanted users, through an Oracle Intelligent Advisor Custom Label Extension. This example came from a customer where the standard Captcha was deemed to no longer be appropriate for their website look and feel, and their other corporate sites.
The project needs to be deployed on an Oracle Intelligent Hub, and a free account created to register your Hub URL with hCaptcha (your site code will go in the JavaScript file for the Custom Label Extension).. Then the you can deploy the Interview Connection and call it with interview.fetch() or use a PHP file on your Oracle B2C Service site or another site that you are using as your customer portal.
You might need to enable CORS if using cross-origin scripting to avoid errors on B2C Service. You can do that by modifying the PAPI configuration settings inside the Configuration Options of Oracle B2C Service Cloud.
This example uses a couple of elements to work correctly:
- An hCaptcha account, configured correctly (it’s free). This is where you get the sitekey and secret.
- An Oracle Intelligent Advisor Hub for the Interview Connection to the hCaptcha Service (you could also use a PHP file on your portal website as a proxy)
- The Custom Label Extension (or another suitable extension, depending on your objective) to obtain the initial token and call the hcaptcha server.
The process is straightforward.
- Draw the hCaptcha on the page
- When the user completes the hCaptcha, a token will be generated.
- Pass the token, and your secret key, to the hCaptcha for processing, along with your sitekey
- Obtain the JSON output and check the status of the response
There are plenty of options both for how the captcha is displayed (color scheme and so on), the complexity of the captcha (which you can change at any time) and the variables you pass into the server. The example uses the interview.fetch() but there are some snippets in the resources directory (an example PHP file and an ajax snippet) to help you if you choose the other method.
The example uses a customSubmit button to stop the user navigating but of course any extension you choose to implement can take advantage of the hCaptcha. Note this educational example does not handle frictionless or invisible captcha examples.
