Added Captcha stuff

doc/source/captcha_service/configuration_of_a_new_site.rst

@@ -0,0 +1,75 @@
+===========================
+Configuration of a new Site
+===========================
+
+Getting Started
+---------------
+
+1. Open the mCaptcha website: https://captcha.otc-service.com/
+2. Log-In with your credentials
+3. Click on "New Site"
+
+.. figure:: images/NewSite.png
+
+4. Click on "Advance Options" for specifying more difficulty breakpoints
+
+.. figure:: images/AdvanceOptions.png
+
+5. Specify a description, cooldown Duration and difficulty levels
+
+A good start for a contact formular would be the following paramneters:
+
+.. figure:: images/ExampleOptions.png
+
+6. Now you should be able to see your Captcha solution working by clicking on the "View Deployment" button.
+
+.. figure:: images/ViewDeployment.png
+
+
+Configuring your Frontend-Website
+---------------------------------
+
+As you now have properly configured everything on mCaptcha you will need to start including the Captcha in your frontend application.
+For this you will need to aquire your sitekey and the URL to the captcha. You can simply copy the URL from the "View Deployment" button. It should look something like this: https://captcha.otc-service.com/widget/?sitekey=RxZhnXBKERnTNRUAuNABst0v1Zvj5DZe
+
+Once you have obtained this head over to GitHub and follow the instructions to include the Captcha on your page based on your used JavaScript framework: https://github.com/mCaptcha/glue
+
+Configuring your backend
+------------------------
+
+Your backend needs to check the validity of the captcha token which the user generated. 
+You can do this easily by sending an request using the generated token from the client, your sitekey and your secret key to mCaptcha.
+
+.. code:: Javascript
+    
+    const postData = {
+      token: captcha_token,
+      key: captcha_sitekey,
+      secret: process.env.MCAPTCHA_SECRET
+    };
+
+    const response = await fetch(process.env.MCAPTCHA_URL + 'api/v1/pow/siteverify', {
+      method: 'POST',
+      headers: {
+        'Content-Type': 'application/json'
+      },
+      body: JSON.stringify(postData)
+    });
+
+Send the request to https://captcha.otc-service.com/api/v1/pow/siteverify
+
+The response then includes a data field and must have the valid field set to true.
+
+.. code:: Javascript
+
+    if (!response.ok) {
+      throw new Error('Captcha response was not ok');
+    }
+
+    const data = await response.json();
+    if (data["valid"] !== true) {
+      return {
+        status: "fail",
+        message: "Captcha verification failed!"
+      };
+    }

doc/source/captcha_service/getting_access.rst

@@ -0,0 +1,19 @@
+=====================================
+Getting Access to the Captcha Service
+=====================================
+
+.. note::
+    Due to a current issue with mCaptcha we can't provide unqiue accounts yet and will instead provide only the required keys for setting up your captcha solution.
+
+If you need a captcha solution for one of your webpages please contact the Ecosystem Squad by writing an E-Mail to: `DL OTC Ecosystem Squad <mailto:otc_ecosystem_squad@t-systems.com>`
+Please state the following:
+
+1. Your application name
+
+.. tip::
+    For example a contact formular can take ~5s for a client to solve to prevent a lot of spam, while just checking before redirecting to a webpage should be done in less than 1s.
+
+2. Desired Average Solving time.
+
+We will provide you with a public sitekey which you will need to integrate the captcha access as well as a secret key which your backend needs for verifying whether the captcha was solved or not.
+

doc/source/captcha_service/index.rst

@@ -0,0 +1,30 @@
+===============================================
+Ecosystem Captcha Service - Powered by mCaptcha
+===============================================
+
+.. toctree::
+    :maxdepth: 1
+
+    getting_access
+    configuration_of_a_new_site
+
+General informations
+--------------------
+
+The Captcha Service is powered by mCaptcha, the used source can be found here: https://github.com/opentelekomcloud-infra/mCaptcha.
+
+If you have any issues with the service feel free to open an issue there. If it's not related to our infrastructure we will either do an upstream fix or open an upstream issue.
+
+The privacy policy can be found here: https://mcaptcha.org/privacy-policy.
+In addition to that the whole Captcha server is hosted on OTC, so no user traffic or telemetry will leave our infrastructure.
+
+How it works
+------------
+
+Compared to classic Captcha Solutions like Google's Recaptcha this service does not have any image challenges, audio challenges or any Cookie tracking.
+Instead it is using a proof-of-work solution. Each user will get a small puzzle which the browser needs to solve. This works by using WebAssembly to compute the solution using the CPU of the device from the client.
+Typically this will not take longer than around one second, although this time can be modified in the settings of mCaptcha for each unique site. In case there will be lots of traffic the puzzle will get more complex and the time for solving it will increase.
+This effectively makes attacks from outside very hard to impossible as they would need a lot of compute power to break the Captcha. 
+ReCaptcha works in the same way, if you solve a lot of Captchas they will get harder and harder, just that you need to click on more and more pictures there instead of solving mathematical puzzles with compute power.
+
+For more information on how to configure mCaptcha head over to `Configuration of a new Site <configuration_of_a_new_site>`

doc/source/index.rst

@@ -6,6 +6,7 @@ Internal Documentation
    :maxdepth: 1
 
    APImon <apimon/index>
+   Captcha Service <captcha_service/index>
    Status Dashboard <status_dashboard/index>
    Helpcenter <helpcenter/index>
    Circle Partner Navigator <cpn/index>