Spring (Java)
Spring (Java)
Install
Add the dependency to the project configuration:
Maven
1
2
3
4
5
<dependency>
<groupId>com.botbye</groupId>
<artifactId>java-module</artifactId>
<version>2.0.0</version>
</dependency>
or
Gradle
1
implementation("com.botbye:java-module:2.0.0")
Configuration
Create a configuration class using your server-key (available inside your Project):
1
2
3
4
5
6
7
8
9
10
11
12
@Configuration
public class AppConfig {
@Bean
public Botbye botbye() {
BotbyeConfig config = new BotbyeConfig.Builder()
.serverKey("00000000-0000-0000-0000-000000000000") // Use your project server-key
.build();
return new Botbye(config);
}
}
Usage
Per-Controller
Add evaluate in your controller for granular control over specific endpoints:
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
@RestController
@RequestMapping("/api/demo")
public class DemoController {
private final Botbye botbye;
@Autowired
public DemoController(Botbye botbye) {
this.botbye = botbye;
}
@PostMapping
public ResponseEntity<Object> post(HttpServletRequest request) {
Map<String, String> headers = Collections.list(request.getHeaderNames()).stream()
.collect(Collectors.toMap(h -> h, request::getHeader));
// Extract the token from wherever you pass it: query param, header, body, etc.
String token = request.getParameter("botbye_token");
BotbyeEvaluateResponse response = botbye.evaluate(BotbyeValidationEvent.of(
request.getRemoteAddr(),
token,
headers,
request.getMethod(),
request.getRequestURI(),
Collections.emptyMap()
));
if (response.isBlocked()) {
return ResponseEntity.status(403).body("Access denied");
}
return ResponseEntity.ok().body("hello world!");
}
}
Global Filter
To protect all requests, create a Spring Boot filter:
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
@Component
public class BotbyeFilter extends OncePerRequestFilter {
private final Botbye botbye;
public BotbyeFilter(Botbye botbye) {
this.botbye = botbye;
}
@Override
protected void doFilterInternal(
HttpServletRequest request,
HttpServletResponse response,
FilterChain filterChain
) throws ServletException, IOException {
Map<String, String> headers = Collections.list(request.getHeaderNames()).stream()
.collect(Collectors.toMap(h -> h, request::getHeader));
// Extract the token from wherever you pass it: query param, header, body, etc.
var result = botbye.evaluate(BotbyeValidationEvent.of(
request.getRemoteAddr(),
request.getParameter("botbye_token"),
headers,
request.getMethod(),
request.getRequestURI(),
Collections.emptyMap()
));
if (result.isBlocked()) {
response.setStatus(403);
return;
}
filterChain.doFilter(request, response);
}
}
Settings
BotbyeConfig contains next configurable parameters:
| Setting | Description | Required | Default Value |
|---|---|---|---|
| botbyeEndpoint | Host of the API Server | no | https://verify.botbye.com |
| serverKey | Your BotBye server-key | yes | - |
| contentType | Content type for API requests | no | application/json |
| readTimeout | Read timeout for HTTP client | no | Duration.ofSeconds(2) |
| writeTimeout | Write timeout for HTTP client | no | Duration.ofSeconds(2) |
| connectionTimeout | Connection timeout for HTTP client | no | Duration.ofSeconds(2) |
| callTimeout | Total call timeout | no | Duration.ofSeconds(5) |
| maxIdleConnections | Max idle connections in the pool | no | 250 |
| keepAliveDuration | Keep-alive duration | no | Duration.ofSeconds(300) |
| maxRequestsPerHost | Max requests per host | no | 1500 |
| maxRequests | Max requests total | no | 1500 |
Examples of BotBye API responses
Blocked (bot detected):
1
2
3
4
5
6
7
8
{
"request_id": "f77b2abd-c5d7-44f0-be4f-174b04876583",
"decision": "BLOCK",
"risk_score": 0.95,
"scores": { "bot": 0.95 },
"signals": ["AutomationTool"],
"config": { "bypass_bot_validation": false }
}
Allowed:
1
2
3
4
5
6
7
8
{
"request_id": "f77b2abd-c5d7-44f0-be4f-174b04876583",
"decision": "ALLOW",
"risk_score": 0.05,
"scores": { "bot": 0.05, "ato": 0.02 },
"signals": [],
"config": { "bypass_bot_validation": false }
}
Challenge:
1
2
3
4
5
6
7
8
9
{
"request_id": "f77b2abd-c5d7-44f0-be4f-174b04876583",
"decision": "CHALLENGE",
"risk_score": 0.65,
"scores": { "bot": 0.65 },
"signals": ["SuspiciousFingerprint"],
"challenge": { "type": "captcha", "token": "..." },
"config": { "bypass_bot_validation": false }
}
Invalid server-key:
1
2
3
4
5
{
"decision": "ALLOW",
"config": { "bypass_bot_validation": true },
"error": { "message": "[BotBye] Bad Request: Invalid Server Key" }
}