feat(appcheck): Implement reCAPTCHA Enterprise App Check provider

appcheck/firebase-appcheck-recaptchaenterprise/api.txt

@@ -0,0 +1,10 @@
+// Signature format: 3.0
+package com.google.firebase.appcheck.recaptchaenterprise {
+
+  public class RecaptchaEnterpriseAppCheckProviderFactory implements com.google.firebase.appcheck.AppCheckProviderFactory {
+    method public com.google.firebase.appcheck.AppCheckProvider create(com.google.firebase.FirebaseApp);
+    method public static com.google.firebase.appcheck.recaptchaenterprise.RecaptchaEnterpriseAppCheckProviderFactory getInstance(String);
+  }
+
+}
+

appcheck/firebase-appcheck-recaptchaenterprise/firebase-appcheck-recaptchaenterprise.gradle

@@ -0,0 +1,64 @@
+// Copyright 2025 Google LLC
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+//      http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+plugins {
+    id 'firebase-library'
+}
+
+firebaseLibrary {
+    libraryGroup = "appcheck"
+    releaseNotes {
+        name.set("{{app_check}} Recaptcha Enterprise")
+        versionName.set("appcheck-recaptchaenterprise")
+    }
+}
+
+android {
+    adbOptions {
+        timeOutInMs 60 * 1000
+    }
+
+    namespace "com.google.firebase.appcheck.recaptchaenterprise"
+    compileSdkVersion project.compileSdkVersion
+    defaultConfig {
+        targetSdkVersion project.targetSdkVersion
+        minSdkVersion project.minSdkVersion
+        versionName version
+        testInstrumentationRunner "androidx.test.runner.AndroidJUnitRunner"
+    }
+    compileOptions {
+        sourceCompatibility JavaVersion.VERSION_1_8
+        targetCompatibility JavaVersion.VERSION_1_8
+    }
+
+    testOptions.unitTests.includeAndroidResources = false
+}
+
+dependencies {
+    api project(':appcheck:firebase-appcheck')
+    api 'com.google.firebase:firebase-common'
+    api 'com.google.firebase:firebase-components'
+    api 'com.google.android.recaptcha:recaptcha:18.7.1'
+
+    testImplementation(project(":integ-testing")) {
+        exclude group: 'com.google.firebase', module: 'firebase-common'
+        exclude group: 'com.google.firebase', module: 'firebase-components'
+    }
+    testImplementation libs.androidx.test.core
+    testImplementation libs.truth
+    testImplementation libs.junit
+    testImplementation libs.mockito.core
+    testImplementation libs.robolectric
+    testImplementation libs.org.json
+}

appcheck/firebase-appcheck-recaptchaenterprise/src/main/AndroidManifest.xml

@@ -0,0 +1,26 @@
+<?xml version="1.0" encoding="utf-8"?><!-- Copyright 2025 Google LLC -->
+<!-- -->
+<!-- Licensed under the Apache License, Version 2.0 (the "License"); -->
+<!-- you may not use this file except in compliance with the License. -->
+<!-- You may obtain a copy of the License at -->
+<!-- -->
+<!--      http://www.apache.org/licenses/LICENSE-2.0 -->
+<!-- -->
+<!-- Unless required by applicable law or agreed to in writing, software -->
+<!-- distributed under the License is distributed on an "AS IS" BASIS, -->
+<!-- WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -->
+<!-- See the License for the specific language governing permissions and -->
+<!-- limitations under the License. -->
+
+<manifest xmlns:android="http://schemas.android.com/apk/res/android">
+
+    <application>
+        <service
+            android:name="com.google.firebase.components.ComponentDiscoveryService"
+            android:exported="false">
+            <meta-data
+                android:name="com.google.firebase.components:com.google.firebase.appcheck.recaptchaenterprise.FirebaseAppCheckRecaptchaEnterpriseRegistrar"
+                android:value="com.google.firebase.components.ComponentRegistrar" />
+        </service>
+    </application>
+</manifest>

appcheck/firebase-appcheck-recaptchaenterprise/src/main/java/com/google/firebase/appcheck/recaptchaenterprise/FirebaseAppCheckRecaptchaEnterpriseRegistrar.java

@@ -0,0 +1,57 @@
+// Copyright 2025 Google LLC
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+//      http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+package com.google.firebase.appcheck.recaptchaenterprise;
+
+import com.google.android.gms.common.annotation.KeepForSdk;
+import com.google.firebase.annotations.concurrent.Blocking;
+import com.google.firebase.annotations.concurrent.Lightweight;
+import com.google.firebase.appcheck.recaptchaenterprise.internal.FirebaseExecutors;
+import com.google.firebase.components.Component;
+import com.google.firebase.components.ComponentRegistrar;
+import com.google.firebase.components.Dependency;
+import com.google.firebase.components.Qualified;
+import com.google.firebase.platforminfo.LibraryVersionComponent;
+import java.util.Arrays;
+import java.util.List;
+import java.util.concurrent.Executor;
+
+/**
+ * {@link ComponentRegistrar} for setting up FirebaseAppCheck reCAPTCHA Enterprise's dependency
+ * injections in Firebase Android Components.
+ *
+ * @hide
+ */
+@KeepForSdk
+public class FirebaseAppCheckRecaptchaEnterpriseRegistrar implements ComponentRegistrar {
+  private static final String LIBRARY_NAME = "fire-app-check-recaptcha-enterprise";
+
+  @Override
+  public List<Component<?>> getComponents() {
+    Qualified<Executor> liteExecutor = Qualified.qualified(Lightweight.class, Executor.class);
+    Qualified<Executor> blockingExecutor = Qualified.qualified(Blocking.class, Executor.class);
+
+    return Arrays.asList(
+        Component.builder(FirebaseExecutors.class)
+            .name(LIBRARY_NAME)
+            .add(Dependency.required(liteExecutor))
+            .add(Dependency.required(blockingExecutor))
+            .factory(
+                container ->
+                    new FirebaseExecutors(
+                        container.get(liteExecutor), container.get(blockingExecutor)))
+            .build(),
+        LibraryVersionComponent.create(LIBRARY_NAME, BuildConfig.VERSION_NAME));
+  }
+}

appcheck/firebase-appcheck-recaptchaenterprise/src/main/java/com/google/firebase/appcheck/recaptchaenterprise/RecaptchaEnterpriseAppCheckProviderFactory.java

@@ -0,0 +1,75 @@
+// Copyright 2025 Google LLC
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+//      http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+package com.google.firebase.appcheck.recaptchaenterprise;
+
+import android.app.Application;
+import androidx.annotation.NonNull;
+import com.google.firebase.FirebaseApp;
+import com.google.firebase.appcheck.AppCheckProvider;
+import com.google.firebase.appcheck.AppCheckProviderFactory;
+import com.google.firebase.appcheck.FirebaseAppCheck;
+import com.google.firebase.appcheck.recaptchaenterprise.internal.FirebaseExecutors;
+import com.google.firebase.appcheck.recaptchaenterprise.internal.RecaptchaEnterpriseAppCheckProvider;
+import java.util.Map;
+import java.util.concurrent.ConcurrentHashMap;
+
+/**
+ * Implementation of an {@link AppCheckProviderFactory} that builds <br>
+ * {@link RecaptchaEnterpriseAppCheckProvider}s. This is the default implementation.
+ */
+public class RecaptchaEnterpriseAppCheckProviderFactory implements AppCheckProviderFactory {
+
+  private static FirebaseExecutors firebaseExecutors;
+  private static final Map<String, RecaptchaEnterpriseAppCheckProviderFactory> factoryInstances =
+      new ConcurrentHashMap<>();
+  private final String siteKey;
+  private volatile RecaptchaEnterpriseAppCheckProvider provider;
+
+  private RecaptchaEnterpriseAppCheckProviderFactory(@NonNull String siteKey) {
+    this.siteKey = siteKey;
+  }
+
+  /** Gets an instance of this class for installation into a {@link FirebaseAppCheck} instance. */
+  @NonNull
+  public static RecaptchaEnterpriseAppCheckProviderFactory getInstance(@NonNull String siteKey) {
+    return factoryInstances.computeIfAbsent(
+        siteKey, RecaptchaEnterpriseAppCheckProviderFactory::new);
+  }
+
+  @NonNull
+  @Override
+  @SuppressWarnings("FirebaseUseExplicitDependencies")
+  public AppCheckProvider create(@NonNull FirebaseApp firebaseApp) {
+    if (provider == null) {
+      synchronized (this) {
+        if (provider == null) {
+          if (RecaptchaEnterpriseAppCheckProviderFactory.firebaseExecutors == null) {
+            firebaseExecutors = firebaseApp.get(FirebaseExecutors.class);
+          }
+          Application application = (Application) firebaseApp.getApplicationContext();
+
+          provider =
+              new RecaptchaEnterpriseAppCheckProvider(
+                  firebaseApp,
+                  application,
+                  siteKey,
+                  firebaseExecutors.getLiteExecutor(),
+                  firebaseExecutors.getBlockingExecutor());
+        }
+      }
+    }
+    return provider;
+  }
+}

appcheck/firebase-appcheck-recaptchaenterprise/src/main/java/com/google/firebase/appcheck/recaptchaenterprise/internal/ExchangeRecaptchaEnterpriseTokenRequest.java

@@ -0,0 +1,44 @@
+// Copyright 2025 Google LLC
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+//      http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+package com.google.firebase.appcheck.recaptchaenterprise.internal;
+
+import androidx.annotation.NonNull;
+import androidx.annotation.VisibleForTesting;
+import org.json.JSONException;
+import org.json.JSONObject;
+
+/**
+ * Client-side model of the ExchangeRecaptchaEnterpriseTokenRequest payload from the Firebase App
+ * Check Token Exchange API.
+ */
+public class ExchangeRecaptchaEnterpriseTokenRequest {
+
+  @VisibleForTesting
+  static final String RECAPTCHA_ENTERPRISE_TOKEN_KEY = "recaptchaEnterpriseToken";
+
+  private final String recaptchaEnterpriseToken;
+
+  public ExchangeRecaptchaEnterpriseTokenRequest(@NonNull String recaptchaEnterpriseToken) {
+    this.recaptchaEnterpriseToken = recaptchaEnterpriseToken;
+  }
+
+  @NonNull
+  public String toJsonString() throws JSONException {
+    JSONObject jsonObject = new JSONObject();
+    jsonObject.put(RECAPTCHA_ENTERPRISE_TOKEN_KEY, recaptchaEnterpriseToken);
+
+    return jsonObject.toString();
+  }
+}

appcheck/firebase-appcheck-recaptchaenterprise/src/main/java/com/google/firebase/appcheck/recaptchaenterprise/internal/FirebaseExecutors.java

@@ -0,0 +1,43 @@
+// Copyright 2025 Google LLC
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+//      http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+package com.google.firebase.appcheck.recaptchaenterprise.internal;
+
+import com.google.firebase.annotations.concurrent.Blocking;
+import com.google.firebase.annotations.concurrent.Lightweight;
+import java.util.concurrent.Executor;
+
+/**
+ * This class encapsulates a {@link com.google.firebase.annotations.concurrent.Lightweight} executor
+ * and a {@link com.google.firebase.annotations.concurrent.Blocking} executor, making them available
+ * for various asynchronous operations related to reCAPTCHA Enterprise App Check.
+ */
+public class FirebaseExecutors {
+  private final Executor liteExecutor;
+  private final Executor blockingExecutor;
+
+  public FirebaseExecutors(
+      @Lightweight Executor liteExecutor, @Blocking Executor blockingExecutor) {
+    this.liteExecutor = liteExecutor;
+    this.blockingExecutor = blockingExecutor;
+  }
+
+  public Executor getLiteExecutor() {
+    return liteExecutor;
+  }
+
+  public Executor getBlockingExecutor() {
+    return blockingExecutor;
+  }
+}