bizside 3.0.1 → 3.0.3

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 898525e0f8554857afa269a915fe53aa320939057fdef98e708474b5de2a483d
-  data.tar.gz: dcda38e428e11696f8b73aa1f0c97c9237ef5f645c72a3fb2e2e28fd0f9cb5ec
+  metadata.gz: 73521110af0354af6ab7be8aeecf81c4b7a51003eba151398a4769981436a528
+  data.tar.gz: fa0cc7ea9e2b39716154c69ccdc0e736e6b827eba54b060fc1e105a593fd682d
 SHA512:
-  metadata.gz: 6ff88ef25f3b947a6b05dd9dd035ee1a4bdd609e79061221134b344084dc8ccd9b6e0694ba9575238bd07e1239e463c3cde6fdd30992c2095bf46b50e5427f17
-  data.tar.gz: f5fdeab08ca7d708c0ac0bc746fe90f3f98d5159755a98c49fa4d086097324f9be3f5c5a994c43f434b8cd4cbfbff89503e3c3473048c4b2fc29e287a55c8b0b
+  metadata.gz: 89243ceb64e24a815373006c4ce1d16cc5e5ffdadac4669cad7858b3501bc3e41e0a903c401d82baa734ad15c4f6c518128e51bf55fad0be751d8f9226b387ca
+  data.tar.gz: e82df91dffd5f633b9ba3b5987aad540fe256079295b3dafeb441fe04a3ad9ee01cff71d9b5bf455a4997a339a99bf1c4a43e9fe2bc8e1e05e12a6c569f772b0

data/lib/bizside/audit_log.rb

@@ -1,15 +1,23 @@
+require 'ipaddr'
 require_relative 'audit/logger'
 
 module Bizside
   class AuditLog
 
     @@ignore_paths = []
+    @@trusted_proxy_cidrs = []
+    @@trusted_proxy_cidr_objects = {}
     @@truncate_length = 8192
 
     def self.ignore_paths
       @@ignore_paths
     end
 
+    # 192.168.0.0/24 といったCIDR表記の文字列を複数指定可能
+    def self.trusted_proxy_cidrs
+      @@trusted_proxy_cidrs
+    end
+
     def self.truncate_length
       @@truncate_length
     end
@@ -25,7 +33,7 @@ module Bizside
     def call(env)
       start = Time.now.strftime('%Y-%m-%dT%H:%M:%S.%3N%z')
       status, headers, response = @app.call(env)
-      stop = Time.now.strftime('%Y-%m-%dT%H:%M:%S.%3N%z')      
+      stop = Time.now.strftime('%Y-%m-%dT%H:%M:%S.%3N%z')
       exception = env[Bizside::ShowExceptions::BIZSIDE_EXCEPTION_ENV_KEY]
 
       if env['BIZSIDE_SUPPRESS_AUDIT']
@@ -82,7 +90,7 @@ module Bizside
         referrer: env['HTTP_REFERER'],
         request_method: env['REQUEST_METHOD'],
         request_uri: env['BIZSIDE_REQUEST_URI'].presence || env['REQUEST_URI'],
-        remote_address: env['REMOTE_ADDR'],
+        remote_address: to_client_ip(env['HTTP_X_FORWARDED_FOR']) || to_client_ip(env['HTTP_CLIENT_IP']) || env['REMOTE_ADDR'],
         status: status,
         started_at: start,
         finished_at: stop,
@@ -180,5 +188,24 @@ module Bizside
       exception.backtrace.join("\n")[0...truncate_length]
     end
 
+    # 信頼のおけるロードバランサーがプロキシーになっている前提で、各HTTPヘッダの最後のIPをクライアントIPとして取得する
+    def to_client_ip(header_value)
+      ips = header_value ? header_value.strip.split(/[,\s]+/) : []
+      ips.reverse.each do |ip|
+        return ip unless proxy?(ip)
+      end
+
+      nil
+    end
+
+    def proxy?(ip)
+      @@trusted_proxy_cidrs.each do |cidr|
+        cidr_obj = @@trusted_proxy_cidr_objects[cidr] ||= IPAddr.new(cidr)
+        return true if cidr_obj.include?(ip)
+      end
+
+      false
+    end
+
   end
 end

data/lib/bizside/version.rb

@@ -1,3 +1,3 @@
 module Bizside
-  VERSION = '3.0.1'
+  VERSION = '3.0.3'
 end

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: bizside
 version: !ruby/object:Gem::Version
-  version: 3.0.1
+  version: 3.0.3
 platform: ruby
 authors:
 - bizside-developers
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2024-09-10 00:00:00.000000000 Z
+date: 2024-10-24 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: activesupport
@@ -368,7 +368,7 @@ dependencies:
         version: 1.5.0
 description: Bizside is an utilities to assist building web application.
 email:
-- bizside-developers@lab.acs-jp.com
+- bizside-developers@bizside.biz
 executables: []
 extensions: []
 extra_rdoc_files: []
@@ -475,7 +475,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
     - !ruby/object:Gem::Version
       version: '0'
 requirements: []
-rubygems_version: 3.1.6
+rubygems_version: 3.3.26
 signing_key: 
 specification_version: 4
 summary: Bizside is an utilities for web application.