castle-rb 4.1.0 → 4.2.0

Sign up to get free protection for your applications and to get access to all the features.
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: d0d6aa4996eb091692c0a7dfcf9658b2b26fb011cfa94103604a79e60d401ac0
4
- data.tar.gz: 8e7eb4c21cf3edd7a3845fc946857dd25ad1031d75dfa8cf8cb8b911b928eebe
3
+ metadata.gz: 9e257285772f0ea234bc5ffce99cfccabdd31205c9bd09c6b210f633ea691728
4
+ data.tar.gz: dbe175f86dc14f5e246e502452ff7e65de27dc82966428262f440e8acbfcf295
5
5
  SHA512:
6
- metadata.gz: 9bdf75588225fd282a36d1e37c1ee3eb69ecfab3f3e50a2c27d695f8c7c7ad1a2bccdb8b097dbe9ff361c17481c9449808d9c26adf56924eb249a18ffb2e9a71
7
- data.tar.gz: '089b2507cd099a863b9592c8a194f5971f2126a7ff2892d0f211ace1a9b06261872a9a13d98a72b617f59815d70d87a4c49ca9e348c06031554a3a8cbe905140'
6
+ metadata.gz: a25b09f89b7d0b589b215e58bfd2b3436954da93a99d141e1dc7282b8350480a289e1b852b1cd5afdcf8f0a924b0b6062771da73ba6ad6c10fd179b214de2c59
7
+ data.tar.gz: faa3a957367aaad5e16bb9330b7a63e7ca607468f8e46ba75f99fce05b328bccfa59d2908051b3488605cb9517c7f6f3cf4f6d1a98d7fa68df9a569a9f60d3a5
data/README.md CHANGED
@@ -87,12 +87,12 @@ Castle.configure do |config|
87
87
  config.blacklisted = ['HTTP-X-header']
88
88
 
89
89
  # Castle needs the original IP of the client, not the IP of your proxy or load balancer.
90
- # we try to fetch proper ip based on X-Forwarded-For, X-Client-Id or Remote-Addr headers in that order
90
+ # we try to fetch proper ip based on X-Forwarded-For or Remote-Addr headers in that order
91
91
  # but sometimes proper ip may be stored in different header or order could be different.
92
92
  # SDK can extract ip automatically for you, but you must configure which ip_headers you would like to use
93
93
  configuration.ip_headers = []
94
94
 
95
- # Additionally to make X-Forwarded-For or X-Client-Id work better discovering client ip address,
95
+ # Additionally to make X-Forwarded-For and other headers work better discovering client ip address,
96
96
  # and not the address of a reverse proxy server, you can define trusted proxies
97
97
  # which will help to fetch proper ip from those headers
98
98
  configuration.trusted_proxies = []
@@ -5,43 +5,39 @@ module Castle
5
5
  # used for extraction of ip from the request
6
6
  class IP
7
7
  # ordered list of ip headers for ip extraction
8
- DEFAULT = %w[X-Forwarded-For Client-Ip Remote-Addr].freeze
9
- # default header fallback when ip is not found
10
- FALLBACK = 'Remote-Addr'
8
+ DEFAULT = %w[X-Forwarded-For Remote-Addr].freeze
11
9
 
12
- private_constant :FALLBACK, :DEFAULT
10
+ private_constant :DEFAULT
13
11
 
14
12
  # @param headers [Hash]
15
13
  def initialize(headers)
16
14
  @headers = headers
17
- @ip_headers = Castle.config.ip_headers + DEFAULT
15
+ @ip_headers = Castle.config.ip_headers.empty? ? DEFAULT : Castle.config.ip_headers
18
16
  @proxies = Castle.config.trusted_proxies + Castle::Configuration::TRUSTED_PROXIES
19
17
  end
20
18
 
21
19
  # Order of headers:
22
20
  # .... list of headers defined by ip_headers
23
21
  # X-Forwarded-For
24
- # Client-Ip is
25
22
  # Remote-Addr
26
23
  # @return [String]
27
24
  def call
25
+ all_ips = []
26
+
28
27
  @ip_headers.each do |ip_header|
29
- ip_value = calculate_ip(ip_header)
28
+ ips = ips_from(ip_header)
29
+ ip_value = remove_proxies(ips).last
30
30
  return ip_value if ip_value
31
+
32
+ all_ips.push(*ips)
31
33
  end
32
34
 
33
- @headers[FALLBACK]
35
+ # fallback to first whatever ip
36
+ all_ips.first
34
37
  end
35
38
 
36
39
  private
37
40
 
38
- # @param header [String]
39
- # @return [String]
40
- def calculate_ip(header)
41
- ips = ips_from(header)
42
- remove_proxies(ips).first
43
- end
44
-
45
41
  # @param ips [Array<String>]
46
42
  # @return [Array<String>]
47
43
  def remove_proxies(ips)
@@ -61,7 +57,7 @@ module Castle
61
57
 
62
58
  return [] unless value
63
59
 
64
- value.strip.split(/[,\s]+/).reverse
60
+ value.strip.split(/[,\s]+/)
65
61
  end
66
62
  end
67
63
  end
@@ -1,5 +1,5 @@
1
1
  # frozen_string_literal: true
2
2
 
3
3
  module Castle
4
- VERSION = '4.1.0'
4
+ VERSION = '4.2.0'
5
5
  end
@@ -21,20 +21,20 @@ describe Castle::Extractors::IP do
21
21
  end
22
22
 
23
23
  context 'with uppercase format' do
24
- before { Castle.config.ip_headers = %w[CF_CONNECTING_IP] }
24
+ before { Castle.config.ip_headers = %w[CF_CONNECTING_IP X-Forwarded-For] }
25
25
 
26
26
  it { expect(extractor.call).to eql('1.2.3.4') }
27
27
  end
28
28
 
29
29
  context 'with regular format' do
30
- before { Castle.config.ip_headers = %w[Cf-Connecting-Ip] }
30
+ before { Castle.config.ip_headers = %w[Cf-Connecting-Ip X-Forwarded-For] }
31
31
 
32
32
  it { expect(extractor.call).to eql('1.2.3.4') }
33
33
  end
34
34
 
35
- context 'with value from trusted proxies' do
35
+ context 'with value from trusted proxies it get seconds header' do
36
36
  before do
37
- Castle.config.ip_headers = %w[Cf-Connecting-Ip]
37
+ Castle.config.ip_headers = %w[Cf-Connecting-Ip X-Forwarded-For]
38
38
  Castle.config.trusted_proxies = %w[1.2.3.4]
39
39
  end
40
40
 
@@ -49,7 +49,7 @@ describe Castle::Extractors::IP do
49
49
 
50
50
  let(:headers) { { 'Remote-Addr' => '127.0.0.1', 'X-Forwarded-For' => http_x_header } }
51
51
 
52
- it 'fallbacks to remote_addr even if trusted proxy' do
52
+ it 'fallbacks to first available header when all headers are marked trusted proxy' do
53
53
  expect(extractor.call).to eql('127.0.0.1')
54
54
  end
55
55
  end
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: castle-rb
3
3
  version: !ruby/object:Gem::Version
4
- version: 4.1.0
4
+ version: 4.2.0
5
5
  platform: ruby
6
6
  authors:
7
7
  - Johan Brissmyr
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2020-03-27 00:00:00.000000000 Z
11
+ date: 2020-03-31 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: appraisal