RubyGems - moesif_rack - Versions diffs - 1.4.18 → 1.5.1 - Mend

moesif_rack 1.4.18 → 1.5.1

Files changed (17) hide show

checksums.yaml +4 -4
data/README.md +10 -1
data/lib/moesif_rack/app_config.rb +87 -120
data/lib/moesif_rack/client_ip.rb +61 -102
data/lib/moesif_rack/governance_rules.rb +483 -0
data/lib/moesif_rack/moesif_helpers.rb +57 -6
data/lib/moesif_rack/moesif_middleware.rb +178 -140
data/lib/moesif_rack/regex_config_helper.rb +96 -104
data/lib/moesif_rack/update_company.rb +44 -48
data/lib/moesif_rack/update_user.rb +44 -48
data/moesif_capture_outgoing/httplog/adapters/net_http.rb +18 -21
data/moesif_capture_outgoing/httplog/http_log.rb +54 -85
data/moesif_capture_outgoing/httplog.rb +2 -2
data/test/config_example.json +1477 -0
data/test/govrule_example.json +20 -0
data/test/test_governance_rules.rb +212 -0
metadata +8 -4

checksums.yaml CHANGED Viewed

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 4332e59f946cefea8c61e0e7f40136ba2fd45c4c96de9f133651622c734d62b7
-  data.tar.gz: 5f7e29ac2f016a4c97d56a1276aafd42cabedf316cbe0a5a6f82069dcd813f18
+  metadata.gz: ed6afe67a6d8b2aa3c05b23a704d2ccfaadf9afdb078e9d66998f69fd7ed3f45
+  data.tar.gz: 3cb56517e37769f179aabf0f1621c0969259558a46fa8594c017f85098f77423
 SHA512:
-  metadata.gz: 25b4d5ea39d166c3aee2da057460c2fd9027bd4a7d1a1510e45ec0436890de5ea910b28353f00a034f735d99b7d5c840879e537b3022759216218d6cc351a1bf
-  data.tar.gz: d4e0e2014e5b78b1b1ca4be8cc8e10769ebe5d3ed3d6c91f96004587a6e474ac34470af7272da8922ccac5773206a8c44fe4f4d8657bdd90fa3f3fa444f09863
+  metadata.gz: 91987307ffe2aaf10763dc39e0dce6acc1d91ed8f614144811b2a0d7c579b06d4f4f112cf6de10a983153aa81f45d5dac3450be5c38658af71728656d4426d5c
+  data.tar.gz: f6a677544fd723f0ab6842e5496586d93f22b8ddf77fc5ceb1c4fb98f770ce5443461a66f6c744f03b03a428acfa1c55c669d4f4f09841191c99842a40e614f6

data/README.md CHANGED Viewed

@@ -255,8 +255,17 @@ Optional. Boolean. Default false. If true, it will print out debug messages. In
 Optional. Boolean. Default true. If false, will not log request and response body to Moesif.
+#### __`batch_size`__
+Optional. int, default 200, Maximum batch size when sending to Moesif.
+#### __`batch_max_time`__
+Optional. int in seconds Default 2.	This is the maximum wait time (approximately) before triggering flushing of the queue and sending to Moesif.
+#### __`event_queue_size`__
+Optional. int, Default 1000, Maximum number of events to hold in queue before sending to Moesif. In case of network issues when not able to connect/send event to Moesif, skips adding new to event to queue to prevent memory overflow.
 #### __`capture_outgoing_requests`__
-Optional. boolean, Default `false`. Set to `true` to capture all outgoing API calls from your app to third parties like Stripe, Github or to your own dependencies while using [Net::HTTP](https://ruby-doc.org/stdlib-2.6.3/libdoc/net/http/rdoc/Net/HTTP.html) package. The options below is applied to outgoing API calls. When the request is outgoing, for options functions that take request and response as input arguments, the request and response objects passed in are [Request](https://www.rubydoc.info/stdlib/net/Net/HTTPRequest) request and [Response](https://www.rubydoc.info/stdlib/net/Net/HTTPResponse) response objects.
+Optional. Boolean, Default `false`. Set to `true` to capture all outgoing API calls from your app to third parties like Stripe, Github or to your own dependencies while using [Net::HTTP](https://ruby-doc.org/stdlib-2.6.3/libdoc/net/http/rdoc/Net/HTTP.html) package. The options below is applied to outgoing API calls. When the request is outgoing, for options functions that take request and response as input arguments, the request and response objects passed in are [Request](https://www.rubydoc.info/stdlib/net/Net/HTTPRequest) request and [Response](https://www.rubydoc.info/stdlib/net/Net/HTTPResponse) response objects.
 ##### __`identify_user_outgoing`__

data/lib/moesif_rack/app_config.rb CHANGED Viewed

@@ -3,134 +3,101 @@ require 'json'
 require 'time'
 require 'zlib'
 require 'stringio'
-require_relative './moesif_helpers.rb'
-require_relative './regex_config_helper.rb'
+require_relative './moesif_helpers'
+require_relative './regex_config_helper'
 class AppConfig
+  def initialize(debug)
+    @debug = debug
+    @moesif_helpers = MoesifHelpers.new(debug)
+    @regex_config_helper = RegexConfigHelper.new(debug)
+  end
-    def initialize debug
-        @debug = debug
-        @moesif_helpers = MoesifHelpers.new(debug)
-        @regex_config_helper = RegexConfigHelper.new(debug)
+  def get_config(api_controller)
+    # Get Application Config
+    config_api_response = api_controller.get_app_config
+    @moesif_helpers.log_debug('new config downloaded')
+    @moesif_helpers.log_debug(config_api_response.to_s)
+    config_api_response
+  rescue MoesifApi::APIException => e
+    if e.response_code.between?(401, 403)
+      @moesif_helpers.log_debug 'Unauthorized access getting application configuration. Please check your Appplication Id.'
     end
+    @moesif_helpers.log_debug 'Error getting application configuration, with status code:'
+    @moesif_helpers.log_debug e.response_code
+  rescue StandardError => e
+    @moesif_helpers.log_debug e.to_s
+  end
-    def get_config(api_controller)
-        # Get Application Config
-        begin
-            config_api_response = api_controller.get_app_config()
-            @moesif_helpers.log_debug("new config downloaded")
-            @moesif_helpers.log_debug(config_api_response.to_s)
-            return config_api_response
-        rescue MoesifApi::APIException => e
-            if e.response_code.between?(401, 403)
-                @moesif_helpers.log_debug 'Unauthorized access getting application configuration. Please check your Appplication Id.'
-            end
-            @moesif_helpers.log_debug 'Error getting application configuration, with status code:'
-            @moesif_helpers.log_debug e.response_code
-        rescue => e
-            @moesif_helpers.log_debug e.to_s
-        end
-        rescue
-    end
+  def parse_configuration(config_api_response)
+    # Parse configuration object and return Etag, sample rate and last updated time
-    def parse_configuration(config_api_response)
-        # Parse configuration object and return Etag, sample rate and last updated time
-        begin
-            # Rails return gzipped compressed response body, so decompressing it and getting JSON response body
-            response_body = decompress_gzip_body(config_api_response)
-            @moesif_helpers.log_debug(response_body.to_s)
-            # Check if response body is not nil
-            if !response_body.nil? then
-                # Return Etag, sample rate and last updated time
-                return response_body, config_api_response.headers[:x_moesif_config_etag], Time.now.utc
-            else
-                @moesif_helpers.log_debug 'Response body is nil, assuming default behavior'
-                # Response body is nil, so assuming default behavior
-                return nil, nil, Time.now.utc
-            end
-        rescue => exception
-            @moesif_helpers.log_debug 'Error while parsing the configuration object, assuming default behavior'
-            @moesif_helpers.log_debug exception.to_s
-            # Assuming default behavior
-            return nil, nil, Time.now.utc
-        end
-    end
+    # Rails return gzipped compressed response body, so decompressing it and getting JSON response body
+    response_body = @moesif_helpers.decompress_gzip_body(config_api_response)
+    @moesif_helpers.log_debug(response_body.to_json)
-    def get_sampling_percentage(event_model, config_api_response, user_id, company_id)
-        # Get sampling percentage
-        begin
-            # Check if response body is not nil
-            if !config_api_response.nil? then
-                @moesif_helpers.log_debug("Getting sample rate for user #{user_id} company #{company_id}")
-                @moesif_helpers.log_debug(config_api_response.to_s)
-                # Get Regex Sampling rate
-                regex_config = config_api_response.fetch('regex_config', nil)
-                if !regex_config.nil? and !event_model.nil?
-                    config_mapping = @regex_config_helper.prepare_config_mapping(event_model)
-                    regex_sample_rate = @regex_config_helper.fetch_sample_rate_on_regex_match(regex_config, config_mapping)
-                    if !regex_sample_rate.nil?
-                        return regex_sample_rate
-                    end
-                end
-                # Get user sample rate object
-                user_sample_rate = config_api_response.fetch('user_sample_rate', nil)
-                # Get company sample rate object
-                company_sample_rate = config_api_response.fetch('company_sample_rate', nil)
-                # Get sample rate for the user if exist
-                if !user_id.nil? && !user_sample_rate.nil? && user_sample_rate.key?(user_id)
-                    return user_sample_rate.fetch(user_id)
-                end
-                # Get sample rate for the company if exist
-                if !company_id.nil? && !company_sample_rate.nil? && company_sample_rate.key?(company_id)
-                    return company_sample_rate.fetch(company_id)
-                end
-                # Return sample rate
-                return config_api_response.fetch('sample_rate', 100)
-            else
-                @moesif_helpers.log_debug 'Assuming default behavior as response body is nil - '
-                return 100
-            end
-        rescue => exception
-            @moesif_helpers.log_debug 'Error while geting sampling percentage, assuming default behavior'
-            @moesif_helpers.log_debug exception.to_s
-            return 100
-        end
-    end
+    # Check if response body is not nil
+    return response_body, config_api_response.headers[:x_moesif_config_etag], Time.now.utc unless response_body.nil?
-    def decompress_gzip_body(config_api_response)
-        # Decompress gzip response body
-        begin
-            # Check if the content-encoding header exist and is of type zip
-            if config_api_response.headers.key?(:content_encoding) && config_api_response.headers[:content_encoding].eql?( 'gzip' ) then
-                # Create a GZipReader object to read data
-                gzip_reader = Zlib::GzipReader.new(StringIO.new(config_api_response.raw_body.to_s))
-                # Read the body
-                uncompressed_string = gzip_reader.read
-                # Return the parsed body
-                return JSON.parse( uncompressed_string )
-            else
-                @moesif_helpers.log_debug 'Content Encoding is of type other than gzip, returning nil'
-                return nil
-            end
-        rescue => exception
-            @moesif_helpers.log_debug 'Error while decompressing the response body'
-            @moesif_helpers.log_debug exception.to_s
-            return nil
-        end
-    end
+    # Return Etag, sample rate and last updated time
+    @moesif_helpers.log_debug 'Response body is nil, assuming default behavior'
+    # Response body is nil, so assuming default behavior
+    [nil, nil, Time.now.utc]
+  rescue StandardError => e
+    @moesif_helpers.log_debug 'Error while parsing the configuration object, assuming default behavior'
+    @moesif_helpers.log_debug e.to_s
+    # Assuming default behavior
+    [nil, nil, Time.now.utc]
+  end
+  def get_sampling_percentage(event_model, config_api_response, user_id, company_id)
+    # Get sampling percentage
+    # Check if response body is not nil
+    if !config_api_response.nil?
+      @moesif_helpers.log_debug("Getting sample rate for user #{user_id} company #{company_id}")
+      @moesif_helpers.log_debug(config_api_response.to_s)
-    def calculate_weight(sample_rate)
-        return sample_rate == 0 ? 1 : (100 / sample_rate).floor
+      # Get Regex Sampling rate
+      regex_config = config_api_response.fetch('regex_config', nil)
+      if !regex_config.nil? and !event_model.nil?
+        config_mapping = @regex_config_helper.prepare_config_mapping(event_model)
+        regex_sample_rate = @regex_config_helper.fetch_sample_rate_on_regex_match(regex_config,
+                                                                                  config_mapping)
+        return regex_sample_rate unless regex_sample_rate.nil?
+      end
+      # Get user sample rate object
+      user_sample_rate = config_api_response.fetch('user_sample_rate', nil)
+      # Get company sample rate object
+      company_sample_rate = config_api_response.fetch('company_sample_rate', nil)
+      # Get sample rate for the user if exist
+      if !user_id.nil? && !user_sample_rate.nil? && user_sample_rate.key?(user_id)
+        return user_sample_rate.fetch(user_id)
+      end
+      # Get sample rate for the company if exist
+      if !company_id.nil? && !company_sample_rate.nil? && company_sample_rate.key?(company_id)
+        return company_sample_rate.fetch(company_id)
+      end
+      # Return sample rate
+      config_api_response.fetch('sample_rate', 100)
+    else
+      @moesif_helpers.log_debug 'Assuming default behavior as response body is nil - '
+      100
     end
+  rescue StandardError => e
+    @moesif_helpers.log_debug 'Error while geting sampling percentage, assuming default behavior'
+    @moesif_helpers.log_debug e.to_s
+    100
+  end
+  def calculate_weight(sample_rate)
+    sample_rate == 0 ? 1 : (100 / sample_rate).floor
+  end
 end

data/lib/moesif_rack/client_ip.rb CHANGED Viewed

@@ -1,119 +1,78 @@
 def is_ip?(value)
-    ipv4 = /^(?:(?:\d|[1-9]\d|1\d{2}|2[0-4]\d|25[0-5])\.){3}(?:\d|[1-9]\d|1\d{2}|2[0-4]\d|25[0-5])$/
-    ipv6 = /^\s*((([0-9A-Fa-f]{1,4}:){7}([0-9A-Fa-f]{1,4}|:))|(([0-9A-Fa-f]{1,4}:){6}(:[0-9A-Fa-f]{1,4}|((25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)(\.(25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)){3})|:))|(([0-9A-Fa-f]{1,4}:){5}(((:[0-9A-Fa-f]{1,4}){1,2})|:((25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)(\.(25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)){3})|:))|(([0-9A-Fa-f]{1,4}:){4}(((:[0-9A-Fa-f]{1,4}){1,3})|((:[0-9A-Fa-f]{1,4})?:((25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)(\.(25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)){3}))|:))|(([0-9A-Fa-f]{1,4}:){3}(((:[0-9A-Fa-f]{1,4}){1,4})|((:[0-9A-Fa-f]{1,4}){0,2}:((25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)(\.(25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)){3}))|:))|(([0-9A-Fa-f]{1,4}:){2}(((:[0-9A-Fa-f]{1,4}){1,5})|((:[0-9A-Fa-f]{1,4}){0,3}:((25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)(\.(25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)){3}))|:))|(([0-9A-Fa-f]{1,4}:){1}(((:[0-9A-Fa-f]{1,4}){1,6})|((:[0-9A-Fa-f]{1,4}){0,4}:((25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)(\.(25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)){3}))|:))|(:(((:[0-9A-Fa-f]{1,4}){1,7})|((:[0-9A-Fa-f]{1,4}){0,5}:((25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)(\.(25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)){3}))|:)))(%.+)?\s*$/
-    # We use !! to convert the return value to a boolean
-    !!(value =~ ipv4 or value=~ ipv6)
+  ipv4 = /^(?:(?:\d|[1-9]\d|1\d{2}|2[0-4]\d|25[0-5])\.){3}(?:\d|[1-9]\d|1\d{2}|2[0-4]\d|25[0-5])$/
+  ipv6 = /^\s*((([0-9A-Fa-f]{1,4}:){7}([0-9A-Fa-f]{1,4}|:))|(([0-9A-Fa-f]{1,4}:){6}(:[0-9A-Fa-f]{1,4}|((25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)(\.(25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)){3})|:))|(([0-9A-Fa-f]{1,4}:){5}(((:[0-9A-Fa-f]{1,4}){1,2})|:((25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)(\.(25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)){3})|:))|(([0-9A-Fa-f]{1,4}:){4}(((:[0-9A-Fa-f]{1,4}){1,3})|((:[0-9A-Fa-f]{1,4})?:((25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)(\.(25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)){3}))|:))|(([0-9A-Fa-f]{1,4}:){3}(((:[0-9A-Fa-f]{1,4}){1,4})|((:[0-9A-Fa-f]{1,4}){0,2}:((25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)(\.(25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)){3}))|:))|(([0-9A-Fa-f]{1,4}:){2}(((:[0-9A-Fa-f]{1,4}){1,5})|((:[0-9A-Fa-f]{1,4}){0,3}:((25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)(\.(25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)){3}))|:))|(([0-9A-Fa-f]{1,4}:){1}(((:[0-9A-Fa-f]{1,4}){1,6})|((:[0-9A-Fa-f]{1,4}){0,4}:((25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)(\.(25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)){3}))|:))|(:(((:[0-9A-Fa-f]{1,4}){1,7})|((:[0-9A-Fa-f]{1,4}){0,5}:((25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)(\.(25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)){3}))|:)))(%.+)?\s*$/
+  # We use !! to convert the return value to a boolean
+  !!(value =~ ipv4 or value =~ ipv6)
 end
 def get_client_ip_from_x_forwarded_for(value)
-    begin
-        value = value.encode('utf-8')
-        if value.to_s.empty?
-            return nil
-        end
-        if !value.instance_of?(String)
-            puts ("Expected a string, got - " + value.class.to_s)
-        else
-            # x-forwarded-for may return multiple IP addresses in the format:
-            # "client IP, proxy 1 IP, proxy 2 IP"
-            # Therefore, the right-most IP address is the IP address of the most recent proxy
-            # and the left-most IP address is the IP address of the originating client.
-            # source: http://docs.aws.amazon.com/elasticloadbalancing/latest/classic/x-forwarded-headers.html
-            # Azure Web App's also adds a port for some reason, so we'll only use the first part (the IP)
-            forwardedIps = []
-            value.gsub(/\s+/, "").split(',').each do |e|
-               if e.include?(':')
-                    splitted = e.split(':')
-                    if splitted.length == 2
-                        forwardedIps << splitted.first
-                    end
-               end
-               forwardedIps << e
-            end
-            # Sometimes IP addresses in this header can be 'unknown' (http://stackoverflow.com/a/11285650).
-            # Therefore taking the left-most IP address that is not unknown
-            # A Squid configuration directive can also set the value to "unknown" (http://www.squid-cache.org/Doc/config/forwarded_for/)
-            return forwardedIps.find {|e| is_ip?(e) }
-        end
-    rescue
-        return value.encode('utf-8')
+  value = value.encode('utf-8')
+  return nil if value.to_s.empty?
+  if !value.instance_of?(String)
+    puts('Expected a string, got - ' + value.class.to_s)
+  else
+    # x-forwarded-for may return multiple IP addresses in the format:
+    # "client IP, proxy 1 IP, proxy 2 IP"
+    # Therefore, the right-most IP address is the IP address of the most recent proxy
+    # and the left-most IP address is the IP address of the originating client.
+    # source: http://docs.aws.amazon.com/elasticloadbalancing/latest/classic/x-forwarded-headers.html
+    # Azure Web App's also adds a port for some reason, so we'll only use the first part (the IP)
+    forwardedIps = []
+    value.gsub(/\s+/, '').split(',').each do |e|
+      if e.include?(':')
+        splitted = e.split(':')
+        forwardedIps << splitted.first if splitted.length == 2
+      end
+      forwardedIps << e
     end
+    # Sometimes IP addresses in this header can be 'unknown' (http://stackoverflow.com/a/11285650).
+    # Therefore taking the left-most IP address that is not unknown
+    # A Squid configuration directive can also set the value to "unknown" (http://www.squid-cache.org/Doc/config/forwarded_for/)
+    forwardedIps.find { |e| is_ip?(e) }
+  end
+rescue StandardError
+  value.encode('utf-8')
 end
 def get_client_address(env)
-    begin
-        # Standard headers used by Amazon EC2, Heroku, and others.
-        if env.key?('HTTP_X_CLIENT_IP')
-            if is_ip?(env['HTTP_X_CLIENT_IP'])
-                return env['HTTP_X_CLIENT_IP']
-            end
-        end
+  # Standard headers used by Amazon EC2, Heroku, and others.
+  return env['HTTP_X_CLIENT_IP'] if env.key?('HTTP_X_CLIENT_IP') && is_ip?(env['HTTP_X_CLIENT_IP'])
-        # Load-balancers (AWS ELB) or proxies.
-        if env.key?('HTTP_X_FORWARDED_FOR')
-            xForwardedFor = get_client_ip_from_x_forwarded_for(env['HTTP_X_FORWARDED_FOR'])
-            if is_ip?(xForwardedFor)
-                return xForwardedFor
-            end
-        end
+  # Load-balancers (AWS ELB) or proxies.
+  if env.key?('HTTP_X_FORWARDED_FOR')
+    xForwardedFor = get_client_ip_from_x_forwarded_for(env['HTTP_X_FORWARDED_FOR'])
+    return xForwardedFor if is_ip?(xForwardedFor)
+  end
-        # Cloudflare.
-        # @see https://support.cloudflare.com/hc/en-us/articles/200170986-How-does-Cloudflare-handle-HTTP-Request-headers-
-        # CF-Connecting-IP - applied to every request to the origin.
-        if env.key?('HTTP_CF_CONNECTING_IP')
-            if is_ip?(env['HTTP_CF_CONNECTING_IP'])
-                return env['HTTP_CF_CONNECTING_IP']
-            end
-        end
+  # Cloudflare.
+  # @see https://support.cloudflare.com/hc/en-us/articles/200170986-How-does-Cloudflare-handle-HTTP-Request-headers-
+  # CF-Connecting-IP - applied to every request to the origin.
+  return env['HTTP_CF_CONNECTING_IP'] if env.key?('HTTP_CF_CONNECTING_IP') && is_ip?(env['HTTP_CF_CONNECTING_IP'])
-        # Akamai and Cloudflare: True-Client-IP.
-        if env.key?('HTTP_TRUE_CLIENT_IP')
-            if is_ip?(env['HTTP_TRUE_CLIENT_IP'])
-                return env['HTTP_TRUE_CLIENT_IP']
-            end
-        end
+  # Akamai and Cloudflare: True-Client-IP.
+  return env['HTTP_TRUE_CLIENT_IP'] if env.key?('HTTP_TRUE_CLIENT_IP') && is_ip?(env['HTTP_TRUE_CLIENT_IP'])
-        # Default nginx proxy/fcgi; alternative to x-forwarded-for, used by some proxies.
-        if env.key?('HTTP_X_REAL_IP')
-            if is_ip?(env['HTTP_X_REAL_IP'])
-                return env['HTTP_X_REAL_IP']
-            end
-        end
+  # Default nginx proxy/fcgi; alternative to x-forwarded-for, used by some proxies.
+  return env['HTTP_X_REAL_IP'] if env.key?('HTTP_X_REAL_IP') && is_ip?(env['HTTP_X_REAL_IP'])
-        # (Rackspace LB and Riverbed's Stingray)
-        # http://www.rackspace.com/knowledge_center/article/controlling-access-to-linux-cloud-sites-based-on-the-client-ip-address
-        # https://splash.riverbed.com/docs/DOC-1926
-        if env.key?('HTTP_X_CLUSTER_CLIENT_IP')
-            if is_ip?(env['HTTP_X_CLUSTER_CLIENT_IP'])
-                return env['HTTP_X_CLUSTER_CLIENT_IP']
-            end
-        end
+  # (Rackspace LB and Riverbed's Stingray)
+  # http://www.rackspace.com/knowledge_center/article/controlling-access-to-linux-cloud-sites-based-on-the-client-ip-address
+  # https://splash.riverbed.com/docs/DOC-1926
+  if env.key?('HTTP_X_CLUSTER_CLIENT_IP') && is_ip?(env['HTTP_X_CLUSTER_CLIENT_IP'])
+    return env['HTTP_X_CLUSTER_CLIENT_IP']
+  end
-        if env.key?('HTTP_X_FORWARDED')
-            if is_ip?(env['HTTP_X_FORWARDED'])
-                return env['HTTP_X_FORWARDED']
-            end
-        end
+  return env['HTTP_X_FORWARDED'] if env.key?('HTTP_X_FORWARDED') && is_ip?(env['HTTP_X_FORWARDED'])
-        if env.key?('HTTP_FORWARDED_FOR')
-            if is_ip?(env['HTTP_FORWARDED_FOR'])
-                return env['HTTP_FORWARDED_FOR']
-            end
-        end
+  return env['HTTP_FORWARDED_FOR'] if env.key?('HTTP_FORWARDED_FOR') && is_ip?(env['HTTP_FORWARDED_FOR'])
-        if env.key?('HTTP_FORWARDED')
-            if is_ip?(env['HTTP_FORWARDED'])
-                return env['HTTP_FORWARDED']
-            end
-        end
+  return env['HTTP_FORWARDED'] if env.key?('HTTP_FORWARDED') && is_ip?(env['HTTP_FORWARDED'])
-        return env['REMOTE_ADDR']
-    rescue
-        return env['REMOTE_ADDR']
-    end
-end
+  env['REMOTE_ADDR']
+rescue StandardError
+  env['REMOTE_ADDR']
+end