From 4e760aa222f5eed94833112d669d310c1ec7b137 Mon Sep 17 00:00:00 2001 From: Alexis Saettler Date: Sun, 10 Mar 2024 18:30:42 +0100 Subject: [PATCH] feat: replace request ip with Cf-Connecting-Ip value (#284) --- config/laravelcloudflare.php | 11 +++++++ src/CloudflareProxies.php | 15 ++------- src/Commands/Reload.php | 6 +--- src/Commands/View.php | 6 +--- src/Facades/CloudflareProxies.php | 4 +-- src/Http/Middleware/TrustProxies.php | 33 +++++++++++++++---- src/LaravelCloudflare.php | 8 ++--- src/TrustedProxyServiceProvider.php | 12 ++----- .../Unit/Http/Middleware/TrustProxiesTest.php | 13 ++++++++ 9 files changed, 61 insertions(+), 47 deletions(-) diff --git a/config/laravelcloudflare.php b/config/laravelcloudflare.php index 4236d4f..ee9e366 100644 --- a/config/laravelcloudflare.php +++ b/config/laravelcloudflare.php @@ -14,6 +14,17 @@ 'enabled' => (bool) env('LARAVEL_CLOUDFLARE_ENABLED', true), + /* + |-------------------------------------------------------------------------- + | Replace current remote addr with Cf-Connecting-Ip header + |-------------------------------------------------------------------------- + | + | This replace the request ip with the value of the Cf-Connecting-Ip header. + | + */ + + 'replace_ip' => (bool) env('LARAVEL_CLOUDFLARE_REPLACE_IP', true), + /* |-------------------------------------------------------------------------- | Name of the cache to store values of the proxies diff --git a/src/CloudflareProxies.php b/src/CloudflareProxies.php index 61d32a9..81c8b72 100644 --- a/src/CloudflareProxies.php +++ b/src/CloudflareProxies.php @@ -32,9 +32,6 @@ class CloudflareProxies /** * Create a new instance of CloudflareProxies. - * - * @param \Illuminate\Contracts\Config\Repository $config - * @param \Illuminate\Http\Client\Factory $http */ public function __construct(Repository $config, HttpClient $http) { @@ -44,11 +41,8 @@ public function __construct(Repository $config, HttpClient $http) /** * Retrieve Cloudflare proxies list. - * - * @param int $type - * @return array */ - public function load($type = self::IP_VERSION_ANY): array + public function load(int $type = self::IP_VERSION_ANY): array { $proxies = []; @@ -66,14 +60,11 @@ public function load($type = self::IP_VERSION_ANY): array /** * Retrieve requested proxy list by name. - * - * @param string $name requet name - * @return array */ - protected function retrieve($name): array + protected function retrieve(string $name): array { try { - $url = Str::of($this->config->get('laravelcloudflare.url'))->finish('/').$name; + $url = Str::of($this->config->get('laravelcloudflare.url', 'https://www.cloudflare.com/'))->finish('/').$name; $response = Http::get($url)->throw(); } catch (\Exception $e) { diff --git a/src/Commands/Reload.php b/src/Commands/Reload.php index f647a1e..49c58da 100644 --- a/src/Commands/Reload.php +++ b/src/Commands/Reload.php @@ -25,12 +25,8 @@ class Reload extends Command /** * Execute the console command. - * - * @param \Illuminate\Contracts\Cache\Factory $cache - * @param \Illuminate\Contracts\Config\Repository $config - * @return void */ - public function handle(Cache $cache, Config $config) + public function handle(Cache $cache, Config $config): void { if (! (bool) $config->get('laravelcloudflare.enabled')) { return; diff --git a/src/Commands/View.php b/src/Commands/View.php index d63e3fa..7db292c 100644 --- a/src/Commands/View.php +++ b/src/Commands/View.php @@ -24,12 +24,8 @@ class View extends Command /** * Execute the console command. - * - * @param \Illuminate\Contracts\Cache\Factory $cache - * @param \Illuminate\Contracts\Config\Repository $config - * @return void */ - public function handle(Cache $cache, Config $config) + public function handle(Cache $cache, Config $config): void { $proxies = $cache->store()->get($config->get('laravelcloudflare.cache'), []); diff --git a/src/Facades/CloudflareProxies.php b/src/Facades/CloudflareProxies.php index 4f71a22..fbc4545 100644 --- a/src/Facades/CloudflareProxies.php +++ b/src/Facades/CloudflareProxies.php @@ -13,10 +13,8 @@ class CloudflareProxies extends Facade { /** * Get the registered name of the component. - * - * @return string */ - protected static function getFacadeAccessor() + protected static function getFacadeAccessor(): string { return \Monicahq\Cloudflare\CloudflareProxies::class; } diff --git a/src/Http/Middleware/TrustProxies.php b/src/Http/Middleware/TrustProxies.php index 5cdfb32..43ed70c 100644 --- a/src/Http/Middleware/TrustProxies.php +++ b/src/Http/Middleware/TrustProxies.php @@ -2,6 +2,7 @@ namespace Monicahq\Cloudflare\Http\Middleware; +use Closure; use Illuminate\Http\Middleware\TrustProxies as Middleware; use Illuminate\Http\Request; use Illuminate\Support\Facades\Cache; @@ -11,12 +12,33 @@ class TrustProxies extends Middleware { /** - * Sets the trusted proxies on the request. + * Handle an incoming request. * - * @param \Illuminate\Http\Request $request - * @return void + * @throws \Symfony\Component\HttpKernel\Exception\HttpException + */ + public function handle(Request $request, Closure $next) + { + if (Config::get('laravelcloudflare.replace_ip') === true) { + $this->setRemoteAddr($request); + } + + return parent::handle($request, $next); + } + + /** + * Set RemoteAddr server value using Cf-Connecting-Ip header. */ - protected function setTrustedProxyIpAddresses(Request $request) + protected function setRemoteAddr(Request $request): void + { + if (($ip = $request->header('Cf-Connecting-Ip')) !== null) { + $request->server->set('REMOTE_ADDR', $ip); + } + } + + /** + * Sets the trusted proxies on the request. + */ + protected function setTrustedProxyIpAddresses(Request $request): void { if ((bool) Config::get('laravelcloudflare.enabled')) { $this->setTrustedProxyCloudflare($request); @@ -27,9 +49,6 @@ protected function setTrustedProxyIpAddresses(Request $request) /** * Sets the trusted proxies on the request to the value of Cloudflare ips. - * - * @param \Illuminate\Http\Request $request - * @return void */ protected function setTrustedProxyCloudflare(Request $request): void { diff --git a/src/LaravelCloudflare.php b/src/LaravelCloudflare.php index 4604046..97b7ad0 100644 --- a/src/LaravelCloudflare.php +++ b/src/LaravelCloudflare.php @@ -2,6 +2,7 @@ namespace Monicahq\Cloudflare; +use Closure; use Monicahq\Cloudflare\Facades\CloudflareProxies; final class LaravelCloudflare @@ -15,8 +16,6 @@ final class LaravelCloudflare /** * Get the proxies addresses. - * - * @return array */ public static function getProxies(): array { @@ -29,11 +28,8 @@ public static function getProxies(): array /** * Set a callback that should be used when getting the proxies addresses. - * - * @param \Closure $callback - * @return void */ - public static function getProxiesUsing($callback): void + public static function getProxiesUsing(?Closure $callback): void { static::$getProxiesCallback = $callback; } diff --git a/src/TrustedProxyServiceProvider.php b/src/TrustedProxyServiceProvider.php index 6da9ead..e2eec84 100644 --- a/src/TrustedProxyServiceProvider.php +++ b/src/TrustedProxyServiceProvider.php @@ -8,20 +8,16 @@ class TrustedProxyServiceProvider extends ServiceProvider { /** * Bootstrap any package services. - * - * @return void */ - public function boot() + public function boot(): void { $this->registerPublishing(); } /** * Register the package's publishable resources. - * - * @return void */ - private function registerPublishing() + private function registerPublishing(): void { if ($this->app->runningInConsole()) { $this->publishes([ @@ -32,10 +28,8 @@ private function registerPublishing() /** * Register any package services. - * - * @return void */ - public function register() + public function register(): void { $this->mergeConfigFrom( __DIR__.'/../config/laravelcloudflare.php', 'laravelcloudflare' diff --git a/tests/Unit/Http/Middleware/TrustProxiesTest.php b/tests/Unit/Http/Middleware/TrustProxiesTest.php index 7df0a9c..092b20f 100644 --- a/tests/Unit/Http/Middleware/TrustProxiesTest.php +++ b/tests/Unit/Http/Middleware/TrustProxiesTest.php @@ -4,6 +4,7 @@ use Illuminate\Http\Request; use Illuminate\Support\Facades\Cache; +use Illuminate\Support\Facades\Route; use Monicahq\Cloudflare\Http\Middleware\TrustProxies; use Monicahq\Cloudflare\LaravelCloudflare; use Monicahq\Cloudflare\Tests\FeatureTestCase; @@ -78,4 +79,16 @@ public function it_deactivates_middleware() $this->assertEquals([], $proxies); $this->assertFalse(Cache::has('cloudflare.proxies')); } + + /** @test */ + public function it_sets_remote_addr() + { + $request = new Request(); + $request->server->set('REMOTE_ADDR', '127.0.0.1'); + $request->headers->set('Cf-Connecting-Ip', '127.0.1.1'); + + $this->app->make(TrustProxies::class)->handle($request, fn () => null); + + $this->assertEquals('127.0.1.1', $request->ip()); + } }