From 281e2fb3b57f66a35fbb390225bdc1184a983aef Mon Sep 17 00:00:00 2001
From: Inbal Tako <inbal@securenative.com>
Date: Thu, 24 Sep 2020 17:47:41 +0300
Subject: [PATCH] Align ip extraction

---
 Gemfile.lock                            |  2 +-
 lib/securenative/utils/request_utils.rb | 43 ++++++++++++++++---------
 securenative.gemspec                    |  2 +-
 spec/spec_api_manager.rb                |  2 +-
 spec/spec_event_manager.rb              |  6 ++--
 spec/spec_securenative_http_client.rb   |  2 +-
 6 files changed, 34 insertions(+), 23 deletions(-)

diff --git a/Gemfile.lock b/Gemfile.lock
index b9beb24..f010140 100644
--- a/Gemfile.lock
+++ b/Gemfile.lock
@@ -1,7 +1,7 @@
 PATH
   remote: .
   specs:
-    securenative (0.1.26)
+    securenative (0.1.27)
 
 GEM
   remote: https://rubygems.org/
diff --git a/lib/securenative/utils/request_utils.rb b/lib/securenative/utils/request_utils.rb
index 4fdd3e2..78b1fc9 100644
--- a/lib/securenative/utils/request_utils.rb
+++ b/lib/securenative/utils/request_utils.rb
@@ -15,9 +15,19 @@ def self.get_secure_header_from_request(headers)
     end
 
     def self.get_client_ip_from_request(request, options = nil)
-      begin
-        return request.ip unless request.ip.nil?
-      rescue NoMethodError
+      unless options.nil?
+        for header in options.proxy_headers do
+          begin
+            h = request.env[header]
+            return h.scan(/\b(?:[0-9]{1,3}\.){3}[0-9]{1,3}\b/)[0] unless h.nil?
+          rescue NoMethodError
+            begin
+              h = request[header]
+              return h.scan(/\b(?:[0-9]{1,3}\.){3}[0-9]{1,3}\b/)[0] unless h.nil?
+            rescue NoMethodError
+            end
+          end
+        end
       end
 
       begin
@@ -31,6 +41,17 @@ def self.get_client_ip_from_request(request, options = nil)
         end
       end
 
+      begin
+        x_forwarded_for = request.env['HTTP_X_REAL_IP']
+        return x_forwarded_for.scan(/\b(?:[0-9]{1,3}\.){3}[0-9]{1,3}\b/)[0] unless x_forwarded_for.nil?
+      rescue NoMethodError
+        begin
+          x_forwarded_for = request['HTTP_X_REAL_IP']
+          return x_forwarded_for.scan(/\b(?:[0-9]{1,3}\.){3}[0-9]{1,3}\b/)[0] unless x_forwarded_for.nil?
+        rescue NoMethodError
+        end
+      end
+
       begin
         x_forwarded_for = request.env['REMOTE_ADDR']
         return x_forwarded_for.scan(/\b(?:[0-9]{1,3}\.){3}[0-9]{1,3}\b/)[0] unless x_forwarded_for.nil?
@@ -42,19 +63,9 @@ def self.get_client_ip_from_request(request, options = nil)
         end
       end
 
-      unless options.nil?
-        for header in options.proxy_headers do
-          begin
-            h = request.env[header]
-            return h.scan(/\b(?:[0-9]{1,3}\.){3}[0-9]{1,3}\b/)[0] unless h.nil?
-          rescue NoMethodError
-            begin
-              h = request[header]
-              return h.scan(/\b(?:[0-9]{1,3}\.){3}[0-9]{1,3}\b/)[0] unless h.nil?
-            rescue NoMethodError
-            end
-          end
-        end
+      begin
+        return request.ip unless request.ip.nil?
+      rescue NoMethodError
       end
 
       ''
diff --git a/securenative.gemspec b/securenative.gemspec
index b0c8ba6..9501b83 100644
--- a/securenative.gemspec
+++ b/securenative.gemspec
@@ -6,7 +6,7 @@ require_relative 'lib/securenative/utils/version_utils'
 
 Gem::Specification.new do |spec|
   spec.name          = 'securenative'
-  spec.version       = '0.1.26'
+  spec.version       = '0.1.27'
   spec.authors       = ['SecureNative']
   spec.email         = ['support@securenative.com']
 
diff --git a/spec/spec_api_manager.rb b/spec/spec_api_manager.rb
index c87fc37..6d5e04e 100644
--- a/spec/spec_api_manager.rb
+++ b/spec/spec_api_manager.rb
@@ -63,7 +63,7 @@
         'Accept-Encoding' => 'gzip;q=1.0,deflate;q=0.6,identity;q=0.3',
         'Authorization' => 'YOUR_API_KEY',
         'Content-Type' => 'application/json',
-        'Sn-Version' => '0.1.26',
+        'Sn-Version' => '0.1.27',
         'User-Agent' => 'SecureNative-ruby'
       }
     ).to_return(status: 200, body: '', headers: {})
diff --git a/spec/spec_event_manager.rb b/spec/spec_event_manager.rb
index 7bd3552..5aa623e 100644
--- a/spec/spec_event_manager.rb
+++ b/spec/spec_event_manager.rb
@@ -32,7 +32,7 @@ def initialize
               'Accept-Encoding' => 'gzip;q=1.0,deflate;q=0.6,identity;q=0.3',
               'Authorization' => 'YOUR_API_KEY',
               'Content-Type' => 'application/json',
-              'Sn-Version' => '0.1.26',
+              'Sn-Version' => '0.1.27',
               'User-Agent' => 'SecureNative-ruby'
             })
       .to_return(status: 200, body: '', headers: {})
@@ -56,7 +56,7 @@ def initialize
               'Accept-Encoding' => 'gzip;q=1.0,deflate;q=0.6,identity;q=0.3',
               'Authorization' => 'YOUR_API_KEY',
               'Content-Type' => 'application/json',
-              'Sn-Version' => '0.1.26',
+              'Sn-Version' => '0.1.27',
               'User-Agent' => 'SecureNative-ruby'
             })
       .to_return(status: 401, body: '', headers: {})
@@ -77,7 +77,7 @@ def initialize
               'Accept-Encoding' => 'gzip;q=1.0,deflate;q=0.6,identity;q=0.3',
               'Authorization' => 'YOUR_API_KEY',
               'Content-Type' => 'application/json',
-              'Sn-Version' => '0.1.26',
+              'Sn-Version' => '0.1.27',
               'User-Agent' => 'SecureNative-ruby'
             })
       .to_return(status: 500, body: '', headers: {})
diff --git a/spec/spec_securenative_http_client.rb b/spec/spec_securenative_http_client.rb
index 710cc24..4193ad1 100644
--- a/spec/spec_securenative_http_client.rb
+++ b/spec/spec_securenative_http_client.rb
@@ -16,7 +16,7 @@
               'Accept-Encoding' => 'gzip;q=1.0,deflate;q=0.6,identity;q=0.3',
               'Authorization' => 'YOUR_API_KEY',
               'Content-Type' => 'application/json',
-              'Sn-Version' => '0.1.26',
+              'Sn-Version' => '0.1.27',
               'User-Agent' => 'SecureNative-ruby'
             }).to_return(status: 200, body: '', headers: {})