Merge pull request #25 from securenative/dev

Fix request header parsing
securenative · Oct 4, 2020 · f4055fb · f4055fb
2 parents ca54755 + 810db9c
commit f4055fb
Show file tree

Hide file tree

Showing 9 changed files with 30 additions and 14 deletions.
diff --git a/Gemfile.lock b/Gemfile.lock
@@ -1,7 +1,7 @@
 PATH
   remote: .
   specs:
-    securenative (0.1.30)
+    securenative (0.1.31)
 
 GEM
   remote: https://rubygems.org/

diff --git a/README.md b/README.md
@@ -114,7 +114,7 @@ require 'securenative'
 
 def track(request)
     securenative = SecureNative::Client.instance
-    context = SecureNative::Context.from_http_request(request)
+    context = securenative.from_http_request(request)
 
     event_options = SecureNative::EventOptions.new(event: SecureNative::EventTypes::LOG_IN, user_id: '1234', context: context,
                                      user_traits: SecureNative::UserTraits.new(name: 'Your Name', email: 'name@gmail.com', phone: '+1234567890'),
@@ -136,7 +136,7 @@ require 'securenative'
 
 def verify(request)
     securenative = SecureNative::Client.instance
-    context = SecureNative::Context.from_http_request(request)
+    context = securenative.from_http_request(request)
 
     event_options = SecureNative::EventOptions.new(event: SecureNative::EventTypes::LOG_IN, user_id: '1234', context: context,
                                          user_traits: SecureNative::UserTraits.new(name: 'Your Name', email: 'name@gmail.com', phone: '+1234567890'),

diff --git a/lib/securenative/client.rb b/lib/securenative/client.rb
@@ -42,6 +42,10 @@ def self.init_with_api_key(api_key)
       end
     end
 
+    def from_http_request(request)
+      SecureNative::Context.from_http_request(request, @options)
+    end
+
     def self.init
       options = SecureNative::Config::ConfigurationManager.load_config
       init_with_options(options)

diff --git a/lib/securenative/context.rb b/lib/securenative/context.rb
@@ -21,7 +21,7 @@ def self.default_context_builder
       SecureNative::Context.new
     end
 
-    def self.from_http_request(request)
+    def self.from_http_request(request, options)
       client_token = SecureNative::Frameworks::Rails.get_client_token(request)
       client_token = SecureNative::Frameworks::Sinatra.get_client_token(request) if client_token.nil?
       client_token = SecureNative::Frameworks::Hanami.get_client_token(request) if client_token.nil?
@@ -57,9 +57,9 @@ def self.from_http_request(request)
         client_token = SecureNative::Utils::RequestUtils.get_secure_header_from_request(headers)
       end
 
-      SecureNative::Context.new(client_token: client_token, ip: SecureNative::Utils::RequestUtils.get_client_ip_from_request(request),
-                     remote_ip: SecureNative::Utils::RequestUtils.get_remote_ip_from_request(request),
-                     headers: headers, url: url, http_method: method || '', body: body)
+      SecureNative::Context.new(client_token: client_token, ip: SecureNative::Utils::RequestUtils.get_client_ip_from_request(request, options),
+                                remote_ip: SecureNative::Utils::RequestUtils.get_remote_ip_from_request(request),
+                                headers: headers, url: url, http_method: method || '', body: body)
     end
   end
 end
diff --git a/lib/securenative/utils/request_utils.rb b/lib/securenative/utils/request_utils.rb
@@ -5,6 +5,7 @@ module Utils
     class RequestUtils
       SECURENATIVE_COOKIE = '_sn'
       SECURENATIVE_HEADER = 'x-securenative'
+      PREFIX = 'HTTP_'
 
       def self.get_secure_header_from_request(headers)
         begin
@@ -15,15 +16,21 @@ def self.get_secure_header_from_request(headers)
         []
       end
 
-      def self.get_client_ip_from_request(request, options = nil)
+      def self.get_client_ip_from_request(request, options)
         unless options.nil?
           for header in options.proxy_headers do
             begin
               h = request.env[header]
+              unless !h.nil?
+                h = request.env[self.parse_ip(header)]
+              end
               return h.scan(/\b(?:[0-9]{1,3}\.){3}[0-9]{1,3}\b/)[0] unless h.nil?
             rescue NoMethodError
               begin
                 h = request[header]
+                unless !h.nil?
+                  h = request.env[self.parse_ip(header)]
+                end
                 return h.scan(/\b(?:[0-9]{1,3}\.){3}[0-9]{1,3}\b/)[0] unless h.nil?
               rescue NoMethodError
               end
@@ -79,6 +86,11 @@ def self.get_remote_ip_from_request(request)
           ''
         end
       end
+
+      def self.parse_ip(headers)
+        h = headers.gsub('-', '_')
+        return PREFIX + h.upcase
+      end
     end
   end
 end
diff --git a/lib/securenative/version.rb b/lib/securenative/version.rb
@@ -1,5 +1,5 @@
 # frozen_string_literal: true
 
 module SecureNative
-  VERSION = '0.1.30'
+  VERSION = '0.1.31'
 end
diff --git a/spec/securenative/spec_api_manager.rb b/spec/securenative/spec_api_manager.rb
@@ -55,7 +55,7 @@
         'Accept-Encoding' => 'gzip;q=1.0,deflate;q=0.6,identity;q=0.3',
         'Authorization' => 'YOUR_API_KEY',
         'Content-Type' => 'application/json',
-        'Sn-Version' => '0.1.29',
+        'Sn-Version' => '0.1.31',
         'User-Agent' => 'SecureNative-ruby'
       }
     ).to_return(status: 200, body: '', headers: {})

diff --git a/spec/securenative/spec_event_manager.rb b/spec/securenative/spec_event_manager.rb
@@ -29,7 +29,7 @@ def initialize
               'Accept-Encoding' => 'gzip;q=1.0,deflate;q=0.6,identity;q=0.3',
               'Authorization' => 'YOUR_API_KEY',
               'Content-Type' => 'application/json',
-              'Sn-Version' => '0.1.29',
+              'Sn-Version' => '0.1.31',
               'User-Agent' => 'SecureNative-ruby'
             })
       .to_return(status: 200, body: '', headers: {})
@@ -53,7 +53,7 @@ def initialize
               'Accept-Encoding' => 'gzip;q=1.0,deflate;q=0.6,identity;q=0.3',
               'Authorization' => 'YOUR_API_KEY',
               'Content-Type' => 'application/json',
-              'Sn-Version' => '0.1.29',
+              'Sn-Version' => '0.1.31',
               'User-Agent' => 'SecureNative-ruby'
             })
       .to_return(status: 401, body: '', headers: {})
@@ -74,7 +74,7 @@ def initialize
               'Accept-Encoding' => 'gzip;q=1.0,deflate;q=0.6,identity;q=0.3',
               'Authorization' => 'YOUR_API_KEY',
               'Content-Type' => 'application/json',
-              'Sn-Version' => '0.1.29',
+              'Sn-Version' => '0.1.31',
               'User-Agent' => 'SecureNative-ruby'
             })
       .to_return(status: 500, body: '', headers: {})

diff --git a/spec/securenative/spec_http_client.rb b/spec/securenative/spec_http_client.rb
@@ -15,7 +15,7 @@
               'Accept-Encoding' => 'gzip;q=1.0,deflate;q=0.6,identity;q=0.3',
               'Authorization' => 'YOUR_API_KEY',
               'Content-Type' => 'application/json',
-              'Sn-Version' => '0.1.29',
+              'Sn-Version' => '0.1.31',
               'User-Agent' => 'SecureNative-ruby'
             }).to_return(status: 200, body: '', headers: {})