koha-dev.rot13.org Git - srvgit/blob - t/Koha/Middlware/RealIP.t

   1 #!/usr/bin/perl
   2
   3 #
   4 # Copyright 2020 Prosentient Systems
   5 #
   6 # This file is part of Koha.
   7 #
   8 # Koha is free software; you can redistribute it and/or modify it under the
   9 # terms of the GNU General Public License as published by the Free Software
  10 # Foundation; either version 3 of the License, or (at your option) any later
  11 # version.
  12 #
  13 # Koha is distributed in the hope that it will be useful, but WITHOUT ANY
  14 # WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR
  15 # A PARTICULAR PURPOSE.  See the GNU General Public License for more details.
  16 #
  17 # You should have received a copy of the GNU General Public License along
  18 # with Koha; if not, write to the Free Software Foundation, Inc.,
  19 # 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
  20
  21 use strict;
  22 use warnings;
  23 use Test::More tests => 14;
  24 use Test::Warn;
  25
  26 use t::lib::Mocks;
  27 use_ok("Koha::Middleware::RealIP");
  28
  29 my ($remote_address,$x_forwarded_for_header,$address);
  30
  31 $remote_address = "1.1.1.1";
  32 $x_forwarded_for_header = "";
  33 $address = Koha::Middleware::RealIP::get_real_ip( $remote_address, $x_forwarded_for_header );
  34 is($address,'1.1.1.1',"There is no X-Forwarded-For header, so just use the remote address");
  35
  36 $remote_address = "1.1.1.1";
  37 $x_forwarded_for_header = "2.2.2.2";
  38 $address = Koha::Middleware::RealIP::get_real_ip( $remote_address, $x_forwarded_for_header );
  39 is($address,'1.1.1.1',"Don't trust 1.1.1.1 as a proxy, so use it as the remote address");
  40
  41 $remote_address = "1.1.1.1";
  42 $x_forwarded_for_header = "2.2.2.2";
  43 t::lib::Mocks::mock_config('koha_trusted_proxies', '1.1.1.1');
  44 $address = Koha::Middleware::RealIP::get_real_ip( $remote_address, $x_forwarded_for_header );
  45 is($address,'2.2.2.2',"Trust proxy (1.1.1.1), so use the X-Forwarded-For header for the remote address");
  46
  47
  48 $remote_address = "1.1.1.1";
  49 $x_forwarded_for_header = "2.2.2.2,3.3.3.3";
  50 t::lib::Mocks::mock_config('koha_trusted_proxies', '1.1.1.1 3.3.3.3');
  51 $address = Koha::Middleware::RealIP::get_real_ip( $remote_address, $x_forwarded_for_header );
  52 is($address,'2.2.2.2',"Trust multiple proxies (1.1.1.1 and 3.3.3.3), so use the X-Forwaded-For <client> portion for the remote address");
  53
  54 $remote_address = "1.1.1.1";
  55 $x_forwarded_for_header = "2.2.2.2,3.3.3.3";
  56 t::lib::Mocks::mock_config('koha_trusted_proxies', 'bad configuration');
  57 warnings_are {
  58     $address = Koha::Middleware::RealIP::get_real_ip( $remote_address, $x_forwarded_for_header );
  59 } ["could not parse bad","could not parse configuration"],"Warn on misconfigured koha_trusted_proxies";
  60 is($address,'1.1.1.1',"koha_trusted_proxies is misconfigured so ignore the X-Forwarded-For header");
  61
  62 $remote_address = "1.1.1.1";
  63 $x_forwarded_for_header = "2.2.2.2";
  64 t::lib::Mocks::mock_config('koha_trusted_proxies', 'bad 1.1.1.1');
  65 warning_is {
  66     $address = Koha::Middleware::RealIP::get_real_ip( $remote_address, $x_forwarded_for_header );
  67 } "could not parse bad","Warn on partially misconfigured koha_trusted_proxies";
  68 is($address,'2.2.2.2',"koha_trusted_proxies contains an invalid value but still includes one correct value, which is relevant, so use X-Forwarded-For header");
  69
  70 $remote_address = "1.1.1.1";
  71 $x_forwarded_for_header = "2.2.2.2";
  72 t::lib::Mocks::mock_config('koha_trusted_proxies', '1.1.1.0/24');
  73 $address = Koha::Middleware::RealIP::get_real_ip( $remote_address, $x_forwarded_for_header );
  74 is($address,'2.2.2.2',"Trust proxy (1.1.1.1) using CIDR notation, so use the X-Forwarded-For header for the remote address");
  75
  76 $remote_address = "1.1.1.1";
  77 $x_forwarded_for_header = "2.2.2.2";
  78 t::lib::Mocks::mock_config('koha_trusted_proxies', '1.1.1');
  79 $address = Koha::Middleware::RealIP::get_real_ip( $remote_address, $x_forwarded_for_header );
  80 is($address,'2.2.2.2',"Trust proxy (1.1.1.1) using abbreviated notation, so use the X-Forwarded-For header for the remote address");
  81
  82 $remote_address = "1.1.1.1";
  83 $x_forwarded_for_header = "2.2.2.2";
  84 t::lib::Mocks::mock_config('koha_trusted_proxies', '1.1.1.0:255.255.255.0');
  85 $address = Koha::Middleware::RealIP::get_real_ip( $remote_address, $x_forwarded_for_header );
  86 is($address,'2.2.2.2',"Trust proxy (1.1.1.1) using an IP address and netmask separated by a colon, so use the X-Forwarded-For header for the remote address");
  87
  88 $remote_address = "2001:db8:1234:5678:abcd:1234:abcd:1234";
  89 $x_forwarded_for_header = "2.2.2.2";
  90 t::lib::Mocks::mock_config('koha_trusted_proxies', '2001:db8:1234:5678::/64');
  91 warning_is {
  92     $address = Koha::Middleware::RealIP::get_real_ip( $remote_address, $x_forwarded_for_header );
  93 } "could not parse 2001:db8:1234:5678::/64","Warn on IPv6 koha_trusted_proxies";
  94 is($address,'2001:db8:1234:5678:abcd:1234:abcd:1234',"IPv6 support was added in 1.9104 version of Net::Netmask");