fix client IP handling behind proxies
This commit is contained in:
@@ -72,3 +72,36 @@ func TestLoggerIncludesDetailedAuthFailureContext(t *testing.T) {
|
||||
require.Contains(t, logLine, `"auth_parse_error":"token has invalid claims: token is expired"`)
|
||||
require.Contains(t, logLine, `"auth_token_fingerprint":"`)
|
||||
}
|
||||
|
||||
func TestLoggerUsesForwardedClientIPFromTrustedProxy(t *testing.T) {
|
||||
t.Parallel()
|
||||
|
||||
gin.SetMode(gin.TestMode)
|
||||
|
||||
var logBuffer bytes.Buffer
|
||||
encoderConfig := zap.NewProductionEncoderConfig()
|
||||
encoderConfig.TimeKey = ""
|
||||
logger := zap.New(zapcore.NewCore(
|
||||
zapcore.NewJSONEncoder(encoderConfig),
|
||||
zapcore.AddSync(&logBuffer),
|
||||
zapcore.DebugLevel,
|
||||
))
|
||||
|
||||
router := gin.New()
|
||||
require.NoError(t, router.SetTrustedProxies([]string{"10.42.0.0/16"}))
|
||||
router.Use(RequestID())
|
||||
router.Use(Logger(logger))
|
||||
router.GET("/test", func(c *gin.Context) {
|
||||
c.Status(http.StatusOK)
|
||||
})
|
||||
|
||||
req := httptest.NewRequest(http.MethodGet, "/test", nil)
|
||||
req.RemoteAddr = "10.42.0.128:51234"
|
||||
req.Header.Set("X-Forwarded-For", "106.14.89.27")
|
||||
resp := httptest.NewRecorder()
|
||||
|
||||
router.ServeHTTP(resp, req)
|
||||
|
||||
require.Equal(t, http.StatusOK, resp.Code)
|
||||
require.Contains(t, logBuffer.String(), `"client_ip":"106.14.89.27"`)
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user