Skip to content

Commit 00e68a0

Browse files
inbaltakoinbaltako
authored
Merge pull request #45 from securenative/dev
Add ip extraction tests
2 parents 61a3c02 + ca9038e commit 00e68a0

File tree

2 files changed

+270
-2
lines changed

2 files changed

+270
-2
lines changed

README.md

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -171,14 +171,14 @@ def webhook_endpoint(request):
171171
is_verified = securenative.verify_request_payload(request)
172172
```
173173

174-
## Extract proxy headers from Cloudflare
174+
## Extract proxy headers from cloud providers
175175

176176
You can specify custom header keys to allow extraction of client ip from different providers.
177177
This example demonstrates the usage of proxy headers for ip extraction from Cloudflare.
178178

179179
### Option 1: Using config file
180180
```ini
181-
SECURENATIVE_API_KEY: dsbe27fh3437r2yd326fg3fdg36f43
181+
SECURENATIVE_API_KEY: "YOUR_API_KEY"
182182
SECURENATIVE_PROXY_HEADERS: ["CF-Connecting-IP"]
183183
```
184184

tests/request_utils_test.py

Lines changed: 268 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -40,3 +40,271 @@ def test_proxy_headers_extraction_from_request_multiple_ips(self):
4040
client_ip = RequestUtils.get_client_ip_from_request(request, options)
4141

4242
self.assertEqual("141.246.115.116", client_ip)
43+
44+
def test_extraction_from_HTTP_X_FORWARDED_FOR_header_single_ip(self):
45+
options = SecureNativeOptions()
46+
47+
with requests_mock.Mocker(real_http=True) as request:
48+
request.headers = {
49+
"HTTP_X_FORWARDED_FOR": "141.246.115.116"}
50+
51+
client_ip = RequestUtils.get_client_ip_from_request(request, options)
52+
53+
self.assertEqual("141.246.115.116", client_ip)
54+
55+
def test_extraction_from_HTTP_X_FORWARDED_FOR_header_multiple_ips(self):
56+
options = SecureNativeOptions()
57+
58+
with requests_mock.Mocker(real_http=True) as request:
59+
request.headers = {
60+
"HTTP_X_FORWARDED_FOR": "141.246.115.116, 203.0.113.1, 12.34.56.3"}
61+
62+
client_ip = RequestUtils.get_client_ip_from_request(request, options)
63+
64+
self.assertEqual("141.246.115.116", client_ip)
65+
66+
def test_extraction_from_X_FORWARDED_FOR_header_single_ip(self):
67+
options = SecureNativeOptions()
68+
69+
with requests_mock.Mocker(real_http=True) as request:
70+
request.headers = {
71+
"X_FORWARDED_FOR": "141.246.115.116"}
72+
73+
client_ip = RequestUtils.get_client_ip_from_request(request, options)
74+
75+
self.assertEqual("141.246.115.116", client_ip)
76+
77+
def test_extraction_from_X_FORWARDED_FOR_header_multiple_ips(self):
78+
options = SecureNativeOptions()
79+
80+
with requests_mock.Mocker(real_http=True) as request:
81+
request.headers = {
82+
"X_FORWARDED_FOR": "141.246.115.116, 203.0.113.1, 12.34.56.3"}
83+
84+
client_ip = RequestUtils.get_client_ip_from_request(request, options)
85+
86+
self.assertEqual("141.246.115.116", client_ip)
87+
88+
def test_extraction_from_REMOTE_ADDR_header_single_ip(self):
89+
options = SecureNativeOptions()
90+
91+
with requests_mock.Mocker(real_http=True) as request:
92+
request.headers = {
93+
"REMOTE_ADDR": "141.246.115.116"}
94+
95+
client_ip = RequestUtils.get_client_ip_from_request(request, options)
96+
97+
self.assertEqual("141.246.115.116", client_ip)
98+
99+
def test_extraction_from_REMOTE_ADDR_header_multiple_ips(self):
100+
options = SecureNativeOptions()
101+
102+
with requests_mock.Mocker(real_http=True) as request:
103+
request.headers = {
104+
"REMOTE_ADDR": "141.246.115.116, 203.0.113.1, 12.34.56.3"}
105+
106+
client_ip = RequestUtils.get_client_ip_from_request(request, options)
107+
108+
self.assertEqual("141.246.115.116", client_ip)
109+
110+
def test_extraction_from_x_forwarded_for_header_single_ip(self):
111+
options = SecureNativeOptions()
112+
113+
with requests_mock.Mocker(real_http=True) as request:
114+
request.headers = {
115+
"x-forwarded-for": "141.246.115.116"}
116+
117+
client_ip = RequestUtils.get_client_ip_from_request(request, options)
118+
119+
self.assertEqual("141.246.115.116", client_ip)
120+
121+
def test_extraction_from_x_forwarded_for_header_multiple_ips(self):
122+
options = SecureNativeOptions()
123+
124+
with requests_mock.Mocker(real_http=True) as request:
125+
request.headers = {
126+
"x-forwarded-for": "141.246.115.116, 203.0.113.1, 12.34.56.3"}
127+
128+
client_ip = RequestUtils.get_client_ip_from_request(request, options)
129+
130+
self.assertEqual("141.246.115.116", client_ip)
131+
132+
def test_extraction_from_x_client_ip_header_single_ip(self):
133+
options = SecureNativeOptions()
134+
135+
with requests_mock.Mocker(real_http=True) as request:
136+
request.headers = {
137+
"x-client-ip": "141.246.115.116"}
138+
139+
client_ip = RequestUtils.get_client_ip_from_request(request, options)
140+
141+
self.assertEqual("141.246.115.116", client_ip)
142+
143+
def test_extraction_from_x_client_ip_header_multiple_ips(self):
144+
options = SecureNativeOptions()
145+
146+
with requests_mock.Mocker(real_http=True) as request:
147+
request.headers = {
148+
"x-client-ip": "141.246.115.116, 203.0.113.1, 12.34.56.3"}
149+
150+
client_ip = RequestUtils.get_client_ip_from_request(request, options)
151+
152+
self.assertEqual("141.246.115.116", client_ip)
153+
154+
def test_extraction_from_x_real_ip_header_single_ip(self):
155+
options = SecureNativeOptions()
156+
157+
with requests_mock.Mocker(real_http=True) as request:
158+
request.headers = {
159+
"x-real-ip": "141.246.115.116"}
160+
161+
client_ip = RequestUtils.get_client_ip_from_request(request, options)
162+
163+
self.assertEqual("141.246.115.116", client_ip)
164+
165+
def test_extraction_from_x_real_ip_header_multiple_ips(self):
166+
options = SecureNativeOptions()
167+
168+
with requests_mock.Mocker(real_http=True) as request:
169+
request.headers = {
170+
"x-real-ip": "141.246.115.116, 203.0.113.1, 12.34.56.3"}
171+
172+
client_ip = RequestUtils.get_client_ip_from_request(request, options)
173+
174+
self.assertEqual("141.246.115.116", client_ip)
175+
176+
def test_extraction_from_x_forwarded_header_single_ip(self):
177+
options = SecureNativeOptions()
178+
179+
with requests_mock.Mocker(real_http=True) as request:
180+
request.headers = {
181+
"x-forwarded": "141.246.115.116"}
182+
183+
client_ip = RequestUtils.get_client_ip_from_request(request, options)
184+
185+
self.assertEqual("141.246.115.116", client_ip)
186+
187+
def test_extraction_from_x_forwarded_header_multiple_ips(self):
188+
options = SecureNativeOptions()
189+
190+
with requests_mock.Mocker(real_http=True) as request:
191+
request.headers = {
192+
"x-forwarded": "141.246.115.116, 203.0.113.1, 12.34.56.3"}
193+
194+
client_ip = RequestUtils.get_client_ip_from_request(request, options)
195+
196+
self.assertEqual("141.246.115.116", client_ip)
197+
198+
def test_extraction_from_x_cluster_client_ip_for_header_single_ip(self):
199+
options = SecureNativeOptions()
200+
201+
with requests_mock.Mocker(real_http=True) as request:
202+
request.headers = {
203+
"x-cluster-client-ip": "141.246.115.116"}
204+
205+
client_ip = RequestUtils.get_client_ip_from_request(request, options)
206+
207+
self.assertEqual("141.246.115.116", client_ip)
208+
209+
def test_extraction_from_x_cluster_client_ip_header_multiple_ips(self):
210+
options = SecureNativeOptions()
211+
212+
with requests_mock.Mocker(real_http=True) as request:
213+
request.headers = {
214+
"x-client-ip": "141.246.115.116, 203.0.113.1, 12.34.56.3"}
215+
216+
client_ip = RequestUtils.get_client_ip_from_request(request, options)
217+
218+
self.assertEqual("141.246.115.116", client_ip)
219+
220+
def test_extraction_from_forwarded_for_header_single_ip(self):
221+
options = SecureNativeOptions()
222+
223+
with requests_mock.Mocker(real_http=True) as request:
224+
request.headers = {
225+
"forwarded-for": "141.246.115.116"}
226+
227+
client_ip = RequestUtils.get_client_ip_from_request(request, options)
228+
229+
self.assertEqual("141.246.115.116", client_ip)
230+
231+
def test_extraction_from_forwarded_for_header_multiple_ips(self):
232+
options = SecureNativeOptions()
233+
234+
with requests_mock.Mocker(real_http=True) as request:
235+
request.headers = {
236+
"forwarded-for": "141.246.115.116, 203.0.113.1, 12.34.56.3"}
237+
238+
client_ip = RequestUtils.get_client_ip_from_request(request, options)
239+
240+
self.assertEqual("141.246.115.116", client_ip)
241+
242+
def test_extraction_from_forwarded_header_single_ip(self):
243+
options = SecureNativeOptions()
244+
245+
with requests_mock.Mocker(real_http=True) as request:
246+
request.headers = {
247+
"forwarded": "141.246.115.116"}
248+
249+
client_ip = RequestUtils.get_client_ip_from_request(request, options)
250+
251+
self.assertEqual("141.246.115.116", client_ip)
252+
253+
def test_extraction_from_forwarded_header_multiple_ips(self):
254+
options = SecureNativeOptions()
255+
256+
with requests_mock.Mocker(real_http=True) as request:
257+
request.headers = {
258+
"forwarded": "141.246.115.116, 203.0.113.1, 12.34.56.3"}
259+
260+
client_ip = RequestUtils.get_client_ip_from_request(request, options)
261+
262+
self.assertEqual("141.246.115.116", client_ip)
263+
264+
def test_extraction_from_via_for_header_single_ip(self):
265+
options = SecureNativeOptions()
266+
267+
with requests_mock.Mocker(real_http=True) as request:
268+
request.headers = {
269+
"via": "141.246.115.116"}
270+
271+
client_ip = RequestUtils.get_client_ip_from_request(request, options)
272+
273+
self.assertEqual("141.246.115.116", client_ip)
274+
275+
def test_extraction_from_via_header_multiple_ips(self):
276+
options = SecureNativeOptions()
277+
278+
with requests_mock.Mocker(real_http=True) as request:
279+
request.headers = {
280+
"via": "141.246.115.116, 203.0.113.1, 12.34.56.3"}
281+
282+
client_ip = RequestUtils.get_client_ip_from_request(request, options)
283+
284+
self.assertEqual("141.246.115.116", client_ip)
285+
286+
def test_extraction_priority_with_x_forwarded_for(self):
287+
options = SecureNativeOptions()
288+
289+
with requests_mock.Mocker(real_http=True) as request:
290+
request.headers = {
291+
"x-forwarded-for": "203.0.113.1",
292+
"x-real-ip": "198.51.100.101",
293+
"x-client-ip": "198.51.100.102"
294+
}
295+
296+
client_ip = RequestUtils.get_client_ip_from_request(request, options)
297+
298+
self.assertEqual("203.0.113.1", client_ip)
299+
300+
def test_extraction_priority_without_x_forwarded_for(self):
301+
options = SecureNativeOptions()
302+
303+
with requests_mock.Mocker(real_http=True) as request:
304+
request.headers = {
305+
"x-real-ip": "198.51.100.101",
306+
"x-client-ip": "203.0.113.1, 141.246.115.116, 12.34.56.3"}
307+
308+
client_ip = RequestUtils.get_client_ip_from_request(request, options)
309+
310+
self.assertEqual("203.0.113.1", client_ip)

0 commit comments

Comments
 (0)