Page MenuHomeDevCentral
Files F4021770

D24.id48.diff
No OneTemporary
Actions

D24.id48.diff
View Options

diff --git a/app/Enums/TrustProxyConfigurationMode.php b/app/Enums/TrustProxyConfigurationMode.php
new file mode 100644
--- /dev/null
+++ b/app/Enums/TrustProxyConfigurationMode.php
@@ -0,0 +1,16 @@
+<?php
+
+namespace AuthGrove\Enums;
+
+use Artisaninweb\Enum\Enum;
+
+/**
+ * @method static TrustProxyConfigurationMode ENUM()
+ */
+class TrustProxyConfigurationMode extends Enum {
+ const __default = self::TrustNone;
+
+ const TrustNone = 0;
+ const TrustSome = 1;
+ const TrustAll = 2;
+}
diff --git a/app/Http/Kernel.php b/app/Http/Kernel.php
--- a/app/Http/Kernel.php
+++ b/app/Http/Kernel.php
@@ -16,6 +16,7 @@
'Illuminate\Session\Middleware\StartSession',
'Illuminate\View\Middleware\ShareErrorsFromSession',
'AuthGrove\Http\Middleware\VerifyCsrfToken',
+ 'AuthGrove\Http\Middleware\TrustProxy',
];
/**
diff --git a/app/Http/Middleware/TrustProxy.php b/app/Http/Middleware/TrustProxy.php
new file mode 100644
--- /dev/null
+++ b/app/Http/Middleware/TrustProxy.php
@@ -0,0 +1,53 @@
+<?php namespace AuthGrove\Http\Middleware;
+
+use Illuminate\Contracts\Routing\Middleware;
+use AuthGrove\Enums\TrustProxyConfigurationMode;
+use Config;
+use Closure;
+
+class TrustProxy implements Middleware {
+ /**
+ * Handle an incoming request.
+ *
+ * @param \Illuminate\Http\Request $request
+ * @param \Closure $next
+ * @return mixed
+ */
+ public function handle($request, Closure $next)
+ {
+ $proxy = Config::get('app.proxy');
+
+ switch ($mode = self::getConfigurationMode($proxy)) {
+ case TrustProxyConfigurationMode::TrustNone:
+ break;
+
+ case TrustProxyConfigurationMode::TrustSome:
+ $request->setTrustedProxies($proxy);
+ break;
+
+ case TrustProxyConfigurationMode::TrustAll:
+ $request->setTrustedProxies([ $_SERVER["REMOTE_ADDR"] ]);
+ break;
+
+ default:
+ throw new ArgumentException("Unhandled configuration mode: $mode");
+ }
+
+ return $next($request);
+ }
+
+ /**
+ * Gets trust proxies configuration mode
+ */
+ public static function getConfigurationMode ($configValue) {
+ if (!is_array($configValue) || !count($configValue)) {
+ return TrustProxyConfigurationMode::TrustNone;
+ }
+
+ if (in_array('*', $configValue)) {
+ return TrustProxyConfigurationMode::TrustAll;
+ }
+
+ return TrustProxyConfigurationMode::TrustSome;
+ }
+}
diff --git a/composer.json b/composer.json
--- a/composer.json
+++ b/composer.json
@@ -7,6 +7,7 @@
"require": {
"php": ">=5.5.9",
"laravel/framework": "5.1.*",
+ "artisaninweb/laravel-enum": "1.0.*",
"keruald/globalfunctions": ">=0.3"
},
"require-dev": {
diff --git a/config/app.php b/config/app.php
--- a/config/app.php
+++ b/config/app.php
@@ -30,6 +30,26 @@
/*
|--------------------------------------------------------------------------
+ | Proxies serving requests
+ |--------------------------------------------------------------------------
+ |
+ | Auth Grove can handle proxy headers like HTTP_X_FORWARDED_PROTO according
+ | your configuration.
+ |
+ | - To always trust forward headers, adds a star entry: ['*']
+ | - To never trust any server, use an empty array: []
+ | - To specify the proxies servers, create an array with each IP.
+ |
+ | If you put Auth Grove on an back-end application server, with a front-end
+ | nginx responsible for SSL termination, you can set the front-end IPs or
+ | blindly trust any remote address with a magic entry '*'.
+ |
+ */
+
+ 'proxy' => ['*'],
+
+ /*
+ |--------------------------------------------------------------------------
| Application Timezone
|--------------------------------------------------------------------------
|
@@ -137,6 +157,11 @@
'Illuminate\View\ViewServiceProvider',
/*
+ * Third-party Service Providers...
+ */
+ 'Artisaninweb\Enum\EnumServiceProvider',
+
+ /*
* Application Service Providers...
*/
'AuthGrove\Providers\AppServiceProvider',
@@ -171,6 +196,7 @@
'Crypt' => 'Illuminate\Support\Facades\Crypt',
'DB' => 'Illuminate\Support\Facades\DB',
'Eloquent' => 'Illuminate\Database\Eloquent\Model',
+ 'EnumMap' => 'Artisaninweb\Enum\Facades\EnumFacade',
'Event' => 'Illuminate\Support\Facades\Event',
'File' => 'Illuminate\Support\Facades\File',
'Hash' => 'Illuminate\Support\Facades\Hash',

File Metadata

Mime Type
text/plain
Expires
Mon, Jan 20, 13:22 (7 h, 55 m)
Storage Engine
blob
Storage Format
Raw Data
Storage Handle
2362519
Default Alt Text
D24.id48.diff (4 KB)

Event Timeline

Nasqueron DevCentral · If it had been much bigger the moon would have had a core of ice. · Powered by Phabricator