Merge pull request #6 from securenative/dev

Support proxy headers

Author: inbaltako

.github/workflows/build.yml

@@ -30,6 +30,9 @@ jobs:
       - uses: php-actions/composer@v1
       - uses: nanasess/setup-php@master
       - uses: php-actions/phpunit@v9
+        with:
+          configuration: ./phpunit.xml
+          args: --coverage-text
 
       - name: Publish to codecov
         run: bash <(curl -s https://codecov.io/bash)
@@ -54,4 +57,4 @@ jobs:
           message_id: ${{ steps.slack.outputs.message_id }}
           channel: github-actions
           status: FAILED
-          color: danger
+          color: danger

.github/workflows/ci.yml

@@ -26,6 +26,9 @@ jobs:
       - uses: php-actions/composer@v1
       - uses: nanasess/setup-php@master
       - uses: php-actions/phpunit@v9
+        with:
+          configuration: ./phpunit.xml
+          args: --coverage-text
 
       - name: Publish to codecov
         run: bash <(curl -s https://codecov.io/bash)

.github/workflows/publish.yml

@@ -3,7 +3,7 @@ name: Publish
 on:
   release:
     types: [created]
-      
+
 jobs:
   release:
     runs-on: ubuntu-latest
@@ -22,17 +22,18 @@ jobs:
       - uses: actions/checkout@v2
       - uses: php-actions/composer@v1
       - uses: nanasess/setup-php@master
-      - uses: php-actions/phpunit@v9
-
-      - name: Publish to codecov
-        run: bash <(curl -s https://codecov.io/bash)
 
       - name: Publish
         uses: musps/action-deployer-php@master
         with:
           env:
             SSH_PRIVATE_KEY: ${{ secrets.PRIVATE_KEY }}
 
+      - name: Create changelog
+        uses: heinrichreimer/github-changelog-generator-action@v2.1.1
+        with:
+          token: ${{ secrets.GITHUB_TOKEN }}
+
       - name: Notify slack success
         if: success()
         env:

.phpunit.result.cache

@@ -0,0 +1 @@
+C:37:"PHPUnit\Runner\DefaultTestResultCache":5287:{a:2:{s:7:"defects";a:36:{s:30:"AgentTest::testApiKeyException";i:4;s:18:"ApiTest::testTrack";i:4;s:19:"ApiTest::testVerify";i:4;s:44:"ConfigurationManagerTest::testReadConfigFile";i:3;s:50:"ConfigurationManagerTest::testEnvironmentVariables";i:4;s:43:"ConfigurationManagerTest::testDefaultParams";i:3;s:58:"ConfigurationManagerTest::testEnvironmentVariablesOverride";i:4;s:34:"EventManagerTest::testEventOptions";i:4;s:32:"EventManagerTest::testBuildEvent";i:4;s:30:"EventManagerTest::testSendSync";i:4;s:34:"EventManagerTest::testSendFailSync";i:4;s:38:"EventManagerTest::testAsyncShouldRetry";i:4;s:31:"EventManagerTest::testSendAsync";i:4;s:62:"RequestUtilsTest::testIpExtractionUsingXFORWARDEDFORHeaderIpv6";i:3;s:70:"RequestUtilsTest::testIpExtractionUsingXFORWARDEDFORHeaderMultipleIpv4";i:3;s:68:"RequestUtilsTest::testIpExtractionUsingHTTPXREALIPHeaderMultipleIpv4";i:3;s:59:"RequestUtilsTest::testIpExtractionUsingREMOTEADDRHeaderIpv6";i:3;s:67:"RequestUtilsTest::testIpExtractionUsingREMOTEADDRHeaderMultipleIpv4";i:3;s:58:"RequestUtilsTest::testIpExtractionUsingXClientIpHeaderIpv6";i:3;s:66:"RequestUtilsTest::testIpExtractionUsingXClientIpHeaderMultipleIpv4";i:3;s:56:"RequestUtilsTest::testIpExtractionUsingXRealIpHeaderIpv6";i:3;s:64:"RequestUtilsTest::testIpExtractionUsingXRealIpHeaderMultipleIpv4";i:3;s:61:"RequestUtilsTest::testIpExtractionUsingForwardedForHeaderIpv6";i:3;s:69:"RequestUtilsTest::testIpExtractionUsingForwardedForHeaderMultipleIpv4";i:3;s:65:"RequestUtilsTest::testIpExtractionUsingXClusterClientIpHeaderIpv6";i:3;s:73:"RequestUtilsTest::testIpExtractionUsingXClusterClientIpHeaderMultipleIpv4";i:3;s:59:"RequestUtilsTest::testIpExtractionUsingXForwardedHeaderIpv6";i:3;s:67:"RequestUtilsTest::testIpExtractionUsingXForwardedHeaderMultipleIpv4";i:3;s:58:"RequestUtilsTest::testIpExtractionUsingForwardedHeaderIpv6";i:3;s:66:"RequestUtilsTest::testIpExtractionUsingForwardedHeaderMultipleIpv4";i:3;s:52:"RequestUtilsTest::testIpExtractionUsingViaHeaderIpv6";i:3;s:60:"RequestUtilsTest::testIpExtractionUsingViaHeaderMultipleIpv4";i:3;s:62:"RequestUtilsTest::testIpExtractionUsingHTTPXCLIENTIPHeaderIpv6";i:3;s:70:"RequestUtilsTest::testIpExtractionUsingHTTPXCLIENTIPHeaderMultipleIpv4";i:3;s:60:"RequestUtilsTest::testIpExtractionUsingHTTPXREALIPHeaderIpv6";i:3;s:60:"RequestUtilsTest::testExtractionPriorityWithoutXForwardedFor";i:3;}s:5:"times";a:45:{s:30:"AgentTest::testApiKeyException";d:0.023;s:18:"ApiTest::testTrack";d:0.015;s:31:"ApiTest::testTrackCustomContext";d:0.001;s:19:"ApiTest::testVerify";d:0.001;s:44:"ConfigurationManagerTest::testReadConfigFile";d:0.001;s:41:"ConfigurationManagerTest::testUnknownKeys";d:0.001;s:41:"ConfigurationManagerTest::testInvalidFile";d:0.001;s:48:"ConfigurationManagerTest::testInvalidFileEntries";d:0.001;s:40:"ConfigurationManagerTest::testLoadConfig";d:0;s:50:"ConfigurationManagerTest::testEnvironmentVariables";d:0;s:43:"ConfigurationManagerTest::testDefaultParams";d:0;s:58:"ConfigurationManagerTest::testEnvironmentVariablesOverride";d:0;s:34:"EventManagerTest::testEventOptions";d:0;s:32:"EventManagerTest::testBuildEvent";d:0;s:30:"EventManagerTest::testSendSync";d:0.002;s:34:"EventManagerTest::testSendFailSync";d:0.002;s:38:"EventManagerTest::testAsyncShouldRetry";d:0.002;s:31:"EventManagerTest::testSendAsync";d:0.001;s:42:"RequestUtilsTest::testProxyHeadersWithIpv4";d:0;s:42:"RequestUtilsTest::testProxyHeadersWithIpv6";d:0;s:53:"RequestUtilsTest::testProxyHeadersWithMultipleHeaders";d:0;s:62:"RequestUtilsTest::testIpExtractionUsingXFORWARDEDFORHeaderIpv6";d:0;s:70:"RequestUtilsTest::testIpExtractionUsingXFORWARDEDFORHeaderMultipleIpv4";d:0;s:60:"RequestUtilsTest::testIpExtractionUsingHTTPXREALIPHeaderIpv6";d:0;s:68:"RequestUtilsTest::testIpExtractionUsingHTTPXREALIPHeaderMultipleIpv4";d:0;s:59:"RequestUtilsTest::testIpExtractionUsingREMOTEADDRHeaderIpv6";d:0;s:67:"RequestUtilsTest::testIpExtractionUsingREMOTEADDRHeaderMultipleIpv4";d:0;s:58:"RequestUtilsTest::testIpExtractionUsingXClientIpHeaderIpv6";d:0;s:66:"RequestUtilsTest::testIpExtractionUsingXClientIpHeaderMultipleIpv4";d:0;s:56:"RequestUtilsTest::testIpExtractionUsingXRealIpHeaderIpv6";d:0;s:64:"RequestUtilsTest::testIpExtractionUsingXRealIpHeaderMultipleIpv4";d:0;s:61:"RequestUtilsTest::testIpExtractionUsingForwardedForHeaderIpv6";d:0;s:69:"RequestUtilsTest::testIpExtractionUsingForwardedForHeaderMultipleIpv4";d:0;s:65:"RequestUtilsTest::testIpExtractionUsingXClusterClientIpHeaderIpv6";d:0;s:73:"RequestUtilsTest::testIpExtractionUsingXClusterClientIpHeaderMultipleIpv4";d:0;s:59:"RequestUtilsTest::testIpExtractionUsingXForwardedHeaderIpv6";d:0;s:67:"RequestUtilsTest::testIpExtractionUsingXForwardedHeaderMultipleIpv4";d:0;s:58:"RequestUtilsTest::testIpExtractionUsingForwardedHeaderIpv6";d:0;s:66:"RequestUtilsTest::testIpExtractionUsingForwardedHeaderMultipleIpv4";d:0;s:52:"RequestUtilsTest::testIpExtractionUsingViaHeaderIpv6";d:0;s:60:"RequestUtilsTest::testIpExtractionUsingViaHeaderMultipleIpv4";d:0;s:62:"RequestUtilsTest::testIpExtractionUsingHTTPXCLIENTIPHeaderIpv6";d:0;s:70:"RequestUtilsTest::testIpExtractionUsingHTTPXCLIENTIPHeaderMultipleIpv4";d:0;s:57:"RequestUtilsTest::testExtractionPriorityWithXForwardedFor";d:0;s:60:"RequestUtilsTest::testExtractionPriorityWithoutXForwardedFor";d:0;}}}

README.md

@@ -68,9 +68,9 @@ Attach `securenative.json` file to your root folder:
 
 ```json
 {
-  "SECURENATIVE_API_KEY": "SOME_API_KEY",
-  "SECURENATIVE_APP_NAME": "SOME_APP_NAME",
-  "SECURENATIVE_API_URL": "SOME_API_URL",
+  "SECURENATIVE_API_KEY": "YOUR_API_KEY",
+  "SECURENATIVE_APP_NAME": "APP_NAME",
+  "SECURENATIVE_API_URL": "API_URL",
   "SECURENATIVE_INTERVAL": 1000,
   "SECURENATIVE_MAX_EVENTS": 100,
   "SECURENATIVE_TIMEOUT": 1500,
@@ -161,10 +161,12 @@ SecureNative::track(array(
 **Example**
 
 ```php
+$options = new SecureNativeOptions();
+
 $ver = SecureNative::verify(array(
     'event' => EventTypes::VERIFY,
     'userId' => '1234',
-    'context' => SecureNativeContext::fromRequest(),
+    'context' => SecureNative::fromRequest(),
     'userTraits' => (object)[
         'name' => 'Your Name',
         'email' => 'name@gmail.com'
@@ -187,3 +189,27 @@ if ($verified) {
     // Request is trusted (coming from SecureNative) 
 }
  ```
+
+## Extract proxy headers from cloud providers
+
+You can specify custom header keys to allow extraction of client ip from different providers.
+This example demonstrates the usage of proxy headers for ip extraction from Cloudflare.
+
+### Option 1: Using config file
+```json
+{
+    "SECURENATIVE_API_KEY": "YOUR_API_KEY",
+    "SECURENATIVE_PROXY_HEADERS": ["CF-Connecting-IP"]
+}
+```
+
+Initialize sdk as shown above.
+
+### Options 2: Using ConfigurationBuilder
+
+```php
+$options = new SecureNativeOptions();
+$options->setProxyHeaders(["CF-Connecting-IP"]);
+
+SecureNative::init();
+```