refactor(http): extract function to get client IP on reverse proxy

josecelano · josecelano · commit 03024e279718 · 2023-02-13T12:19:42.000Z
diff --git a/src/http/axum_implementation/handlers.rs b/src/http/axum_implementation/handlers.rs
@@ -2,8 +2,9 @@ use std::sync::Arc;
 
 use axum::extract::State;
 use axum::response::Json;
+use log::debug;
 
-use super::extractors::ExtractAnnounceParams;
+use super::requests::announce::ExtractAnnounceRequest;
 use super::resources::ok::Ok;
 use super::responses::ok_response;
 use crate::tracker::Tracker;
@@ -13,13 +14,29 @@ pub async fn get_status_handler() -> Json<Ok> {
     ok_response()
 }
 
-/// # Panics
-///
-/// todo
+/// WIP
 #[allow(clippy::unused_async)]
 pub async fn announce_handler(
     State(_tracker): State<Arc<Tracker>>,
-    ExtractAnnounceParams(_announce_params): ExtractAnnounceParams,
+    ExtractAnnounceRequest(announce_request): ExtractAnnounceRequest,
 ) -> Json<Ok> {
-    todo!()
+    /* todo:
+        - Extract remote client ip from request
+        - Build the `Peer`
+        - Call the `tracker.announce` method
+        - Send event for stats
+        - Move response from Warp to shared mod
+        - Send response
+    */
+
+    // Sample announce URL used for debugging:
+    // http://0.0.0.0:7070/announce?info_hash=%3B%24U%04%CF%5F%11%BB%DB%E1%20%1C%EAjk%F4Z%EE%1B%C0&peer_id=-qB00000000000000001&port=17548
+
+    debug!("http announce request: {:#?}", announce_request);
+
+    let info_hash = announce_request.info_hash;
+
+    debug!("info_hash: {:#?}", &info_hash);
+
+    ok_response()
 }
diff --git a/src/http/axum_implementation/mod.rs b/src/http/axum_implementation/mod.rs
@@ -1,6 +1,6 @@
-pub mod extractors;
 pub mod handlers;
 pub mod query;
+pub mod requests;
 pub mod resources;
 pub mod responses;
 pub mod routes;
diff --git a/src/http/axum_implementation/requests/announce.rs b/src/http/axum_implementation/requests/announce.rs
@@ -7,15 +7,15 @@ use axum::http::request::Parts;
 use axum::http::StatusCode;
 use thiserror::Error;
 
-use super::query::Query;
+use crate::http::axum_implementation::query::Query;
 use crate::http::percent_encoding::{percent_decode_info_hash, percent_decode_peer_id};
 use crate::protocol::info_hash::{ConversionError, InfoHash};
 use crate::tracker::peer::{self, IdConversionError};
 
-pub struct ExtractAnnounceParams(pub AnnounceParams);
+pub struct ExtractAnnounceRequest(pub Announce);
 
 #[derive(Debug, PartialEq)]
-pub struct AnnounceParams {
+pub struct Announce {
     pub info_hash: InfoHash,
     pub peer_id: peer::Id,
     pub port: u16,
@@ -55,7 +55,7 @@ impl From<ConversionError> for ParseAnnounceQueryError {
     }
 }
 
-impl TryFrom<Query> for AnnounceParams {
+impl TryFrom<Query> for Announce {
     type Error = ParseAnnounceQueryError;
 
     fn try_from(query: Query) -> Result<Self, Self::Error> {
@@ -103,13 +103,15 @@ fn extract_port(query: &Query) -> Result<u16, ParseAnnounceQueryError> {
 }
 
 #[async_trait]
-impl<S> FromRequestParts<S> for ExtractAnnounceParams
+impl<S> FromRequestParts<S> for ExtractAnnounceRequest
 where
     S: Send + Sync,
 {
     type Rejection = (StatusCode, &'static str);
 
     async fn from_request_parts(parts: &mut Parts, _state: &S) -> Result<Self, Self::Rejection> {
+        // todo: error responses body should be bencoded
+
         let raw_query = parts.uri.query();
 
         if raw_query.is_none() {
@@ -122,34 +124,34 @@ where
             return Err((StatusCode::BAD_REQUEST, "can't parse query params"));
         }
 
-        let announce_params = AnnounceParams::try_from(query.unwrap());
+        let announce_request = Announce::try_from(query.unwrap());
 
-        if announce_params.is_err() {
+        if announce_request.is_err() {
             return Err((StatusCode::BAD_REQUEST, "can't parse query params for announce request"));
         }
 
-        Ok(ExtractAnnounceParams(announce_params.unwrap()))
+        Ok(ExtractAnnounceRequest(announce_request.unwrap()))
     }
 }
 
 #[cfg(test)]
 mod tests {
-    use super::AnnounceParams;
+    use super::Announce;
     use crate::http::axum_implementation::query::Query;
     use crate::protocol::info_hash::InfoHash;
     use crate::tracker::peer;
 
     #[test]
-    fn announce_request_params_should_be_extracted_from_url_query_params() {
+    fn announce_request_should_be_extracted_from_url_query_params() {
         let raw_query = "info_hash=%3B%24U%04%CF%5F%11%BB%DB%E1%20%1C%EAjk%F4Z%EE%1B%C0&peer_id=-qB00000000000000001&port=17548";
 
         let query = raw_query.parse::<Query>().unwrap();
 
-        let announce_params = AnnounceParams::try_from(query).unwrap();
+        let announce_request = Announce::try_from(query).unwrap();
 
         assert_eq!(
-            announce_params,
-            AnnounceParams {
+            announce_request,
+            Announce {
                 info_hash: "3b245504cf5f11bbdbe1201cea6a6bf45aee1bc0".parse::<InfoHash>().unwrap(),
                 peer_id: "-qB00000000000000001".parse::<peer::Id>().unwrap(),
                 port: 17548,
diff --git a/src/http/axum_implementation/requests/mod.rs b/src/http/axum_implementation/requests/mod.rs
@@ -0,0 +1 @@
+pub mod announce;
diff --git a/src/http/handlers/announce.rs b/src/http/handlers/announce.rs
@@ -0,0 +1 @@
+pub fn handler() {}
diff --git a/src/http/handlers/mod.rs b/src/http/handlers/mod.rs
@@ -0,0 +1,88 @@
+use std::net::{AddrParseError, IpAddr};
+use std::panic::Location;
+use std::str::FromStr;
+
+use thiserror::Error;
+
+use crate::located_error::{Located, LocatedError};
+
+pub mod announce;
+
+#[derive(Error, Debug)]
+pub enum XForwardedForParseError {
+    #[error("Empty X-Forwarded-For header value, {location}")]
+    EmptyValue { location: &'static Location<'static> },
+
+    #[error("Invalid IP in X-Forwarded-For header: {source}")]
+    InvalidIp { source: LocatedError<'static, AddrParseError> },
+}
+
+impl From<AddrParseError> for XForwardedForParseError {
+    #[track_caller]
+    fn from(err: AddrParseError) -> Self {
+        Self::InvalidIp {
+            source: Located(err).into(),
+        }
+    }
+}
+
+/// It extracts the last IP address from the `X-Forwarded-For` http header value.
+///
+/// # Errors
+///
+/// Will return and error if the last IP in the `X-Forwarded-For` header is not a valid IP
+pub fn maybe_rightmost_forwarded_ip(x_forwarded_for_value: &str) -> Result<IpAddr, XForwardedForParseError> {
+    let mut x_forwarded_for_raw = x_forwarded_for_value.to_string();
+
+    // Remove whitespace chars
+    x_forwarded_for_raw.retain(|c| !c.is_whitespace());
+
+    // Get all forwarded IP's in a vec
+    let x_forwarded_ips: Vec<&str> = x_forwarded_for_raw.split(',').collect();
+
+    match x_forwarded_ips.last() {
+        Some(last_ip) => match IpAddr::from_str(last_ip) {
+            Ok(ip) => Ok(ip),
+            Err(err) => Err(err.into()),
+        },
+        None => Err(XForwardedForParseError::EmptyValue {
+            location: Location::caller(),
+        }),
+    }
+}
+
+#[cfg(test)]
+mod tests {
+
+    use std::net::IpAddr;
+    use std::str::FromStr;
+
+    use crate::http::handlers::maybe_rightmost_forwarded_ip;
+
+    #[test]
+    fn the_last_forwarded_ip_can_be_parsed_from_the_the_corresponding_http_header() {
+        assert!(maybe_rightmost_forwarded_ip("").is_err());
+
+        assert!(maybe_rightmost_forwarded_ip("INVALID IP").is_err());
+
+        assert_eq!(
+            maybe_rightmost_forwarded_ip("2001:db8:85a3:8d3:1319:8a2e:370:7348").unwrap(),
+            IpAddr::from_str("2001:db8:85a3:8d3:1319:8a2e:370:7348").unwrap()
+        );
+
+        assert_eq!(
+            maybe_rightmost_forwarded_ip("203.0.113.195").unwrap(),
+            IpAddr::from_str("203.0.113.195").unwrap()
+        );
+
+        assert_eq!(
+            maybe_rightmost_forwarded_ip("203.0.113.195, 2001:db8:85a3:8d3:1319:8a2e:370:7348").unwrap(),
+            IpAddr::from_str("2001:db8:85a3:8d3:1319:8a2e:370:7348").unwrap()
+        );
+
+        assert_eq!(
+            maybe_rightmost_forwarded_ip("203.0.113.195,2001:db8:85a3:8d3:1319:8a2e:370:7348,150.172.238.178").unwrap(),
+            IpAddr::from_str("150.172.238.178").unwrap()
+        );
+    }
+}
diff --git a/src/http/mod.rs b/src/http/mod.rs
@@ -13,6 +13,7 @@
 use serde::{Deserialize, Serialize};
 
 pub mod axum_implementation;
+pub mod handlers;
 pub mod percent_encoding;
 pub mod warp_implementation;
 
diff --git a/src/http/warp_implementation/filters.rs b/src/http/warp_implementation/filters.rs
@@ -1,13 +1,13 @@
 use std::convert::Infallible;
 use std::net::{IpAddr, SocketAddr};
 use std::panic::Location;
-use std::str::FromStr;
 use std::sync::Arc;
 
 use warp::{reject, Filter, Rejection};
 
 use super::error::Error;
 use super::{request, WebResult};
+use crate::http::handlers::maybe_rightmost_forwarded_ip;
 use crate::http::percent_encoding::{percent_decode_info_hash, percent_decode_peer_id};
 use crate::protocol::common::MAX_SCRAPE_TORRENTS;
 use crate::protocol::info_hash::InfoHash;
@@ -138,41 +138,33 @@ fn peer_id(raw_query: &String) -> WebResult<peer::Id> {
     }
 }
 
-/// Get `PeerAddress` from `RemoteAddress` or Forwarded
-fn peer_addr((on_reverse_proxy, remote_addr, x_forwarded_for): (bool, Option<SocketAddr>, Option<String>)) -> WebResult<IpAddr> {
-    if !on_reverse_proxy && remote_addr.is_none() {
-        return Err(reject::custom(Error::AddressNotFound {
-            location: Location::caller(),
-            message: "neither on have remote address or on a reverse proxy".to_string(),
-        }));
-    }
+/// Get peer IP from HTTP client IP  or X-Forwarded-For HTTP header
+fn peer_addr(
+    (on_reverse_proxy, remote_client_ip, maybe_x_forwarded_for): (bool, Option<SocketAddr>, Option<String>),
+) -> WebResult<IpAddr> {
+    if on_reverse_proxy {
+        if maybe_x_forwarded_for.is_none() {
+            return Err(reject::custom(Error::AddressNotFound {
+                location: Location::caller(),
+                message: "must have a x-forwarded-for when using a reverse proxy".to_string(),
+            }));
+        }
 
-    if on_reverse_proxy && x_forwarded_for.is_none() {
-        return Err(reject::custom(Error::AddressNotFound {
-            location: Location::caller(),
-            message: "must have a x-forwarded-for when using a reverse proxy".to_string(),
-        }));
-    }
+        let x_forwarded_for = maybe_x_forwarded_for.unwrap();
 
-    if on_reverse_proxy {
-        let mut x_forwarded_for_raw = x_forwarded_for.unwrap();
-        // remove whitespace chars
-        x_forwarded_for_raw.retain(|c| !c.is_whitespace());
-        // get all forwarded ip's in a vec
-        let x_forwarded_ips: Vec<&str> = x_forwarded_for_raw.split(',').collect();
-        // set client ip to last forwarded ip
-        let x_forwarded_ip = *x_forwarded_ips.last().unwrap();
-
-        IpAddr::from_str(x_forwarded_ip).map_err(|e| {
+        maybe_rightmost_forwarded_ip(&x_forwarded_for).map_err(|e| {
             reject::custom(Error::AddressNotFound {
                 location: Location::caller(),
-                message: format!(
-                    "on remote proxy and unable to parse the last x-forwarded-ip: `{e}`, from `{x_forwarded_for_raw}`"
-                ),
+                message: format!("on remote proxy and unable to parse the last x-forwarded-ip: `{e}`, from `{x_forwarded_for}`"),
             })
         })
+    } else if remote_client_ip.is_none() {
+        return Err(reject::custom(Error::AddressNotFound {
+            location: Location::caller(),
+            message: "neither on have remote address or on a reverse proxy".to_string(),
+        }));
     } else {
-        Ok(remote_addr.unwrap().ip())
+        return Ok(remote_client_ip.unwrap().ip());
     }
 }
 
diff --git a/tests/http/asserts.rs b/tests/http/asserts.rs
@@ -127,3 +127,23 @@ pub async fn assert_invalid_authentication_key_error_response(response: Response
 
     assert_error_bencoded(&response.text().await.unwrap(), "is not valid", Location::caller());
 }
+
+pub async fn assert_could_not_find_remote_address_on_xff_header_error_response(response: Response) {
+    assert_eq!(response.status(), 200);
+
+    assert_error_bencoded(
+        &response.text().await.unwrap(),
+        "could not find remote address: must have a x-forwarded-for when using a reverse proxy",
+        Location::caller(),
+    );
+}
+
+pub async fn assert_invalid_remote_address_on_xff_header_error_response(response: Response) {
+    assert_eq!(response.status(), 200);
+
+    assert_error_bencoded(
+        &response.text().await.unwrap(),
+        "could not find remote address: on remote proxy and unable to parse the last x-forwarded-ip",
+        Location::caller(),
+    );
+}
diff --git a/tests/http_tracker.rs b/tests/http_tracker.rs
