Adds port detection to ProxyAwareSchemer

donatj · donatj · commit 6a7c3808b26c · 2021-04-19T15:29:31.000-05:00
diff --git a/src/ProxyAwareSchemer.php b/src/ProxyAwareSchemer.php
@@ -32,53 +32,97 @@ class ProxyAwareSchemer {
 		'HTTPS'                     => 'on',
 	];
 
+	public const PORT_EXPECTED_SERVER_KEYS = [
+		'HTTP_X_FORWARDED_PORT',
+	];
+
+	/** Value for `default port` arguments to remove the port from the URI */
+	public const REMOVE_PORT = -65536;
+
 	/** @var array|string[] */
-	private $proxyServerValues;
+	private $proxyServerHttpsKeyValues;
+
+	/** @var string[] */
+	private $proxyServerPortKeys;
 
 	/**
-	 * @param array|null $proxyServerValues Map of $_SERVER keys to their expected https-positive value. Defaults to
-	 *                                      self::HTTPS_EXPECTED_SERVER_VALUES
-	 * @param array|null $server            Server array to inspect. Defaults to $_SERVER.
+	 * @param array|null $server Server array to inspect. Defaults to $_SERVER.
+	 *
+	 * @param array|null $proxyServerHttpsKeyValues Map of $_SERVER keys to their expected https-positive value.
+	 *                                              Defaults to ProxyAwareSchemer::HTTPS_EXPECTED_SERVER_VALUES
+	 *
+	 * @param string[]|null Array of $_SERVER keys to check for a forwarded port value.
 	 */
 	public function __construct(
-		?array $proxyServerValues = null,
-		?array $server = null
+		?array $server = null,
+		?array $proxyServerHttpsKeyValues = null,
+		?array $proxyServerPortKeys = null
 	) {
-		$this->proxyServerValues = $proxyServerValues ?? self::HTTPS_EXPECTED_SERVER_VALUES;
-
 		if( is_array($server) ) {
 			$this->server = $server;
 		} else {
 			$this->server = $_SERVER;
 		}
+
+		$this->proxyServerHttpsKeyValues = $proxyServerHttpsKeyValues ?? self::HTTPS_EXPECTED_SERVER_VALUES;
+		$this->proxyServerPortKeys       = $proxyServerPortKeys ?? self::PORT_EXPECTED_SERVER_KEYS;
 	}
 
 	/**
 	 * Given a \Psr\Http\Message\ServerRequestInterface returns a new instance of ServerRequestInterface with a new Uri
 	 * having the scheme adjusted to match the detected external scheme as defined by the proxies headers.
 	 */
 	public function withUriWithDetectedScheme(
-		ServerRequestInterface $serverRequest
+		ServerRequestInterface $serverRequest, bool $detectPort = true, ?int $defaultOnHttps = self::REMOVE_PORT
 	) : ServerRequestInterface {
 		return $serverRequest->withUri(
-			$this->withDetectedScheme($serverRequest->getUri())
+			$this->withDetectedScheme($serverRequest->getUri(), $detectPort, $defaultOnHttps)
 		);
 	}
 
 	/**
-	 * Given a \Psr\Http\Message\UriInterface returns a new instance of UriInterface having the scheme adjusted to match
+	 * Given a \Psr\Http\Message\UriInterface returns a instance of UriInterface having the scheme adjusted to match
 	 * the detected external scheme as defined by the proxies headers.
 	 */
-	public function withDetectedScheme( UriInterface $uri ) : UriInterface {
-		foreach( $this->proxyServerValues as $serverKey => $serverValue ) {
+	public function withDetectedScheme(
+		UriInterface $uri,
+		bool $detectPort = true,
+		?int $defaultOnHttps = self::REMOVE_PORT
+	) : UriInterface {
+		foreach( $this->proxyServerHttpsKeyValues as $serverKey => $serverValue ) {
 			if( isset($this->server[$serverKey])
 				&& strtolower($this->server[$serverKey]) === $serverValue
 			) {
-				return $uri->withScheme('https');
+				$newUri = $uri->withScheme('https');
+
+				return $detectPort ? $this->withDetectedPort($newUri, $defaultOnHttps) : $newUri;
 			}
 		}
 
-		return $uri;
+		return $detectPort ? $this->withDetectedPort($uri) : $uri;
+	}
+
+	/**
+	 * Given a \Psr\Http\Message\UriInterface returns a instance of UriInterface having the port adjusted to match
+	 * the detected external scheme as defined by the proxies headers.
+	 *
+	 * @param int|null $default Defines a default fallback port
+	 */
+	public function withDetectedPort( UriInterface $uri, ?int $default = null ) : UriInterface {
+		foreach( $this->proxyServerPortKeys as $portKey ) {
+			if( isset($this->server[$portKey]) ) {
+				$port = (int)$this->server[$portKey];
+				if( $port > 0 && $port <= 65535 ) {
+					return $uri->withPort($port);
+				}
+			}
+		}
+
+		if( $default === self::REMOVE_PORT ) {
+			return $uri->withPort(null);
+		}
+
+		return $default ? $uri->withPort($default) : $uri;
 	}
 
 }
diff --git a/test/ProxyAwareSchemerTest.php b/test/ProxyAwareSchemerTest.php
@@ -15,7 +15,7 @@ public function test_withDetectedScheme_https( string $key, string $value ) : vo
 		$request = new ServerRequest('GET', 'http://localhost');
 
 		$server                = [ $key => $value ];
-		$schemerManuallyPassed = new ProxyAwareSchemer(null, $server);
+		$schemerManuallyPassed = new ProxyAwareSchemer($server);
 		$this->assertSame('https', $schemerManuallyPassed->withUriWithDetectedScheme($request)->getUri()->getScheme());
 
 		$_SERVER     = [ $key => $value ];
@@ -28,7 +28,7 @@ public function test_withDetectedScheme_http() : void {
 		$request = new ServerRequest('GET', 'http://localhost');
 
 		$server                = [];
-		$schemerManuallyPassed = new ProxyAwareSchemer(null, $server);
+		$schemerManuallyPassed = new ProxyAwareSchemer($server);
 		$this->assertSame('http', $schemerManuallyPassed->withUriWithDetectedScheme($request)->getUri()->getScheme());
 
 		$_SERVER     = [];
@@ -43,4 +43,33 @@ public function positiveServerKeyProvider() : \Generator {
 		}
 	}
 
+	/**
+	 * @dataProvider linkServerPortProvider
+	 */
+	public function test_forwarded_port(
+		string $expected,
+		string $link,
+		array $server,
+		bool $detectPort = true,
+		int $default = ProxyAwareSchemer::REMOVE_PORT
+	) : void {
+		$request = new ServerRequest('GET', $link);
+
+		$schemer = new ProxyAwareSchemer($server);
+
+		$this->assertSame($expected, $schemer->withUriWithDetectedScheme($request, $detectPort, $default)->getUri()->__toString());
+	}
+
+	public function linkServerPortProvider() : \Generator {
+		yield 'protocol should stay the same 1' => [ 'https://test.example.com:8080/foo', 'https://test.example.com/foo', [ 'HTTP_X_FORWARDED_PORT' => 8080 ] ];
+		yield 'protocol should stay the same 2' => [ 'http://test.example.com:8080/foo', 'http://test.example.com/foo', [ 'HTTP_X_FORWARDED_PORT' => 8080 ] ];
+
+		yield 'protocol should change and new port should be respected' => [ 'https://test.example.com:8080/foo', 'http://test.example.com/foo', [ 'HTTP_X_FORWARDED_PORT' => 8080, 'HTTP_X_FORWARDED_PROTOCOL' => 'https' ] ];
+
+		yield 'change in protocol should remove port' => [ 'https://test.example.com/foo', 'http://test.example.com/foo', [ 'HTTP_X_FORWARDED_PROTOCOL' => 'https' ] ];
+
+		yield 'Default port should overwrite when not found' => [ 'https://test.example.com:9090/foo', 'http://test.example.com/foo', [ 'HTTP_X_FORWARDED_PROTOCOL' => 'https' ], true, 9090 ];
+		yield 'Default port should not overwrite when detection disabled' => [ 'https://test.example.com:2020/foo', 'http://test.example.com:2020/foo', [ 'HTTP_X_FORWARDED_PORT' => 8080, 'HTTP_X_FORWARDED_PROTOCOL' => 'https' ], false ];
+	}
+
 }
