From 423ad1916499deb91edacd388912bcaaa8e9ba31 Mon Sep 17 00:00:00 2001
From: Ere Maijala <ere.maijala@helsinki.fi>
Date: Fri, 1 Nov 2024 15:34:31 +0200
Subject: [PATCH] Replace RemoteAddress with UserIpReader in
 EmailAuthenticator.

---
 module/VuFind/config/module.config.php        |  1 -
 .../src/VuFind/Auth/EmailAuthenticator.php    | 10 +--
 .../VuFind/Auth/EmailAuthenticatorFactory.php |  2 +-
 .../PhpEnvironment/RemoteAddressFactory.php   | 79 -------------------
 .../Auth/EmailAuthenticatorTest.php           | 14 ++--
 5 files changed, 13 insertions(+), 93 deletions(-)
 delete mode 100644 module/VuFind/src/VuFind/Http/PhpEnvironment/RemoteAddressFactory.php

diff --git a/module/VuFind/config/module.config.php b/module/VuFind/config/module.config.php
index 99cfdc7a5fd..0fd00962ab7 100644
--- a/module/VuFind/config/module.config.php
+++ b/module/VuFind/config/module.config.php
@@ -532,7 +532,6 @@
             'VuFindHttp\HttpService' => 'VuFind\Service\HttpServiceFactory',
             'VuFindSearch\Service' => 'VuFind\Service\SearchServiceFactory',
             'Laminas\Db\Adapter\Adapter' => 'VuFind\Db\AdapterFactory',
-            'Laminas\Http\PhpEnvironment\RemoteAddress' => 'VuFind\Http\PhpEnvironment\RemoteAddressFactory',
             'Laminas\Session\SessionManager' => 'VuFind\Session\ManagerFactory',
         ],
         'delegators' => [
diff --git a/module/VuFind/src/VuFind/Auth/EmailAuthenticator.php b/module/VuFind/src/VuFind/Auth/EmailAuthenticator.php
index 43fecab7b60..8b7edb45bcb 100644
--- a/module/VuFind/src/VuFind/Auth/EmailAuthenticator.php
+++ b/module/VuFind/src/VuFind/Auth/EmailAuthenticator.php
@@ -29,11 +29,11 @@
 
 namespace VuFind\Auth;
 
-use Laminas\Http\PhpEnvironment\RemoteAddress;
 use Laminas\Http\Request;
 use Laminas\View\Renderer\PhpRenderer;
 use VuFind\Db\Service\AuthHashServiceInterface;
 use VuFind\Exception\Auth as AuthException;
+use VuFind\Net\UserIpReader;
 use VuFind\Validator\CsrfInterface;
 
 /**
@@ -66,7 +66,7 @@ class EmailAuthenticator implements \VuFind\I18n\Translator\TranslatorAwareInter
      * @param CsrfInterface                   $csrf            CSRF Validator
      * @param \VuFind\Mailer\Mailer           $mailer          Mailer
      * @param PhpRenderer                     $viewRenderer    View Renderer
-     * @param RemoteAddress                   $remoteAddress   Remote address
+     * @param UserIpReader                    $userIpReader    User IP address reader
      * @param \Laminas\Config\Config          $config          Configuration
      * @param AuthHashServiceInterface        $authHashService AuthHash database service
      */
@@ -75,7 +75,7 @@ public function __construct(
         protected CsrfInterface $csrf,
         protected \VuFind\Mailer\Mailer $mailer,
         protected PhpRenderer $viewRenderer,
-        protected RemoteAddress $remoteAddress,
+        protected UserIpReader $userIpReader,
         protected \Laminas\Config\Config $config,
         protected AuthHashServiceInterface $authHashService
     ) {
@@ -121,7 +121,7 @@ public function sendAuthenticationLink(
             'timestamp' => time(),
             'data' => $data,
             'email' => $email,
-            'ip' => $this->remoteAddress->getIpAddress(),
+            'ip' => $this->userIpReader->getUserIp(),
         ];
         $hash = $this->csrf->getHash(true);
 
@@ -171,7 +171,7 @@ public function authenticate($hash)
         $sessionId = $this->sessionManager->getId();
         if (
             $row->getSessionId() !== $sessionId
-            && $linkData['ip'] !== $this->remoteAddress->getIpAddress()
+            && $linkData['ip'] !== $this->userIpReader->getUserIp()
         ) {
             throw new AuthException('authentication_error_session_ip_mismatch');
         }
diff --git a/module/VuFind/src/VuFind/Auth/EmailAuthenticatorFactory.php b/module/VuFind/src/VuFind/Auth/EmailAuthenticatorFactory.php
index 7672277c799..866d85d0c93 100644
--- a/module/VuFind/src/VuFind/Auth/EmailAuthenticatorFactory.php
+++ b/module/VuFind/src/VuFind/Auth/EmailAuthenticatorFactory.php
@@ -72,7 +72,7 @@ public function __invoke(
             $container->get(\VuFind\Validator\CsrfInterface::class),
             $container->get(\VuFind\Mailer\Mailer::class),
             $container->get('ViewRenderer'),
-            $container->get(\Laminas\Http\PhpEnvironment\RemoteAddress::class),
+            $container->get(\VuFind\Net\UserIpReader::class),
             $container->get(\VuFind\Config\PluginManager::class)->get('config'),
             $container->get(\VuFind\Db\Service\PluginManager::class)
                 ->get(\VuFind\Db\Service\AuthHashServiceInterface::class)
diff --git a/module/VuFind/src/VuFind/Http/PhpEnvironment/RemoteAddressFactory.php b/module/VuFind/src/VuFind/Http/PhpEnvironment/RemoteAddressFactory.php
deleted file mode 100644
index f862faa8bdc..00000000000
--- a/module/VuFind/src/VuFind/Http/PhpEnvironment/RemoteAddressFactory.php
+++ /dev/null
@@ -1,79 +0,0 @@
-<?php
-
-/**
- * RemoteAddress utility factory. This uses the core Laminas RemoteAddress but
- * configures it according to VuFind settings.
- *
- * PHP version 8
- *
- * Copyright (C) Villanova University 2019.
- *
- * This program is free software; you can redistribute it and/or modify
- * it under the terms of the GNU General Public License version 2,
- * as published by the Free Software Foundation.
- *
- * This program is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
- * GNU General Public License for more details.
- *
- * You should have received a copy of the GNU General Public License
- * along with this program; if not, write to the Free Software
- * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA  02110-1301  USA
- *
- * @category VuFind
- * @package  View_Helpers
- * @author   Demian Katz <demian.katz@villanova.edu>
- * @license  http://opensource.org/licenses/gpl-2.0.php GNU General Public License
- * @link     https://vufind.org/wiki/development Wiki
- */
-
-namespace VuFind\Http\PhpEnvironment;
-
-use Laminas\ServiceManager\Exception\ServiceNotCreatedException;
-use Laminas\ServiceManager\Exception\ServiceNotFoundException;
-use Laminas\ServiceManager\Factory\FactoryInterface;
-use Psr\Container\ContainerExceptionInterface as ContainerException;
-use Psr\Container\ContainerInterface;
-
-/**
- * RemoteAddress utility factory.
- *
- * @category VuFind
- * @package  View_Helpers
- * @author   Demian Katz <demian.katz@villanova.edu>
- * @license  http://opensource.org/licenses/gpl-2.0.php GNU General Public License
- * @link     https://vufind.org/wiki/development Wiki
- */
-class RemoteAddressFactory implements FactoryInterface
-{
-    /**
-     * Create an object
-     *
-     * @param ContainerInterface $container     Service manager
-     * @param string             $requestedName Service being created
-     * @param null|array         $options       Extra options (optional)
-     *
-     * @return object
-     *
-     * @throws ServiceNotFoundException if unable to resolve the service.
-     * @throws ServiceNotCreatedException if an exception is raised when
-     * creating a service.
-     * @throws ContainerException&\Throwable if any other error occurs
-     */
-    public function __invoke(
-        ContainerInterface $container,
-        $requestedName,
-        array $options = null
-    ) {
-        if (!empty($options)) {
-            throw new \Exception('Unexpected options sent to factory.');
-        }
-        $cfg = $container->get(\VuFind\Config\PluginManager::class)->get('config');
-        $object = new $requestedName();
-        if ($cfg->Site->reverse_proxy ?? false) {
-            $object->setUseProxy(true);
-        }
-        return $object;
-    }
-}
diff --git a/module/VuFind/tests/unit-tests/src/VuFindTest/Auth/EmailAuthenticatorTest.php b/module/VuFind/tests/unit-tests/src/VuFindTest/Auth/EmailAuthenticatorTest.php
index 08258548b6f..9e0ba84c4fa 100644
--- a/module/VuFind/tests/unit-tests/src/VuFindTest/Auth/EmailAuthenticatorTest.php
+++ b/module/VuFind/tests/unit-tests/src/VuFindTest/Auth/EmailAuthenticatorTest.php
@@ -31,7 +31,6 @@
 
 use DateTime;
 use Laminas\Config\Config;
-use Laminas\Http\PhpEnvironment\RemoteAddress;
 use Laminas\Http\Request;
 use Laminas\I18n\Translator\TranslatorInterface;
 use Laminas\Session\SessionManager;
@@ -43,6 +42,7 @@
 use VuFind\Db\Entity\AuthHashEntityInterface;
 use VuFind\Db\Service\AuthHashServiceInterface;
 use VuFind\Mailer\Mailer;
+use VuFind\Net\UserIpReader;
 use VuFind\Validator\CsrfInterface;
 
 /**
@@ -63,7 +63,7 @@ class EmailAuthenticatorTest extends \PHPUnit\Framework\TestCase
      * @param ?CsrfInterface            $csrf            CSRF validator
      * @param ?Mailer                   $mailer          Mailer service
      * @param ?PhpRenderer              $renderer        View renderer
-     * @param ?RemoteAddress            $remoteAddress   Remote address details
+     * @param ?userIpReader             $userIpReader    User IP reader
      * @param array                     $config          Configuration settings
      * @param ?AuthHashServiceInterface $authHashService AuthHash database service
      *
@@ -77,7 +77,7 @@ protected function getEmailAuthenticator(
         CsrfInterface $csrf = null,
         Mailer $mailer = null,
         PhpRenderer $renderer = null,
-        RemoteAddress $remoteAddress = null,
+        UserIpReader $userIpReader = null,
         array $config = [],
         AuthHashServiceInterface $authHashService = null
     ): EmailAuthenticator {
@@ -86,7 +86,7 @@ protected function getEmailAuthenticator(
             $csrf ?? $this->createMock(CsrfInterface::class),
             $mailer ?? $this->createMock(Mailer::class),
             $renderer ?? $this->createMock(PhpRenderer::class),
-            $remoteAddress ?? $this->createMock(RemoteAddress::class),
+            $userIpReader ?? $this->createMock(UserIpReader::class),
             new Config($config),
             $authHashService ?? $this->createMock(AuthHashServiceInterface::class)
         );
@@ -186,14 +186,14 @@ function ($name) use ($mockServerUrl, $mockUrl) {
         $renderer->expects($this->once())->method('render')
             ->with('Email/login-link.phtml', $this->callback($checkViewParams))
             ->willReturn('foo-message');
-        $remoteAddress = $this->createMock(RemoteAddress::class);
-        $remoteAddress->expects($this->once())->method('getIpAddress')->willReturn('foo-ip');
+        $userIpReader = $this->createMock(userIpReader::class);
+        $userIpReader->expects($this->once())->method('getUserIp')->willReturn('foo-ip');
         $authenticator = $this->getEmailAuthenticator(
             sessionManager: $sessionManager,
             csrf: $csrf,
             mailer: $mailer,
             renderer: $renderer,
-            remoteAddress: $remoteAddress,
+            userIpReader: $userIpReader,
             config: ['Site' => ['title' => 'foo-site-title', 'email' => 'from@example.com']],
             authHashService: $authHashService
         );