sdgoij/rustfs
1
0
Fork 0
mirror of https://github.com/rustfs/rustfs.git synced 2026-01-17 01:30:33 +00:00
Code Issues Packages Projects Releases Wiki Activity
Files
e6a91fab0504d49554ce82ac2cf2bf1f9045f754
rustfs/crates/trusted-proxies/tests/unit/validator_tests.rs
houseme e6a91fab05 feat(trusted-proxies): optimize core architecture and localize documentation 
- **Zero-Trust Security**: Implemented multi-mode proxy validation (Strict, Lenient, Hop-by-Hop) to ensure client IP integrity.
- **High Performance**: Integrated `moka` for asynchronous, thread-safe caching of IP validation results.
- **Cloud Native**: Enhanced automatic metadata discovery and IP range fetching for AWS, Azure, and GCP.
- **Observability**: Added Prometheus metrics and structured JSON logging for production-grade monitoring.
- **Refactoring**: Standardized environment variable loading using `rustfs_utils::envs`.
- **Localization**: Translated all source code comments and documentation from Chinese to English.
- **Test Suite**: Fixed test dependencies and updated integration tests for Axum/Tower compatibility.
- **Documentation**: Completed `README.md` with comprehensive configuration and usage guides.
2026-01-14 23:24:58 +08:00

57 lines
2.1 KiB
Rust
Raw Blame History

// Copyright 2024 RustFS Team
//
// Licensed under the Apache License, Version 2.0 (the "License");
// you may not use this file except in compliance with the License.
// You may obtain a copy of the License at
//
// http://www.apache.org/licenses/LICENSE-2.0
//
// Unless required by applicable law or agreed to in writing, software
// distributed under the License is distributed on an "AS IS" BASIS,
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
// See the License for the specific language governing permissions and
// limitations under the License.
use std::net::{IpAddr, SocketAddr};
use std::str::FromStr;
use axum::http::HeaderMap;
use rustfs_trusted_proxies::config::{TrustedProxy, TrustedProxyConfig, ValidationMode};
use rustfs_trusted_proxies::proxy::chain::ProxyChainAnalyzer;
use rustfs_trusted_proxies::proxy::validator::{ClientInfo, ProxyValidator};
fn create_test_config() -> TrustedProxyConfig {
let proxies = vec![
TrustedProxy::Single("192.168.1.100".parse().unwrap()),
TrustedProxy::Cidr("10.0.0.0/8".parse().unwrap()),
];
TrustedProxyConfig::new(proxies, ValidationMode::HopByHop, true, 5, true, vec![])
}
#[test]
fn test_client_info_direct() {
let addr = SocketAddr::new(IpAddr::from([192, 168, 1, 1]), 8080);
let client_info = ClientInfo::direct(addr);
assert_eq!(client_info.real_ip, IpAddr::from([192, 168, 1, 1]));
}
#[test]
fn test_parse_x_forwarded_for() {
let header_value = "203.0.113.195, 198.51.100.1";
let result = ProxyValidator::parse_x_forwarded_for(header_value);
assert_eq!(result.len(), 2);
}
#[test]
fn test_proxy_chain_analyzer_hop_by_hop() {
let config = create_test_config();
let analyzer = ProxyChainAnalyzer::new(config);
let chain = vec![
IpAddr::from_str("203.0.113.195").unwrap(),
IpAddr::from_str("10.0.1.100").unwrap(),
];
let current_proxy = IpAddr::from_str("192.168.1.100").unwrap();
let headers = HeaderMap::new();
let result = analyzer.analyze_chain(&chain, current_proxy, &headers);
assert!(result.is_ok());
}
Reference in New Issue View Git Blame Copy Permalink