Merge pull request #99 from julienloizelet/feat/curl

Feat/curl

Author: julienloizelet

.github/workflows/test-suite.yml

@@ -97,10 +97,18 @@ jobs:
         run: |
           ddev exec BOUNCER_KEY=${{ env.BOUNCER_KEY }} LAPI_URL=http://crowdsec:8080 MEMCACHED_DSN=memcached://memcached:11211 REDIS_DSN=redis://redis:6379 /usr/bin/php ./${{env.EXTENSION_PATH}}/vendor/bin/phpunit --testdox --colors --exclude-group ignore ./${{env.EXTENSION_PATH}}/tests/Integration/IpVerificationTest.php
 
+      - name: Run PHP UNIT tests (IP verification with cURL)
+        run: |
+          ddev exec BOUNCER_KEY=${{ env.BOUNCER_KEY }} USE_CURL=1 LAPI_URL=http://crowdsec:8080 MEMCACHED_DSN=memcached://memcached:11211 REDIS_DSN=redis://redis:6379 /usr/bin/php ./${{env.EXTENSION_PATH}}/vendor/bin/phpunit --testdox --colors --exclude-group ignore ./${{env.EXTENSION_PATH}}/tests/Integration/IpVerificationTest.php
+
       - name: Run PHP UNIT tests (Geolocation)
         run: |
           ddev exec BOUNCER_KEY=${{ env.BOUNCER_KEY }} LAPI_URL=http://crowdsec:8080  /usr/bin/php ./${{env.EXTENSION_PATH}}/vendor/bin/phpunit --testdox --colors --exclude-group ignore ./${{env.EXTENSION_PATH}}/tests/Integration/GeolocationTest.php
 
+      - name: Run PHP UNIT tests (Geolocation with cURL)
+        run: |
+          ddev exec BOUNCER_KEY=${{ env.BOUNCER_KEY }} USE_CURL=1 LAPI_URL=http://crowdsec:8080  /usr/bin/php ./${{env.EXTENSION_PATH}}/vendor/bin/phpunit --testdox --colors --exclude-group ignore ./${{env.EXTENSION_PATH}}/tests/Integration/GeolocationTest.php    
+
       - name: Prepare Standalone Bouncer end-to-end tests
         run: |
           ddev create-watcher
@@ -135,38 +143,70 @@ jobs:
               exit 1
           fi
             
-      - name: Run Standalone Bouncer end-to-end test (live mode without geolocation)
+      - name: Run "live mode with file_get_contents and without geolocation" test
         run: |
           cd ${{ github.workspace }}/${{env.EXTENSION_PATH}}
           cat scripts/auto-prepend/settings.php
           cd ${{ github.workspace }}/${{env.EXTENSION_PATH}}/tests/end-to-end/__scripts__
           ./run-tests.sh ci "./__tests__/1-live-mode.js"
 
-      - name: Run Standalone Bouncer end-to-end test (live mode with geolocation)
+      - name: Run "live mode with cURL and without geolocation" test
+        run: |
+          cd ${{ github.workspace }}/${{env.EXTENSION_PATH}}
+          sed -i  's/\x27use_curl\x27 => false/\x27use_curl\x27 => true/g' scripts/auto-prepend/settings.php
+          cat scripts/auto-prepend/settings.php
+          cd ${{ github.workspace }}/${{env.EXTENSION_PATH}}/tests/end-to-end/__scripts__
+          ./run-tests.sh ci "./__tests__/1-live-mode.js"    
+
+      - name: Run "live mode with file_get_contents and with geolocation" test
         run: |
           cd ${{ github.workspace }}/${{env.EXTENSION_PATH}}
+          sed -i  's/\x27use_curl\x27 => true/\x27use_curl\x27 => false/g' scripts/auto-prepend/settings.php
           sed -i  's/\x27enabled\x27 => false/\x27enabled\x27 => true/g' scripts/auto-prepend/settings.php
           sed -i  's/\x27forced_test_forwarded_ip\x27 => \x27\x27/\x27forced_test_forwarded_ip\x27 => \x27${{env.JP_TEST_IP}}\x27/g' scripts/auto-prepend/settings.php
           cat scripts/auto-prepend/settings.php
           cd ${{ github.workspace }}/${{env.EXTENSION_PATH}}/tests/end-to-end/__scripts__
           ./run-tests.sh ci "./__tests__/2-live-mode-with-geolocation.js"
 
-      - name: Run Standalone Bouncer end-to-end test (stream mode without geolocation)
+      - name: Run "live mode with cURL and with geolocation" test
+        run: |
+          cd ${{ github.workspace }}/${{env.EXTENSION_PATH}}
+          sed -i  's/\x27use_curl\x27 => false/\x27use_curl\x27 => true/g' scripts/auto-prepend/settings.php
+          sed -i  's/\x27use_curl\x27 => true/\x27use_curl\x27 => false/g' scripts/auto-prepend/settings.php
+          sed -i  's/\x27enabled\x27 => false/\x27enabled\x27 => true/g' scripts/auto-prepend/settings.php
+          sed -i  's/\x27forced_test_forwarded_ip\x27 => \x27\x27/\x27forced_test_forwarded_ip\x27 => \x27${{env.JP_TEST_IP}}\x27/g' scripts/auto-prepend/settings.php
+          cat scripts/auto-prepend/settings.php
+          cd ${{ github.workspace }}/${{env.EXTENSION_PATH}}/tests/end-to-end/__scripts__
+          ./run-tests.sh ci "./__tests__/2-live-mode-with-geolocation.js"   
+
+      - name: Run "stream mode with file_get_contents and without geolocation" test
         run: |
           cd ${{ github.workspace }}/${{env.EXTENSION_PATH}}
+          sed -i  's/\x27use_curl\x27 => true/\x27use_curl\x27 => false/g' scripts/auto-prepend/settings.php
           sed -i  's/\x27enabled\x27 => true/\x27enabled\x27 => false/g' scripts/auto-prepend/settings.php
           sed -i  's/\x27forced_test_forwarded_ip\x27 => \x27${{env.JP_TEST_IP}}\x27/\x27forced_test_forwarded_ip\x27 => \x27\x27/g' scripts/auto-prepend/settings.php
           sed -i  's/\x27stream_mode\x27 => false/\x27stream_mode\x27 => true/g' scripts/auto-prepend/settings.php
           cat scripts/auto-prepend/settings.php
           cd ${{ github.workspace }}/${{env.EXTENSION_PATH}}/tests/end-to-end/__scripts__
           ./run-tests.sh ci "./__tests__/3-stream-mode.js"
 
-      - name: Run Standalone Bouncer end-to-end test (standalone geolocation)
+      - name: Run "stream mode with cURL and without geolocation" test
+        run: |
+          cd ${{ github.workspace }}/${{env.EXTENSION_PATH}}
+          sed -i  's/\x27use_curl\x27 => false/\x27use_curl\x27 => true/g' scripts/auto-prepend/settings.php
+          sed -i  's/\x27enabled\x27 => true/\x27enabled\x27 => false/g' scripts/auto-prepend/settings.php
+          sed -i  's/\x27forced_test_forwarded_ip\x27 => \x27${{env.JP_TEST_IP}}\x27/\x27forced_test_forwarded_ip\x27 => \x27\x27/g' scripts/auto-prepend/settings.php
+          sed -i  's/\x27stream_mode\x27 => false/\x27stream_mode\x27 => true/g' scripts/auto-prepend/settings.php
+          cat scripts/auto-prepend/settings.php
+          cd ${{ github.workspace }}/${{env.EXTENSION_PATH}}/tests/end-to-end/__scripts__
+          ./run-tests.sh ci "./__tests__/3-stream-mode.js"    
+
+      - name: Run "standalone geolocation" test
         run: |
           cd ${{ github.workspace }}/${{env.EXTENSION_PATH}}/tests/end-to-end/__scripts__
           ./run-tests.sh ci "./__tests__/4-geolocation.js"
 
-      - name: Run Standalone Bouncer end-to-end test (live mode with IPv6)
+      - name: Run "live mode with IPv6" test
         run: |
           cd ${{ github.workspace }}/${{env.EXTENSION_PATH}}
           sed -i  's/\x27forced_test_forwarded_ip\x27 => \x27\x27/\x27forced_test_forwarded_ip\x27 => \x27${{env.IPV6_TEST_IP}}\x27/g' scripts/auto-prepend/settings.php

CHANGELOG.md

@@ -5,6 +5,11 @@ The format is based on [Keep a Changelog](https://keepachangelog.com/en/)
 and this project adheres to [Semantic Versioning](http://semver.org/spec/v2.0.0.html).
 
 
+## [0.25.0] - 2022-07-22
+
+### Added
+- Add a `use_curl` setting to make LAPI rest requests with `cURL` instead of `file_get_contents`
+
 ## [0.24.0] - 2022-07-08
 
 ### Added

composer.json

@@ -45,9 +45,14 @@
         "monolog/monolog": "^1.17 || ^2.1",
         "gregwar/captcha": "^1.1",
         "mlocati/ip-lib": "^1.18",
-        "geoip2/geoip2": "^2.12.2"
+        "geoip2/geoip2": "^2.12.2",
+        "ext-json": "*"
     },
     "require-dev": {
-        "phpunit/phpunit": "8.5.27"
+        "phpunit/phpunit": "8.5.27",
+        "ext-curl": "*"
+    },
+    "suggest": {
+        "ext-curl": "*"
     }
 }

docs/INSTALLATION_GUIDE.md

@@ -25,7 +25,8 @@
 ## Requirements
 
 - PHP >= 7.2
-- required php extensions : `ext-json`, `ext-gd`
+- required php extensions: `ext-json`, `ext-gd`
+- suggested php extension: `ext-curl` 
 
 ## Installation
 

docs/TECHNICAL_NOTES.md

@@ -50,14 +50,15 @@ an empty array.
 
 ### Why not PHP 5.6?
 
-Because this PHP version is no more supported since December 2018 (not even a security fix!).
+Because this PHP version is no more supported since December 2018 (not even a security fix).
 Also, a lot of libraries are no more compatible with this version.
 We don't want to use an older version of these libraries because Composer can only install one version of each extension/package.
 So, being compatible with this old PHP version means to be not compatible with projects using a new version of these libraries.
 
 ### Why not 7.0.x nor 7.1.x ?
 
-These PHP versions are not anymore maintained for security fixes since 2019! We encourage you a lot to upgrade your PHP version. You can view the [full list of PHP versions lifecycle](https://www.php.net/supported-versions.php).
+These PHP versions are not anymore maintained for security fixes since 2019. We encourage you a lot to upgrade your 
+PHP version. You can view the [full list of PHP versions lifecycle](https://www.php.net/supported-versions.php).
 
 To get a robust library and not provide security bug unmaintained, we use [components](https://packagist.org/packages/symfony/cache#v3.4.47) under [LTS versioning](https://symfony.com/releases/3.4).
 

docs/USER_GUIDE.md

@@ -125,6 +125,8 @@ Here is the list of available settings:
 
 - `api_timeout`: In seconds. The timeout when calling LAPI. Must be greater or equal than 1. Defaults to 1 sec.
 - `api_user_agent`: HTTP user agent used to call CLAPI. Default to this library name/current version.
+- `use_curl`: By default, this lib call the REST LAPI using `file_get_contents` method (`allow_url_fopen` is required).
+  You can set `use_curl` to `true` in order to use `cURL` request instead (`curl` is in then required)
 
 ##### Debug
 - `debug_mode`:true to enable verbose debug log.

scripts/auto-prepend/settings.example.php

@@ -18,6 +18,13 @@
     // In seconds. The timeout when calling LAPI. Must be greater or equal than 1. Defaults to 1 sec.
     'api_timeout'=> 1,
 
+    /**
+     * By default, the lib call the REST LAPI using file_get_contents method (allow_url_fopen is required).
+     * Set 'use_curl' to true in order to use cURL request instead (curl is in then required)
+     *
+     */
+    'use_curl' => false,
+
     // HTTP user agent used to call LAPI. Default to this library name/current version.
     'api_user_agent'=> 'CrowdSec PHP Library/x.x.x',
 

src/AbstractBounce.php

@@ -130,7 +130,7 @@ protected function handleForwardedFor(string $ip, array $configs): string
                 $ipList = array_map('trim', array_values(array_filter(explode(',', $XForwardedForHeader))));
                 $forwardedIp = end($ipList);
             }
-        } else if ($configs['forced_test_forwarded_ip'] === Constants::X_FORWARDED_DISABLED) {
+        } elseif ($configs['forced_test_forwarded_ip'] === Constants::X_FORWARDED_DISABLED) {
             $this->logger->debug('', [
                 'type' => 'DISABLED_X_FORWARDED_FOR_USAGE',
                 'original_ip' => $ip,
@@ -207,7 +207,7 @@ protected function shouldTrustXforwardedFor(string $ip): bool
     }
 
     /**
-     * @throws InvalidArgumentException
+     * @throws InvalidArgumentException|BouncerException
      */
     protected function displayCaptchaWall(string $ip): void
     {
@@ -237,7 +237,7 @@ protected function handleBanRemediation(): void
      * @param string $ip
      * @return void
      * @throws InvalidArgumentException
-     * @throws CacheException
+     * @throws CacheException|BouncerException
      */
     protected function handleCaptchaResolutionForm(string $ip)
     {
@@ -321,7 +321,7 @@ protected function handleCaptchaResolutionForm(string $ip)
      *
      * @return void
      * @throws InvalidArgumentException
-     * @throws CacheException
+     * @throws CacheException|BouncerException
      */
     protected function handleCaptchaRemediation(string $ip)
     {
@@ -362,7 +362,7 @@ protected function handleCaptchaRemediation(string $ip)
      * @param string $ip
      * @return void
      * @throws InvalidArgumentException
-     * @throws CacheException
+     * @throws CacheException|BouncerException
      */
     protected function handleRemediation(string $remediation, string $ip)
     {
@@ -385,7 +385,7 @@ protected function handleRemediation(string $remediation, string $ip)
      * @param array $names
      * @param string $ip
      * @return array
-     * @throws InvalidArgumentException
+     * @throws InvalidArgumentException|BouncerException
      */
     public function getIpVariables(string $cacheTag, array $names, string $ip): array
     {
@@ -405,7 +405,7 @@ public function getIpVariables(string $cacheTag, array $names, string $ip): arra
      * @param string $ip
      * @return void
      * @throws InvalidArgumentException
-     * @throws CacheException
+     * @throws CacheException|BouncerException
      */
     public function setIpVariables(string $cacheTag, array $pairs, string $ip): void
     {
@@ -424,7 +424,7 @@ public function setIpVariables(string $cacheTag, array $pairs, string $ip): void
      * @param string $ip
      * @return void
      * @throws InvalidArgumentException
-     * @throws CacheException
+     * @throws CacheException|BouncerException
      */
     public function unsetIpVariables(string $cacheTag, array $names, string $ip): void
     {

src/ApiCache.php

@@ -286,6 +286,7 @@ private function removeDecisionFromRemediationItem(string $cacheKey, int $decisi
 
     /**
      * Parse "duration" entries returned from API to a number of seconds.
+     * @throws BouncerException
      */
     private static function parseDurationToSeconds(string $duration): int
     {
@@ -317,6 +318,7 @@ private static function parseDurationToSeconds(string $duration): int
     /**
      * Format a remediation item of a cache item.
      * This format use a minimal amount of data allowing less cache data consumption.
+     * @throws BouncerException
      */
     private function formatRemediationFromDecision(?array $decision): array
     {
@@ -364,6 +366,7 @@ private function defferUpdateCacheConfig(array $config): void
      * Update the cached remediation of the specified cacheKey from these new decisions.
      *
      * @throws InvalidArgumentException|\Psr\Cache\CacheException
+     * @throws BouncerException
      */
     private function saveRemediationsForCacheKey(array $decisions, string $cacheKey): string
     {
@@ -401,6 +404,7 @@ private function saveRemediationsForCacheKey(array $decisions, string $cacheKey)
      * @param string $scope
      * @param string $value
      * @return string
+     * @throws BouncerException
      */
     private function getCacheKey(string $scope, string $value): string
     {
@@ -615,7 +619,7 @@ private function removeRemediations(array $decisions): array
     }
 
     /**
-     * @throws InvalidArgumentException
+     * @throws InvalidArgumentException|BouncerException
      */
     public function clear(): bool
     {
@@ -640,7 +644,7 @@ public function clear(): bool
      *
      * @return array "count": number of decisions added, "errors": decisions not added
      *
-     * @throws InvalidArgumentException|\Psr\Cache\CacheException
+     * @throws InvalidArgumentException|\Psr\Cache\CacheException|BouncerException
      */
     public function warmUp(): array
     {
@@ -682,7 +686,7 @@ public function warmUp(): array
      *
      * @return array number of deleted and new decisions, and errors when processing decisions
      *
-     * @throws InvalidArgumentException|\Psr\Cache\CacheException
+     * @throws InvalidArgumentException|\Psr\Cache\CacheException|BouncerException
      */
     public function pullUpdates(): array
     {
@@ -782,7 +786,7 @@ private function hit(string $ip): string
      *
      * @return string
      * @throws InvalidArgumentException
-     * @throws \Psr\Cache\CacheException
+     * @throws \Psr\Cache\CacheException|BouncerException
      */
     private function handleCacheRemediation(string $cacheScope, string $value): string
     {
@@ -870,6 +874,7 @@ public function get(AddressInterface $address): string
 
     /**
      * Prune the cache (only when using PHP File System cache).
+     * @throws BouncerException
      */
     public function prune(): bool
     {
@@ -886,6 +891,7 @@ public function prune(): bool
     /**
      * When Memcached connection fail, it throws an unhandled warning.
      * To catch this warning as a clean exception we have to temporarily change the error handler.
+     * @throws BouncerException
      */
     private function setCustomErrorHandler(): void
     {
@@ -946,7 +952,7 @@ public function testConnection(): void
      *
      * @return array|mixed
      *
-     * @throws InvalidArgumentException
+     * @throws InvalidArgumentException|BouncerException
      */
     private function getIpCachedVariables(string $cacheTag, string $ip)
     {
@@ -968,7 +974,7 @@ private function getIpCachedVariables(string $cacheTag, string $ip)
      * @param string $ip
      *
      * @return array
-     * @throws InvalidArgumentException
+     * @throws InvalidArgumentException|BouncerException
      */
     public function getIpVariables(string $cacheTag, array $names, string $ip): array
     {
@@ -1011,7 +1017,7 @@ public function setIpVariables(string $cacheTag, array $pairs, string $ip)
      * @param string $ip
      * @return void
      * @throws InvalidArgumentException
-     * @throws \Psr\Cache\CacheException
+     * @throws \Psr\Cache\CacheException|BouncerException
      */
     public function unsetIpVariables(string $cacheTag, array $pairs, string $ip)
     {