-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathConfigProvider.php
70 lines (64 loc) · 2.66 KB
/
ConfigProvider.php
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
<?php
declare(strict_types=1);
namespace NetglueRealIP;
class ConfigProvider
{
/** @return mixed[] */
public function __invoke(): array
{
return [
'dependencies' => $this->getDependencies(),
'controller_plugins' => $this->getZendMvcControllerPluginConfig(),
'proxy_headers' => $this->getProxyHeaderSetup(),
];
}
/** @return mixed[] */
public function getDependencies(): array
{
// @codingStandardsIgnoreStart
return [
'factories' => [
Helper\ClientIPFromPsrServerRequest::class => Container\Helper\ClientIPFromPsrServerRequestFactory::class,
Helper\ClientIPFromSuperGlobals::class => Container\Helper\ClientIPFromSuperGlobalsFactory::class,
Middleware\IpAddress::class => Container\Middleware\IpAddressFactory::class,
],
];
// @codingStandardsIgnoreEnd
}
/** @return mixed[] */
public function getZendMvcControllerPluginConfig(): array
{
// @codingStandardsIgnoreStart
return [
'factories' => [
ZendMvc\Controller\Plugin\ClientIP::class => Container\ZendMvc\Controller\Plugin\ClientIpPluginFactory::class,
],
'aliases' => [
'clientIp' => ZendMvc\Controller\Plugin\ClientIP::class
],
];
// @codingStandardsIgnoreEnd
}
/** @return mixed[] */
public function getProxyHeaderSetup(): array
{
return [
// When figuring out the client IP, should common proxy headers be checked?
'checkProxyHeaders' => false,
// If your app is firewalled, and you're sure you can trust that, say,
// Cloud Flare is sending you the client IP in the header 'CF-Connecting-IP', you can add that here
// and it will always be used
'trustedHeader' => null,
// If your app is on a private network and REMOTE_ADDR is always the load balancer ip, you could say
// that REMOTE_ADDR is always a trusted proxy
'remoteAddressIsTrustedProxy' => false,
// You can provide an array of IP addresses (v4 or v6) of proxies that trust. These will be eliminated as
// potential client IP addresses
'trustedProxies' => [],
// If you provide a non-empty array of proxy headers to inspect, only these headers will be checked,
// overriding the defaults. If you know that your proxy/loadbalancer only sends X-Forwarded-For, you could
// put just that one in here:
'proxyHeadersToInspect' => [],
];
}
}