Changed behaviour of remote ip address detection, renamed ip allow/block lists

UnitTests/AspNetCore/Attributes/IPAllowListAttributeTests.cs

@@ -14,7 +14,7 @@ namespace UnitTests.AspNetCore.Attributes
 {
 	[TestClass]
 	[System.Diagnostics.CodeAnalysis.ExcludeFromCodeCoverage]
-	public class IPWhitelistAttributeTests
+	public class IPAllowListAttributeTests
 	{
 		private Dictionary<string, string> requestHeaders;
 		private Dictionary<object, object> itemsCallback;
@@ -37,7 +37,7 @@ namespace UnitTests.AspNetCore.Attributes
 		{
 			// arrange
 			var remote = IPAddress.Parse("192.168.178.1");
-			var attribute = new IPWhitelistAttribute();
+			var attribute = new IPAllowListAttribute();
 			var context = GetContext(remote);
 
 			// act
@@ -57,7 +57,7 @@ namespace UnitTests.AspNetCore.Attributes
 		{
 			// arrange
 			var remote = IPAddress.Parse("192.168.178.1");
-			var attribute = new IPWhitelistAttribute
+			var attribute = new IPAllowListAttribute
 			{
 				AllowedIpAddresses = "192.168.178:1"
 			};
@@ -79,7 +79,7 @@ namespace UnitTests.AspNetCore.Attributes
 		public void ShouldAllowLocalAccess()
 		{
 			// arrange
-			var attribute = new IPWhitelistAttribute();
+			var attribute = new IPAllowListAttribute();
 			var context = GetContext();
 
 			// act
@@ -95,7 +95,7 @@ namespace UnitTests.AspNetCore.Attributes
 		public void ShouldDenyLocalAccess()
 		{
 			// arrange
-			var attribute = new IPWhitelistAttribute
+			var attribute = new IPAllowListAttribute
 			{
 				AllowLocalAccess = false
 			};
@@ -120,7 +120,7 @@ namespace UnitTests.AspNetCore.Attributes
 		{
 			// arrange
 			var remote = IPAddress.Parse(address);
-			var attribute = new IPWhitelistAttribute
+			var attribute = new IPAllowListAttribute
 			{
 				AllowLocalAccess = false,
 				AllowedIpAddresses = ",127.0.0.0/8,192.168.178.10"
@@ -154,7 +154,7 @@ namespace UnitTests.AspNetCore.Attributes
 			configExists = true;
 			allowedIpsConfig.Add("127.0.0.0/8");
 			allowedIpsConfig.Add("192.168.178.10");
-			var attribute = new IPWhitelistAttribute
+			var attribute = new IPAllowListAttribute
 			{
 				AllowLocalAccess = true,
 				ConfigurationKey = configKey
@@ -178,7 +178,7 @@ namespace UnitTests.AspNetCore.Attributes
 			configExists = true;
 			allowedIpsConfig.Add("");
 			allowedIpsConfig.Add("192.168.178.10");
-			var attribute = new IPWhitelistAttribute
+			var attribute = new IPAllowListAttribute
 			{
 				AllowLocalAccess = false,
 				ConfigurationKey = configKey
@@ -206,7 +206,7 @@ namespace UnitTests.AspNetCore.Attributes
 			configKey = "White:List";
 			configExists = true;
 			allowedIpsConfig.Add("192.168.178.10");
-			var attribute = new IPWhitelistAttribute
+			var attribute = new IPAllowListAttribute
 			{
 				AllowLocalAccess = false,
 				ConfigurationKey = configKey
@@ -239,7 +239,7 @@ namespace UnitTests.AspNetCore.Attributes
 			// arrange
 			configKey = "White:List";
 			configExists = false;
-			var attribute = new IPWhitelistAttribute
+			var attribute = new IPAllowListAttribute
 			{
 				AllowLocalAccess = false,
 				ConfigurationKey = configKey

UnitTests/AspNetCore/Attributes/IPBlockListAttributeTests.cs

@@ -14,7 +14,7 @@ namespace UnitTests.AspNetCore.Attributes
 {
 	[TestClass]
 	[System.Diagnostics.CodeAnalysis.ExcludeFromCodeCoverage]
-	public class IPBlacklistAttributeTests
+	public class IPBlockListAttributeTests
 	{
 		private Dictionary<string, string> requestHeaders;
 		private Dictionary<object, object> itemsCallback;
@@ -37,7 +37,7 @@ namespace UnitTests.AspNetCore.Attributes
 		{
 			// arrange
 			var remote = IPAddress.Parse("192.168.178.1");
-			var attribute = new IPBlacklistAttribute();
+			var attribute = new IPBlockListAttribute();
 			var context = GetContext(remote);
 
 			// act
@@ -54,9 +54,9 @@ namespace UnitTests.AspNetCore.Attributes
 		{
 			// arrange
 			var remote = IPAddress.Parse("192.168.178.1");
-			var attribute = new IPBlacklistAttribute
+			var attribute = new IPBlockListAttribute
 			{
-				RestrictedIpAddresses = "192.168.178:1"
+				BlockedIpAddresses = "192.168.178:1"
 			};
 			var context = GetContext(remote);
 
@@ -73,10 +73,10 @@ namespace UnitTests.AspNetCore.Attributes
 		public void ShouldAllowLocalAccess()
 		{
 			// arrange
-			var attribute = new IPBlacklistAttribute
+			var attribute = new IPBlockListAttribute
 			{
-				RestrictLocalAccess = false,
-				RestrictedIpAddresses = "127.0.0.0/8"
+				BlockLocalAccess = false,
+				BlockedIpAddresses = "127.0.0.0/8"
 			};
 			var context = GetContext();
 
@@ -93,10 +93,10 @@ namespace UnitTests.AspNetCore.Attributes
 		public void ShouldBlockLocalAccess()
 		{
 			// arrange
-			var attribute = new IPBlacklistAttribute
+			var attribute = new IPBlockListAttribute
 			{
-				RestrictLocalAccess = true,
-				RestrictedIpAddresses = ",127.0.0.0/8"
+				BlockLocalAccess = true,
+				BlockedIpAddresses = ",127.0.0.0/8"
 			};
 			var context = GetContext();
 
@@ -119,10 +119,10 @@ namespace UnitTests.AspNetCore.Attributes
 		{
 			// arrange
 			var remote = IPAddress.Parse(address);
-			var attribute = new IPBlacklistAttribute
+			var attribute = new IPBlockListAttribute
 			{
-				RestrictLocalAccess = true,
-				RestrictedIpAddresses = "127.0.0.0/8,192.168.178.10"
+				BlockLocalAccess = true,
+				BlockedIpAddresses = "127.0.0.0/8,192.168.178.10"
 			};
 			var context = GetContext(remote);
 
@@ -153,9 +153,9 @@ namespace UnitTests.AspNetCore.Attributes
 			configExists = true;
 			restrictedIpsConfig.Add("127.0.0.0/8");
 			restrictedIpsConfig.Add("192.168.178.10");
-			var attribute = new IPBlacklistAttribute
+			var attribute = new IPBlockListAttribute
 			{
-				RestrictLocalAccess = false,
+				BlockLocalAccess = false,
 				ConfigurationKey = configKey
 			};
 			var context = GetContext();
@@ -178,9 +178,9 @@ namespace UnitTests.AspNetCore.Attributes
 			restrictedIpsConfig.Add("");
 			restrictedIpsConfig.Add("127.0.0.0/8");
 			restrictedIpsConfig.Add("192.168.178.10");
-			var attribute = new IPBlacklistAttribute
+			var attribute = new IPBlockListAttribute
 			{
-				RestrictLocalAccess = true,
+				BlockLocalAccess = true,
 				ConfigurationKey = configKey
 			};
 			var context = GetContext();
@@ -207,9 +207,9 @@ namespace UnitTests.AspNetCore.Attributes
 			configExists = true;
 			restrictedIpsConfig.Add("127.0.0.0/8");
 			restrictedIpsConfig.Add("192.168.178.10");
-			var attribute = new IPBlacklistAttribute
+			var attribute = new IPBlockListAttribute
 			{
-				RestrictLocalAccess = true,
+				BlockLocalAccess = true,
 				ConfigurationKey = configKey
 			};
 			var remote = IPAddress.Parse(address);
@@ -240,9 +240,9 @@ namespace UnitTests.AspNetCore.Attributes
 			// arrange
 			configKey = "Black:List";
 			configExists = false;
-			var attribute = new IPBlacklistAttribute
+			var attribute = new IPBlockListAttribute
 			{
-				RestrictLocalAccess = true,
+				BlockLocalAccess = true,
 				ConfigurationKey = configKey
 			};
 			var context = GetContext();

UnitTests/AspNetCore/Extensions/HttpContextExtensionsTests.cs

@@ -14,7 +14,8 @@ namespace UnitTests.AspNetCore.Extensions
 	{
 		private Mock<ISession> sessionMock;
 
-		private string tokenName;
+		private string tokenFormName;
+		private string tokenHeaderName;
 		private string tokenValue;
 
 		private Dictionary<string, string> requestHeaders;
@@ -26,7 +27,8 @@ namespace UnitTests.AspNetCore.Extensions
 		[TestInitialize]
 		public void InitializeTests()
 		{
-			tokenName = null;
+			tokenFormName = null;
+			tokenHeaderName = null;
 			tokenValue = null;
 
 			requestHeaders = new Dictionary<string, string>();
@@ -42,34 +44,38 @@ namespace UnitTests.AspNetCore.Extensions
 		public void ShouldReturnAntiforgery()
 		{
 			// arrange
-			tokenName = "af-token";
+			tokenFormName = "af-token";
+			tokenHeaderName = "af-header";
 			tokenValue = "security_first";
 
 			var context = GetContext();
 
 			// act
-			var result = context.GetAntiforgeryToken();
+			var (formName, headerName, value) = context.GetAntiforgeryToken();
 
 			// assert
-			Assert.AreEqual(tokenName, result.Name);
-			Assert.AreEqual(tokenValue, result.Value);
+			Assert.AreEqual(tokenFormName, formName);
+			Assert.AreEqual(tokenHeaderName, headerName);
+			Assert.AreEqual(tokenValue, value);
 		}
 
 		[TestMethod]
 		public void ShouldReturnAntiforgeryNullService()
 		{
 			// arrange
-			tokenName = "af-token";
+			tokenFormName = "af-token";
+			tokenHeaderName = "af-header";
 			tokenValue = "security_first";
 
 			var context = GetContext(hasAntiforgery: false);
 
 			// act
-			var result = context.GetAntiforgeryToken();
+			var (formName, headerName, value) = context.GetAntiforgeryToken();
 
 			// assert
-			Assert.AreEqual(null, result.Name);
-			Assert.AreEqual(null, result.Value);
+			Assert.IsNull(formName);
+			Assert.IsNull(headerName);
+			Assert.IsNull(value);
 		}
 
 		[TestMethod]
@@ -79,11 +85,12 @@ namespace UnitTests.AspNetCore.Extensions
 			var context = GetContext();
 
 			// act
-			var result = context.GetAntiforgeryToken();
+			var (formName, headerName, value) = context.GetAntiforgeryToken();
 
 			// assert
-			Assert.AreEqual(null, result.Name);
-			Assert.AreEqual(null, result.Value);
+			Assert.IsNull(formName);
+			Assert.IsNull(headerName);
+			Assert.IsNull(value);
 		}
 
 		#endregion Antiforgery
@@ -105,13 +112,16 @@ namespace UnitTests.AspNetCore.Extensions
 			Assert.AreEqual(remote, result);
 		}
 
-		[TestMethod]
-		public void ShouldReturnDefaultHeader()
+		[DataTestMethod]
+		[DataRow("X-Forwarded-For")]
+		[DataRow("X-Real-IP")]
+		[DataRow("CF-Connecting-IP")]
+		public void ShouldReturnDefaultHeader(string headerName)
 		{
 			// arrange
 			remote = IPAddress.Parse("1.2.3.4");
 			var header = IPAddress.Parse("5.6.7.8");
-			requestHeaders.Add("X-Forwarded-For", header.ToString());
+			requestHeaders.Add(headerName, header.ToString());
 
 			var context = GetContext();
 
@@ -130,12 +140,14 @@ namespace UnitTests.AspNetCore.Extensions
 			remote = IPAddress.Parse("1.2.3.4");
 			string headerName = "FooBar";
 			var headerIp = IPAddress.Parse("5.6.7.8");
+
 			requestHeaders.Add(headerName, headerIp.ToString());
+			requestHeaders.Add("X-Forwarded-For", remote.ToString());
 
 			var context = GetContext();
 
 			// act
-			var result = context.GetRemoteIpAddress(headerName: headerName);
+			var result = context.GetRemoteIpAddress(ipHeaderName: headerName);
 
 			// assert
 			Assert.AreNotEqual(remote, result);
@@ -221,7 +233,7 @@ namespace UnitTests.AspNetCore.Extensions
 			var context = GetContext();
 
 			// act
-			bool result = context.IsLocalRequest(headerName: headerName);
+			bool result = context.IsLocalRequest(ipHeaderName: headerName);
 
 			// assert
 			Assert.IsTrue(result);
@@ -254,7 +266,7 @@ namespace UnitTests.AspNetCore.Extensions
 			var context = GetContext();
 
 			// act
-			bool result = context.IsLocalRequest(headerName: headerName);
+			bool result = context.IsLocalRequest(ipHeaderName: headerName);
 
 			// assert
 			Assert.IsFalse(result);
@@ -385,7 +397,7 @@ namespace UnitTests.AspNetCore.Extensions
 				var antiforgeryMock = new Mock<IAntiforgery>();
 				antiforgeryMock
 					.Setup(af => af.GetAndStoreTokens(It.IsAny<HttpContext>()))
-					.Returns(string.IsNullOrWhiteSpace(tokenName) ? null : new AntiforgeryTokenSet(tokenValue, tokenValue, tokenName, tokenName));
+					.Returns(() => string.IsNullOrWhiteSpace(tokenValue) ? null : new AntiforgeryTokenSet(tokenValue, tokenValue, tokenFormName, tokenHeaderName));
 
 				requestServicesMock
 					.Setup(rs => rs.GetService(typeof(IAntiforgery)))