new: check for client IP address also in X-Forwarded-For header

Author: ludomikula

server/api-service/lowcoder-infra/src/main/java/org/lowcoder/infra/util/NetworkUtils.java

@@ -10,26 +10,37 @@
 import java.net.InetAddress;
 import java.net.InetSocketAddress;
 import java.util.Optional;
+import java.util.Set;
 
 @Slf4j
 public class NetworkUtils {
 
+    private static final String[] CLIENT_IP_HEADERS = { "X-Forwarded-For", "X-Real-IP" };
     public static String getRemoteIp(ServerWebExchange serverWebExchange) {
         ServerHttpRequest request = serverWebExchange.getRequest();
         HttpHeaders headers = request.getHeaders();
-        String xRealIp = headers.getFirst("X-Real-IP");
-        if (StringUtils.isNotBlank(xRealIp)) {
-            return xRealIp;
-        }
-        String remoteIp = headers.getFirst("RemoteIp");
-        if (StringUtils.isNotBlank(remoteIp)) {
-            return remoteIp;
+
+        /** Try to find remote id in headers **/
+        String foundHeader;
+        for (String header : CLIENT_IP_HEADERS) {
+            foundHeader = getMatchingKey(header, headers.keySet());
+            if (foundHeader != null) {
+                log.debug("Found client IP in header: {}", foundHeader);
+                return headers.getFirst(foundHeader);
+            }
         }
+
         log.debug("get remote ip from remoteAddress , header {}", JsonUtils.toJson(headers));
         return Optional.ofNullable(serverWebExchange.getRequest().getRemoteAddress())
                 .map(InetSocketAddress::getAddress)
                 .map(InetAddress::getHostAddress)
                 .orElse("");
     }
 
+    private static String getMatchingKey(String key, Set<String> keys) {
+        return keys.stream()
+                .filter(headerKey -> StringUtils.equalsIgnoreCase(key, headerKey))
+                .findFirst()
+                .orElse(null);
+    }
 }