Added support for X-Forwarded-For

Author: prearrangedchaos

README.md

@@ -14,7 +14,8 @@ The token consists of two parts. Firstly, a header containing non-sensitive meta
   "ti": "159aba3e-55e1-4f54-b6ee-e5b943d7e885”,
   "c": "ticketania", 
   "e": "demoevent”,
-  "ip": "75.86.129.4"
+  "ip": "75.86.129.4",
+  "xff": "45.67.2.4,34.56.3.2"
 }
 ```
 - `typ`: The type of the token. Value must be “QFT1”. Required.
@@ -24,7 +25,8 @@ The token consists of two parts. Firstly, a header containing non-sensitive meta
 - `ti`: Unique Token ID (e.g. uuid). Used to uniquely identify tokens and restrict replay attacks. Required.
 - `c`: The Customer ID of the issuer. Token will only be valid on events on this account. Required.
 - `e`: The Event ID. If provided, token will only be valid on this event. Optional.
-- `ip`: The IP address the user the token is issued to. If provided, token will only be valid for this IP address. Optional.
+- `ip`: The IP address the user the token is issued to. If provided, the IP address is validated before issuing the token. Optional.
+- `xff`: The X-Forwarded-For headerof the request when the token is issued. If provided, the X-Forwarded-For header is validated before issuing the token. Optional.
 
 ### Token Payload
 ```

queuetoken/src/main/java/com/queue_it/queuetoken/EnqueueToken.java

@@ -8,6 +8,7 @@ class EnqueueToken implements IEnqueueToken {
     private final String customerId;
     private String eventId;
     private String ipAddress;
+    private String xForwaredFor;
     private IEnqueueTokenPayload payload;
     private long issued;
     private long expires = Long.MAX_VALUE;    
@@ -27,12 +28,13 @@ private String getTokenIdentifier(String tokenIdentifierPrefix1) {
         return tokenIdentifierPrefix1 == null || tokenIdentifierPrefix1.isEmpty() ? UUID.randomUUID().toString() : tokenIdentifierPrefix1 + "~" + UUID.randomUUID().toString();
     }
 
-    public EnqueueToken(String tokenIdentifier, String customerId, String eventId, long issued, long expires, String ipAddress, IEnqueueTokenPayload payload)
+    public EnqueueToken(String tokenIdentifier, String customerId, String eventId, long issued, long expires, String ipAddress, String xForwaredFor, IEnqueueTokenPayload payload)
     {
         this.tokenIdentifier = tokenIdentifier;
         this.customerId = customerId;
         this.eventId = eventId;
         this.ipAddress = ipAddress;
+        this.xForwaredFor = xForwaredFor;
         this.issued = issued;
         this.expires = expires;
         this.payload = payload;
@@ -78,6 +80,11 @@ public String getIpAddress() {
         return this.ipAddress;
     }
 
+    @Override
+    public String getXForwardedFor() {
+        return this.xForwaredFor;
+    }
+    
     @Override
     public IEnqueueTokenPayload getPayload() {
         return this.payload;
@@ -141,26 +148,31 @@ private String serializeHeader() {
             sb.append(this.getIpAddress());
             sb.append("\"");
         }
+        if (this.getXForwardedFor()!= null) {
+            sb.append(",\"xff\":\"");
+            sb.append(this.getXForwardedFor());
+            sb.append("\"");
+        }
         sb.append("}");
 
         return Base64UrlEncoder.encode(sb.toString().getBytes(Charset.forName("UTF-8")));        
     } 
 
-    static EnqueueToken addIPAddress(EnqueueToken token, String ipAddress)
+    static EnqueueToken addIPAddress(EnqueueToken token, String ipAddress, String xForwaredFor)
     {
-        return new EnqueueToken(token.getTokenIdentifier(), token.getCustomerId(), token.getEventId(), token.getIssued(), token.getExpires(), ipAddress, token.getPayload());
+        return new EnqueueToken(token.getTokenIdentifier(), token.getCustomerId(), token.getEventId(), token.getIssued(), token.getExpires(), ipAddress, xForwaredFor, token.getPayload());
     }
     static EnqueueToken addEventId(EnqueueToken token, String eventId)
     {
-        return new EnqueueToken(token.getTokenIdentifier(), token.getCustomerId(), eventId, token.getIssued(), token.getExpires(), token.getIpAddress(), token.getPayload());
+        return new EnqueueToken(token.getTokenIdentifier(), token.getCustomerId(), eventId, token.getIssued(), token.getExpires(), token.getIpAddress(), token.getXForwardedFor(), token.getPayload());
     }
     static EnqueueToken addExpires(EnqueueToken token, Long expires)
     {
-        return new EnqueueToken(token.getTokenIdentifier(), token.getCustomerId(), token.getEventId(), token.getIssued(), expires, token.getIpAddress(), token.getPayload());
+        return new EnqueueToken(token.getTokenIdentifier(), token.getCustomerId(), token.getEventId(), token.getIssued(), expires, token.getIpAddress(), token.getXForwardedFor(), token.getPayload());
     }
     static EnqueueToken addPayload(EnqueueToken token, IEnqueueTokenPayload payload)
     {
-        return new EnqueueToken(token.getTokenIdentifier(), token.getCustomerId(), token.getEventId(), token.getIssued(), token.getExpires(), token.getIpAddress(), payload);
+        return new EnqueueToken(token.getTokenIdentifier(), token.getCustomerId(), token.getEventId(), token.getIssued(), token.getExpires(), token.getIpAddress(), token.getXForwardedFor(), payload);
     }
 
 }

queuetoken/src/main/java/com/queue_it/queuetoken/EnqueueTokenGenerator.java

@@ -19,8 +19,8 @@ public EnqueueTokenGenerator withEventId(String eventId) {
         return this;
     }
 
-    public EnqueueTokenGenerator withIpAddress(String ipAddress) {
-        this.token = EnqueueToken.addIPAddress(this.token, ipAddress);
+    public EnqueueTokenGenerator withIpAddress(String ipAddress, String xForwaredFor) {
+        this.token = EnqueueToken.addIPAddress(this.token, ipAddress, xForwaredFor);
 
         return this;
     }

queuetoken/src/main/java/com/queue_it/queuetoken/IEnqueueToken.java

@@ -9,6 +9,7 @@ public interface IEnqueueToken {
     String getCustomerId();
     String getEventId();
     String getIpAddress();
+    String getXForwardedFor();
     IEnqueueTokenPayload getPayload();
 
     String getTokenWithoutHash();

queuetoken/src/test/java/com/queue_it/queuetoken/EnqueueTokenTest.java

@@ -108,13 +108,14 @@ public void factory_withEventId() throws Exception {
     @Test
     public void factory_withIpAddress() throws Exception {
         String expectedIpAddress = "1.5.8.9";
-        
+        String expectedXForwardedFor = "45.67.2.4,34.56.3.2";
         IEnqueueToken token = Token
                 .enqueue("ticketania")
-                .withIpAddress(expectedIpAddress)
+                .withIpAddress(expectedIpAddress, expectedXForwardedFor)
                 .generate("5ebbf794-1665-4d48-80d6-21ac34be7faedf9e10b3-551a-4682-bb77-fee59d6355d6");
 
         assertEquals(expectedIpAddress, token.getIpAddress());
+        assertEquals(expectedXForwardedFor, token.getXForwardedFor());
     }
 
     @Test
@@ -173,6 +174,7 @@ public void token_withPayload() throws Exception {
                 1534723200000L, 
                 1539129600000L, 
                 null,
+                null,
                 payload);
             token.generate("5ebbf794-1665-4d48-80d6-21ac34be7faedf9e10b3-551a-4682-bb77-fee59d6355d6", false);
 
@@ -184,7 +186,7 @@ public void token_withPayload() throws Exception {
     @Test
     public void token_withoutPayload() throws Exception {
 
-        String expectedSignedToken = "eyJ0eXAiOiJRVDEiLCJlbmMiOiJBRVMyNTYiLCJpc3MiOjE1MzQ3MjMyMDAwMDAsImV4cCI6MTUzOTEyOTYwMDAwMCwidGkiOiJhMjFkNDIzYS00M2ZkLTQ4MjEtODRmYS00MzkwZjZhMmZkM2UiLCJjIjoidGlja2V0YW5pYSIsImUiOiJteWV2ZW50IiwiaXAiOiI1LjcuOC42In0..rqQznIDybri70GrsJ-hd_Hzp98HUqcsBGnWaiyqjlvY";
+        String expectedSignedToken = "eyJ0eXAiOiJRVDEiLCJlbmMiOiJBRVMyNTYiLCJpc3MiOjE1MzQ3MjMyMDAwMDAsImV4cCI6MTUzOTEyOTYwMDAwMCwidGkiOiJhMjFkNDIzYS00M2ZkLTQ4MjEtODRmYS00MzkwZjZhMmZkM2UiLCJjIjoidGlja2V0YW5pYSIsImUiOiJteWV2ZW50IiwiaXAiOiI1LjcuOC42IiwieGZmIjoiNDUuNjcuMi40LDM0LjU2LjMuMiJ9..wUOdVDIKlrIqumpU33bShDPdvTkicRk3q4Z-Vs8epFc";
 
         EnqueueToken token = new EnqueueToken(
             "a21d423a-43fd-4821-84fa-4390f6a2fd3e", 
@@ -193,6 +195,7 @@ public void token_withoutPayload() throws Exception {
             1534723200000L, 
             1539129600000L, 
             "5.7.8.6",
+            "45.67.2.4,34.56.3.2",
             null);
         token.generate("5ebbf794-1665-4d48-80d6-21ac34be7faedf9e10b3-551a-4682-bb77-fee59d6355d6", false);
 
@@ -213,6 +216,7 @@ public void token_minimalHeader() throws Exception {
                 1534723200000L, 
                 Long.MAX_VALUE,
                 null,
+                null,
                 null);
             token.generate("5ebbf794-1665-4d48-80d6-21ac34be7faedf9e10b3-551a-4682-bb77-fee59d6355d6", false);