upaas/internal/middleware/realip_test.go

package middleware

import (
	"net/http"
	"testing"
)

func TestRealIP(t *testing.T) {
	tests := []struct {
		name       string
		remoteAddr string
		xRealIP    string
		xff        string
		want       string
	}{
		{
			name:       "X-Real-IP takes priority",
			remoteAddr: "10.0.0.1:1234",
			xRealIP:    "203.0.113.5",
			xff:        "198.51.100.1, 10.0.0.1",
			want:       "203.0.113.5",
		},
		{
			name:       "X-Forwarded-For used when no X-Real-IP",
			remoteAddr: "10.0.0.1:1234",
			xff:        "198.51.100.1, 10.0.0.1",
			want:       "198.51.100.1",
		},
		{
			name:       "X-Forwarded-For single IP",
			remoteAddr: "10.0.0.1:1234",
			xff:        "203.0.113.10",
			want:       "203.0.113.10",
		},
		{
			name:       "falls back to RemoteAddr",
			remoteAddr: "192.168.1.1:5678",
			want:       "192.168.1.1",
		},
		{
			name:       "RemoteAddr without port",
			remoteAddr: "192.168.1.1",
			want:       "192.168.1.1",
		},
		{
			name:       "X-Real-IP with whitespace",
			remoteAddr: "10.0.0.1:1234",
			xRealIP:    "  203.0.113.5  ",
			want:       "203.0.113.5",
		},
		{
			name:       "X-Forwarded-For with whitespace",
			remoteAddr: "10.0.0.1:1234",
			xff:        "  198.51.100.1 , 10.0.0.1",
			want:       "198.51.100.1",
		},
		{
			name:       "empty X-Real-IP falls through to XFF",
			remoteAddr: "10.0.0.1:1234",
			xRealIP:    "  ",
			xff:        "198.51.100.1",
			want:       "198.51.100.1",
		},
	}

	for _, tt := range tests {
		t.Run(tt.name, func(t *testing.T) {
			req, _ := http.NewRequest(http.MethodGet, "/", nil)
			req.RemoteAddr = tt.remoteAddr
			if tt.xRealIP != "" {
				req.Header.Set("X-Real-IP", tt.xRealIP)
			}
			if tt.xff != "" {
				req.Header.Set("X-Forwarded-For", tt.xff)
			}

			got := realIP(req)
			if got != tt.want {
				t.Errorf("realIP() = %q, want %q", got, tt.want)
			}
		})
	}
}