/// <summary>
/// Analyze a request for potential intrusion or other problems.
/// </summary>
/// <param name="request"></param>
/// <returns></returns>
public Report Analyze(IRequestContext request)
{
var report = new Report();
string ipAddress = request.RemoteIpAddress;
string forwardedFor = request.GetHeader("X-Forwarded-For");
if(!string.IsNullOrEmpty(forwardedFor))
{
bool recognizedProxyAddress = IsRecognizedReverseProxyAddress(ipAddress);
forwardedFor = RewriteForwardedAddress(forwardedFor, ipAddress, recognizedProxyAddress);
if(!string.IsNullOrEmpty(forwardedFor) && ipAddress != forwardedFor)
{
ipAddress = forwardedFor;
report.RemoteAddressRewriteAdvised = true;
}
report.ForwardedIpAddressWasRecognizedProxy = recognizedProxyAddress;
}
report.OriginalRemoteAddress = request.RemoteIpAddress;
report.RemoteAddress = ipAddress;
return report;
}
private Task<bool> TakeActionAsync(Report report, IntrusionAction actionToTake, IPlatform platform)
{
throw new NotImplementedException();
}
/// <summary>
/// Takes any actions recommended by a report. Returns a <see cref="bool"/> indicating
/// whether or not the request may still be handled by downstream middleware. When <see cref="TakeActionBasedOnReportAsync(Report, Mike.IPlatform)"/>
/// returns <c>false</c>, the request must end after the call. If it returns <c>true</c>
/// the request must be handed to downstream middleware.
/// </summary>
/// <param name="report">The report to action on.</param>
/// <param name="platform">A platform providing Mike a way to interact with the hosting environment.</param>
/// <returns>
/// <c>true</c> if downstream middleware must still handle the request, or <c>false</c>
/// if the response has already been sent to the client and downstream middleware cannot
/// handle the request anymore.
/// </returns>
public async Task<bool> TakeActionBasedOnReportAsync(Report report, IPlatform platform)
{
if (report.RemoteAddressRewriteAdvised && !Configuration.DontAllowRewriteOfRemoteIpAddress)
{
platform.RewriteRemoteIpAddress(report.RemoteAddress);
}
IntrusionAction actionToTake = IntrusionAction.None;
if (report.IntrusionDetected)
{
if(report.IsXhr)
{
actionToTake = Configuration.ActionWhenIntrusionDetectedXhr;
}
else
{
actionToTake = Configuration.ActionWhenIntrusionDetected;
}
}
if (actionToTake == IntrusionAction.None && report.RateLimitReached)
{
if (report.IsXhr)
{
actionToTake = Configuration.ActionWhenRateLimitReachedXhr;
}
else
{
actionToTake = Configuration.ActionWhenRateLimitReached;
}
}
if (actionToTake == IntrusionAction.None)
{
return true;
}
else
{
return await TakeActionAsync(report, actionToTake, platform);
}
}