/**
* Get the most trusted client's IP address.
*
* This is the right-most address in the trusted client IP header, that is not a trusted proxy address.
* If all proxies are trusted, this is the left-most address in the header.
* If no proxies are trusted or no client IP header is trusted, this is the remote address of the machine
* directly connected to the server.
*
* @return string|bool The most trusted client's IP address or FALSE if no remote address can be found
*/
protected function getTrustedClientIpAddress(Request $request)
{
$server = $request->getServerParams();
if (!isset($server['REMOTE_ADDR'])) {
return false;
}
$ipAddress = $server['REMOTE_ADDR'];
$trustedIpHeaders = $this->getTrustedProxyHeaderValues(self::HEADER_CLIENT_IP, $request);
$trustedIpHeader = [];
while ($trustedIpHeaders->valid()) {
$trustedIpHeader = $trustedIpHeaders->current();
if ($trustedIpHeader === null || $this->settings['proxies'] === []) {
return $server['REMOTE_ADDR'];
}
$ipAddress = reset($trustedIpHeader);
if (filter_var($ipAddress, FILTER_VALIDATE_IP, FILTER_FLAG_NO_RES_RANGE | FILTER_FLAG_NO_PRIV_RANGE) !== false) {
break;
}
$trustedIpHeaders->next();
}
if ($this->settings['proxies'] === '*') {
return $ipAddress;
}
$ipAddress = false;
foreach (array_reverse($trustedIpHeader) as $headerIpAddress) {
$portPosition = strpos($headerIpAddress, ':');
$ipAddress = $portPosition !== false ? substr($headerIpAddress, 0, $portPosition) : $headerIpAddress;
if (!$this->ipIsTrustedProxy($ipAddress)) {
break;
}
}
return $ipAddress;
}