oceanbase · yhilmare · Jul 3, 2024 · Jul 2, 2024 · Jul 2, 2024 · Jul 2, 2024
diff --git a/.gitignore b/.gitignore
@@ -52,3 +52,4 @@ lib/odc-*.jar
 maven/
 venv/
 **/local-unit-test.properties
+/.github/hooks/pre-push
@@ -15,11 +15,6 @@
  */
 package com.oceanbase.odc.metadb.notification;
 
-/**
- * @Author: Lebie
- * @Date: 2023/3/20 21:36
- * @Description: []
- */
 /**
  * @Author: Lebie
  * @Date: 2023/3/20 21:36

@@ -294,7 +294,9 @@ private AuditEvent createAuditEvent(Method method, Object[] args) {
                 .type(auditEventMeta.getType())
                 .startTime(new Date())
                 .serverIpAddress(SystemUtils.getLocalIpAddress())
-                .clientIpAddress(WebRequestUtils.getClientAddress(servletRequest))
+                .clientIpAddress(
+                        AuditUtils.getFirstIpFromRemoteAddress(
+                                WebRequestUtils.getClientAddress(servletRequest)))
                 .organizationId(authenticationFacade.currentOrganizationId())
                 .userId(authenticationFacade.currentUserId())
                 .username(authenticationFacade.currentUsername())

@@ -323,4 +323,30 @@ public static AuditEventAction getActualActionForTask(AuditEventType type, Audit
         return action;
     }
 
+    /**
+     * <pre>
+     * Get the first ip of {@param remoteAddress}.
+     * The X-Forwarded-For header may contain multiple IP addresses, separated
+     * by commas, and typically, the first non-unknown IP is considered to be the client's IP address.
+     * </pre>
+     *
+     * @author keyang.lk
+     * @date 2024-07-02
+     * @param remoteAddress
+     * @return The first ip of remoteAddress
+     */
+    public static String getFirstIpFromRemoteAddress(String remoteAddress) {
+        if (remoteAddress == null || remoteAddress.isEmpty() || "unknown".equalsIgnoreCase(remoteAddress)) {
+            return "N/A";
+        }
+        // 处理X-Forwarded-For可能包含多个IP地址的情况（由逗号分隔），通常第一个非unknown的IP是客户端的IP
+        String[] ips = remoteAddress.split(",");
+        for (String ip : ips) {
+            if (ip != null && !ip.isEmpty() &&
+                    !"unknown".equalsIgnoreCase(ip.trim())) {
+                return ip.trim();
+            }
+        }
+        return remoteAddress;
+    }
 }
@@ -0,0 +1,54 @@
+/*
+ * Copyright (c) 2023 OceanBase.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package com.oceanbase.odc.service.audit.util;
+
+import static org.junit.Assert.assertEquals;
+
+import java.util.Arrays;
+import java.util.Collection;
+import org.junit.Test;
+import org.junit.runner.RunWith;
+import org.junit.runners.Parameterized;
+import org.junit.runners.Parameterized.Parameter;
+import org.junit.runners.Parameterized.Parameters;
+
+@RunWith(Parameterized.class)
+public class AuditUtilsTest {
+    @Parameter(0)
+    public String input;
+    @Parameter(1)
+    public String except;
+
+    @Parameters(name = "{index}: getFirstIpFromRemoteAddress({0})={1}")
+    public static Collection<Object[]> data() {
+        return Arrays.asList(new Object[][] {
+                {"", "N/A"},
+                {null, "N/A"},
+                {"unknown", "N/A"},
+                {"UNKNOWN", "N/A"},
+                {"123", "123"},
+                {"192.168.1.1", "192.168.1.1"},
+                {",192.168.1.1", "192.168.1.1"},
+                {"192.168.1.1,122.122.1.1,127.0.0.1", "192.168.1.1"},
+                {"unknown,192.168.1.1,122.122.1.1,127.0.0.1", "192.168.1.1"}
+        });
+    }
+
+    @Test
+    public void getFirstIpFromRemoteAddress() {
+        assertEquals(except, AuditUtils.getFirstIpFromRemoteAddress(input));
+    }
+}
-Original file line number
+Diff line change
@@ Expand Up / @@ -52,3 +52,4 @@ lib/odc-*.jar @@
     maven/
     venv/
     **/local-unit-test.properties
+    /.github/hooks/pre-push