From e1663504619113eb1f1bc375d89ee564436711d0 Mon Sep 17 00:00:00 2001
From: Stephan Reichhelm <reichhelm@grit.de>
Date: Mon, 4 Nov 2024 18:02:44 +0100
Subject: [PATCH] * make OGCFrontController more resilient behind proxy server

---
 .../controller/OGCFrontController.java        | 14 ++++++--
 .../controller/OGCFrontControllerTest.java    | 34 ++++++++++++++++++-
 2 files changed, 44 insertions(+), 4 deletions(-)

diff --git a/deegree-services/deegree-services-commons/src/api/java/org/deegree/services/controller/OGCFrontController.java b/deegree-services/deegree-services-commons/src/api/java/org/deegree/services/controller/OGCFrontController.java
index 8abefea98c..b0a5ae7936 100644
--- a/deegree-services/deegree-services-commons/src/api/java/org/deegree/services/controller/OGCFrontController.java
+++ b/deegree-services/deegree-services-commons/src/api/java/org/deegree/services/controller/OGCFrontController.java
@@ -1574,11 +1574,12 @@ private static String buildUrlFromForwardedHeader( RequestContext context, URL s
         String xForwardedProto = context.getXForwardedProto();
 
         String protocol = parseProtocol( xForwardedProto, serviceUrl );
-        String port = parsePort( xForwardedPort, serviceUrl );
+        String port = parsePort( xForwardedPort, xForwardedHost, serviceUrl );
         String path = serviceUrl.getPath();
+        String host = parseHost( xForwardedHost );
 
         StringBuffer urlBuilder = new StringBuffer();
-        urlBuilder.append( protocol ).append( "://" ).append( xForwardedHost );
+        urlBuilder.append( protocol ).append( "://" ).append( host );
         if ( port != null )
             urlBuilder.append( ":" ).append( port );
         if ( path != null && !"".equals( path ) )
@@ -1593,12 +1594,19 @@ private static String parseProtocol( String xForwardedProto, URL serviceUrl ) {
             return serviceUrl.getProtocol();
     }
 
-    private static String parsePort( String xForwardedPort, URL serviceUrl ) {
+    private static String parsePort( String xForwardedPort, String xForwardedHost, URL serviceUrl ) {
         if ( xForwardedPort != null && !"".equals( xForwardedPort ) )
             return xForwardedPort;
+        else if ( xForwardedHost != null && xForwardedHost.contains( ":" ) && ( xForwardedHost.lastIndexOf( ":" ) + 1 ) < xForwardedHost.length() )
+            return xForwardedHost.substring( xForwardedHost.lastIndexOf( ":" ) + 1 );
         else if ( serviceUrl.getPort() > -1 )
             return Integer.toString( serviceUrl.getPort() );
         return null;
     }
 
+	private static String parseHost(String xForwardedHost) {
+		if ( xForwardedHost != null && xForwardedHost.contains(":") )
+			return xForwardedHost.substring( 0, xForwardedHost.indexOf(":") );
+		return xForwardedHost;
+	}
 }
\ No newline at end of file
diff --git a/deegree-services/deegree-services-commons/src/test/java/org/deegree/services/controller/OGCFrontControllerTest.java b/deegree-services/deegree-services-commons/src/test/java/org/deegree/services/controller/OGCFrontControllerTest.java
index 3ea4eb33f5..4b744d81d2 100644
--- a/deegree-services/deegree-services-commons/src/test/java/org/deegree/services/controller/OGCFrontControllerTest.java
+++ b/deegree-services/deegree-services-commons/src/test/java/org/deegree/services/controller/OGCFrontControllerTest.java
@@ -136,8 +136,10 @@ private void prepareOGCFrontController(RequestContext mockedContext) throws Exce
 		PowerMockito.when(OGCFrontController.class, "getHttpURL").thenCallRealMethod();
 		PowerMockito.when(OGCFrontController.class, "buildUrlFromForwardedHeader", eq(mockedContext), any(URL.class))
 			.thenCallRealMethod();
+		PowerMockito.when(OGCFrontController.class, "parseHost", anyString()).thenCallRealMethod();
 		PowerMockito.when(OGCFrontController.class, "parseProtocol", anyString(), any(URL.class)).thenCallRealMethod();
-		PowerMockito.when(OGCFrontController.class, "parsePort", anyString(), any(URL.class)).thenCallRealMethod();
+		PowerMockito.when(OGCFrontController.class, "parsePort", anyString(), anyString(), any(URL.class))
+			.thenCallRealMethod();
 		PowerMockito.when(OGCFrontController.getContext()).thenReturn(mockedContext);
 	}
 
@@ -163,4 +165,34 @@ private RequestContext mockContext(String serviceUrl, String xForwardedHost, Str
 		return context;
 	}
 
+	@Test
+	public void testGetHttpPostURLWithXForwardedHostWithPortAndXForwardedPort() throws Exception {
+		String serviceUrl = "http://myservice.de:9090/deegree-webservices/test";
+		String xForwardedHost = "xForwardedHost.de:8088";
+		String xForwardedPort = "8089";
+		String xForwardedProto = "https";
+		RequestContext mockedContext = mockContext(serviceUrl, xForwardedHost, xForwardedPort, xForwardedProto);
+
+		prepareOGCFrontController(mockedContext);
+
+		String httpPostURL = OGCFrontController.getHttpPostURL();
+
+		assertThat(httpPostURL, is("https://xForwardedHost.de:8089/deegree-webservices/test"));
+	}
+
+	@Test
+	public void testGetHttpPostURLWithXForwardedHostWithPortWithoutXForwardedPort() throws Exception {
+		String serviceUrl = "http://myservice.de:9090/deegree-webservices/test";
+		String xForwardedHost = "xForwardedHost.de:8089";
+		String xForwardedPort = null;
+		String xForwardedProto = "https";
+		RequestContext mockedContext = mockContext(serviceUrl, xForwardedHost, xForwardedPort, xForwardedProto);
+
+		prepareOGCFrontController(mockedContext);
+
+		String httpPostURL = OGCFrontController.getHttpPostURL();
+
+		assertThat(httpPostURL, is("https://xForwardedHost.de:8089/deegree-webservices/test"));
+	}
+
 }
\ No newline at end of file