1: <?php
  2: 
  3: namespace Alpha\Util\Http\Filter;
  4: 
  5: use Alpha\Util\Logging\Logger;
  6: use Alpha\Model\BadRequest;
  7: use Alpha\Exception\ResourceNotAllowedException;
  8: use Alpha\Util\Config\ConfigProvider;
  9: 
 10: /**
 11:  * Class for filtering requests from temporariy blacklisted HTTP clients.
 12:  *
 13:  * @since 1.0
 14:  *
 15:  * @author John Collins <dev@alphaframework.org>
 16:  * @license http://www.opensource.org/licenses/bsd-license.php The BSD License
 17:  * @copyright Copyright (c) 2015, John Collins (founder of Alpha Framework).
 18:  * All rights reserved.
 19:  *
 20:  * <pre>
 21:  * Redistribution and use in source and binary forms, with or
 22:  * without modification, are permitted provided that the
 23:  * following conditions are met:
 24:  *
 25:  * * Redistributions of source code must retain the above
 26:  *   copyright notice, this list of conditions and the
 27:  *   following disclaimer.
 28:  * * Redistributions in binary form must reproduce the above
 29:  *   copyright notice, this list of conditions and the
 30:  *   following disclaimer in the documentation and/or other
 31:  *   materials provided with the distribution.
 32:  * * Neither the name of the Alpha Framework nor the names
 33:  *   of its contributors may be used to endorse or promote
 34:  *   products derived from this software without specific
 35:  *   prior written permission.
 36:  *
 37:  * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND
 38:  * CONTRIBUTORS "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES,
 39:  * INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF
 40:  * MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
 41:  * DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR
 42:  * CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
 43:  * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
 44:  * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
 45:  * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
 46:  * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
 47:  * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE
 48:  * OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
 49:  * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
 50:  * </pre>
 51:  */
 52: class ClientTempBlacklistFilter implements FilterInterface
 53: {
 54:     /**
 55:      * Trace logger.
 56:      *
 57:      * @var Alpha\Util\Logging\Logger
 58:      *
 59:      * @since 1.0
 60:      */
 61:     private static $logger = null;
 62: 
 63:     /**
 64:      * Constructor.
 65:      *
 66:      * @since 1.0
 67:      */
 68:     public function __construct()
 69:     {
 70:         self::$logger = new Logger('ClientTempBlacklistFilter');
 71:     }
 72: 
 73:     /**
 74:      * {@inheritdoc}
 75:      */
 76:     public function process($request)
 77:     {
 78:         $config = ConfigProvider::getInstance();
 79: 
 80:         $client = $request->getUserAgent();
 81:         $IP = $request->getIP();
 82: 
 83:         // if no user agent string or IP are provided, we can't filter by these anyway to might as well skip
 84:         if ($client == null || $IP == null) {
 85:             return;
 86:         }
 87: 
 88:         if (!empty($client) && !empty($IP)) {
 89:             $badRequest = new BadRequest();
 90:             $badRequest->set('client', $client);
 91:             $badRequest->set('IP', $IP);
 92:             $badRequestCount = $badRequest->getBadRequestCount();
 93: 
 94:             if ($badRequestCount >= $config->get('security.client.temp.blacklist.filter.limit')) {
 95:                 // if we got this far then the client is bad
 96:                 self::$logger->warn('The client ['.$client.'] was blocked from accessing the resource ['.$request->getURI().'] on a temporary basis');
 97:                 throw new ResourceNotAllowedException('Not allowed!');
 98:             }
 99:         }
100:     }
101: }
102: