1: <?php
2:
3: namespace Alpha\Util\Http\Filter;
4:
5: use Alpha\Util\Logging\Logger;
6: use Alpha\Model\BadRequest;
7: use Alpha\Exception\ResourceNotAllowedException;
8: use Alpha\Util\Config\ConfigProvider;
9:
10: /**
11: * Class for filtering requests from temporariy blacklisted HTTP clients.
12: *
13: * @since 1.0
14: *
15: * @author John Collins <dev@alphaframework.org>
16: * @license http://www.opensource.org/licenses/bsd-license.php The BSD License
17: * @copyright Copyright (c) 2015, John Collins (founder of Alpha Framework).
18: * All rights reserved.
19: *
20: * <pre>
21: * Redistribution and use in source and binary forms, with or
22: * without modification, are permitted provided that the
23: * following conditions are met:
24: *
25: * * Redistributions of source code must retain the above
26: * copyright notice, this list of conditions and the
27: * following disclaimer.
28: * * Redistributions in binary form must reproduce the above
29: * copyright notice, this list of conditions and the
30: * following disclaimer in the documentation and/or other
31: * materials provided with the distribution.
32: * * Neither the name of the Alpha Framework nor the names
33: * of its contributors may be used to endorse or promote
34: * products derived from this software without specific
35: * prior written permission.
36: *
37: * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND
38: * CONTRIBUTORS "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES,
39: * INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF
40: * MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
41: * DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR
42: * CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
43: * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
44: * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
45: * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
46: * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
47: * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE
48: * OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
49: * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
50: * </pre>
51: */
52: class ClientTempBlacklistFilter implements FilterInterface
53: {
54: /**
55: * Trace logger.
56: *
57: * @var Alpha\Util\Logging\Logger
58: *
59: * @since 1.0
60: */
61: private static $logger = null;
62:
63: /**
64: * Constructor.
65: *
66: * @since 1.0
67: */
68: public function __construct()
69: {
70: self::$logger = new Logger('ClientTempBlacklistFilter');
71: }
72:
73: /**
74: * {@inheritdoc}
75: */
76: public function process($request)
77: {
78: $config = ConfigProvider::getInstance();
79:
80: $client = $request->getUserAgent();
81: $IP = $request->getIP();
82:
83: // if no user agent string or IP are provided, we can't filter by these anyway to might as well skip
84: if ($client == null || $IP == null) {
85: return;
86: }
87:
88: if (!empty($client) && !empty($IP)) {
89: $badRequest = new BadRequest();
90: $badRequest->set('client', $client);
91: $badRequest->set('IP', $IP);
92: $badRequestCount = $badRequest->getBadRequestCount();
93:
94: if ($badRequestCount >= $config->get('security.client.temp.blacklist.filter.limit')) {
95: // if we got this far then the client is bad
96: self::$logger->warn('The client ['.$client.'] was blocked from accessing the resource ['.$request->getURI().'] on a temporary basis');
97: throw new ResourceNotAllowedException('Not allowed!');
98: }
99: }
100: }
101: }
102: