MWHttpRequest: optionally add original request data

Bug: T161029
Change-Id: I16a2eec46ae9e0e242fe740be20e39a2422dc867

diff --git a/includes/http/Http.php b/includes/http/Http.php
index fa2d5a3..889cb60 100644 (file)
--- a/includes/http/Http.php
+++ b/includes/http/Http.php
@@ -53,6 +53,8 @@ class Http {
         *    - logger              A \Psr\Logger\LoggerInterface instance for debug logging
         *    - username            Username for HTTP Basic Authentication
         *    - password            Password for HTTP Basic Authentication
+        *    - originalRequest     Information about the original request (as a WebRequest object or
+        *                          an associative array with 'ip' and 'userAgent').
         * @param string $caller The method making this request, for profiling
         * @return string|bool (bool)false on failure or a string on success
         */

diff --git a/includes/http/MWHttpRequest.php b/includes/http/MWHttpRequest.php
index e04402f..8d58ce5 100644 (file)
--- a/includes/http/MWHttpRequest.php
+++ b/includes/http/MWHttpRequest.php
@@ -125,6 +125,9 @@ class MWHttpRequest implements LoggerAwareInterface {
                                'Basic ' . base64_encode( $options['username'] . ':' . $options['password'] )
                        );
                }
+               if ( isset( $options['originalRequest'] ) ) {
+                       $this->setOriginalRequest( $options['originalRequest'] );
+               }
 
                $members = [ "postData", "proxy", "noProxy", "sslVerifyHost", "caInfo",
                                "method", "followRedirects", "maxRedirects", "sslVerifyCert", "callback" ];
@@ -632,4 +635,34 @@ class MWHttpRequest implements LoggerAwareInterface {
        public function canFollowRedirects() {
                return true;
        }
+
+       /**
+        * Set information about the original request. This can be useful for
+        * endpoints/API modules which act as a proxy for some service, and
+        * throttling etc. needs to happen in that service.
+        * Calling this will result in the X-Forwarded-For and X-Original-User-Agent
+        * headers being set.
+        * @param WebRequest|array $originalRequest When in array form, it's
+        *   expected to have the keys 'ip' and 'userAgent'.
+        * @note IP/user agent is personally identifiable information, and should
+        *   only be set when the privacy policy of the request target is
+        *   compatible with that of the MediaWiki installation.
+        */
+       public function setOriginalRequest( $originalRequest ) {
+               if ( $originalRequest instanceof WebRequest ) {
+                       $originalRequest = [
+                               'ip' => $originalRequest->getIP(),
+                               'userAgent' => $originalRequest->getHeader( 'User-Agent' ),
+                       ];
+               } elseif (
+                       !is_array( $originalRequest )
+                       || array_diff( [ 'ip', 'userAgent' ], array_keys( $originalRequest ) )
+               ) {
+                       throw new InvalidArgumentException( __METHOD__ . ': $originalRequest must be a '
+                               . "WebRequest or an array with 'ip' and 'userAgent' keys" );
+               }
+
+               $this->reqHeaders['X-Forwarded-For'] = $originalRequest['ip'];
+               $this->reqHeaders['X-Original-User-Agent'] = $originalRequest['userAgent'];
+       }
 }