Include cookie values in mw context data

fixes: #1544 When enabling context variables in api definition, we may access the entire cookie via the header. ``` $tyk_context.headers_Cookie ``` However we cannot get individual components of the cookie via their field names without custom middleware. This PR allows the context variables to access the cookie by it's field name for use within middleware. ``` $tyk_context.cookies_COOKIEFIELDNAME ```
TykTechnologies · Mar 20, 2018 · 1c90a43 · 1c90a43
1 parent e7aa7c2
commit 1c90a43
Show file tree

Hide file tree

Showing 3 changed files with 43 additions and 2 deletions.
diff --git a/mw_context_vars.go b/mw_context_vars.go
@@ -53,7 +53,12 @@ func (m *MiddlewareContextVars) ProcessRequest(w http.ResponseWriter, r *http.Re
 	//Correlation ID
 	contextDataObject["request_id"] = uuid.NewV4().String()
 
+	for _, c := range copiedRequest.Cookies() {
+		name := "cookies_" + strings.Replace(c.Name, "-", "_", -1)
+		contextDataObject[name] = c.Value
+	}
+
 	ctxSetData(r, contextDataObject)
 
-	return nil, 200
+	return nil, http.StatusOK
 }
diff --git a/mw_context_vars_test.go b/mw_context_vars_test.go
@@ -1,6 +1,9 @@
 package main
 
 import (
+	"errors"
+	"net/http"
+	"net/http/httptest"
 	"testing"
 
 	"github.com/TykTechnologies/tyk/apidef"
@@ -34,3 +37,34 @@ func TestContextVarsMiddleware(t *testing.T) {
 		{Path: "/test/path", Code: 200, BodyMatch: `"X-Request-Id":"`},
 	}...)
 }
+
+func TestMiddlewareContextVars_ProcessRequest_cookies(t *testing.T) {
+
+	req, _ := http.NewRequest(http.MethodGet, "/", nil)
+	res := httptest.NewRecorder()
+
+	req.Header.Set("Cookie", "abc=123; def=456")
+
+	err, code := (&MiddlewareContextVars{}).ProcessRequest(res, req, nil)
+	if err != nil {
+		t.Fatal(err)
+	}
+
+	if code != http.StatusOK {
+		t.Fatal(errors.New("non 200 status code"))
+	}
+
+	ctx := ctxGetData(req)
+
+	if ctx["cookies_abc"].(string) != "123" {
+		t.Error("abc should be 123")
+	}
+
+	if ctx["cookies_def"].(string) != "456" {
+		t.Error("def should be 456")
+	}
+
+	if ctx["cookies_ghi"] != nil {
+		t.Error("ghi should be nil")
+	}
+}
diff --git a/mw_ip_blacklist.go b/mw_ip_blacklist.go
@@ -4,6 +4,8 @@ import (
 	"errors"
 	"net"
 	"net/http"
+
+	"github.com/TykTechnologies/tyk/request"
 )
 
 // IPBlackListMiddleware lets you define a list of IPs to block from upstream
@@ -21,7 +23,7 @@ func (i *IPBlackListMiddleware) EnabledForSpec() bool {
 
 // ProcessRequest will run any checks on the request on the way through the system, return an error to have the chain fail
 func (i *IPBlackListMiddleware) ProcessRequest(w http.ResponseWriter, r *http.Request, _ interface{}) (error, int) {
-	remoteIP := net.ParseIP(requestIP(r))
+	remoteIP := net.ParseIP(request.RealIP(r))
 
 	// Enabled, check incoming IP address
 	for _, ip := range i.Spec.BlacklistedIPs {