From a7d0b28970583f5357a0d3a5b399718a507d23f2 Mon Sep 17 00:00:00 2001
From: Daniel Gimenes <daniel@danielgimenes.com.br>
Date: Mon, 27 Jun 2016 12:27:44 -0300
Subject: [PATCH] Throw exception instead of returning 403

---
 src/Middleware/LocalhostCheckerMiddleware.php      | 10 +++++++---
 test/Middleware/LocalhostCheckerMiddlewareTest.php | 14 +++++++++-----
 2 files changed, 16 insertions(+), 8 deletions(-)

diff --git a/src/Middleware/LocalhostCheckerMiddleware.php b/src/Middleware/LocalhostCheckerMiddleware.php
index 572fb1b..6b28633 100644
--- a/src/Middleware/LocalhostCheckerMiddleware.php
+++ b/src/Middleware/LocalhostCheckerMiddleware.php
@@ -4,6 +4,7 @@
 
 use Psr\Http\Message\ResponseInterface;
 use Psr\Http\Message\ServerRequestInterface;
+use ZfrEbWorker\Exception\RuntimeException;
 
 /**
  * Middleware that protects the worker middleware by only allowing localhost requests
@@ -29,11 +30,14 @@ public function __invoke(
         callable $out = null
     ): ResponseInterface {
         $serverParams = $request->getServerParams();
-        $remoteAddr   = $serverParams['REMOTE_ADDR'] ?? '';
+        $remoteAddr   = $serverParams['REMOTE_ADDR'] ?? 'unknown IP address';
 
-        // If request is not originating from localhost or from Docker local IP, we simply return 200
+        // If request is not originating from localhost or from Docker local IP, we throw an RuntimeException
         if (!in_array($remoteAddr, $this->localhost) && !fnmatch('172.17.*', $remoteAddr)) {
-            return $response->withStatus(403);
+            throw new RuntimeException(sprintf(
+                'Worker requests must come from localhost, request originated from %s given',
+                $remoteAddr
+            ));
         }
 
         return $out($request, $response, $out);
diff --git a/test/Middleware/LocalhostCheckerMiddlewareTest.php b/test/Middleware/LocalhostCheckerMiddlewareTest.php
index 989043e..9eb7a63 100644
--- a/test/Middleware/LocalhostCheckerMiddlewareTest.php
+++ b/test/Middleware/LocalhostCheckerMiddlewareTest.php
@@ -4,11 +4,12 @@
 
 use Psr\Http\Message\ServerRequestInterface;
 use Zend\Diactoros\Response;
+use ZfrEbWorker\Exception\RuntimeException;
 use ZfrEbWorker\Middleware\LocalhostCheckerMiddleware;
 
 class LocalhostCheckerMiddlewareTest extends \PHPUnit_Framework_TestCase
 {
-    public function testReturns403IfNotFromLocalhost()
+    public function testThrowsExceptionIfNotFromLocalhost()
     {
         $request  = $this->prophesize(ServerRequestInterface::class);
         $response = new Response();
@@ -17,11 +18,14 @@ public function testReturns403IfNotFromLocalhost()
 
         $middleware = new LocalhostCheckerMiddleware();
 
-        $returnedResponse = $middleware->__invoke($request->reveal(), $response, function() {
+        $this->expectException(RuntimeException::class);
+        $this->expectExceptionMessage(
+            'Worker requests must come from localhost, request originated from 123.43.45.242 given'
+        );
+
+        $middleware->__invoke($request->reveal(), $response, function() {
             $this->fail('Should not be called');
         });
-
-        $this->assertEquals(403, $returnedResponse->getStatusCode());
     }
 
     public function dockerIpAddresses()
@@ -79,4 +83,4 @@ public function testDelegateIfFromIPv6Localhost()
 
         $this->assertEquals(200, $returnedResponse->getStatusCode());
     }
-}
\ No newline at end of file
+}