SpecterOps · irshadaj · Jan 26, 2024 · Jan 26, 2024 · Jan 26, 2024 · Jan 26, 2024
diff --git a/cmd/api/src/api/middleware/middleware.go b/cmd/api/src/api/middleware/middleware.go
@@ -130,36 +130,35 @@ func ContextMiddleware(next http.Handler) http.Handler {
 			requestCtx, cancel := context.WithTimeout(request.Context(), requestedWaitDuration.Value)
 			defer cancel()
 			// Insert the bh context
-			requestCtx = ctx.Set(requestCtx, &ctx.Context{
-				StartTime: startTime,
-				Timeout:   requestedWaitDuration,
-				RequestID: requestID,
-				Host: &url.URL{
-					Scheme: getScheme(request),
-					Host:   request.Host,
-				},
-				RequestIP: parseUserIP(request),
-			})
+			if ipAddress, err := parseUserIP(request); err != nil {
+				log.Errorf(err.Error())
+			} else {
+				requestCtx = ctx.Set(requestCtx, &ctx.Context{
+					StartTime: startTime,
+					Timeout:   requestedWaitDuration,
+					RequestID: requestID,
+					Host: &url.URL{
+						Scheme: getScheme(request),
+						Host:   request.Host,
+					},
+					RequestIP: ipAddress,
+				})
+			}
 
 			// Route the request with the embedded context
 			next.ServeHTTP(response, request.WithContext(requestCtx))
 		}
 	})
 }
 
-func parseUserIP(r *http.Request) string {
-	IPAddress := r.Header.Get("X-Real-Ip")
-	if IPAddress == "" {
-		IPAddress = r.Header.Get("X-Forwarded-For")
-	}
-	if IPAddress == "" {
-		if parsedUrl, err := url.Parse(r.RemoteAddr); err != nil {
-			log.Errorf("error parsing IP address from RemoteAddr: %s", err)
-		} else {
-			IPAddress = parsedUrl.Hostname()
-		}
+func parseUserIP(r *http.Request) (string, error) {
+	if ipAddress := r.Header.Get("X-Forwarded-For"); ipAddress != "" {
+		return strings.Split(ipAddress, " ")[0], nil
+	} else if parsedUrl, err := url.Parse(r.RemoteAddr); err != nil {
+		return "", fmt.Errorf("error parsing IP address from RemoteAddr: %s", err)
+	} else {
+		return parsedUrl.Hostname(), nil
 	}
-	return IPAddress
 }
 
 func ParseHeaderValues(values string) map[string]string {

diff --git a/cmd/api/src/ctx/ctx.go b/cmd/api/src/ctx/ctx.go
@@ -126,8 +126,9 @@ const (
 func NewAuditLogFromContext(ctx Context, idResolver auth.IdentityResolver) (model.AuditLog, error) {
 	if ctx.AuditCtx.Model == nil {
 		return model.AuditLog{}, fmt.Errorf("model cannot be nil when creating a new audit log")
+	} else if ctx.AuditCtx.Action != model.AuditStatusFailure && ctx.AuditCtx.Action != model.AuditStatusSuccess {
+		return model.AuditLog{}, fmt.Errorf("invalid action specified in audit log: %s", ctx.AuditCtx.Action)
 	}
-	//TODO: Add a check for empty status to prevent nil pointer references
 	authContext := ctx.AuthCtx
 
 	if !authContext.Authenticated() {