Consent Reporting Client IP (#4440)

ethyca · Nov 22, 2023 · 1459323 · 1459323
1 parent 5790645
commit 1459323
Show file tree

Hide file tree

Showing 3 changed files with 78 additions and 1 deletion.
diff --git a/CHANGELOG.md b/CHANGELOG.md
@@ -31,6 +31,7 @@ The types of changes are:
 
 ### Fixed
 - Use correct defaults when there is no associated preference in the cookie [#4451](https://github.com/ethyca/fides/pull/4451)
+- IP Addresses behind load balancers for consent reporting [#4440](https://github.com/ethyca/fides/pull/4440)
 
 ## [2.24.1](https://github.com/ethyca/fides/compare/2.24.0...2.24.1)
 

diff --git a/src/fides/api/api/v1/endpoints/privacy_preference_endpoints.py b/src/fides/api/api/v1/endpoints/privacy_preference_endpoints.py
@@ -172,7 +172,8 @@ def get_request_origin_and_config() -> Tuple[Optional[str], Optional[str]]:
         return origin, experience_config_history_identifier
 
     request_headers = request.headers
-    ip_address: Optional[str] = request.client.host if request.client else None
+
+    ip_address: Optional[str] = get_ip_address(request)
     user_agent: Optional[str] = request_headers.get("User-Agent")
     url_recorded: Optional[str] = request_headers.get("Referer")
     request_origin, experience_config_history_id = get_request_origin_and_config()
@@ -187,6 +188,26 @@ def get_request_origin_and_config() -> Tuple[Optional[str], Optional[str]]:
     )
 
 
+def get_ip_address(request: Request) -> Optional[str]:
+    """Get client ip, preferring x-forwarded-for if it exists, otherwise, dropping back to
+    request.client.host"""
+    x_forwarded_for = (
+        request.headers.get("x-forwarded-for") if request.headers else None
+    )
+
+    client_ip: Optional[str] = None
+    if x_forwarded_for:
+        try:
+            client_ip = x_forwarded_for.split(",")[0].strip()
+        except AttributeError:
+            pass
+
+    if not client_ip:
+        client_ip = request.client.host if request.client else None
+
+    return client_ip
+
+
 def update_request_body_for_consent_served_or_saved(
     db: Session,
     verified_provided_identity: Optional[ProvidedIdentity],

diff --git a/tests/ops/api/v1/endpoints/test_served_notice_endpoints.py b/tests/ops/api/v1/endpoints/test_served_notice_endpoints.py
@@ -216,6 +216,61 @@ def test_record_notices_served_with_respect_to_fides_user_device_id(
         last_served_notice.delete(db)
         served_notice_history.delete(db)
 
+    def test_record_notices_served_x_forwarded_for(
+        self,
+        db,
+        api_client,
+        url,
+        request_body,
+    ):
+        """Assert IP Address is pulled off of x-forwarded-for if it exists"""
+        response = api_client.patch(
+            url,
+            json=request_body,
+            headers={
+                "Origin": "http://localhost:8080",
+                "X-Forwarded-For": "22.104.237.248,0.142.88.40,90.247.24.85",
+            },
+        )
+        assert response.status_code == 200
+        assert len(response.json()) == 1
+        use_served_history = ServedNoticeHistory.get(
+            db, object_id=response.json()[0]["served_notice_history_id"]
+        )
+        assert use_served_history.anonymized_ip_address == "22.104.237.0"
+
+        last_served_record = LastServedNotice.get(
+            db, object_id=use_served_history.last_served_record.id
+        )
+        last_served_record.delete(db)
+        use_served_history.delete(db)
+
+    def test_record_notices_served_client_ip(
+        self,
+        db,
+        api_client,
+        url,
+        request_body,
+    ):
+        """Assert falls back to client ip if no x-forwarded-for
+        In this case, we're using the testclient, whose host is testclient, so IP address
+        falls back to None
+        """
+        response = api_client.patch(
+            url, json=request_body, headers={"Origin": "http://localhost:8080"}
+        )
+        assert response.status_code == 200
+        assert len(response.json()) == 1
+        use_served_history = ServedNoticeHistory.get(
+            db, object_id=response.json()[0]["served_notice_history_id"]
+        )
+        assert use_served_history.anonymized_ip_address is None
+        last_served_record = LastServedNotice.get(
+            db, object_id=use_served_history.last_served_record.id
+        )
+        last_served_record.delete(db)
+        use_served_history.delete(db)
+
     def test_duplicate_tcf_special_purpose_served(
         self,
         api_client,