From af62c0852cf9c47fe346bc7ec7e6d3c6678f35d7 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Andr=C3=A9=20Lahmann?= <lahmann@ub.uni-leipzig.de>
Date: Tue, 4 Apr 2023 16:15:09 +0200
Subject: [PATCH] refs #23625 [finc] removed finc specific IP
PermissionProviders
* add missing config section
---
local/config/vufind/config.ini | 53 ++++++++++-
module/finc/config/module.config.php | 19 ----
.../Role/PermissionProvider/IpRangeFoFor.php | 92 -------------------
.../IpRangeFoForFactory.php | 74 ---------------
.../Role/PermissionProvider/IpRangeReal.php | 56 -----------
.../PermissionProvider/IpRangeRealFactory.php | 74 ---------------
.../Role/PermissionProvider/IpRegExFoFor.php | 89 ------------------
.../IpRegExFoForFactory.php | 73 ---------------
.../Role/PermissionProvider/IpRegExReal.php | 56 -----------
.../PermissionProvider/IpRegExRealFactory.php | 73 ---------------
10 files changed, 48 insertions(+), 611 deletions(-)
delete mode 100644 module/finc/src/finc/Role/PermissionProvider/IpRangeFoFor.php
delete mode 100644 module/finc/src/finc/Role/PermissionProvider/IpRangeFoForFactory.php
delete mode 100644 module/finc/src/finc/Role/PermissionProvider/IpRangeReal.php
delete mode 100644 module/finc/src/finc/Role/PermissionProvider/IpRangeRealFactory.php
delete mode 100644 module/finc/src/finc/Role/PermissionProvider/IpRegExFoFor.php
delete mode 100644 module/finc/src/finc/Role/PermissionProvider/IpRegExFoForFactory.php
delete mode 100644 module/finc/src/finc/Role/PermissionProvider/IpRegExReal.php
delete mode 100644 module/finc/src/finc/Role/PermissionProvider/IpRegExRealFactory.php
diff --git a/local/config/vufind/config.ini b/local/config/vufind/config.ini
index 5ef911932ca..94907f0f9e1 100644
--- a/local/config/vufind/config.ini
+++ b/local/config/vufind/config.ini
@@ -1390,11 +1390,54 @@ url = https://www.myendnoteweb.com/EndNoteWeb.html
; curl adapter for HTTP requests.
; type = socks5
; type = socks5_hostname
-; This setting can be used to define a reqular expression pattern for addresses that
-; should be considered local and bypass proxy when making requests. Default is:
-; local_addresses = "@^(localhost|127(\.\d+){3}|\[::1\])@"
-; Following example bypasses also any address starting with '192.168.':
-; local_addresses = "@^(localhost|127(\.\d+){3}|\[::1\]|192\.168\.)@"
+
+; If VuFind is running behind a proxy that uses X-Real-IP/X-Forwarded-For headers,
+; you should configure this setting on so that VuFind reports correct user IP
+; addresses, and sets permissions appropriately. CONFIGURE THIS WITH CARE! It is
+; possible to spoof IP addresses, and configuring this to differentiate between
+; legitimate headers from your proxy and spoofed values is critical to protecting
+; your content.
+;
+; The setting should be an ordered, comma-separated list of headers, with optional
+; colon-separated modifiers specifying behavior.
+;
+; Header values can be any keys in PHP's $_SERVER superglobal array; these are
+; the most commonly used options:
+; - HTTP_X_FORWARDED_FOR
+; - HTTP_X_REAL_IP
+;
+; Supported behaviors (if unspecified, "single" is the default behavior):
+; - first (pick the first comma-separated value; e.g. "a" in "a, b, c")
+; - last (pick the last comma-separated value; e.g. "c" in "a, b, c")
+; - single (enforce single values; completely ignore multi-valued headers)
+;
+; See also forwarded_ip_filter below for a way to filter out known IP addresses
+; of internal network devices before applying first/last/single settings.
+;
+; When commented out or set to false, only the regular REMOTE_ADDR value will
+; be used for IP detection. REMOTE_ADDR will also be used as the default value
+; if none of the configured headers are populated.
+;
+; If you need to implement more nuanced functionality, you can extend or
+; override the VuFind\Net\UserIpReader class to implement your own logic.
+;
+; You can use a header-modifying browser plugin to determine how your proxy
+; will respond to spoofing attempts.
+;
+; See this wiki page for additional notes and comments:
+; https://vufind.org/wiki/administration:security#proxies_and_ip_authentication
+;
+; The example below, if uncommented, will use X-Real-IP if found, and the
+; rightmost value of X-Forwarded-For otherwise (resorting to REMOTE_ADDR only
+; if no relevant X- headers are found).
+;allow_forwarded_ips = "HTTP_X_REAL_IP:single,HTTP_X_FORWARDED_FOR:last"
+
+; This setting can be used in combination with allow_forwarded_ips to prevent
+; known IP addresses of internal proxies and network devices from being reported
+; as end user IP addresses. You can repeat the setting for each IP address that
+; you wish to exclude. The first/last/single processing parameters used by
+; allow_forwarded_ips will be applied AFTER removing addresses filtered here.
+;forwarded_ip_filter[] = 1.2.3.4
; Default HTTP settings can be loaded here. These values will be passed to
; the \Laminas\Http\Client's setOptions method.
diff --git a/module/finc/config/module.config.php b/module/finc/config/module.config.php
index c836410c342..dbea4beaae9 100644
--- a/module/finc/config/module.config.php
+++ b/module/finc/config/module.config.php
@@ -258,28 +258,9 @@ $config = [
'vufind_permission_provider_manager' => [
'factories' => [
'catUserType' => \finc\Role\PermissionProvider\CatUserTypeFactory::class,
- 'ipRangeFoFor' => \finc\Role\PermissionProvider\IpRangeFoForFactory::class,
- 'ipRegExFoFor' => \finc\Role\PermissionProvider\IpRegExFoForFactory::class,
- 'ipRangeReal' => \finc\Role\PermissionProvider\IpRangeRealFactory::class,
- 'ipRegExReal' => \finc\Role\PermissionProvider\IpRegExRealFactory::class,
- 'finc\Role\PermissionProvider\CatUserType' =>
- \finc\Role\PermissionProvider\CatUserTypeFactory::class,
- 'finc\Role\PermissionProvider\IpRangeFoFor' =>
- \finc\Role\PermissionProvider\IpRangeFoForFactory::class,
- 'finc\Role\PermissionProvider\IpRegExFoFor' =>
- \finc\Role\PermissionProvider\IpRegExFoForFactory::class,
- 'finc\Role\PermissionProvider\IpRangeReal' =>
- \finc\Role\PermissionProvider\IpRangeRealFactory::class,
- 'finc\Role\PermissionProvider\IpRegExReal' =>
- \finc\Role\PermissionProvider\IpRegExRealFactory::class,
],
'aliases' => [
'CatUserType' => 'finc\Role\PermissionProvider\CatUserType',
- 'IpRangeFoFor' => 'finc\Role\PermissionProvider\IpRangeFoFor',
- 'IpRegExFoFor' => 'finc\Role\PermissionProvider\IpRegExFoFor',
- 'IpRangeReal' => 'finc\Role\PermissionProvider\IpRangeReal',
- 'IpRegExReal' => 'finc\Role\PermissionProvider\IpRegExReal',
- 'IpRange' => 'VuFind\Role\PermissionProvider\IpRange',
]
]
],
diff --git a/module/finc/src/finc/Role/PermissionProvider/IpRangeFoFor.php b/module/finc/src/finc/Role/PermissionProvider/IpRangeFoFor.php
deleted file mode 100644
index 03036b7f9de..00000000000
--- a/module/finc/src/finc/Role/PermissionProvider/IpRangeFoFor.php
+++ /dev/null
@@ -1,92 +0,0 @@
-<?php
-/**
- * IpRange permission provider for VuFind.
- *
- * PHP version 5
- *
- * Copyright (C) Villanova University 2007.
- * Copyright (C) The National Library of Finland 2015.
- *
- * This program is free software; you can redistribute it and/or modify
- * it under the terms of the GNU General Public License version 2,
- * as published by the Free Software Foundation.
- *
- * This program is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
- * GNU General Public License for more details.
- *
- * You should have received a copy of the GNU General Public License
- * along with this program; if not, write to the Free Software
- * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
- *
- * @category VuFind
- * @package Authorization
- * @author Demian Katz <demian.katz@villanova.edu>
- * @author Jochen Lienhard <lienhard@ub.uni-freiburg.de>
- * @author Ere Maijala <ere.maijala@helsinki.fi>
- * @author Gregor Gawol <gawol@ub.uni-leipzig.de>
- * @license http://opensource.org/licenses/gpl-2.0.php GNU General Public License
- * @link https://vufind.org Main Page
- */
-namespace finc\Role\PermissionProvider;
-
-/**
- * IpRange permission provider for VuFind.
- *
- * @category VuFind
- * @package Authorization
- * @author Demian Katz <demian.katz@villanova.edu>
- * @author Jochen Lienhard <lienhard@ub.uni-freiburg.de>
- * @author Ere Maijala <ere.maijala@helsinki.fi>
- * @author Gregor Gawol <gawol@ub.uni-leipzig.de>
- * @license http://opensource.org/licenses/gpl-2.0.php GNU General Public License
- * @link https://vufind.org Main Page
- */
-class IpRangeFoFor extends \VuFind\Role\PermissionProvider\IpRange
-{
- /**
- * Returns remote address based on eventual proxy headers
- *
- * @return string
- */
- protected function getRemoteAddr()
- {
- // a list of ips the request is forwarded for - first is latest
- $HttpXForwardedForList = explode(',', $this->request->getServer()->get('HTTP_X_FORWARDED_FOR'));
-
- if ($ip = array_shift($HttpXForwardedForList)) {
- return $ip;
- }
-
- // often provided by nginx-reverse-proxies, should be used since its the nature of the value
- if ($ip = $this->request->getServer()->get('HTTP_X_REAL_IP')) {
- return $ip;
- }
-
- return $this->request->getServer()->get('REMOTE_ADDR');
- }
-
- /**
- * Return an array of roles which may be granted the permission based on
- * the options.
- *
- * Checks server variable HTTP_X_FORWARDED_FOR
- *
- * @param mixed $options Options provided from configuration.
- *
- * @return array
- */
- public function getPermissions($options)
- {
-
- // Check if any regex matches....
- if ($this->ipAddressUtils->isInRange($this->getRemoteAddr(), (array)$options)) {
- // Match? Grant to all users (guest or logged in).
- return ['guest', 'loggedin'];
- }
-
- // No match? No permissions.
- return [];
- }
-}
diff --git a/module/finc/src/finc/Role/PermissionProvider/IpRangeFoForFactory.php b/module/finc/src/finc/Role/PermissionProvider/IpRangeFoForFactory.php
deleted file mode 100644
index d29a348c76a..00000000000
--- a/module/finc/src/finc/Role/PermissionProvider/IpRangeFoForFactory.php
+++ /dev/null
@@ -1,74 +0,0 @@
-<?php
-/**
- * IpRangeFoFor Factory Class
- *
- * PHP version 5
- *
- * Copyright (C) Villanova University 2014.
- *
- * This program is free software; you can redistribute it and/or modify
- * it under the terms of the GNU General Public License version 2,
- * as published by the Free Software Foundation.
- *
- * This program is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
- * GNU General Public License for more details.
- *
- * You should have received a copy of the GNU General Public License
- * along with this program; if not, write to the Free Software
- * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
- *
- * @category VuFind
- * @package Authorization
- * @author Demian Katz <demian.katz@villanova.edu>
- * @license http://opensource.org/licenses/gpl-2.0.php GNU General Public License
- * @link https://vufind.org/wiki/development:plugins:hierarchy_components Wiki
- */
-namespace finc\Role\PermissionProvider;
-
-use Interop\Container\ContainerInterface;
-use Laminas\ServiceManager\Factory\FactoryInterface;
-use Laminas\ServiceManager\ServiceManager;
-
-/**
- * IpRangeFoFor Factory Class
- *
- * @category VuFind
- * @package Authorization
- * @author Demian Katz <demian.katz@villanova.edu>
- * @license http://opensource.org/licenses/gpl-2.0.php GNU General Public License
- * @link https://vufind.org/wiki/development:plugins:hierarchy_components Wiki
- *
- * @codeCoverageIgnore
- */
-class IpRangeFoForFactory implements FactoryInterface
-{
- /**
- * Create an IpRangeFoFor
- *
- * @param ContainerInterface $container Service manager
- * @param string $requestedName Service being created
- * @param null|array $options Extra options (optional)
- *
- * @return IpRangeFoFor
- *
- * @throws ServiceNotFoundException if unable to resolve the service.
- * @throws ServiceNotCreatedException if an exception is raised when
- * creating a service.
- * @throws ContainerException if any other error occurs
- */
- public function __invoke(
- ContainerInterface $container,
- $requestedName,
- array $options = null
- ) {
- if (!empty($options)) {
- throw new \Exception('Unexpected options sent to factory.');
- }
- return new IpRangeFoFor(
- $container->get('Request'),
- $container->get('VuFind\IpAddressUtils')
- );
- }
-}
diff --git a/module/finc/src/finc/Role/PermissionProvider/IpRangeReal.php b/module/finc/src/finc/Role/PermissionProvider/IpRangeReal.php
deleted file mode 100644
index 189b37cae64..00000000000
--- a/module/finc/src/finc/Role/PermissionProvider/IpRangeReal.php
+++ /dev/null
@@ -1,56 +0,0 @@
-<?php
-/**
- * IpRangeReal permission provider for VuFind.
- *
- * PHP version 7
- *
- * Copyright (C) Villanova University 2007.
- * Copyright (C) Leipzig University Library 2022.
- *
- * This program is free software; you can redistribute it and/or modify
- * it under the terms of the GNU General Public License version 2,
- * as published by the Free Software Foundation.
- *
- * This program is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
- * GNU General Public License for more details.
- *
- * You should have received a copy of the GNU General Public License
- * along with this program; if not, write to the Free Software
- * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
- *
- * @category VuFind
- * @package Authorization
- * @author André Lahmann <lahmann@ub.uni-leipzig.de>
- * @license http://opensource.org/licenses/gpl-2.0.php GNU General Public License
- * @link https://vufind.org Main Page
- */
-namespace finc\Role\PermissionProvider;
-
-/**
- * IpRangeReal permission provider for VuFind.
- *
- * @category VuFind
- * @package Authorization
- * @author André Lahmann <lahmann@ub.uni-leipzig.de>
- * @license http://opensource.org/licenses/gpl-2.0.php GNU General Public License
- * @link https://vufind.org Main Page
- */
-class IpRangeReal extends \finc\Role\PermissionProvider\IpRangeFoFor
-{
- /**
- * Returns remote address based on eventual proxy headers
- *
- * @return string
- */
- protected function getRemoteAddr()
- {
- // often provided by nginx-reverse-proxies, should be used since its the nature of the value
- if ($ip = $this->request->getServer()->get('HTTP_X_REAL_IP')) {
- return $ip;
- }
-
- return $this->request->getServer()->get('REMOTE_ADDR');
- }
-}
diff --git a/module/finc/src/finc/Role/PermissionProvider/IpRangeRealFactory.php b/module/finc/src/finc/Role/PermissionProvider/IpRangeRealFactory.php
deleted file mode 100644
index 947ce4f2b90..00000000000
--- a/module/finc/src/finc/Role/PermissionProvider/IpRangeRealFactory.php
+++ /dev/null
@@ -1,74 +0,0 @@
-<?php
-/**
- * IpRangeReal Factory Class
- *
- * PHP version 7
- *
- * Copyright (C) Villanova University 2014.
- *
- * This program is free software; you can redistribute it and/or modify
- * it under the terms of the GNU General Public License version 2,
- * as published by the Free Software Foundation.
- *
- * This program is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
- * GNU General Public License for more details.
- *
- * You should have received a copy of the GNU General Public License
- * along with this program; if not, write to the Free Software
- * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
- *
- * @category VuFind
- * @package Authorization
- * @author Demian Katz <demian.katz@villanova.edu>
- * @license http://opensource.org/licenses/gpl-2.0.php GNU General Public License
- * @link https://vufind.org/wiki/development:plugins:hierarchy_components Wiki
- */
-namespace finc\Role\PermissionProvider;
-
-use Interop\Container\ContainerInterface;
-use Laminas\ServiceManager\Factory\FactoryInterface;
-use Laminas\ServiceManager\ServiceManager;
-
-/**
- * IpRangeReal Factory Class
- *
- * @category VuFind
- * @package Authorization
- * @author Demian Katz <demian.katz@villanova.edu>
- * @license http://opensource.org/licenses/gpl-2.0.php GNU General Public License
- * @link https://vufind.org/wiki/development:plugins:hierarchy_components Wiki
- *
- * @codeCoverageIgnore
- */
-class IpRangeRealFactory implements FactoryInterface
-{
- /**
- * Create an IpRangeReal
- *
- * @param ContainerInterface $container Service manager
- * @param string $requestedName Service being created
- * @param null|array $options Extra options (optional)
- *
- * @return IpRangeReal
- *
- * @throws ServiceNotFoundException if unable to resolve the service.
- * @throws ServiceNotCreatedException if an exception is raised when
- * creating a service.
- * @throws ContainerException if any other error occurs
- */
- public function __invoke(
- ContainerInterface $container,
- $requestedName,
- array $options = null
- ) {
- if (!empty($options)) {
- throw new \Exception('Unexpected options sent to factory.');
- }
- return new IpRangeReal(
- $container->get('Request'),
- $container->get('VuFind\IpAddressUtils')
- );
- }
-}
diff --git a/module/finc/src/finc/Role/PermissionProvider/IpRegExFoFor.php b/module/finc/src/finc/Role/PermissionProvider/IpRegExFoFor.php
deleted file mode 100644
index 1473ed55a37..00000000000
--- a/module/finc/src/finc/Role/PermissionProvider/IpRegExFoFor.php
+++ /dev/null
@@ -1,89 +0,0 @@
-<?php
-/**
- * IpRegExFoFor permission provider for VuFind.
- *
- * PHP version 5
- *
- * Copyright (C) Villanova University 2007.
- *
- * This program is free software; you can redistribute it and/or modify
- * it under the terms of the GNU General Public License version 2,
- * as published by the Free Software Foundation.
- *
- * This program is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
- * GNU General Public License for more details.
- *
- * You should have received a copy of the GNU General Public License
- * along with this program; if not, write to the Free Software
- * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
- *
- * @category VuFind
- * @package Authorization
- * @author Gregor Gawol <gawol@ub.uni-leipzig.de>
- * @author Ulf Seltmann <ulf.seltmann@hmt-leipzig.de>
- * @license http://opensource.org/licenses/gpl-2.0.php GNU General Public License
- * @link https://vufind.org Main Page
- */
-namespace finc\Role\PermissionProvider;
-
-/**
- * IpRegExFoFor permission provider for VuFind.
- *
- * @category VuFind
- * @package Authorization
- * @author Gregor Gawol <gawol@ub.uni-leipzig.de>
- * @author Ulf Seltmann <ulf.seltmann@hmt-leipzig.de>
- * @license http://opensource.org/licenses/gpl-2.0.php GNU General Public License
- * @link https://vufind.org Main Page
- */
-class IpRegExFoFor extends \VuFind\Role\PermissionProvider\IpRegEx
-{
- /**
- * Returns remote address based on eventual proxy headers
- *
- * @return string
- */
- protected function getRemoteAddr()
- {
- // a list of ips the request is forwarded for - first is latest
- $HttpXForwardedForList = explode(',', $this->request->getServer()->get('HTTP_X_FORWARDED_FOR'));
-
- if ($ip = array_shift($HttpXForwardedForList)) {
- return $ip;
- }
-
- // often provided by nginx-reverse-proxies, should be used since its the nature of the value
- if ($ip = $this->request->getServer()->get('HTTP_X_REAL_IP')) {
- return $ip;
- }
-
- return $this->request->getServer()->get('REMOTE_ADDR');
- }
-
- /**
- * Return an array of roles which may be granted the permission based on
- * the options.
- *
- * Checks server variable HTTP_X_FORWARDED_FOR
- *
- * @param mixed $options Options provided from configuration.
- *
- * @return array
- */
- public function getPermissions($options)
- {
- // Check if any regex matches....
- $ip = $this->getRemoteAddr();
- foreach ((array)$options as $current) {
- if (preg_match($current, $ip)) {
- // Match? Grant to all users (guest or logged in).
- return ['guest', 'loggedin'];
- }
- }
-
- // No match? No permissions.
- return [];
- }
-}
diff --git a/module/finc/src/finc/Role/PermissionProvider/IpRegExFoForFactory.php b/module/finc/src/finc/Role/PermissionProvider/IpRegExFoForFactory.php
deleted file mode 100644
index 06c261aca36..00000000000
--- a/module/finc/src/finc/Role/PermissionProvider/IpRegExFoForFactory.php
+++ /dev/null
@@ -1,73 +0,0 @@
-<?php
-/**
- * IpRegExFoFor Factory Class
- *
- * PHP version 5
- *
- * Copyright (C) Villanova University 2014.
- *
- * This program is free software; you can redistribute it and/or modify
- * it under the terms of the GNU General Public License version 2,
- * as published by the Free Software Foundation.
- *
- * This program is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
- * GNU General Public License for more details.
- *
- * You should have received a copy of the GNU General Public License
- * along with this program; if not, write to the Free Software
- * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
- *
- * @category VuFind
- * @package Authorization
- * @author Demian Katz <demian.katz@villanova.edu>
- * @license http://opensource.org/licenses/gpl-2.0.php GNU General Public License
- * @link https://vufind.org/wiki/development:plugins:hierarchy_components Wiki
- */
-namespace finc\Role\PermissionProvider;
-
-use Interop\Container\ContainerInterface;
-use Laminas\ServiceManager\Factory\FactoryInterface;
-use Laminas\ServiceManager\ServiceManager;
-
-/**
- * IpRegExFoFor Factory Class
- *
- * @category VuFind
- * @package Authorization
- * @author Demian Katz <demian.katz@villanova.edu>
- * @license http://opensource.org/licenses/gpl-2.0.php GNU General Public License
- * @link https://vufind.org/wiki/development:plugins:hierarchy_components Wiki
- *
- * @codeCoverageIgnore
- */
-class IpRegExFoForFactory implements FactoryInterface
-{
- /**
- * Create an IpRegExFoFor
- *
- * @param ContainerInterface $container Service manager
- * @param string $requestedName Service being created
- * @param null|array $options Extra options (optional)
- *
- * @return IpRegExFoFor
- *
- * @throws ServiceNotFoundException if unable to resolve the service.
- * @throws ServiceNotCreatedException if an exception is raised when
- * creating a service.
- * @throws ContainerException if any other error occurs
- */
- public function __invoke(
- ContainerInterface $container,
- $requestedName,
- array $options = null
- ) {
- if (!empty($options)) {
- throw new \Exception('Unexpected options sent to factory.');
- }
- return new IpRegExFoFor(
- $container->get('Request')
- );
- }
-}
diff --git a/module/finc/src/finc/Role/PermissionProvider/IpRegExReal.php b/module/finc/src/finc/Role/PermissionProvider/IpRegExReal.php
deleted file mode 100644
index 432385cb439..00000000000
--- a/module/finc/src/finc/Role/PermissionProvider/IpRegExReal.php
+++ /dev/null
@@ -1,56 +0,0 @@
-<?php
-/**
- * IpRegExReal permission provider for VuFind.
- *
- * PHP version 7
- *
- * Copyright (C) Villanova University 2007.
- * Copyright (C) Leipzig University Library 2022.
- *
- * This program is free software; you can redistribute it and/or modify
- * it under the terms of the GNU General Public License version 2,
- * as published by the Free Software Foundation.
- *
- * This program is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
- * GNU General Public License for more details.
- *
- * You should have received a copy of the GNU General Public License
- * along with this program; if not, write to the Free Software
- * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
- *
- * @category VuFind
- * @package Authorization
- * @author André Lahmann <lahmann@ub.uni-leipzig.de>
- * @license http://opensource.org/licenses/gpl-2.0.php GNU General Public License
- * @link https://vufind.org Main Page
- */
-namespace finc\Role\PermissionProvider;
-
-/**
- * IpRegExReal permission provider for VuFind.
- *
- * @category VuFind
- * @package Authorization
- * @author André Lahmann <lahmann@ub.uni-leipzig.de>
- * @license http://opensource.org/licenses/gpl-2.0.php GNU General Public License
- * @link https://vufind.org Main Page
- */
-class IpRegExReal extends \finc\Role\PermissionProvider\IpRegExFoFor
-{
- /**
- * Returns remote address based on eventual proxy headers
- *
- * @return string
- */
- protected function getRemoteAddr()
- {
- // often provided by nginx-reverse-proxies, should be used since its the nature of the value
- if ($ip = $this->request->getServer()->get('HTTP_X_REAL_IP')) {
- return $ip;
- }
-
- return $this->request->getServer()->get('REMOTE_ADDR');
- }
-}
diff --git a/module/finc/src/finc/Role/PermissionProvider/IpRegExRealFactory.php b/module/finc/src/finc/Role/PermissionProvider/IpRegExRealFactory.php
deleted file mode 100644
index 4c6f5368105..00000000000
--- a/module/finc/src/finc/Role/PermissionProvider/IpRegExRealFactory.php
+++ /dev/null
@@ -1,73 +0,0 @@
-<?php
-/**
- * IpRegExReal Factory Class
- *
- * PHP version 7
- *
- * Copyright (C) Villanova University 2014.
- *
- * This program is free software; you can redistribute it and/or modify
- * it under the terms of the GNU General Public License version 2,
- * as published by the Free Software Foundation.
- *
- * This program is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
- * GNU General Public License for more details.
- *
- * You should have received a copy of the GNU General Public License
- * along with this program; if not, write to the Free Software
- * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
- *
- * @category VuFind
- * @package Authorization
- * @author Demian Katz <demian.katz@villanova.edu>
- * @license http://opensource.org/licenses/gpl-2.0.php GNU General Public License
- * @link https://vufind.org/wiki/development:plugins:hierarchy_components Wiki
- */
-namespace finc\Role\PermissionProvider;
-
-use Interop\Container\ContainerInterface;
-use Laminas\ServiceManager\Factory\FactoryInterface;
-use Laminas\ServiceManager\ServiceManager;
-
-/**
- * IpRegExReal Factory Class
- *
- * @category VuFind
- * @package Authorization
- * @author Demian Katz <demian.katz@villanova.edu>
- * @license http://opensource.org/licenses/gpl-2.0.php GNU General Public License
- * @link https://vufind.org/wiki/development:plugins:hierarchy_components Wiki
- *
- * @codeCoverageIgnore
- */
-class IpRegExRealFactory implements FactoryInterface
-{
- /**
- * Create an IpRegExReal
- *
- * @param ContainerInterface $container Service manager
- * @param string $requestedName Service being created
- * @param null|array $options Extra options (optional)
- *
- * @return IpRegExReal
- *
- * @throws ServiceNotFoundException if unable to resolve the service.
- * @throws ServiceNotCreatedException if an exception is raised when
- * creating a service.
- * @throws ContainerException if any other error occurs
- */
- public function __invoke(
- ContainerInterface $container,
- $requestedName,
- array $options = null
- ) {
- if (!empty($options)) {
- throw new \Exception('Unexpected options sent to factory.');
- }
- return new IpRegExReal(
- $container->get('Request')
- );
- }
-}
--
GitLab