diff --git a/src/Appwrite/Utopia/Request.php b/src/Appwrite/Utopia/Request.php index f8c0439293..480fce58b0 100644 --- a/src/Appwrite/Utopia/Request.php +++ b/src/Appwrite/Utopia/Request.php @@ -2,8 +2,10 @@ namespace Appwrite\Utopia; +use Appwrite\Auth\Auth; use Appwrite\Utopia\Request\Filter; use Swoole\Http\Request as SwooleRequest; +use Utopia\Database\Validator\Authorization; use Utopia\Route; use Utopia\Swoole\Request as UtopiaRequest; @@ -180,4 +182,27 @@ class Request extends UtopiaRequest $headers = $this->getHeaders(); return $headers[$key] ?? $default; } + + /** + * Get User Agent + * + * Method for getting User Agent. Preferring forwarded agent for privileged users; otherwise returns default. + * + * @param string $default + * @return string + */ + public function getUserAgent(string $default = ''): string + { + $forwardedUserAgent = $this->getHeader('x-forwarded-user-agent'); + if (!empty($forwardedUserAgent)) { + $roles = Authorization::getRoles(); + $isAppUser = Auth::isAppUser($roles); + + if ($isAppUser) { + return $forwardedUserAgent; + } + } + + return UtopiaRequest::getUserAgent($default); + } } diff --git a/tests/e2e/Services/Account/AccountCustomClientTest.php b/tests/e2e/Services/Account/AccountCustomClientTest.php index cca27cc3be..788f949fb3 100644 --- a/tests/e2e/Services/Account/AccountCustomClientTest.php +++ b/tests/e2e/Services/Account/AccountCustomClientTest.php @@ -2307,6 +2307,60 @@ class AccountCustomClientTest extends Scope $this->assertNotEmpty($response['body']['$id']); $this->assertNotEmpty($response['body']['expire']); $this->assertEmpty($response['body']['secret']); + $this->assertEquals('browser', $response['body']['clientType']); + $this->assertEquals('CH', $response['body']['clientCode']); + $this->assertEquals('Chrome', $response['body']['clientName']); + + // Forwarded User Agent with API Key + $response = $this->client->call(Client::METHOD_POST, '/users/' . $data['id'] . '/tokens', [ + 'content-type' => 'application/json', + 'x-appwrite-project' => $this->getProject()['$id'], + 'x-appwrite-key' => $this->getProject()['apiKey'], + ], [ + 'expire' => 60 + ]); + + $userId = $response['body']['userId']; + $secret = $response['body']['secret']; + + $response = $this->client->call(Client::METHOD_POST, '/account/sessions/token', [ + 'content-type' => 'application/json', + 'x-appwrite-project' => $this->getProject()['$id'], + 'x-appwrite-key' => $this->getProject()['apiKey'], + 'x-forwarded-user-agent' => 'Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.0.0 Mobile Safari/537.36' + ], [ + 'userId' => $userId, + 'secret' => $secret + ]); + + $this->assertEquals('browser', $response['body']['clientType']); + $this->assertEquals('CM', actual: $response['body']['clientCode']); + $this->assertEquals('Chrome Mobile', $response['body']['clientName']); + + // Forwarded User Agent without API Key + $response = $this->client->call(Client::METHOD_POST, '/users/' . $data['id'] . '/tokens', [ + 'content-type' => 'application/json', + 'x-appwrite-project' => $this->getProject()['$id'], + 'x-appwrite-key' => $this->getProject()['apiKey'], + ], [ + 'expire' => 60 + ]); + + $userId = $response['body']['userId']; + $secret = $response['body']['secret']; + + $response = $this->client->call(Client::METHOD_POST, '/account/sessions/token', [ + 'content-type' => 'application/json', + 'x-appwrite-project' => $this->getProject()['$id'], + 'x-forwarded-user-agent' => 'Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.0.0 Mobile Safari/537.36' + ], [ + 'userId' => $userId, + 'secret' => $secret + ]); + + $this->assertEquals('browser', $response['body']['clientType']); + $this->assertEquals('CH', $response['body']['clientCode']); + $this->assertEquals('Chrome', $response['body']['clientName']); /** * Test for FAILURE