#!/bin/bash

echo "=== CloudStack Forwarded Headers Test (PR #11386) ==="
echo "Testing on: $(hostname)"
echo "Date: $(date)"
echo

# Clear the access log to get clean results
echo "Clearing CloudStack access log..."
> /var/log/cloudstack/management/access.log

echo "Waiting 2 seconds for log clearing..."
sleep 2

echo "Running test API calls with forwarded headers..."
echo

# Test 1: X-Forwarded-For header (should be first priority)
echo "Test 1: Sending X-Forwarded-For: 203.0.113.1"
curl -s -H "X-Forwarded-For: 203.0.113.1" \
     "http://localhost:8080/client/api?command=listCapabilities&response=json" > /dev/null
sleep 1

# Test 2: HTTP_CLIENT_IP header
echo "Test 2: Sending HTTP_CLIENT_IP: 203.0.113.2"
curl -s -H "HTTP_CLIENT_IP: 203.0.113.2" \
     "http://localhost:8080/client/api?command=listCapabilities&response=json" > /dev/null
sleep 1

# Test 3: HTTP_X_FORWARDED_FOR header
echo "Test 3: Sending HTTP_X_FORWARDED_FOR: 203.0.113.3"
curl -s -H "HTTP_X_FORWARDED_FOR: 203.0.113.3" \
     "http://localhost:8080/client/api?command=listCapabilities&response=json" > /dev/null
sleep 1

# Test 4: Multiple headers (X-Forwarded-For should win based on default config)
echo "Test 4: Sending multiple headers (X-Forwarded-For: 203.0.113.10, HTTP_CLIENT_IP: 203.0.113.11)"
curl -s -H "X-Forwarded-For: 203.0.113.10" \
     -H "HTTP_CLIENT_IP: 203.0.113.11" \
     "http://localhost:8080/client/api?command=listCapabilities&response=json" > /dev/null
sleep 1

# Test 5: Control test - no forwarded headers (should show real IP)
echo "Test 5: Control test - no forwarded headers"
curl -s "http://localhost:8080/client/api?command=listCapabilities&response=json" > /dev/null
sleep 1

# Test 6: Comma-separated forwarded IPs (should use first one)
echo "Test 6: Comma-separated X-Forwarded-For: 203.0.113.20, 192.168.1.100"
curl -s -H "X-Forwarded-For: 203.0.113.20, 192.168.1.100" \
     "http://localhost:8080/client/api?command=listCapabilities&response=json" > /dev/null

echo
echo "Waiting 3 seconds for all requests to be logged..."
sleep 3

echo
echo "=== RESULTS ANALYSIS ==="
echo "CloudStack access log entries:"
echo "=============================="
tail -20 /var/log/cloudstack/management/access.log

echo
echo "=== VALIDATION ==="
echo "=================="

# Check if forwarded IPs appear in the log
if grep -q "203.0.113" /var/log/cloudstack/management/access.log; then
    echo "SUCCESS: Forwarded IP addresses found in CloudStack access log!"
    echo "PR #11386 forwarded headers functionality is working correctly"
    echo
    echo "Detected forwarded IPs:"
    echo "======================"
    grep "203.0.113" /var/log/cloudstack/management/access.log | while read line; do
        echo "  $line"
    done
    
    echo
    echo "Analysis:"
    echo "========="
    # Count different IPs to verify behavior
    unique_forwarded_ips=$(grep "203.0.113" /var/log/cloudstack/management/access.log | awk '{print $1}' | sort | uniq)
    echo "Unique forwarded IPs detected:"
    echo "$unique_forwarded_ips" | while read ip; do
        count=$(grep "$ip" /var/log/cloudstack/management/access.log | wc -l)
        echo "  $ip (appeared $count time(s))"
    done
    
else
    echo "ISSUE: No forwarded IP addresses (203.0.113.x) found in access log"
    echo "This suggests PR #11386 changes are not working correctly"
    echo
    echo "Troubleshooting info:"
    echo "===================="
    echo "All log entries:"
    cat /var/log/cloudstack/management/access.log
fi

echo
echo "Test completed at: $(date)"
echo "==========================="