When setting context remoteAddress: remove brackets if brackets are present

agent_api/src/main/java/dev/aikido/agent_api/helpers/extraction/IPV6BracketsHelper.java

@@ -0,0 +1,10 @@
+package dev.aikido.agent_api.helpers.extraction;
+
+public class IPV6BracketsHelper {
+    public static String removeIfExistsIPv6Brackets(String ip) {
+        if (ip.startsWith("[") && ip.endsWith("]")) {
+            return ip.substring(1, ip.length()-1);
+        }
+        return ip;
+    }
+}

agent_api/src/main/java/dev/aikido/agent_api/helpers/net/IPValidator.java

@@ -2,6 +2,8 @@
 
 import java.util.regex.Pattern;
 
+import static dev.aikido.agent_api.helpers.extraction.IPV6BracketsHelper.removeIfExistsIPv6Brackets;
+
 /**
  * Validates IP Addresses
  * Copied over from : https://github.com/validatorjs/validator.js/blob/master/src/lib/isIP.js
@@ -57,6 +59,7 @@ public static boolean isIP(String str, String version) {
         if (str == null || str.isEmpty()) {
             return false;
         }
+        str = removeIfExistsIPv6Brackets(str);
         if (version == null || version.isEmpty()) {
             return isIP(str, "4") || isIP(str, "6");
         }

agent_api/src/main/java/dev/aikido/agent_api/helpers/net/ProxyForwardedParser.java

@@ -6,20 +6,25 @@
 import java.util.List;
 
 import static dev.aikido.agent_api.context.ContextObject.getHeader;
+import static dev.aikido.agent_api.helpers.extraction.IPV6BracketsHelper.removeIfExistsIPv6Brackets;
 
 public class ProxyForwardedParser {
     public static String getIpFromRequest(String rawIp, HashMap<String, List<String>> headers) {
+        String ip = rawIp;
+
         String ipHeader = getHeader(headers, getIpHeaderName());
         if (ipHeader != null && !ipHeader.isEmpty() && trustProxy()) {
             // Parse ip header and return the correct IP :
             String ipHeaderValue = extractIpFromHeader(ipHeader);
             if (ipHeaderValue != null) {
-                return ipHeaderValue;
+                ip = ipHeaderValue;
             }
         }
 
-        // If no valid IP was found, or if X-Forwarded-For was not present, default to raw ip:
-        return rawIp;
+        // Aikido core cannot handle the [ ] in the request's IP, so we parse them away here :
+        ip = removeIfExistsIPv6Brackets(ip);
+
+        return ip;
     }
 
     /**

agent_api/src/test/java/helpers/ProxyForwardedParserTest.java

@@ -39,6 +39,27 @@ void testGetIpFromRequest_ValidXForwardedForWithIPv6() {
         assertEquals("2001:db8::1", result);
     }
 
+    @Test
+    void testGetIpFromRequest_ValidXForwardedForWithIPv6AndBrackets() {
+        headers.put("X-Forwarded-For", List.of("[2001:db8::1], 203.0.113.5"));
+        String result = getIpFromRequest("10.0.0.1", headers);
+        assertEquals("2001:db8::1", result);
+    }
+
+    @Test
+    void testGetIpFromRequest_ValidXForwardedForWithIPv6AndBracketsHalf() {
+        headers.put("X-Forwarded-For", List.of("[2001:db8::1, 203.0.113.5"));
+        String result = getIpFromRequest("10.0.0.1", headers);
+        assertEquals("203.0.113.5", result);
+    }
+
+    @Test
+    void testGetIpFromRequest_ValidXForwardedForWithIPv6AndBracketsHalf2() {
+        headers.put("X-Forwarded-For", List.of("2001:db8::1], 203.0.113.5"));
+        String result = getIpFromRequest("10.0.0.1", headers);
+        assertEquals("203.0.113.5", result);
+    }
+
     @Test
     void testGetIpFromRequest_InvalidXForwardedFor() {
         headers.put("X-Forwarded-For", List.of("invalid.ip.address, 203.0.113.5"));