fix: Proper extraction of client IP addresses from the request

[dadrus]

Related issue(s)

closes #3133

Checklist

• I agree to follow this project's Code of Conduct.
• I have read, and I am following this repository's Contributing Guidelines.
• I have read the Security Policy.
• I have referenced an issue describing the bug/feature request.
• I have added tests that prove the correctness of my implementation.

Description

This PR fixes a regression introduced with #3014 and present since heimdall v0.17.9.

The actual issue (as described in #3133) is not related to the cel authorizer itself, but to how client IP addresses are extracted from incoming requests. When the Forwarded header is not present, heimdall falls back to the X-Forwarded-For header. Due to an incorrect condition, this fallback was no longer triggered, resulting in missing client IPs. This in turn caused CEL expressions like Request.ClientIPAddresses[0] in networks(...) to fail.

[codecov]

Codecov Report

✅ All modified and coverable lines are covered by tests.
✅ Project coverage is 91.31%. Comparing base (4f5980e) to head (ca7dd45).
⚠️ Report is 1 commits behind head on release.
✅ All tests successful. No failed tests found.

Additional details and impacted files

@@             Coverage Diff             @@
##           release    #3134      +/-   ##
===========================================
+ Coverage    91.28%   91.31%   +0.02%     
===========================================
  Files          281      281              
  Lines        10799    10799              
===========================================
+ Hits          9858     9861       +3     
+ Misses         680      679       -1     
+ Partials       261      259       -2     

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.