mirrors/public-transport-enabler
1
0
Fork 0
mirror of https://gitlab.com/oeffi/public-transport-enabler.git synced 2025-07-18 16:29:51 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions

HttpClient: Allow certificate pinning.

Browse source
This commit is contained in:
Andreas Schildbach 2016-11-23 20:11:41 +01:00
parent 07af91b997
commit d9fe9374df
1 changed files with 16 additions and 3 deletions
Download patch file Download diff file Expand all files Collapse all files

19
enabler/src/de/schildbach/pte/util/HttpClient.java
View file

@ -46,6 +46,7 @@ import de.schildbach.pte.exception.SessionExpiredException;
import de.schildbach.pte.exception.UnexpectedRedirectException; import de.schildbach.pte.exception.UnexpectedRedirectException;
import okhttp3.Call; import okhttp3.Call;
import okhttp3.CertificatePinner;
import okhttp3.Cookie; import okhttp3.Cookie;
import okhttp3.Headers; import okhttp3.Headers;
import okhttp3.HttpUrl; import okhttp3.HttpUrl;
@ -68,6 +69,8 @@ public final class HttpClient {
private String sessionCookieName = null; private String sessionCookieName = null;
@Nullable @Nullable
private Cookie sessionCookie = null; private Cookie sessionCookie = null;
@Nullable
private CertificatePinner certificatePinner = null;
private boolean sslAcceptAllHostnames = false; private boolean sslAcceptAllHostnames = false;
private static final OkHttpClient OKHTTP_CLIENT; private static final OkHttpClient OKHTTP_CLIENT;
@ -108,6 +111,10 @@ public final class HttpClient {
this.sessionCookieName = sessionCookieName; this.sessionCookieName = sessionCookieName;
} }
public void setCertificatePin(final String host, final String... hashes) {
this.certificatePinner = new CertificatePinner.Builder().add(host, hashes).build();
}
public void setSslAcceptAllHostnames(final boolean sslAcceptAllHostnames) { public void setSslAcceptAllHostnames(final boolean sslAcceptAllHostnames) {
this.sslAcceptAllHostnames = sslAcceptAllHostnames; this.sslAcceptAllHostnames = sslAcceptAllHostnames;
} }
@ -175,10 +182,16 @@ public final class HttpClient {
request.header("Cookie", sessionCookie.toString()); request.header("Cookie", sessionCookie.toString());
final OkHttpClient okHttpClient; final OkHttpClient okHttpClient;
if (sslAcceptAllHostnames) if (certificatePinner != null || sslAcceptAllHostnames) {
okHttpClient = OKHTTP_CLIENT.newBuilder().hostnameVerifier(SSL_ACCEPT_ALL_HOSTNAMES).build(); final OkHttpClient.Builder builder = OKHTTP_CLIENT.newBuilder();
else if (certificatePinner != null)
builder.certificatePinner(certificatePinner);
if (sslAcceptAllHostnames)
builder.hostnameVerifier(SSL_ACCEPT_ALL_HOSTNAMES);
okHttpClient = builder.build();
} else {
okHttpClient = OKHTTP_CLIENT; okHttpClient = OKHTTP_CLIENT;
}
final Call call = okHttpClient.newCall(request.build()); final Call call = okHttpClient.newCall(request.build());
Response response = null; Response response = null;