public NativeMessageHandler(bool throwOnCaptiveNetwork, CustomSSLVerification customSSLVerification, NativeCookieHandler cookieHandler = null)
{
this.throwOnCaptiveNetwork = throwOnCaptiveNetwork;
var clientBuilder = client.NewBuilder();
var specsBuilder = new ConnectionSpec.Builder(ConnectionSpec.ModernTls).TlsVersions(TlsVersion.Tls12);
var specs = specsBuilder.Build();
clientBuilder.ConnectionSpecs(new List <ConnectionSpec>()
{
specs
});
clientBuilder.Protocols(new[] { Protocol.Http11 }); // Required to avoid stream was reset: PROTOCOL_ERROR
clientBuilder.HostnameVerifier(new HostnameVerifier(customSSLVerification.Pins));
this.CertificatePinnerBuilder = new CertificatePinner.Builder();
// Add Certificate Pins
foreach (var pin in customSSLVerification.Pins)
{
this.CertificatePinnerBuilder.Add(pin.Hostname, pin.PublicKeys);
}
clientBuilder.CertificatePinner(CertificatePinnerBuilder.Build());
// Set client credentials
SetClientCertificate(customSSLVerification.ClientCertificate);
// Set SslSocketFactory
if (Build.VERSION.SdkInt < BuildVersionCodes.Lollipop)
{
// Support TLS1.2 on Android versions before Lollipop
clientBuilder.SslSocketFactory(new TlsSslSocketFactory(KeyManagers, null), TlsSslSocketFactory.GetSystemDefaultTrustManager());
}
else
{
var sslContext = SSLContext.GetInstance("TLS");
sslContext.Init(KeyManagers, null, null);
clientBuilder.SslSocketFactory(sslContext.SocketFactory, TlsSslSocketFactory.GetSystemDefaultTrustManager());
}
if (cookieHandler != null)
{
clientBuilder.CookieJar(cookieHandler);
}
client = clientBuilder.Build();
}
public NativeMessageHandler(bool throwOnCaptiveNetwork, bool customSSLVerification, NativeCookieHandler cookieHandler = null)
{
this.throwOnCaptiveNetwork = throwOnCaptiveNetwork;
var clientBuilder = client.NewBuilder();
/*if (customSSLVerification)
* {
* clientBuilder.HostnameVerifier((hostname, session) => {
* return HostnameVerifier.verifyServerCertificate(hostname, session) & HostnameVerifier.verifyClientCiphers(hostname, session);
* });
* }*/
// verifyHostnameCallback parameter function on constructor (NativeMessageHandler - Android) when customSSLVerification is true #6
if (customSSLVerification)
{
clientBuilder.HostnameVerifier(verifyHostnameCallback == null ?
(hostname, session) =>
{
#pragma warning disable 0612
return(HostnameVerifier.verifyServerCertificate(hostname, session) & HostnameVerifier.verifyClientCiphers(hostname, session));
#pragma warning restore 0612
}
: verifyHostnameCallback);
}
if (cookieHandler != null)
{
clientBuilder.CookieJar(cookieHandler);
}
okHttpClientInitNativeMessageHandlerCallback?.Invoke(this, clientBuilder);
client = clientBuilder.Build();
noCacheCacheControl = (new CacheControl.Builder()).NoCache().Build();
// java.lang.NoSuchMethodError when proguard is turned on #12
//var call = Square.OkHttp3.RealCall.FromArray<int>(new[] { 0 });
}
public NativeMessageHandler()
{
var clientBuilder = _client.NewBuilder();
// tls
var tlsSpecBuilder = new ConnectionSpec.Builder(ConnectionSpec.ModernTls).TlsVersions(new[] { TlsVersion.Tls12, TlsVersion.Tls13 });
var tlsSpec = tlsSpecBuilder.Build();
var specs = new List <ConnectionSpec>()
{
tlsSpec, ConnectionSpec.Cleartext
};
clientBuilder.ConnectionSpecs(specs);
// 始终有Http11避免PROTOCOL_ERROR
clientBuilder.Protocols(new[] { Protocol.Http11, Protocol.Http2 });
// 信任所有服务器证书,支持自签名证书
var sslContext = SSLContext.GetInstance("TLS");
var trustManager = new CustomX509TrustManager();
sslContext.Init(null, new ITrustManager[] { trustManager }, new SecureRandom());
// Create an ssl socket factory with our all-trusting manager
var sslSocketFactory = sslContext.SocketFactory;
clientBuilder.SslSocketFactory(sslSocketFactory, trustManager);
// 读始终不超时,配合服务器推送
clientBuilder.ReadTimeout(0, TimeUnit.Milliseconds);
clientBuilder.WriteTimeout(0, TimeUnit.Milliseconds);
clientBuilder.CallTimeout(0, TimeUnit.Milliseconds);
// Hostname始终有效
clientBuilder.HostnameVerifier((name, ssl) => true);
_client = clientBuilder.Build();
}
public async Task <AppUpdateModel> GetServicesVersion()
{
var searchurl = GlobalSetting.Instance.GatewayLogisticEndpoint + "/api/App/get?id=Android_TmsLogisticerApp";
OkHttpClient client = new OkHttpClient();
OkHttpClient mOkHttpClient = client.NewBuilder()
.SslSocketFactory(HttpsTrustManager.createSSLSocketFactory(), new HttpsTrustManager())
.HostnameVerifier(new TrustAllHostnameVerifier())
.Build();
Request request = new Request.Builder().Url(searchurl).Get().Build();
ICall call = mOkHttpClient.NewCall(request);
var response = await call.ExecuteAsync();
var content = await response.Body().StringAsync();
var appupdatemodel = JsonConvert.DeserializeObject <AppUpdateModel>(content);
return(appupdatemodel);
}
public NativeMessageHandler(bool throwOnCaptiveNetwork, TLSConfig tLSConfig, NativeCookieHandler cookieHandler = null, IWebProxy proxy = null)
{
this.throwOnCaptiveNetwork = throwOnCaptiveNetwork;
var clientBuilder = client.NewBuilder();
this.TLSConfig = tLSConfig;
var tlsSpecBuilder = new ConnectionSpec.Builder(ConnectionSpec.ModernTls).TlsVersions(new[] { TlsVersion.Tls12, TlsVersion.Tls13 });
var tlsSpec = tlsSpecBuilder.Build();
var specs = new List <ConnectionSpec>()
{
tlsSpec
};
if (Build.VERSION.SdkInt < BuildVersionCodes.Lollipop || NetworkSecurityPolicy.Instance.IsCleartextTrafficPermitted)
{
specs.Add(ConnectionSpec.Cleartext);
}
clientBuilder.ConnectionSpecs(specs);
clientBuilder.Protocols(new[] { Protocol.Http11 }); // Required to avoid stream was reset: PROTOCOL_ERROR
// Add Certificate Pins
if (!TLSConfig.DangerousAcceptAnyServerCertificateValidator &&
TLSConfig.Pins != null &&
TLSConfig.Pins.Count > 0 &&
TLSConfig.Pins.FirstOrDefault(p => p.PublicKeys.Count() > 0) != null)
{
this.PinningMode = "PublicKeysOnly";
this.CertificatePinner = new CertificatePinner();
foreach (var pin in TLSConfig.Pins)
{
this.CertificatePinner.AddPins(pin.Hostname, pin.PublicKeys);
}
clientBuilder.CertificatePinner(CertificatePinner.Build());
}
// Set client credentials
SetClientCertificate(TLSConfig.ClientCertificate);
if (cookieHandler != null)
{
clientBuilder.CookieJar(cookieHandler);
}
// Adding proxy support
if (proxy != null && proxy is WebProxy)
{
var webProxy = proxy as WebProxy;
var type = Java.Net.Proxy.Type.Http;
var address = new InetSocketAddress(webProxy.Address.Host, webProxy.Address.Port);
var jProxy = new Proxy(type, address);
clientBuilder.Proxy(jProxy);
if (webProxy.Credentials != null)
{
var credentials = (NetworkCredential)webProxy.Credentials;
clientBuilder.ProxyAuthenticator(new ProxyAuthenticator(credentials.UserName, credentials.Password));
}
}
var sslContext = SSLContext.GetInstance("TLS");
// Support self-signed certificates
if (TLSConfig.DangerousAcceptAnyServerCertificateValidator)
{
// Install the all-trusting trust manager
var trustManager = new CustomX509TrustManager();
sslContext.Init(KeyManagers, new ITrustManager[] { trustManager }, new SecureRandom());
// Create an ssl socket factory with our all-trusting manager
var sslSocketFactory = sslContext.SocketFactory;
clientBuilder.SslSocketFactory(sslSocketFactory, trustManager);
}
else
{
// Set SslSocketFactory
if (Build.VERSION.SdkInt < BuildVersionCodes.Lollipop)
{
// Support TLS1.2 on Android versions before Lollipop
ProviderInstaller.InstallIfNeeded(Application.Context); // To enable TLS
clientBuilder.SslSocketFactory(new TlsSslSocketFactory(), TlsSslSocketFactory.GetSystemDefaultTrustManager());
}
else
{
sslContext.Init(KeyManagers, null, null);
clientBuilder.SslSocketFactory(sslContext.SocketFactory, TlsSslSocketFactory.GetSystemDefaultTrustManager());
}
}
clientBuilder.HostnameVerifier(new HostnameVerifier(this));
client = clientBuilder.Build();
}