コード例 #1
0
        public NativeMessageHandler(bool throwOnCaptiveNetwork, bool customSSLVerification, NativeCookieHandler cookieHandler = null)
        {
            this.throwOnCaptiveNetwork = throwOnCaptiveNetwork;

            if (customSSLVerification) client.SetHostnameVerifier(new HostnameVerifier());
            noCacheCacheControl = (new CacheControl.Builder()).NoCache().Build();
        }
コード例 #2
0
 public NativeMessageHandler(bool throwOnCaptiveNetwork, bool customSSLVerification, NativeCookieHandler cookieHandler = null)
 {
     UseCookies = cookieHandler != null;
     if (cookieHandler != null) {
         CookieContainer = cookieHandler.CookieContainer;
     }
 }
コード例 #3
0
        public NativeMessageHandler(bool throwOnCaptiveNetwork, bool customSSLVerification, NativeCookieHandler cookieHandler = null)
        {
            this.throwOnCaptiveNetwork = throwOnCaptiveNetwork;

            if (customSSLVerification) client.SetHostnameVerifier(new HostnameVerifier());
            noCacheCacheControl = (new CacheControl.Builder()).NoCache().Build();
            var factory = new ImprovedSSLSocketFactory();
            client.SetSslSocketFactory(factory);
        }
コード例 #4
0
        public NativeMessageHandler(bool throwOnCaptiveNetwork, bool customSSLVerification,
                                    bool allowUntrustedCertificate, NativeCookieHandler cookieHandler = null)
        {
            this.throwOnCaptiveNetwork = throwOnCaptiveNetwork;
            this.customSSLVerification = customSSLVerification;

            AllowUntrustedCertificates = allowUntrustedCertificate;
            noCacheCacheControl        = (new CacheControl.Builder()).NoCache().Build();
        }
コード例 #5
0
        public NativeMessageHandler(bool throwOnCaptiveNetwork, bool customSSLVerification, NativeCookieHandler cookieHandler = null)
        {
            session = NSUrlSession.FromConfiguration(
                NSUrlSessionConfiguration.DefaultSessionConfiguration, 
                new DataTaskDelegate(this), null);

            this.throwOnCaptiveNetwork = throwOnCaptiveNetwork;
            this.customSSLVerification = customSSLVerification;

            this.DisableCaching = false;
        }
コード例 #6
0
        public NativeMessageHandler (bool throwOnCaptiveNetwork, bool customSSLVerification, NativeCookieHandler cookieHandler = null)
        {
            this.throwOnCaptiveNetwork = throwOnCaptiveNetwork;

            if (customSSLVerification) client.SetHostnameVerifier (new HostnameVerifier ());
            noCacheCacheControl = (new CacheControl.Builder ()).NoCache ().Build ();

            // If less than Android Lollipop
            if (((int)Build.VERSION.SdkInt) < 21) {
                client.SetSslSocketFactory (new ImprovedSSLSocketFactory ());
            }
        }
コード例 #7
0
        public NativeMessageHandler(bool throwOnCaptiveNetwork, bool customSSLVerification, NativeCookieHandler cookieHandler = null, SslProtocol? minimumSSLProtocol = null)
        {
            var configuration = NSUrlSessionConfiguration.DefaultSessionConfiguration;

            // System.Net.ServicePointManager.SecurityProtocol provides a mechanism for specifying supported protocol types
            // for System.Net. Since iOS only provides an API for a minimum and maximum protocol we are not able to port
            // this configuration directly and instead use the specified minimum value when one is specified.
            if (minimumSSLProtocol.HasValue) {
                configuration.TLSMinimumSupportedProtocol = minimumSSLProtocol.Value;
            }

            session = NSUrlSession.FromConfiguration(
                NSUrlSessionConfiguration.DefaultSessionConfiguration, 
                new DataTaskDelegate(this), null);

            this.throwOnCaptiveNetwork = throwOnCaptiveNetwork;
            this.customSSLVerification = customSSLVerification;

            this.DisableCaching = false;
        }
コード例 #8
0
        public NativeMessageHandler(bool throwOnCaptiveNetwork, bool customSSLVerification, NativeCookieHandler cookieHandler = null)
        {
            this.throwOnCaptiveNetwork = throwOnCaptiveNetwork;

            if (customSSLVerification)
            {
                client.SetHostnameVerifier(new HostnameVerifier());
            }
            noCacheCacheControl = (new CacheControl.Builder()).NoCache().Build();
            client.SetFollowSslRedirects(false);
            client.FollowRedirects = false;
        }
コード例 #9
0
        public NativeMessageHandler(bool throwOnCaptiveNetwork, bool customSSLVerification, NativeCookieHandler cookieHandler = null)
        {
            this.throwOnCaptiveNetwork = throwOnCaptiveNetwork;

            if (customSSLVerification)
            {
                client.SetHostnameVerifier(new HostnameVerifier());
            }
            noCacheCacheControl = (new CacheControl.Builder()).NoCache().Build();

            // If less than Android Lollipop
            if (((int)Build.VERSION.SdkInt) < 21)
            {
                client.SetSslSocketFactory(new ImprovedSSLSocketFactory());
            }
        }
コード例 #10
0
        public NativeMessageHandler(bool throwOnCaptiveNetwork, bool customSSLVerification, NativeCookieHandler cookieHandler = null)
        {
            session = NSUrlSession.FromConfiguration(
                NSUrlSessionConfiguration.DefaultSessionConfiguration,
                new DataTaskDelegate(this), null);

            this.throwOnCaptiveNetwork = throwOnCaptiveNetwork;
            this.customSSLVerification = customSSLVerification;

            this.DisableCaching = false;
        }
コード例 #11
0
        public NativeMessageHandler(bool throwOnCaptiveNetwork, CustomSSLVerification customSSLVerification, NativeCookieHandler cookieHandler = null)
        {
            this.throwOnCaptiveNetwork = throwOnCaptiveNetwork;

            var configuration = NSUrlSessionConfiguration.DefaultSessionConfiguration;

            // System.Net.ServicePointManager.SecurityProtocol provides a mechanism for specifying supported protocol types
            // for System.Net. Since iOS only provides an API for a minimum and maximum protocol we are not able to port
            // this configuration directly and instead use the specified minimum value when one is specified.
            configuration.TLSMinimumSupportedProtocol = SslProtocol.Tls_1_2;

            this.CertificatePinner = new CertificatePinner();

            foreach (var pin in customSSLVerification.Pins)
            {
                this.CertificatePinner.AddPins(pin.Hostname, pin.PublicKeys);
            }

            SetClientCertificate(customSSLVerification.ClientCertificate);

            var urlSessionDelegate = new DataTaskDelegate(this);

            session = NSUrlSession.FromConfiguration(configuration, (INSUrlSessionDelegate)urlSessionDelegate, null);

            // NSUrlSessionConfiguration.DefaultSessionConfiguration uses the default NSHttpCookieStorage.SharedStorage
        }
コード例 #12
0
 /// <summary>
 /// Initializes a new instance of the <see
 /// cref="ModernHttpClient.NativeMessageHandler"/> class.
 /// </summary>
 /// <param name="throwOnCaptiveNetwork">If set to <c>true</c> throw on
 /// captive network (ie: a captive network is usually a wifi network
 /// where an authentication html form is shown instead of the real
 /// content).</param>
 /// <param name="customSSLVerification">Enable custom SSL certificate
 /// verification via ServicePointManager. Disabled by default for
 /// performance reasons (i.e. the OS default certificate verification
 /// will take place)</param>
 /// <param name="cookieHandler">Enable native cookie handling.
 /// </param>
 public NativeMessageHandler(bool throwOnCaptiveNetwork, CustomSSLVerification customSSLVerification, NativeCookieHandler cookieHandler = null) : base()
 {
 }
コード例 #13
0
        public NativeMessageHandler(bool throwOnCaptiveNetwork, bool customSSLVerification, NativeCookieHandler cookieHandler = null, List <IInterceptor> networkInterceptors = null, List <IInterceptor> interceptors = null)
        {
            this.throwOnCaptiveNetwork = throwOnCaptiveNetwork;

            var clientBuilder = Client.NewBuilder();

            /*if (customSSLVerification)
             * {
             *  clientBuilder.HostnameVerifier((hostname, session) => {
             *      return HostnameVerifier.verifyServerCertificate(hostname, session) & HostnameVerifier.verifyClientCiphers(hostname, session);
             *  });
             * }*/

            // verifyHostnameCallback parameter function on constructor (NativeMessageHandler - Android) when customSSLVerification is true #6
            if (customSSLVerification)
            {
                clientBuilder.HostnameVerifier(verifyHostnameCallback == null ?
                                               (hostname, session) =>
                {
#pragma warning disable 0612
                    return(HostnameVerifier.verifyServerCertificate(hostname, session) & HostnameVerifier.verifyClientCiphers(hostname, session));

#pragma warning restore 0612
                }
                : verifyHostnameCallback);
            }

            if (cookieHandler != null)
            {
                clientBuilder.CookieJar(cookieHandler);
            }

            if (interceptors != null && interceptors.Count > 0)
            {
                foreach (var interceptor in interceptors)
                {
                    clientBuilder.AddInterceptor(interceptor);
                }
            }

            if (networkInterceptors != null && networkInterceptors.Count > 0)
            {
                foreach (var interceptor in networkInterceptors)
                {
                    clientBuilder.AddNetworkInterceptor(interceptor);
                }
            }

            Client = clientBuilder.Build();

            noCacheCacheControl = (new CacheControl.Builder()).NoCache().Build();

            // java.lang.NoSuchMethodError when proguard is turned on #12
            //var call = Square.OkHttp3.RealCall.FromArray<int>(new[] { 0 });
        }
コード例 #14
0
        public NativeMessageHandler(bool throwOnCaptiveNetwork, bool customSSLVerification, NativeCookieHandler cookieHandler = null)
        {
            this.throwOnCaptiveNetwork = throwOnCaptiveNetwork;
            this.CustomSSLVerification = customSSLVerification;

            RefreshClient();

            noCacheCacheControl = (new CacheControl.Builder()).NoCache().Build();
        }
コード例 #15
0
        public NativeMessageHandler(bool throwOnCaptiveNetwork, bool customSSLVerification, NativeCookieHandler cookieHandler = null)
        {
            this.throwOnCaptiveNetwork = throwOnCaptiveNetwork;
            this.customSSLVerification = customSSLVerification;

            if (cookieHandler != null)
            {
                this.CookieContainer = cookieHandler;
            }
        }
コード例 #16
0
 public NativeMessageHandler(bool throwOnCaptiveNetwork, bool customSSLVerification, NativeCookieHandler cookieHandler = null)
 {
     UseCookies = cookieHandler != null;
     if (cookieHandler != null)
     {
         CookieContainer = cookieHandler.CookieContainer;
     }
 }
コード例 #17
0
        public NativeMessageHandler(bool throwOnCaptiveNetwork, CustomSSLVerification customSSLVerification, NativeCookieHandler cookieHandler = null)
        {
            this.throwOnCaptiveNetwork = throwOnCaptiveNetwork;

            // Enforce TLS1.2
            SslProtocols = SslProtocols.Tls12;

            this.ServerCertificateCustomValidationCallback = (sender, cert, chain, errors) =>
            {
                var hostname = sender.RequestUri.Host;

                if (!this.CertificatePinner.HasPins(hostname) || !this.CertificatePinner.Check(hostname, cert.RawData))
                {
                    errors = SslPolicyErrors.RemoteCertificateNameMismatch;
                }

                return(errors == SslPolicyErrors.None);
            };

            this.CertificatePinner = new CertificatePinner();

            // Add Certificate Pins
            foreach (var pin in customSSLVerification.Pins)
            {
                this.CertificatePinner.AddPins(pin.Hostname, pin.PublicKeys);
            }

            // Set client credentials
            SetClientCertificate(customSSLVerification.ClientCertificate);

            if (cookieHandler != null)
            {
                this.CookieContainer = cookieHandler;
            }
        }
コード例 #18
0
 /// <summary>
 /// Initializes a new instance of the <see
 /// cref="ModernHttpClient.NativeMessageHandler"/> class.
 /// </summary>
 /// <param name="throwOnCaptiveNetwork">If set to <c>true</c> throw on
 /// captive network (ie: a captive network is usually a wifi network
 /// where an authentication html form is shown instead of the real
 /// content).</param>
 /// <param name="sSLConfig">To enable TLS Mutual Authentication</param>
 /// <param name="cookieHandler">Enable native cookie handling.
 /// </param>
 public NativeMessageHandler(bool throwOnCaptiveNetwork, TLSConfig tLSConfig, NativeCookieHandler cookieHandler = null, IWebProxy proxy = null) : base()
 {
 }
コード例 #19
0
        public NativeMessageHandler(bool throwOnCaptiveNetwork, bool customSSLVerification, NativeCookieHandler cookieHandler = null)
        {
            var configuration = NSUrlSessionConfiguration.DefaultSessionConfiguration;

            // System.Net.ServicePointManager.SecurityProtocol provides a mechanism for specifying supported protocol types
            // for System.Net. Since iOS only provides an API for a minimum and maximum protocol we are not able to port
            // this configuration directly and instead use the specified minimum value when one is specified.
            if (minimumSSLProtocol.HasValue)
            {
                configuration.TLSMinimumSupportedProtocol = minimumSSLProtocol.Value;
            }

            var urlSessionDelegate = new DataTaskDelegate(this);

            session = NSUrlSession.FromConfiguration(NSUrlSessionConfiguration.DefaultSessionConfiguration, (INSUrlSessionDelegate)urlSessionDelegate, null);

            this.throwOnCaptiveNetwork = throwOnCaptiveNetwork;
            this.customSSLVerification = customSSLVerification;

            // NSUrlSessionConfiguration.DefaultSessionConfiguration uses the default NSHttpCookieStorage.SharedStorage

            this.DisableCaching = false;
        }
コード例 #20
0
        public NativeMessageHandler(bool throwOnCaptiveNetwork, bool customSSLVerification, NativeCookieHandler cookieHandler = null)
        {
            this.throwOnCaptiveNetwork = throwOnCaptiveNetwork;

            if (customSSLVerification)
            {
                client.SetHostnameVerifier(new HostnameVerifier());
            }
        }
コード例 #21
0
        public NativeMessageHandler(bool throwOnCaptiveNetwork, TLSConfig tLSConfig, NativeCookieHandler cookieHandler = null, IWebProxy proxy = null)
        {
            this.throwOnCaptiveNetwork = throwOnCaptiveNetwork;

            var clientBuilder = client.NewBuilder();

            this.TLSConfig = tLSConfig;

            var tlsSpecBuilder = new ConnectionSpec.Builder(ConnectionSpec.ModernTls).TlsVersions(new[] { TlsVersion.Tls12, TlsVersion.Tls13 });
            var tlsSpec        = tlsSpecBuilder.Build();

            var specs = new List <ConnectionSpec>()
            {
                tlsSpec
            };

            if (Build.VERSION.SdkInt < BuildVersionCodes.Lollipop || NetworkSecurityPolicy.Instance.IsCleartextTrafficPermitted)
            {
                specs.Add(ConnectionSpec.Cleartext);
            }

            clientBuilder.ConnectionSpecs(specs);
            clientBuilder.Protocols(new[] { Protocol.Http11 }); // Required to avoid stream was reset: PROTOCOL_ERROR

            // Add Certificate Pins
            if (!TLSConfig.DangerousAcceptAnyServerCertificateValidator &&
                TLSConfig.Pins != null &&
                TLSConfig.Pins.Count > 0 &&
                TLSConfig.Pins.FirstOrDefault(p => p.PublicKeys.Count() > 0) != null)
            {
                this.PinningMode = "PublicKeysOnly";

                this.CertificatePinner = new CertificatePinner();

                foreach (var pin in TLSConfig.Pins)
                {
                    this.CertificatePinner.AddPins(pin.Hostname, pin.PublicKeys);
                }

                clientBuilder.CertificatePinner(CertificatePinner.Build());
            }

            // Set client credentials
            SetClientCertificate(TLSConfig.ClientCertificate);

            if (cookieHandler != null)
            {
                clientBuilder.CookieJar(cookieHandler);
            }

            // Adding proxy support
            if (proxy != null && proxy is WebProxy)
            {
                var webProxy = proxy as WebProxy;

                var type    = Java.Net.Proxy.Type.Http;
                var address = new InetSocketAddress(webProxy.Address.Host, webProxy.Address.Port);
                var jProxy  = new Proxy(type, address);
                clientBuilder.Proxy(jProxy);

                if (webProxy.Credentials != null)
                {
                    var credentials = (NetworkCredential)webProxy.Credentials;
                    clientBuilder.ProxyAuthenticator(new ProxyAuthenticator(credentials.UserName, credentials.Password));
                }
            }

            var sslContext = SSLContext.GetInstance("TLS");

            // Support self-signed certificates
            if (TLSConfig.DangerousAcceptAnyServerCertificateValidator)
            {
                // Install the all-trusting trust manager
                var trustManager = new CustomX509TrustManager();
                sslContext.Init(KeyManagers, new ITrustManager[] { trustManager }, new SecureRandom());
                // Create an ssl socket factory with our all-trusting manager
                var sslSocketFactory = sslContext.SocketFactory;
                clientBuilder.SslSocketFactory(sslSocketFactory, trustManager);
            }
            else
            {
                // Set SslSocketFactory
                if (Build.VERSION.SdkInt < BuildVersionCodes.Lollipop)
                {
                    // Support TLS1.2 on Android versions before Lollipop
                    ProviderInstaller.InstallIfNeeded(Application.Context); // To enable TLS
                    clientBuilder.SslSocketFactory(new TlsSslSocketFactory(), TlsSslSocketFactory.GetSystemDefaultTrustManager());
                }
                else
                {
                    sslContext.Init(KeyManagers, null, null);
                    clientBuilder.SslSocketFactory(sslContext.SocketFactory, TlsSslSocketFactory.GetSystemDefaultTrustManager());
                }
            }

            clientBuilder.HostnameVerifier(new HostnameVerifier(this));
            client = clientBuilder.Build();
        }
コード例 #22
0
 public NativeMessageHandler(bool throwOnCaptiveNetwork, bool customSSLVerification, NativeCookieHandler cookieHandler = null)
     : this(throwOnCaptiveNetwork, customSSLVerification, cookieHandler, null)
 {
 }
コード例 #23
0
        public NativeMessageHandler(bool throwOnCaptiveNetwork, TLSConfig tLSConfig, NativeCookieHandler cookieHandler = null, IWebProxy proxy = null)
        {
            this.throwOnCaptiveNetwork = throwOnCaptiveNetwork;

            this.TLSConfig = tLSConfig;

            // Enforce TLS1.2
            SslProtocols = SslProtocols.Tls12;

            // Add Certificate Pins
            if (!TLSConfig.DangerousAcceptAnyServerCertificateValidator &&
                TLSConfig.Pins != null &&
                TLSConfig.Pins.Count > 0 &&
                TLSConfig.Pins.FirstOrDefault(p => p.PublicKeys.Count() > 0) != null)
            {
                this.PinningMode = "PublicKeysOnly";

                this.CertificatePinner = new CertificatePinner();

                foreach (var pin in TLSConfig.Pins)
                {
                    this.CertificatePinner.AddPins(pin.Hostname, pin.PublicKeys);
                }
            }

            // Set client credentials
            SetClientCertificate(TLSConfig.ClientCertificate);

            if (cookieHandler != null)
            {
                this.CookieContainer = cookieHandler;
            }

            // Adding proxy support
            if (proxy != null)
            {
                Proxy    = proxy;
                UseProxy = true;
            }

            this.ServerCertificateCustomValidationCallback = (request, root, chain, e) =>
            {
                var errors = SslPolicyErrors.None;

                if (TLSConfig.DangerousAcceptAnyServerCertificateValidator)
                {
                    goto sslErrorVerify;
                }

                var hostname = request.RequestUri.Host;

                var netCerts = new List <X509Certificate2>();

                foreach (var element in chain.ChainElements)
                {
                    netCerts.Add(element.Certificate);
                }

                switch (this.PinningMode)
                {
                case "CertificateOnly":

                    // Build certificate chain and check for errors
                    if (chain == null || chain.ChainElements.Count == 0)
                    {                            //no cert at all
                        errors = SslPolicyErrors.RemoteCertificateNotAvailable;
                        goto sslErrorVerify;
                    }

                    if (chain.ChainElements.Count == 1)
                    {                            //no root?
                        errors = SslPolicyErrors.RemoteCertificateChainErrors;
                        goto sslErrorVerify;
                    }

                    if (!chain.Build(root))
                    {
                        errors = SslPolicyErrors.RemoteCertificateChainErrors;
                        goto sslErrorVerify;
                    }

                    var subject   = root.Subject;
                    var subjectCn = cnRegex.Match(subject).Groups[1].Value;

                    if (string.IsNullOrWhiteSpace(subjectCn) || !Utility.MatchHostnameToPattern(hostname, subjectCn))
                    {
                        var subjectAn = root.ParseSubjectAlternativeName();

                        if (subjectAn.FirstOrDefault(s => Utility.MatchHostnameToPattern(hostname, s)) == null)
                        {
                            errors = SslPolicyErrors.RemoteCertificateNameMismatch;
                            goto sslErrorVerify;
                        }
                    }
                    break;

                case "PublicKeysOnly":

                    if (this.CertificatePinner != null)
                    {
                        if (!this.CertificatePinner.HasPins(hostname))
                        {
                            errors = SslPolicyErrors.RemoteCertificateNameMismatch;
                            goto sslErrorVerify;
                        }

                        if (!this.CertificatePinner.Check(hostname, netCerts))
                        {
                            errors = SslPolicyErrors.RemoteCertificateNameMismatch;
                        }
                    }
                    break;
                }

sslErrorVerify:
                return(errors == SslPolicyErrors.None);
            };
        }
コード例 #24
0
        public NativeMessageHandler(bool throwOnCaptiveNetwork, TLSConfig tLSConfig, NativeCookieHandler cookieHandler = null, IWebProxy proxy = null)
        {
            this.throwOnCaptiveNetwork = throwOnCaptiveNetwork;

            var configuration = NSUrlSessionConfiguration.DefaultSessionConfiguration;

            this.TLSConfig = tLSConfig;

            // System.Net.ServicePointManager.SecurityProtocol provides a mechanism for specifying supported protocol types
            // for System.Net. Since iOS only provides an API for a minimum and maximum protocol we are not able to port
            // this configuration directly and instead use the specified minimum value when one is specified.
            configuration.TLSMinimumSupportedProtocol = SslProtocol.Tls_1_2;

            if (!TLSConfig.DangerousAcceptAnyServerCertificateValidator &&
                TLSConfig.Pins != null &&
                TLSConfig.Pins.Count > 0 &&
                TLSConfig.Pins.FirstOrDefault(p => p.PublicKeys.Count() > 0) != null)
            {
                this.PinningMode = "PublicKeysOnly";

                this.CertificatePinner = new CertificatePinner();

                foreach (var pin in TLSConfig.Pins)
                {
                    this.CertificatePinner.AddPins(pin.Hostname, pin.PublicKeys);
                }
            }

            SetClientCertificate(TLSConfig.ClientCertificate);

            // NSUrlSessionConfiguration.DefaultSessionConfiguration uses the default NSHttpCookieStorage.SharedStorage

            // PR: Proxy has been supported on iOS #19
            if (proxy != null && proxy is WebProxy)
            {
                var webProxy = proxy as WebProxy;

                NSObject[] values =
                {
                    NSObject.FromObject(webProxy.Address.Host),
                    NSNumber.FromInt32(webProxy.Address.Port),
                    NSNumber.FromInt32(1)
                };

                NSObject[] keys =
                {
                    NSObject.FromObject("HTTPSProxy"),
                    NSObject.FromObject("HTTPSPort"),
                    NSObject.FromObject("HTTPSEnable")
                };

                var proxyDict = NSDictionary.FromObjectsAndKeys(values, keys);
                configuration.ConnectionProxyDictionary = proxyDict;

                if (webProxy.Credentials != null)
                {
                    var credentials = (NetworkCredential)webProxy.Credentials;

                    var authData        = string.Format("{0}:{1}", credentials.UserName, credentials.Password);
                    var authHeaderValue = Convert.ToBase64String(Encoding.UTF8.GetBytes(authData));

                    NSObject[] hValues =
                    {
                        NSObject.FromObject(authHeaderValue)
                    };

                    NSObject[] hKeys =
                    {
                        NSObject.FromObject("Proxy-Authorization")
                    };

                    var headers = NSDictionary.FromObjectsAndKeys(hValues, hKeys);

                    configuration.HttpAdditionalHeaders = headers;
                }
            }

            var urlSessionDelegate = new DataTaskDelegate(this);

            session = NSUrlSession.FromConfiguration(configuration, (INSUrlSessionDelegate)urlSessionDelegate, null);
        }
コード例 #25
0
 /// <summary>
 /// Initializes a new instance of the <see
 /// cref="ModernHttpClient.Portable.NativeMessageHandler"/> class.
 /// </summary>
 /// <param name="throwOnCaptiveNetwork">If set to <c>true</c> throw on
 /// captive network (ie: a captive network is usually a wifi network
 /// where an authentication html form is shown instead of the real
 /// content).</param>
 /// <param name="customSSLVerification">Enable custom SSL certificate 
 /// verification via ServicePointManager. Disabled by default for 
 /// performance reasons (i.e. the OS default certificate verification 
 /// will take place)</param>
 /// <param name="cookieHandler">Enable native cookie handling.
 /// </param>
 public NativeMessageHandler(bool throwOnCaptiveNetwork, bool customSSLVerification, NativeCookieHandler cookieHandler = null)
     : base()
 {
 }
コード例 #26
0
        public NativeMessageHandler(bool throwOnCaptiveNetwork, CustomSSLVerification customSSLVerification, NativeCookieHandler cookieHandler = null)
        {
            this.throwOnCaptiveNetwork = throwOnCaptiveNetwork;

            var clientBuilder = client.NewBuilder();

            var specsBuilder = new ConnectionSpec.Builder(ConnectionSpec.ModernTls).TlsVersions(TlsVersion.Tls12);
            var specs        = specsBuilder.Build();

            clientBuilder.ConnectionSpecs(new List <ConnectionSpec>()
            {
                specs
            });
            clientBuilder.Protocols(new[] { Protocol.Http11 }); // Required to avoid stream was reset: PROTOCOL_ERROR

            clientBuilder.HostnameVerifier(new HostnameVerifier(customSSLVerification.Pins));

            this.CertificatePinnerBuilder = new CertificatePinner.Builder();

            // Add Certificate Pins
            foreach (var pin in customSSLVerification.Pins)
            {
                this.CertificatePinnerBuilder.Add(pin.Hostname, pin.PublicKeys);
            }

            clientBuilder.CertificatePinner(CertificatePinnerBuilder.Build());

            // Set client credentials
            SetClientCertificate(customSSLVerification.ClientCertificate);

            // Set SslSocketFactory
            if (Build.VERSION.SdkInt < BuildVersionCodes.Lollipop)
            {
                // Support TLS1.2 on Android versions before Lollipop
                clientBuilder.SslSocketFactory(new TlsSslSocketFactory(KeyManagers, null), TlsSslSocketFactory.GetSystemDefaultTrustManager());
            }
            else
            {
                var sslContext = SSLContext.GetInstance("TLS");
                sslContext.Init(KeyManagers, null, null);
                clientBuilder.SslSocketFactory(sslContext.SocketFactory, TlsSslSocketFactory.GetSystemDefaultTrustManager());
            }

            if (cookieHandler != null)
            {
                clientBuilder.CookieJar(cookieHandler);
            }

            client = clientBuilder.Build();
        }