From d167092c830a8c04aacafbabad0d6fc9b967fa75 Mon Sep 17 00:00:00 2001
From: davidoskky <davidoskky@yahoo.it>
Date: Thu, 13 Jul 2023 14:52:25 +0200
Subject: [PATCH] Add a login switch to disable SSL verification

---
 .../android/LoginActivity.kt                  |  2 +
 .../readerforselfossv2/rest/SelfossApi.kt     | 50 +++++++++++--------
 .../readerforselfossv2/rest/SelfossApi.kt     | 20 ++++++--
 .../service/AppSettingsService.kt             | 20 ++++++++
 4 files changed, 66 insertions(+), 26 deletions(-)

diff --git a/androidApp/src/main/java/bou/amine/apps/readerforselfossv2/android/LoginActivity.kt b/androidApp/src/main/java/bou/amine/apps/readerforselfossv2/android/LoginActivity.kt
index f54bce0..5ccfe43 100644
--- a/androidApp/src/main/java/bou/amine/apps/readerforselfossv2/android/LoginActivity.kt
+++ b/androidApp/src/main/java/bou/amine/apps/readerforselfossv2/android/LoginActivity.kt
@@ -139,6 +139,8 @@ class LoginActivity : AppCompatActivity(), DIAware {
 
         showProgress(true)
 
+        appSettingsService.updateSelfSigned(binding.selfSigned.isChecked)
+
         repository.refreshLoginInformation(url, login, password)
 
         CoroutineScope(Dispatchers.Main).launch {
diff --git a/shared/src/androidMain/kotlin/bou/amine/apps/readerforselfossv2/rest/SelfossApi.kt b/shared/src/androidMain/kotlin/bou/amine/apps/readerforselfossv2/rest/SelfossApi.kt
index 80c9b08..6baade8 100644
--- a/shared/src/androidMain/kotlin/bou/amine/apps/readerforselfossv2/rest/SelfossApi.kt
+++ b/shared/src/androidMain/kotlin/bou/amine/apps/readerforselfossv2/rest/SelfossApi.kt
@@ -2,15 +2,18 @@ package bou.amine.apps.readerforselfossv2.rest
 
 import bou.amine.apps.readerforselfossv2.service.AppSettingsService
 import io.github.aakira.napier.Napier
-import io.ktor.client.*
-import io.ktor.client.engine.okhttp.*
-import io.ktor.client.plugins.*
-import io.ktor.client.plugins.cache.*
-import io.ktor.client.plugins.contentnegotiation.*
-import io.ktor.client.plugins.cookies.*
-import io.ktor.client.plugins.logging.*
-import io.ktor.http.*
-import io.ktor.serialization.kotlinx.json.*
+import io.ktor.client.HttpClient
+import io.ktor.client.engine.okhttp.OkHttp
+import io.ktor.client.plugins.HttpRequestRetry
+import io.ktor.client.plugins.HttpTimeout
+import io.ktor.client.plugins.cache.HttpCache
+import io.ktor.client.plugins.contentnegotiation.ContentNegotiation
+import io.ktor.client.plugins.cookies.HttpCookies
+import io.ktor.client.plugins.logging.LogLevel
+import io.ktor.client.plugins.logging.Logger
+import io.ktor.client.plugins.logging.Logging
+import io.ktor.http.HttpStatusCode
+import io.ktor.serialization.kotlinx.json.json
 import kotlinx.coroutines.CoroutineScope
 import kotlinx.coroutines.Dispatchers
 import kotlinx.coroutines.launch
@@ -29,20 +32,25 @@ class NaiveTrustManager : X509TrustManager {
     override fun getAcceptedIssuers(): Array<out X509Certificate> = arrayOf()
 }
 
-actual fun createHttpClient(appSettingsService: AppSettingsService, api: SelfossApi) =
+actual fun createHttpClient(
+    appSettingsService: AppSettingsService,
+    api: SelfossApi
+) =
     HttpClient(OkHttp) {
-        engine {
-            val trustManager = NaiveTrustManager()
-            val sslContext = SSLContext.getInstance("TLS").apply {
-                init(null, arrayOf(trustManager), null)
+        if (appSettingsService.getSelfSigned()) {
+            engine {
+                val trustManager = NaiveTrustManager()
+                val sslContext = SSLContext.getInstance("TLS").apply {
+                    init(null, arrayOf(trustManager), null)
+                }
+                preconfigured = OkHttpClient().newBuilder()
+                    .sslSocketFactory(
+                        sslSocketFactory = sslContext.socketFactory,
+                        trustManager = trustManager
+                    )
+                    .hostnameVerifier(AllowAllHostnameVerifier())
+                    .build()
             }
-            preconfigured = OkHttpClient().newBuilder()
-                .sslSocketFactory(
-                    sslSocketFactory = sslContext.socketFactory,
-                    trustManager = trustManager
-                )
-                .hostnameVerifier(AllowAllHostnameVerifier())
-                .build()
         }
         install(ContentNegotiation) {
             install(HttpCache)
diff --git a/shared/src/commonMain/kotlin/bou/amine/apps/readerforselfossv2/rest/SelfossApi.kt b/shared/src/commonMain/kotlin/bou/amine/apps/readerforselfossv2/rest/SelfossApi.kt
index 924ef12..25677d5 100644
--- a/shared/src/commonMain/kotlin/bou/amine/apps/readerforselfossv2/rest/SelfossApi.kt
+++ b/shared/src/commonMain/kotlin/bou/amine/apps/readerforselfossv2/rest/SelfossApi.kt
@@ -4,12 +4,22 @@ import bou.amine.apps.readerforselfossv2.model.SelfossModel
 import bou.amine.apps.readerforselfossv2.model.StatusAndData
 import bou.amine.apps.readerforselfossv2.model.SuccessResponse
 import bou.amine.apps.readerforselfossv2.service.AppSettingsService
-import io.ktor.client.*
-import io.ktor.client.request.*
-import io.ktor.client.statement.*
-import io.ktor.http.*
+import io.ktor.client.HttpClient
+import io.ktor.client.plugins.auth.providers.BasicAuthCredentials
+import io.ktor.client.request.get
+import io.ktor.client.request.headers
+import io.ktor.client.request.parameter
+import io.ktor.client.statement.HttpResponse
+import io.ktor.http.HttpHeaders
+import io.ktor.http.Parameters
+import io.ktor.util.encodeBase64
+import io.ktor.utils.io.charsets.Charsets
+import io.ktor.utils.io.core.toByteArray
 
-expect fun createHttpClient(appSettingsService: AppSettingsService, api: SelfossApi): HttpClient
+expect fun createHttpClient(
+    appSettingsService: AppSettingsService,
+    api: SelfossApi
+): HttpClient
 
 class SelfossApi(private val appSettingsService: AppSettingsService) {
 
diff --git a/shared/src/commonMain/kotlin/bou/amine/apps/readerforselfossv2/service/AppSettingsService.kt b/shared/src/commonMain/kotlin/bou/amine/apps/readerforselfossv2/service/AppSettingsService.kt
index 22da4fa..4118781 100644
--- a/shared/src/commonMain/kotlin/bou/amine/apps/readerforselfossv2/service/AppSettingsService.kt
+++ b/shared/src/commonMain/kotlin/bou/amine/apps/readerforselfossv2/service/AppSettingsService.kt
@@ -8,6 +8,7 @@ class AppSettingsService(acraSenderServiceProcess: Boolean = false) {
     // Api related
     private var _apiVersion: Int = -1
     private var _publicAccess: Boolean? = null
+    private var _selfSigned: Boolean? = null
     private var _baseUrl: String = ""
     private var _userName: String = ""
     private var _basicUserName: String = ""
@@ -77,6 +78,22 @@ class AppSettingsService(acraSenderServiceProcess: Boolean = false) {
         _publicAccess = settings.getBoolean(API_PUBLIC_ACCESS, false)
     }
 
+    fun getSelfSigned(): Boolean {
+        if (_selfSigned == null) {
+            refreshSelfSigned()
+        }
+        return _selfSigned!!
+    }
+
+    fun updateSelfSigned(selfSigned: Boolean) {
+        settings.putBoolean(API_SELF_SIGNED, selfSigned)
+        refreshSelfSigned()
+    }
+
+    private fun refreshSelfSigned() {
+        _selfSigned = settings.getBoolean(API_SELF_SIGNED, false)
+    }
+
     fun getBaseUrl(): String {
         if (_baseUrl.isEmpty()) {
             refreshBaseUrl()
@@ -383,6 +400,7 @@ class AppSettingsService(acraSenderServiceProcess: Boolean = false) {
         refreshBaseUrl()
         refreshApiVersion()
         refreshPublicAccess()
+        refreshSelfSigned()
     }
 
     fun refreshUserSettings() {
@@ -468,6 +486,8 @@ class AppSettingsService(acraSenderServiceProcess: Boolean = false) {
 
         const val API_PUBLIC_ACCESS = "apiPublicAccess"
 
+        const val API_SELF_SIGNED = "apiSelfSigned"
+
         const val API_ITEMS_NUMBER = "prefer_api_items_number"
 
         const val API_TIMEOUT = "api_timeout"