Tentative self signed ssl support

2023-04-15 18:49:46 +02:00
parent 172362b533
commit ed06b22a77
3 changed files with 96 additions and 70 deletions
--- a/shared/src/androidMain/kotlin/bou/amine/apps/readerforselfossv2/rest/SelfossApi.kt
+++ b/shared/src/androidMain/kotlin/bou/amine/apps/readerforselfossv2/rest/SelfossApi.kt
@ -0,0 +1,82 @@
+package bou.amine.apps.readerforselfossv2.rest
+
+import bou.amine.apps.readerforselfossv2.service.AppSettingsService
+import io.github.aakira.napier.Napier
+import io.ktor.client.*
+import io.ktor.client.engine.okhttp.*
+import io.ktor.client.plugins.*
+import io.ktor.client.plugins.cache.*
+import io.ktor.client.plugins.contentnegotiation.*
+import io.ktor.client.plugins.cookies.*
+import io.ktor.client.plugins.logging.*
+import io.ktor.http.*
+import io.ktor.serialization.kotlinx.json.*
+import kotlinx.coroutines.CoroutineScope
+import kotlinx.coroutines.Dispatchers
+import kotlinx.coroutines.launch
+import kotlinx.serialization.json.Json
+import okhttp3.OkHttpClient
+import org.apache.http.conn.ssl.AllowAllHostnameVerifier
+import java.security.cert.X509Certificate
+import javax.net.ssl.SSLContext
+import javax.net.ssl.X509TrustManager
+
+class NaiveTrustManager : X509TrustManager {
+    override fun checkClientTrusted(chain: Array<out X509Certificate>?, authType: String?) {}
+
+    override fun checkServerTrusted(chain: Array<out X509Certificate>?, authType: String?) {}
+
+    override fun getAcceptedIssuers(): Array<out X509Certificate> = arrayOf()
+}
+
+actual fun createHttpClient(appSettingsService: AppSettingsService, api: SelfossApi) =
+    HttpClient(OkHttp) {
+        engine {
+            val trustManager = NaiveTrustManager()
+            val sslContext = SSLContext.getInstance("TLS").apply {
+                init(null, arrayOf(trustManager), null)
+            }
+            preconfigured = OkHttpClient().newBuilder()
+                .sslSocketFactory(
+                    sslSocketFactory = sslContext.socketFactory,
+                    trustManager = trustManager
+                )
+                .hostnameVerifier(AllowAllHostnameVerifier())
+                .build()
+        }
+        install(ContentNegotiation) {
+            install(HttpCache)
+            json(Json {
+                prettyPrint = true
+                isLenient = true
+                ignoreUnknownKeys = true
+            })
+        }
+        install(Logging) {
+            logger = object : Logger {
+                override fun log(message: String) {
+                    Napier.d(message, tag = "LogApiCalls")
+                }
+            }
+            level = LogLevel.INFO
+        }
+        install(HttpTimeout) {
+            requestTimeoutMillis = appSettingsService.getApiTimeout()
+        }
+        install(HttpCookies)
+        install(HttpRequestRetry) {
+            maxRetries = 2
+            retryIf { _, response ->
+                response.status == HttpStatusCode.Forbidden && api.shouldHavePostLogin() && api.hasLoginInfo()
+            }
+            modifyRequest {
+                Napier.i("Will modify", tag = "HttpSend")
+                CoroutineScope(Dispatchers.Main).launch {
+                    Napier.i("Will login", tag = "HttpSend")
+                    api.login()
+                    Napier.i("Did login", tag = "HttpSend")
+                }
+            }
+        }
+        expectSuccess = false
+    }