gpt4 book ai didi

ios - Alamofire 5 替代 sessionDidReceiveChallenge

转载 作者:行者123 更新时间:2023-12-01 21:46:08 51 4
gpt4 key购买 nike

我刚刚转移到 Alamofire 5。

之前我使用过 URLSession 和 Certificate Pinner为了处理身份验证挑战,我使用了 URLSessionDelegate 的委托(delegate)方法带有哈希值

func urlSession(_ session: URLSession, didReceive challenge: URLAuthenticationChallenge,
completionHandler: @escaping (URLSession.AuthChallengeDisposition, URLCredential?) -> Void) {
print("being challanged! for \(challenge.protectionSpace.host)")
guard let trust = challenge.protectionSpace.serverTrust else {
print("invalid trust!")
completionHandler(.cancelAuthenticationChallenge, nil)
return
}

let credential = URLCredential(trust: trust)

let pinner = setupCertificatePinner(host: challenge.protectionSpace.host)

if (!pinner.validateCertificateTrustChain(trust)) {
print("failed: invalid certificate chain!")
challenge.sender?.cancel(challenge)
}

if (pinner.validateTrustPublicKeys(trust)) {
completionHandler(.useCredential, credential)
} else {
didPinningFailed = true
print("couldn't validate trust for \(challenge.protectionSpace.host)")
completionHandler(.cancelAuthenticationChallenge, nil)
}

}

移到 Alamofire 5 后,没有方法 sessionDidReceiveChallenge这在早期版本中可用。

我试过:
private let session: Session = {
let manager = ServerTrustManager(allHostsMustBeEvaluated: true, evaluators:
["devDomain.com": DisabledTrustEvaluator(),
"prodDomain.com": PublicKeysTrustEvaluator()])
let configuration = URLSessionConfiguration.af.default

return Session(configuration: configuration, serverTrustManager: manager)
}()

但我得到错误:
Error Domain=Alamofire.AFError Code=11 "Server trust evaluation failed due to reason: No public keys were found or provided for evaluation."

更新:
我仍然更喜欢仅使用 256 指纹来解析它的方法,因为我们在第一次 api 调用中获得域及其哈希值。

最佳答案

首先你需要一个 ServerTrustEvaluating处理固定一个简单工具的证书将类似于

public final class CertificatePinnerTrustEvaluator: ServerTrustEvaluating {

public init() {}

func setupCertificatePinner(host: String) -> CertificatePinner {

//get the CertificatePinner
}

public func evaluate(_ trust: SecTrust, forHost host: String) throws {

let pinner = setupCertificatePinner(host: host)

if (!pinner.validateCertificateTrustChain(trust)) {
print("failed: invalid certificate chain!")
throw AFError.serverTrustEvaluationFailed(reason: .noCertificatesFound)
}

if (!pinner.validateTrustPublicKeys(trust)) {
print ("couldn't validate trust for \(host)")

throw AFError.serverTrustEvaluationFailed(reason: .noCertificatesFound)
}
}
}

为了能够使用相同的评估器,我建议子类 ServerTrustManager要返回相同的评估器,我这样做是这样的:

class CertificatePinnerServerTrustManager: ServerTrustManager {

let evaluator = CertificatePinnerTrustEvaluator()

init() {
super.init(allHostsMustBeEvaluated: true, evaluators: [:])
}

open override func serverTrustEvaluator(forHost host: String) throws -> ServerTrustEvaluating? {

return evaluator
}
}

之后,您应该准备好创建 session 并将管理器传递给它

private let session: Session = {

let trustManager = CertificatePinnerServerTrustManager()

return Session(serverTrustManager: trustManager)
}()

我的引用是方法 urlSession(_:task:didReceive:completionHandler:)在第 86 行的 SessionDelegate.swift 中的 Alamofire 源中(Alamofire V5.2.1)

关于ios - Alamofire 5 替代 sessionDidReceiveChallenge,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/62194554/

51 4 0
Copyright 2021 - 2024 cfsdn All Rights Reserved 蜀ICP备2022000587号
广告合作:1813099741@qq.com 6ren.com