Adding, customizing and modifying MemorizingTrustManager.

2020-03-30 23:01:54 +02:00
parent 6e0880e6d8
commit aa697d11ad
10 changed files with 911 additions and 86 deletions
--- a/app/src/main/java/org/mian/gitnex/clients/IssuesService.java
+++ b/app/src/main/java/org/mian/gitnex/clients/IssuesService.java
@@ -2,9 +2,14 @@ package org.mian.gitnex.clients;

 import android.content.Context;
 import androidx.annotation.NonNull;
+import org.mian.gitnex.ssl.MemorizingTrustManager;
 import org.mian.gitnex.util.AppUtil;
 import java.io.File;
 import java.io.IOException;
+import java.security.SecureRandom;
+import javax.net.ssl.HttpsURLConnection;
+import javax.net.ssl.SSLContext;
+import javax.net.ssl.X509TrustManager;
 import okhttp3.Cache;
 import okhttp3.Interceptor;
 import okhttp3.OkHttpClient;
@@ -20,42 +25,47 @@ import retrofit2.converter.gson.GsonConverterFactory;

 public class IssuesService {

-    public static <S> S createService(Class<S> serviceClass, String instanceURL, Context ctx) {
+    public static <S> S createService(Class<S> serviceClass, String instanceURL, Context context) {

-        final boolean connToInternet = AppUtil.haveNetworkConnection(ctx);
-        File httpCacheDirectory = new File(ctx.getCacheDir(), "responses");
+        final boolean connToInternet = AppUtil.haveNetworkConnection(context);
+        File httpCacheDirectory = new File(context.getCacheDir(), "responses");
        int cacheSize = 50 * 1024 * 1024; // 50MB
        Cache cache = new Cache(httpCacheDirectory, cacheSize);

        HttpLoggingInterceptor logging = new HttpLoggingInterceptor();
        logging.setLevel(HttpLoggingInterceptor.Level.BODY);

-        OkHttpClient okHttpClient = new OkHttpClient.Builder()
-                .cache(cache)
-                //.addInterceptor(logging)
-                .addInterceptor(new Interceptor() {
-                    @NonNull
-                    @Override public Response intercept(@NonNull Chain chain) throws IOException {
-                        Request request = chain.request();
-                        if (connToInternet) {
-                            request = request.newBuilder().header("Cache-Control", "public, max-age=" + 60).build();
-                        } else {
-                            request = request.newBuilder().header("Cache-Control", "public, only-if-cached, max-stale=" + 60 * 60 * 24 * 30).build();
-                        }
-                        return chain.proceed(request);
+        try {
+            SSLContext sslContext = SSLContext.getInstance("TLS");
+
+            MemorizingTrustManager memorizingTrustManager = new MemorizingTrustManager(context);
+            sslContext.init(null, new X509TrustManager[]{memorizingTrustManager}, new SecureRandom());
+
+            OkHttpClient okHttpClient = new OkHttpClient.Builder().cache(cache).sslSocketFactory(sslContext.getSocketFactory(), memorizingTrustManager).hostnameVerifier(memorizingTrustManager.wrapHostnameVerifier(HttpsURLConnection.getDefaultHostnameVerifier())).addInterceptor(new Interceptor() {
+
+                @NonNull
+                @Override
+                public Response intercept(@NonNull Chain chain) throws IOException {
+
+                    Request request = chain.request();
+                    if(connToInternet) {
+                        request = request.newBuilder().header("Cache-Control", "public, max-age=" + 60).build();
                    }
-                })
-                .build();
+                    else {
+                        request = request.newBuilder().header("Cache-Control", "public, only-if-cached, max-stale=" + 60 * 60 * 24 * 30).build();
+                    }
+                    return chain.proceed(request);
+                }
+            }).build();

-        Retrofit.Builder builder = new Retrofit.Builder()
-                .baseUrl(instanceURL)
-                .client(okHttpClient)
-                .addConverterFactory(GsonConverterFactory.create());
+            Retrofit.Builder builder = new Retrofit.Builder().baseUrl(instanceURL).client(okHttpClient).addConverterFactory(GsonConverterFactory.create());

-        Retrofit retrofit = builder.build();
-
-        return retrofit.create(serviceClass);
+            Retrofit retrofit = builder.build();
+            return retrofit.create(serviceClass);
+        } catch(Exception e) {
+            e.printStackTrace();
+        }

+        return null;
    }
-
 }
--- a/app/src/main/java/org/mian/gitnex/clients/PullRequestsService.java
+++ b/app/src/main/java/org/mian/gitnex/clients/PullRequestsService.java
@@ -2,9 +2,14 @@ package org.mian.gitnex.clients;

 import android.content.Context;
 import androidx.annotation.NonNull;
+import org.mian.gitnex.ssl.MemorizingTrustManager;
 import org.mian.gitnex.util.AppUtil;
 import java.io.File;
 import java.io.IOException;
+import java.security.SecureRandom;
+import javax.net.ssl.HttpsURLConnection;
+import javax.net.ssl.SSLContext;
+import javax.net.ssl.X509TrustManager;
 import okhttp3.Cache;
 import okhttp3.Interceptor;
 import okhttp3.OkHttpClient;
@@ -20,42 +25,47 @@ import retrofit2.converter.gson.GsonConverterFactory;

 public class PullRequestsService {

-    public static <S> S createService(Class<S> serviceClass, String instanceURL, Context ctx) {
+    public static <S> S createService(Class<S> serviceClass, String instanceURL, Context context) {

-        final boolean connToInternet = AppUtil.haveNetworkConnection(ctx);
-        File httpCacheDirectory = new File(ctx.getCacheDir(), "responses");
+        final boolean connToInternet = AppUtil.haveNetworkConnection(context);
+        File httpCacheDirectory = new File(context.getCacheDir(), "responses");
        int cacheSize = 50 * 1024 * 1024; // 50MB
        Cache cache = new Cache(httpCacheDirectory, cacheSize);

        HttpLoggingInterceptor logging = new HttpLoggingInterceptor();
        logging.setLevel(HttpLoggingInterceptor.Level.BODY);

-        OkHttpClient okHttpClient = new OkHttpClient.Builder()
-                .cache(cache)
-                //.addInterceptor(logging)
-                .addInterceptor(new Interceptor() {
-                    @NonNull
-                    @Override public Response intercept(@NonNull Chain chain) throws IOException {
-                        Request request = chain.request();
-                        if (connToInternet) {
-                            request = request.newBuilder().header("Cache-Control", "public, max-age=" + 60).build();
-                        } else {
-                            request = request.newBuilder().header("Cache-Control", "public, only-if-cached, max-stale=" + 60 * 60 * 24 * 30).build();
-                        }
-                        return chain.proceed(request);
+        try {
+            SSLContext sslContext = SSLContext.getInstance("TLS");
+
+            MemorizingTrustManager memorizingTrustManager = new MemorizingTrustManager(context);
+            sslContext.init(null, new X509TrustManager[]{memorizingTrustManager}, new SecureRandom());
+
+            OkHttpClient okHttpClient = new OkHttpClient.Builder().cache(cache).sslSocketFactory(sslContext.getSocketFactory(), memorizingTrustManager).hostnameVerifier(memorizingTrustManager.wrapHostnameVerifier(HttpsURLConnection.getDefaultHostnameVerifier())).addInterceptor(new Interceptor() {
+
+                @NonNull
+                @Override
+                public Response intercept(@NonNull Chain chain) throws IOException {
+
+                    Request request = chain.request();
+                    if(connToInternet) {
+                        request = request.newBuilder().header("Cache-Control", "public, max-age=" + 60).build();
                    }
-                })
-                .build();
+                    else {
+                        request = request.newBuilder().header("Cache-Control", "public, only-if-cached, max-stale=" + 60 * 60 * 24 * 30).build();
+                    }
+                    return chain.proceed(request);
+                }
+            }).build();

-        Retrofit.Builder builder = new Retrofit.Builder()
-                .baseUrl(instanceURL)
-                .client(okHttpClient)
-                .addConverterFactory(GsonConverterFactory.create());
+            Retrofit.Builder builder = new Retrofit.Builder().baseUrl(instanceURL).client(okHttpClient).addConverterFactory(GsonConverterFactory.create());

-        Retrofit retrofit = builder.build();
-
-        return retrofit.create(serviceClass);
+            Retrofit retrofit = builder.build();
+            return retrofit.create(serviceClass);
+        } catch(Exception e) {
+            e.printStackTrace();
+        }

+        return null;
    }
-
 }
--- a/app/src/main/java/org/mian/gitnex/clients/RetrofitClient.java
+++ b/app/src/main/java/org/mian/gitnex/clients/RetrofitClient.java
@@ -1,16 +1,17 @@
 package org.mian.gitnex.clients;

 import android.content.Context;
-import androidx.annotation.NonNull;
 import org.mian.gitnex.interfaces.ApiInterface;
+import org.mian.gitnex.ssl.MemorizingTrustManager;
 import org.mian.gitnex.util.AppUtil;
 import java.io.File;
-import java.io.IOException;
+import java.security.SecureRandom;
+import javax.net.ssl.HttpsURLConnection;
+import javax.net.ssl.SSLContext;
+import javax.net.ssl.X509TrustManager;
 import okhttp3.Cache;
-import okhttp3.Interceptor;
 import okhttp3.OkHttpClient;
 import okhttp3.Request;
-import okhttp3.Response;
 import okhttp3.logging.HttpLoggingInterceptor;
 import retrofit2.Retrofit;
 import retrofit2.converter.gson.GsonConverterFactory;
@@ -24,41 +25,47 @@ public class RetrofitClient {

    private Retrofit retrofit;

-    private RetrofitClient(String instanceUrl, Context ctx) {
-
-        final boolean connToInternet = AppUtil.haveNetworkConnection(ctx);
+    private RetrofitClient(String instanceUrl, Context context) {
+        final boolean connToInternet = AppUtil.haveNetworkConnection(context);
        int cacheSize = 50 * 1024 * 1024; // 50MB
-        File httpCacheDirectory = new File(ctx.getCacheDir(), "responses");
+        File httpCacheDirectory = new File(context.getCacheDir(), "responses");
        Cache cache = new Cache(httpCacheDirectory, cacheSize);

        HttpLoggingInterceptor logging = new HttpLoggingInterceptor();
        logging.setLevel(HttpLoggingInterceptor.Level.BODY);

-        OkHttpClient okHttpClient = new OkHttpClient.Builder()
-                .cache(cache)
-                //.addInterceptor(logging)
-                .addInterceptor(new Interceptor() {
-                    @NonNull
-                    @Override public Response intercept(@NonNull Chain chain) throws IOException {
+        try {
+            SSLContext sslContext = SSLContext.getInstance("TLS");
+
+            MemorizingTrustManager memorizingTrustManager = new MemorizingTrustManager(context);
+            sslContext.init(null, new X509TrustManager[] { memorizingTrustManager }, new SecureRandom());
+
+            OkHttpClient.Builder okHttpClient = new OkHttpClient.Builder()
+                    .cache(cache)
+                    .sslSocketFactory(sslContext.getSocketFactory(), memorizingTrustManager)
+                    .hostnameVerifier(memorizingTrustManager.wrapHostnameVerifier(HttpsURLConnection.getDefaultHostnameVerifier()))
+                    .addInterceptor(chain -> {
                        Request request = chain.request();
-                        if (connToInternet) {
-                            request = request.newBuilder().header("Cache-Control", "public, max-age=" + 60).build();
-                        } else {
-                            request = request.newBuilder().header("Cache-Control", "public, only-if-cached, max-stale=" + 60 * 60 * 24 * 30).build();
-                        }
+
+                        request = (connToInternet) ?
+                                request.newBuilder().header("Cache-Control", "public, max-age=" + 60).build() :
+                                request.newBuilder().header("Cache-Control",
+                                        "public, only-if-cached, max-stale=" + 60 * 60 * 24 * 30).build();
+
                        return chain.proceed(request);
-                    }
-                })
-                .build();
+                    });

-        Retrofit.Builder builder = new Retrofit.Builder()
-                .baseUrl(instanceUrl)
-                .client(okHttpClient)
-                .addConverterFactory(ScalarsConverterFactory.create())
-                .addConverterFactory(GsonConverterFactory.create());
+            Retrofit.Builder builder = new Retrofit.Builder()
+                    .baseUrl(instanceUrl)
+                    .client(okHttpClient.build())
+                    .addConverterFactory(ScalarsConverterFactory.create())
+                    .addConverterFactory(GsonConverterFactory.create());

-        retrofit = builder.build();
+            retrofit = builder.build();

+        } catch(Exception e) {
+            e.printStackTrace();
+        }
    }

    public static synchronized RetrofitClient getInstance(String instanceUrl, Context ctx) {