Remove custom certificate handling

Certificate validation logic implemented in the
Data SDK is a subject of transient errors, as
it is implemented on top of deprecated APIs.

Given that there's no handling of the custom
certificates and logic corresponds to the
default certificate handling in the iOS, custom
implementation can be removed in the faviour
of default handling.

Relates-To: HERESDK-5806

Signed-off-by: Mykhailo Diachenko <[email protected]>

Author: diachenko-mischa

olp-cpp-sdk-core/src/http/ios/OLPHttpClient.mm

@@ -64,7 +64,7 @@ void OnExitBackground() override {
 
 }  // namespace
 
-@interface OLPHttpClient ()<NSURLSessionDataDelegate>
+@interface OLPHttpClient () <NSURLSessionDataDelegate>
 
 @property(nonatomic) NSMutableDictionary* tasks;
 
@@ -92,8 +92,9 @@ - (instancetype)init {
     _delegateQueue = [[NSOperationQueue alloc] init];
     _delegateQueue.name = @"com.here.olp.network.HttpClientSessionQueue";
 
-    _sharedUrlSession =
-        [self urlSessionWithProxy:nil andHeaders:nil andBackgroundId:nil];
+    _sharedUrlSession = [self urlSessionWithProxy:nil
+                                       andHeaders:nil
+                                  andBackgroundId:nil];
 
     _sharedUrlBackgroundSession =
         [self urlSessionWithProxy:nil
@@ -452,34 +453,14 @@ - (void)URLSession:(NSURLSession*)session
                           "didReceiveChallenge failed - invalid session, "
                           "task_id=%u",
                           (unsigned int)dataTask.taskIdentifier);
+    // Don't hang in non-happy path
+    completionHandler(NSURLSessionAuthChallengeCancelAuthenticationChallenge,
+                      nil);
     return;
   }
 
-  @autoreleasepool {
-    if ([challenge.protectionSpace.authenticationMethod
-            isEqualToString:NSURLAuthenticationMethodServerTrust]) {
-      if (dataTask) {
-        OLPHttpTask* httpTask =
-            [self taskWithTaskDescription:dataTask.taskDescription];
-        if (![httpTask isValid]) {
-          return;
-        }
-        // TODO: Don't verify certificate is not implemented
-        if (![self shouldTrustProtectionSpace:challenge.protectionSpace]) {
-          completionHandler(
-              NSURLSessionAuthChallengeCancelAuthenticationChallenge, nil);
-          return;
-        }
-      }
-
-      NSURLCredential* credential = [NSURLCredential
-          credentialForTrust:challenge.protectionSpace.serverTrust];
-      completionHandler(NSURLSessionAuthChallengeUseCredential, credential);
-      return;
-    }
-
-    completionHandler(NSURLSessionAuthChallengePerformDefaultHandling, nil);
-  }
+  // Use iOS default certificate validation for all authentication challenges
+  completionHandler(NSURLSessionAuthChallengePerformDefaultHandling, nil);
 }
 
 - (void)URLSession:(NSURLSession*)session
@@ -533,31 +514,6 @@ - (void)URLSession:(NSURLSession*)session
   completionHandler(newRequest);
 }
 
-// http://goo.gl/jmZ4Uv
-- (BOOL)shouldTrustProtectionSpace:(NSURLProtectionSpace*)protectionSpace {
-  if (!protectionSpace) {
-    return NO;
-  }
-
-  SecTrustRef serverTrust = protectionSpace.serverTrust;
-  if (!serverTrust) {
-    return NO;
-  }
-
-  // TODO - certificate paths are not supported!
-
-  // evaluate server trust against certificate
-  SecTrustResultType trustResult = kSecTrustResultInvalid;
-  OSStatus status = SecTrustEvaluate(serverTrust, &trustResult);
-
-  if (errSecSuccess != status) {
-    return NO;
-  }
-
-  return (trustResult == kSecTrustResultUnspecified ||
-          trustResult == kSecTrustResultProceed);
-}
-
 - (void)URLSession:(NSURLSession*)session
                  downloadTask:(NSURLSessionTask*)dataTask
                  didWriteData:(int64_t)bytesWritten