Merge pull request #122 from vaelen/android-ignore-ssl-certificates

fehguy · fehguy · commit 32d792de0136 · 2014-01-16T20:30:19.000-08:00
Update android target to work with self signed certificates if needed.
diff --git a/src/main/resources/android-java/apiInvoker.mustache b/src/main/resources/android-java/apiInvoker.mustache
@@ -9,11 +9,18 @@ import com.fasterxml.jackson.databind.annotation.JsonSerialize;
 import org.apache.http.*;
 import org.apache.http.client.*;
 import org.apache.http.client.methods.*;
+import org.apache.http.conn.*;
+import org.apache.http.conn.scheme.*;
+import org.apache.http.conn.ssl.*;
 import org.apache.http.entity.StringEntity;
 import org.apache.http.impl.client.*;
+import org.apache.http.impl.conn.*;
+import org.apache.http.params.*;
 import org.apache.http.util.EntityUtils;
 
 import java.io.File;
+import java.net.Socket;
+import java.net.UnknownHostException;
 import java.net.URLEncoder;
 
 import java.util.Map;
@@ -22,15 +29,50 @@ import java.util.List;
 import java.io.IOException;
 import java.io.UnsupportedEncodingException;
 
+import java.security.GeneralSecurityException;
+import java.security.KeyManagementException;
+import java.security.KeyStore;
+import java.security.NoSuchAlgorithmException;
+import java.security.SecureRandom;
+import java.security.cert.*;
+
+import java.text.DateFormat;
+import java.text.SimpleDateFormat;
+
+import java.util.Date;
+import java.util.Random;
+import java.util.logging.Level;
+import java.util.logging.Logger;
+
+import javax.crypto.Mac;
+import javax.crypto.spec.SecretKeySpec;
+
+import javax.net.ssl.SSLContext;
+import javax.net.ssl.TrustManager;
+import javax.net.ssl.X509TrustManager;
+
 public class ApiInvoker {
   private static ApiInvoker INSTANCE = new ApiInvoker();
   private Map<String, String> defaultHeaderMap = new HashMap<String, String>();
 
   private HttpClient client = null;
+
+  private boolean ignoreSSLCertificates = false;
+
+  private ClientConnectionManager ignoreSSLConnectionManager;
+
+  public ApiInvoker() {
+    initConnectionManager();
+  }
+
   public static ApiInvoker getInstance() {
     return INSTANCE;
   }
 
+  public void ignoreSSLCertificates(boolean ignoreSSLCertificates) {
+    this.ignoreSSLCertificates = ignoreSSLCertificates;
+  }
+
   public void addDefaultHeader(String key, String value) {
     defaultHeaderMap.put(key, value);
   }
@@ -167,8 +209,60 @@ public class ApiInvoker {
   }
 
   private HttpClient getClient(String host) {
-    if(client == null)
-      client = new DefaultHttpClient();
+    if (client == null) {
+      if (ignoreSSLCertificates && ignoreSSLConnectionManager != null) {
+        // Trust self signed certificates
+        client = new DefaultHttpClient(ignoreSSLConnectionManager, new BasicHttpParams());
+      } else {
+        client = new DefaultHttpClient();
+      }
+    }
     return client;
   }
-}
+
+  private void initConnectionManager() {
+    try {
+      final SSLContext sslContext = SSLContext.getInstance("SSL");
+
+      // set up a TrustManager that trusts everything
+      TrustManager[] trustManagers = new TrustManager[] {
+        new X509TrustManager() {
+          public X509Certificate[] getAcceptedIssuers() {
+            return null;
+          }
+          public void checkClientTrusted(X509Certificate[] certs, String authType) {}
+          public void checkServerTrusted(X509Certificate[] certs, String authType) {}
+      }};
+
+      sslContext.init(null, trustManagers, new SecureRandom());
+
+      SSLSocketFactory sf = new SSLSocketFactory((KeyStore)null) {
+        private javax.net.ssl.SSLSocketFactory sslFactory = sslContext.getSocketFactory();
+
+        public Socket createSocket(Socket socket, String host, int port, boolean autoClose)
+          throws IOException, UnknownHostException {
+          return sslFactory.createSocket(socket, host, port, autoClose);
+        }
+
+        public Socket createSocket() throws IOException {
+          return sslFactory.createSocket();
+        }
+      };
+
+      sf.setHostnameVerifier(SSLSocketFactory.ALLOW_ALL_HOSTNAME_VERIFIER);
+      Scheme httpsScheme = new Scheme("https", sf, 443);
+      SchemeRegistry schemeRegistry = new SchemeRegistry();
+      schemeRegistry.register(httpsScheme);
+      schemeRegistry.register(new Scheme("http", PlainSocketFactory.getSocketFactory(), 80));
+
+      ignoreSSLConnectionManager = new SingleClientConnManager(new BasicHttpParams(), schemeRegistry);
+    } catch (NoSuchAlgorithmException e) {
+      // This will only be thrown if SSL isn't available for some reason.
+    } catch (KeyManagementException e) {
+      // This might be thrown when passing a key into init(), but no key is being passed.
+    } catch (GeneralSecurityException e) {
+      // This catches anything else that might go wrong.
+      // If anything goes wrong we default to the standard connection manager.
+    }
+  }
+}
diff --git a/src/main/resources/android-java/pom.mustache b/src/main/resources/android-java/pom.mustache
@@ -207,7 +207,7 @@
     <maven-plugin-version>1.0.0</maven-plugin-version>
     <junit-version>4.8.1</junit-version>
     <scala-test-version>1.6.1</scala-test-version>
-    <httpclient-version>4.2.3</httpclient-version>
+    <httpclient-version>4.0</httpclient-version>
     <scala-maven-plugin-version>3.1.5</scala-maven-plugin-version>
   </properties>
 </project>
