Created
April 18, 2020 14:09
-
-
Save humayuntanwar/b3c0512018df24fb667d70b2bbb513b5 to your computer and use it in GitHub Desktop.
This method intercepts your outgoing request to encrypt its parameters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| /** this method builds a http client with trusted certified and verified host name and global response interceptors | |
| * encrypt the encoded parameters and sets the user agent header | |
| * @return okhttpclient | |
| */ | |
| private val safeOkHttpClient: OkHttpClient | |
| get() { | |
| try { | |
| val trustAllCerts = arrayOf<TrustManager>( | |
| object : X509TrustManager { | |
| override fun checkClientTrusted(chain: Array<X509Certificate>, authType: String) {} | |
| @Throws(CertificateException::class) | |
| override fun checkServerTrusted(chain: Array<X509Certificate>, authType: String) { | |
| if (!chain[0].subjectX500Principal.name.contains("mcb.accessgroup.mobi") && | |
| !chain[0].subjectX500Principal.name.contains("demo.accessgroup.mobi") | |
| ) { | |
| throw CertificateException("Invalid certificate") | |
| } | |
| } | |
| override fun getAcceptedIssuers(): Array<X509Certificate> { | |
| return arrayOf() | |
| } | |
| }) | |
| val x509HostnameVerifier = org.apache.http.conn.ssl.SSLSocketFactory.ALLOW_ALL_HOSTNAME_VERIFIER | |
| object : X509HostnameVerifier { | |
| override fun verify(s: String, sslSession: SSLSession): Boolean { | |
| val hv = HttpsURLConnection.getDefaultHostnameVerifier() as X509HostnameVerifier | |
| return hv.verify("mcb.accessgroup.mobi", sslSession) | |
| } | |
| @Throws(IOException::class) | |
| override fun verify(s: String, sslSocket: SSLSocket) { | |
| if (!s.contentEquals("mcb.accessgroup.mobi") && | |
| !s.contentEquals("demo.accessgroup.mobi")) { | |
| throw IOException("invalid certificate, returned = $s") | |
| } | |
| } | |
| override fun verify(s: String, x509Certificate: X509Certificate) { | |
| } | |
| override fun verify(s: String, strings: Array<String>, strings1: Array<String>) { | |
| } | |
| } | |
| val sslContext = SSLContext.getInstance("TLS") | |
| sslContext.init(null, trustAllCerts, SecureRandom()) | |
| val sslSocketFactory = sslContext.socketFactory | |
| /* val interceptor = Interceptor { chain-> | |
| val original = chain.request() | |
| //encrypting parameters and adding header | |
| val urlOriginal = original.url().encodedQuery().toString() | |
| val key = xorRegLogin() | |
| val encryptedParameters = encrypt(key.substring(0,16),key.substring(16,32),urlOriginal) | |
| val url = original.url() | |
| .newBuilder() | |
| .encodedQuery(encryptedParameters) | |
| .build() | |
| val request = original.newBuilder() | |
| .header("User-Agent", "android") | |
| .url(url) | |
| .build() | |
| return@Interceptor chain.proceed(request) | |
| }*/ | |
| return OkHttpClient.Builder() | |
| .sslSocketFactory(sslSocketFactory) | |
| .hostnameVerifier(x509HostnameVerifier) | |
| .connectTimeout(2, TimeUnit.MINUTES) | |
| .readTimeout(2, TimeUnit.MINUTES) | |
| //.addInterceptor(interceptor) | |
| .build() | |
| } catch (e: Exception) { | |
| throw RuntimeException(e) | |
| } | |
| } |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment