Esempio n. 1
0
    def performServerAuthWithTrust_handler_(self, trust, completionHandler):
        SecTrustSetAnchorCertificates(trust, [self.serverCert])

        valid, error = SecTrustEvaluateWithError(trust, None)
        if not valid:
            logger.error(error)
            completionHandler(
                NSURLSessionAuthChallengeCancelAuthenticationChallenge, None)
            return

        credential = NSURLCredential.credentialForTrust_(trust)
        completionHandler(NSURLSessionAuthChallengeUseCredential, credential)
Esempio n. 2
0
    def URLSession_task_didReceiveChallenge_completionHandler_(
        self,
        session,  # type: NSURLSession
        task,  # type: NSURLSessionTask
        challenge,  # type: NSURLAuthenticationChallenge
        completionHandler  # type: (NSURLSessionAuthChallengeDisposition, NSURLCredential) -> Void
    ):  # type: (...) -> None
        logger.debug('URLSession_task_didReceiveChallenge_completionHandler_')
        completionHandler.__block_signature__ = objc_method_signature('v@i@')

        protectionSpace = challenge.protectionSpace()
        host = protectionSpace.host()
        realm = protectionSpace.realm()
        authenticationMethod = protectionSpace.authenticationMethod()

        logger.debug('NSURLProtectionSpace host: %s, realm: %s, method: %s',
                     host, realm, authenticationMethod)

        if authenticationMethod == 'NSURLAuthenticationMethodServerTrust' and not self.verify:
            logger.debug(
                'Trusting invalid SSL certificate because verify=False')
            trust = protectionSpace.serverTrust()
            credential = NSURLCredential.credentialForTrust_(trust)
            completionHandler(NSURLSessionAuthChallengePerformDefaultHandling,
                              credential)
        elif authenticationMethod in [
                'NSURLAuthenticationMethodDefault',
                'NSURLAuthenticationMethodHTTPBasic',
                'NSURLAuthenticationMethodHTTPDigest'
        ]:
            logger.debug('Attempting to authenticate')
            if getattr(self, 'credential', None) is not None:
                logger.debug('Using supplied NSURLCredential')
                completionHandler(NSURLSessionAuthChallengeUseCredential,
                                  self.credential)
            else:
                logger.debug(
                    'No NSURLCredential available, not authenticating.')
                completionHandler(
                    NSURLSessionAuthChallengePerformDefaultHandling, None)
        else:
            completionHandler(NSURLSessionAuthChallengePerformDefaultHandling,
                              None)