def performServerAuthWithTrust_handler_(self, trust, completionHandler): SecTrustSetAnchorCertificates(trust, [self.serverCert]) valid, error = SecTrustEvaluateWithError(trust, None) if not valid: logger.error(error) completionHandler( NSURLSessionAuthChallengeCancelAuthenticationChallenge, None) return credential = NSURLCredential.credentialForTrust_(trust) completionHandler(NSURLSessionAuthChallengeUseCredential, credential)
def URLSession_task_didReceiveChallenge_completionHandler_( self, session, # type: NSURLSession task, # type: NSURLSessionTask challenge, # type: NSURLAuthenticationChallenge completionHandler # type: (NSURLSessionAuthChallengeDisposition, NSURLCredential) -> Void ): # type: (...) -> None logger.debug('URLSession_task_didReceiveChallenge_completionHandler_') completionHandler.__block_signature__ = objc_method_signature('v@i@') protectionSpace = challenge.protectionSpace() host = protectionSpace.host() realm = protectionSpace.realm() authenticationMethod = protectionSpace.authenticationMethod() logger.debug('NSURLProtectionSpace host: %s, realm: %s, method: %s', host, realm, authenticationMethod) if authenticationMethod == 'NSURLAuthenticationMethodServerTrust' and not self.verify: logger.debug( 'Trusting invalid SSL certificate because verify=False') trust = protectionSpace.serverTrust() credential = NSURLCredential.credentialForTrust_(trust) completionHandler(NSURLSessionAuthChallengePerformDefaultHandling, credential) elif authenticationMethod in [ 'NSURLAuthenticationMethodDefault', 'NSURLAuthenticationMethodHTTPBasic', 'NSURLAuthenticationMethodHTTPDigest' ]: logger.debug('Attempting to authenticate') if getattr(self, 'credential', None) is not None: logger.debug('Using supplied NSURLCredential') completionHandler(NSURLSessionAuthChallengeUseCredential, self.credential) else: logger.debug( 'No NSURLCredential available, not authenticating.') completionHandler( NSURLSessionAuthChallengePerformDefaultHandling, None) else: completionHandler(NSURLSessionAuthChallengePerformDefaultHandling, None)