fix(#23,#24): Allow to use self-signed SSL certificates

sp-engineering · Oct 16, 2024 · 05cbf96 · 05cbf96
1 parent d9d6fa7
commit 05cbf96
Show file tree

Hide file tree

Showing 4 changed files with 77 additions and 2 deletions.
diff --git a/android/app/build.gradle b/android/app/build.gradle
@@ -82,8 +82,8 @@ android {
         applicationId "com.frigateviewer"
         minSdkVersion rootProject.ext.minSdkVersion
         targetSdkVersion rootProject.ext.targetSdkVersion
-        versionCode 16
-        versionName "14.2.1"
+        versionCode 17
+        versionName "14.2.2"
     }
     signingConfigs {
         debug {

diff --git a/android/app/src/main/java/com/frigateviewer/IgnoreSSLFactory.java b/android/app/src/main/java/com/frigateviewer/IgnoreSSLFactory.java
@@ -0,0 +1,63 @@
+package com.frigateviewer;
+
+import com.facebook.react.modules.network.OkHttpClientFactory;
+import com.facebook.react.modules.network.OkHttpClientFactory;
+import com.facebook.react.modules.network.OkHttpClientProvider;
+import com.facebook.react.modules.network.ReactCookieJarContainer;
+import java.security.cert.CertificateException;
+import java.util.ArrayList;
+import java.util.List;
+import java.util.concurrent.TimeUnit;
+import android.util.Log;
+import javax.net.ssl.HostnameVerifier;
+import javax.net.ssl.SSLContext;
+import javax.net.ssl.SSLSession;
+import javax.net.ssl.SSLSocketFactory;
+import javax.net.ssl.TrustManager;
+import javax.net.ssl.X509TrustManager;
+import okhttp3.CipherSuite;
+import okhttp3.ConnectionSpec;
+import okhttp3.OkHttpClient;
+import okhttp3.TlsVersion;
+import static android.content.ContentValues.TAG;
+public class IgnoreSSLFactory implements OkHttpClientFactory {
+    private static final String TAG = "IgnoreSSLFactory";
+
+    @Override
+    public OkHttpClient createNewNetworkModuleClient() {
+        try {
+            final TrustManager[] trustAllCerts = new TrustManager[]{
+                    new X509TrustManager() {
+                        @Override
+                        public void checkClientTrusted(java.security.cert.X509Certificate[] chain, String authType) throws CertificateException {
+                        }
+@Override
+                        public void checkServerTrusted(java.security.cert.X509Certificate[] chain, String authType) throws CertificateException {
+                        }
+@Override
+                        public java.security.cert.X509Certificate[] getAcceptedIssuers() {
+                            return new java.security.cert.X509Certificate[]{};
+                        }
+                    }
+            };
+final SSLContext sslContext = SSLContext.getInstance("SSL");
+            sslContext.init(null, trustAllCerts, new java.security.SecureRandom());
+final SSLSocketFactory sslSocketFactory = sslContext.getSocketFactory();
+OkHttpClient.Builder builder = new OkHttpClient.Builder()
+                    .connectTimeout(0, TimeUnit.MILLISECONDS).readTimeout(0, TimeUnit.MILLISECONDS)
+                    .writeTimeout(0, TimeUnit.MILLISECONDS).cookieJar(new ReactCookieJarContainer());
+            builder.sslSocketFactory(sslSocketFactory, (X509TrustManager) trustAllCerts[0]);
+            builder.hostnameVerifier(new HostnameVerifier() {
+                @Override
+                public boolean verify(String hostname, SSLSession session) {
+                    return true;
+                }
+            });
+OkHttpClient okHttpClient = builder.build();
+            return okHttpClient;
+        } catch (Exception e) {
+            Log.e(TAG, e.getMessage());
+            throw new RuntimeException(e);
+        }
+    }
+}
diff --git a/android/app/src/main/java/com/frigateviewer/MainApplication.java b/android/app/src/main/java/com/frigateviewer/MainApplication.java
@@ -12,6 +12,7 @@
 import com.facebook.soloader.SoLoader;
 import java.util.List;
 import com.horcrux.svg.SvgPackage;
+import com.facebook.react.modules.network.OkHttpClientProvider;
 
 public class MainApplication extends NavigationApplication {
 
@@ -61,6 +62,7 @@ public void onCreate() {
       // If you opted-in for the New Architecture, we load the native entry point for this app.
       DefaultNewArchitectureEntryPoint.load();
     }
+    OkHttpClientProvider.setOkHttpClientFactory(new IgnoreSSLFactory());
     ReactNativeFlipper.initializeFlipper(this, getReactNativeHost().getReactInstanceManager());
   }
 }
diff --git a/ios/FrigateViewer/RCHTTPRequestHandler+ignoreSSL.m b/ios/FrigateViewer/RCHTTPRequestHandler+ignoreSSL.m
@@ -0,0 +1,10 @@
+#import "React/RCTBridgeModule.h"
+#import "React/RCTHTTPRequestHandler.h"
+
+@implementation RCTHTTPRequestHandler(ignoreSSL)
+
+- (void)URLSession:(NSURLSession *)session didReceiveChallenge:(NSURLAuthenticationChallenge *)challenge completionHandler:(void (^)(NSURLSessionAuthChallengeDisposition disposition, NSURLCredential *credential))completionHandler
+{
+  completionHandler(NSURLSessionAuthChallengeUseCredential, [NSURLCredential credentialForTrust:challenge.protectionSpace.serverTrust]);
+}
+@end