flutter_appauth icon indicating copy to clipboard operation
flutter_appauth copied to clipboard

Published 20 hours ago verified publisher icon MaikuB

HTTPS problem with VPN IP server

Open exonent opened this issue 2 years ago • 4 comments

Hi!

I'm trying to connect to private server HTTPS, using VPN and IP. It works on the web (I have to trust the site, but works), the problem is when I move to mobile app. I created a Flutter project (A button that connect with my OAUTH server). I tried it with auth0.com as an example and works! But when I'm using an untrusted server, I can't use it and the Log gives me the following error: E/CONSCRYPT(10959): ------------------Untrusted chain: ----------------------

So, As you can see from the screenshots, I tried to allow all connections and create a network security config XML file as Android says on their website. But it does not work: image image

So I downloaded my certificates and added to my project: image

image

But it keeps saying: is not verified, Any idea? image

Also, I added the allowInsecureConnections: true but.. meeeeh :( Thanks! Have a good day!

exonent avatar Aug 25 '22 14:08 exonent

It sounds like this PR may solve your issue https://github.com/MaikuB/flutter_appauth/pull/149. As I had no way to verify the PR itself, this is why the PR has been left as is. It is out of date but you can see if it helps solve the problem. If it does then it'd be great if you can to provide details on how to setup a server easily so I can check too.

Also, what happens on iOS? I've not worked with using servers with untrusted/self-signed certs but I would imagine the same issue occurs then. It might be that you'll need to look into a solution for both platforms

MaikuB avatar Aug 28 '22 10:08 MaikuB

Ok, it's solved with:

network_security_config.xml (Android)

<?xml version="1.0" encoding="utf-8"?>
<network-security-config>
    <base-config cleartextTrafficPermitted="true" />
    <domain-config cleartextTrafficPermitted="true">
        <trust-anchors>
            <certificates src="system" />
            <certificates src="user"/>
            <certificates src="@raw/root_ca" />
        </trust-anchors>
        <domain includeSubdomains="true">11.111.111.111:8443</domain>
        <domain includeSubdomains="true">11.111.111.111</domain>
    </domain-config>
</network-security-config>

AndroidManifest.xml

<manifest xmlns:android="http://schemas.android.com/apk/res/android"
    package="com.dev.auth">
   <application
        android:label="auth"
        android:name="${applicationName}"
        android:icon="@mipmap/ic_launcher"
        android:usesCleartextTraffic="true"
        android:networkSecurityConfig="@xml/network_security_config">

And export de .crt file into res/xml folder.

Also added:

AuthorizationTokenRequest(
         AUTH0_CLIENT_ID,
         AUTH0_REDIRECT_URI,
         allowInsecureConnections: true, // <-- here
         discoveryUrl: 'https://$AUTH0_DOMAIN',

Thx and hope that helps :)

exonent avatar Aug 31 '22 12:08 exonent

Now I'm on iOS, when I finish I will post the result and guide of how to do that.

exonent avatar Aug 31 '22 12:08 exonent

Hi @exonent Maybe I got the same issue with you https://github.com/MaikuB/flutter_appauth/issues/386. I've fixed for android version but can't find any solution for IOS version . Any update for this issue?

tungtt1501 avatar Nov 08 '22 03:11 tungtt1501