TrustKit icon indicating copy to clipboard operation
TrustKit copied to clipboard

Published 20 hours ago verified publisher icon datatheorem

Alamofire 5 integration

Open Anandsetty opened this issue 2 years ago • 1 comments

In our application we use to follow below streps to integration

class ApiManager: SessionDelegate{

var sessionManager: SessionManager?

override init(){ super.init() initReachibility() sessionManager = SessionManager.init(configuration: URLSessionConfiguration.ephemeral, delegate: self) }

override func urlSession(_ session: URLSession, task: URLSessionTask, didReceive challenge: URLAuthenticationChallenge, completionHandler: @escaping (URLSession.AuthChallengeDisposition, URLCredential?) -> Void) { // Call into TrustKit here to do pinning validation if TrustKit.sharedInstance().pinningValidator.handle(challenge, completionHandler: completionHandler) == false { // TrustKit did not handle this challenge: perhaps it was not for server trust // or the domain was not pinned. Fall back to the default behavior completionHandler(.cancelAuthenticationChallenge, nil) } }

func makeRequestAlamofire(route:URL, method:HTTPMethod, autherized:Bool, parameter:Parameters,header:[String:String], callback: @escaping (APIResult<Data>) -> Void){

    sessionManager?.request(route,method: method,parameters:parameter, encoding: JSONEncoding.default,headers:headers ).validate(statusCode: 200..<300)
        .validate(contentType: ["application/json"]).responseData { response in
            //Pin Validtion returner
            guard response.error == nil else {
                // Display Error Alert
                print("Result Pinning validation failed for \(route.absoluteString)\n\n\(response.error.debugDescription)")
                return
            }
            switch response.result {
              case .success(let val):
                print("Success")
              case .failure(let error):
                print("Faild")
            }
    }
}

}

Now in alamofire 5 there is no SessionManager. Here i tried to initialise the session with but no interface to have SessionDelegate delegate method so that we can have implement below implementation

Session = Session(configuration: URLSessionConfiguration.ephemeral)

override func urlSession(_ session: URLSession, task: URLSessionTask, didReceive challenge: URLAuthenticationChallenge, completionHandler: @escaping (URLSession.AuthChallengeDisposition, URLCredential?) -> Void) {
    // Call into TrustKit here to do pinning validation
    if TrustKit.sharedInstance().pinningValidator.handle(challenge, completionHandler: completionHandler) == false {
        // TrustKit did not handle this challenge: perhaps it was not for server trust
        // or the domain was not pinned. Fall back to the default behavior
        completionHandler(.cancelAuthenticationChallenge, nil)
    }
}

Please let us know how to use TrustKit along with alamofire 5

Anandsetty avatar Aug 09 '22 09:08 Anandsetty

Just use ServerTrustEvaluating protocol and evaluate method inside it. TrustKit has pinningValidator.evaluateTrust method that can help you with it. With statuses domainNotPinned, shouldAllowConnection and default just throw an error. This is it

artemelianov avatar Feb 28 '23 08:02 artemelianov