socket.io-client-swift
socket.io-client-swift copied to clipboard
socketio
SSL Pinning with URLSessionDelegate doesnt use websocket protocol but uses polling
I am using V16 of SDK and this is my code to add SSL pinning.
socketManager = SocketManager(socketURL: URL(string: socketUrl!)!, config: [
.compress,
.log(true),
.sessionDelegate(self),
.connectParams(["token" : "user-token"])
])
Here's the URLSessionDelegate code
func urlSession(_ session: URLSession, didReceive challenge: URLAuthenticationChallenge, completionHandler: @escaping (URLSession.AuthChallengeDisposition, URLCredential?) -> Void) {
if challenge.protectionSpace.authenticationMethod == NSURLAuthenticationMethodServerTrust || challenge.protectionSpace.authenticationMethod == NSURLAuthenticationMethodClientCertificate {
guard socketUrl!.contains(challenge.protectionSpace.host) else {
completionHandler(.cancelAuthenticationChallenge, nil)
return
}
let localCertificate = cert.urlCredential()
completionHandler(.useCredential, localCertificate)
}
else {
completionHandler(.rejectProtectionSpace, nil)
}
}
I am using .p12 file which has password, therefore using a custom class to get urlCredential() and use that in above method.
I can successfully connect to my websocket server, however, upon checking Xcode console logs I am getting this
LOG SocketEnginePolling: Doing polling GET <socket url>
LOG SocketEnginePolling: Doing polling POST <socket url>
Therefore, I think my app is connected via long polling protocol, instead of websocket. I am not sure whats wrong with my implementation of SSL Pinning, but this is the only version working for me, and there's already little to no documentation on implementing SSL Pinning with websocket.
If I remove SSL Pinning from server and remove client side code(.sessionDelegate(self)) as well, I can see that my app is connected via websocket protocol.
So I am pretty sure the issue is somewhat related to SSL Pinning Implementation method on client side.
