From 41d228f3a7ea194d7dc00c785c42f70f00f950ff Mon Sep 17 00:00:00 2001 From: Oliver Letterer Date: Fri, 31 May 2013 21:06:06 +0200 Subject: [PATCH] Properly implementing connection:willSendRequestForAuthenticationChallenge:. --- AFNetworking/AFURLConnectionOperation.h | 15 +++++++++ AFNetworking/AFURLConnectionOperation.m | 42 ++++++++++++++++++++++--- 2 files changed, 53 insertions(+), 4 deletions(-) diff --git a/AFNetworking/AFURLConnectionOperation.h b/AFNetworking/AFURLConnectionOperation.h index 7858029..2288c3a 100644 --- a/AFNetworking/AFURLConnectionOperation.h +++ b/AFNetworking/AFURLConnectionOperation.h @@ -43,6 +43,7 @@ - `connection:didFailWithError:` - `connection:didSendBodyData:totalBytesWritten:totalBytesExpectedToWrite:` - `connection:willCacheResponse:` + - `connection:willSendRequestForAuthenticationChallenge:` - `connection:canAuthenticateAgainstProtectionSpace:` - `connection:didReceiveAuthenticationChallenge:` - `connectionShouldUseCredentialStorage:` @@ -282,6 +283,18 @@ NSCoding, NSCopying> /// @name Setting NSURLConnection Delegate Callbacks ///------------------------------------------------- +#ifdef _AFNETWORKING_PIN_SSL_CERTIFICATES_ +/** + Sets a block to be executed when the connection will authenticate a challenge in order to download its request, as handled by the `NSURLConnectionDelegate` method `connection:willSendRequestForAuthenticationChallenge:`. + + @param block A block object to be executed when the connection will authenticate a challenge in order to download its request. The block has no return type and takes two arguments: the URL connection object, and the challenge that must be authenticated. This block must invoke one of the challenge-responder methods (NSURLAuthenticationChallengeSender protocol). + + If `allowsInvalidSSLCertificate` is set to YES, `connection:willSendRequestForAuthenticationChallenge:` will attempt to have the challenge sender use credentials with invalid SSL certificates. + */ +- (void)setWillSendRequestForAuthenticationChallengeBlock:(void (^)(NSURLConnection *connection, NSURLAuthenticationChallenge *challenge))block; + +#else + /** Sets a block to be executed to determine whether the connection should be able to respond to a protection space's form of authentication, as handled by the `NSURLConnectionDelegate` method `connection:canAuthenticateAgainstProtectionSpace:`. @@ -300,6 +313,8 @@ NSCoding, NSCopying> */ - (void)setAuthenticationChallengeBlock:(void (^)(NSURLConnection *connection, NSURLAuthenticationChallenge *challenge))block; +#endif + /** Sets a block to be executed when the server redirects the request from one URL to another URL, or when the request URL changed by the `NSURLProtocol` subclass handling the request in order to standardize its format, as handled by the `NSURLConnectionDelegate` method `connection:willSendRequest:redirectResponse:`. diff --git a/AFNetworking/AFURLConnectionOperation.m b/AFNetworking/AFURLConnectionOperation.m index d173319..0f03915 100644 --- a/AFNetworking/AFURLConnectionOperation.m +++ b/AFNetworking/AFURLConnectionOperation.m @@ -56,7 +56,9 @@ NSString * const AFNetworkingOperationDidStartNotification = @"com.alamofire.net NSString * const AFNetworkingOperationDidFinishNotification = @"com.alamofire.networking.operation.finish"; typedef void (^AFURLConnectionOperationProgressBlock)(NSUInteger bytes, long long totalBytes, long long totalBytesExpected); +#ifndef _AFNETWORKING_PIN_SSL_CERTIFICATES_ typedef BOOL (^AFURLConnectionOperationAuthenticationAgainstProtectionSpaceBlock)(NSURLConnection *connection, NSURLProtectionSpace *protectionSpace); +#endif typedef void (^AFURLConnectionOperationAuthenticationChallengeBlock)(NSURLConnection *connection, NSURLAuthenticationChallenge *challenge); typedef NSCachedURLResponse * (^AFURLConnectionOperationCacheResponseBlock)(NSURLConnection *connection, NSCachedURLResponse *cachedResponse); typedef NSURLRequest * (^AFURLConnectionOperationRedirectResponseBlock)(NSURLConnection *connection, NSURLRequest *request, NSURLResponse *redirectResponse); @@ -120,7 +122,9 @@ static inline BOOL AFStateTransitionIsValid(AFOperationState fromState, AFOperat @property (readwrite, nonatomic, assign) AFBackgroundTaskIdentifier backgroundTaskIdentifier; @property (readwrite, nonatomic, copy) AFURLConnectionOperationProgressBlock uploadProgress; @property (readwrite, nonatomic, copy) AFURLConnectionOperationProgressBlock downloadProgress; +#ifndef _AFNETWORKING_PIN_SSL_CERTIFICATES_ @property (readwrite, nonatomic, copy) AFURLConnectionOperationAuthenticationAgainstProtectionSpaceBlock authenticationAgainstProtectionSpace; +#endif @property (readwrite, nonatomic, copy) AFURLConnectionOperationAuthenticationChallengeBlock authenticationChallenge; @property (readwrite, nonatomic, copy) AFURLConnectionOperationCacheResponseBlock cacheResponse; @property (readwrite, nonatomic, copy) AFURLConnectionOperationRedirectResponseBlock redirectResponse; @@ -154,8 +158,10 @@ static inline BOOL AFStateTransitionIsValid(AFOperationState fromState, AFOperat @synthesize backgroundTaskIdentifier = _backgroundTaskIdentifier; @synthesize uploadProgress = _uploadProgress; @synthesize downloadProgress = _downloadProgress; -@synthesize authenticationAgainstProtectionSpace = _authenticationAgainstProtectionSpace; @synthesize authenticationChallenge = _authenticationChallenge; +#ifndef _AFNETWORKING_PIN_SSL_CERTIFICATES_ +@synthesize authenticationAgainstProtectionSpace = _authenticationAgainstProtectionSpace; +#endif @synthesize cacheResponse = _cacheResponse; @synthesize redirectResponse = _redirectResponse; @synthesize lock = _lock; @@ -365,6 +371,14 @@ static inline BOOL AFStateTransitionIsValid(AFOperationState fromState, AFOperat self.downloadProgress = block; } +#ifdef _AFNETWORKING_PIN_SSL_CERTIFICATES_ + +- (void)setWillSendRequestForAuthenticationChallengeBlock:(void (^)(NSURLConnection *connection, NSURLAuthenticationChallenge *challenge))block { + self.authenticationChallenge = block; +} + +#else + - (void)setAuthenticationAgainstProtectionSpaceBlock:(BOOL (^)(NSURLConnection *, NSURLProtectionSpace *))block { self.authenticationAgainstProtectionSpace = block; } @@ -373,6 +387,8 @@ static inline BOOL AFStateTransitionIsValid(AFOperationState fromState, AFOperat self.authenticationChallenge = block; } +#endif + - (void)setCacheResponseBlock:(NSCachedURLResponse * (^)(NSURLConnection *connection, NSCachedURLResponse *cachedResponse))block { self.cacheResponse = block; } @@ -555,9 +571,15 @@ static inline BOOL AFStateTransitionIsValid(AFOperationState fromState, AFOperat #pragma mark - NSURLConnectionDelegate #ifdef _AFNETWORKING_PIN_SSL_CERTIFICATES_ + - (void)connection:(NSURLConnection *)connection willSendRequestForAuthenticationChallenge:(NSURLAuthenticationChallenge *)challenge { + if (self.authenticationChallenge) { + self.authenticationChallenge(connection, challenge); + return; + } + if ([challenge.protectionSpace.authenticationMethod isEqualToString:NSURLAuthenticationMethodServerTrust]) { SecTrustRef serverTrust = challenge.protectionSpace.serverTrust; @@ -636,12 +658,20 @@ willSendRequestForAuthenticationChallenge:(NSURLAuthenticationChallenge *)challe break; } } - } else if ([challenge.protectionSpace.authenticationMethod isEqualToString:NSURLAuthenticationMethodDefault]) { - [[challenge sender] performDefaultHandlingForAuthenticationChallenge:challenge]; + } else { + if ([challenge previousFailureCount] == 0) { + if (self.credential) { + [[challenge sender] useCredential:self.credential forAuthenticationChallenge:challenge]; + } else { + [[challenge sender] continueWithoutCredentialForAuthenticationChallenge:challenge]; + } + } else { + [[challenge sender] continueWithoutCredentialForAuthenticationChallenge:challenge]; + } } } -#endif +#else - (BOOL)connection:(NSURLConnection *)connection canAuthenticateAgainstProtectionSpace:(NSURLProtectionSpace *)protectionSpace @@ -685,6 +715,8 @@ didReceiveAuthenticationChallenge:(NSURLAuthenticationChallenge *)challenge } } +#endif + - (BOOL)connectionShouldUseCredentialStorage:(NSURLConnection __unused *)connection { return self.shouldUseCredentialStorage; } @@ -837,7 +869,9 @@ didReceiveResponse:(NSURLResponse *)response operation.uploadProgress = self.uploadProgress; operation.downloadProgress = self.downloadProgress; +#ifndef _AFNETWORKING_PIN_SSL_CERTIFICATES_ operation.authenticationAgainstProtectionSpace = self.authenticationAgainstProtectionSpace; +#endif operation.authenticationChallenge = self.authenticationChallenge; operation.cacheResponse = self.cacheResponse; operation.redirectResponse = self.redirectResponse;