Created
October 9, 2017 09:47
-
-
Save mzennis/c23fc948fe51c4c2f8e7542b473573d3 to your computer and use it in GitHub Desktop.
Android Retrofit - Connect to Server with SSH (certificate file .crt) and Basic Auth
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| import android.content.Context; | |
| import com.google.gson.Gson; | |
| import com.google.gson.GsonBuilder; | |
| import java.io.BufferedInputStream; | |
| import java.io.FileInputStream; | |
| import java.io.FileNotFoundException; | |
| import java.io.IOException; | |
| import java.io.InputStream; | |
| import java.security.KeyManagementException; | |
| import java.security.KeyStore; | |
| import java.security.KeyStoreException; | |
| import java.security.NoSuchAlgorithmException; | |
| import java.security.cert.Certificate; | |
| import java.security.cert.CertificateException; | |
| import java.security.cert.CertificateFactory; | |
| import java.security.cert.X509Certificate; | |
| import java.util.concurrent.TimeUnit; | |
| import javax.net.ssl.SSLContext; | |
| import javax.net.ssl.TrustManagerFactory; | |
| import id.mzennis.chatting.BuildConfig; | |
| import id.mzennis.chatting.R; | |
| import id.mzennis.chatting.model.Profile; | |
| import id.mzennis.chatting.util.PreferenceHelper; | |
| import okhttp3.Cache; | |
| import okhttp3.Credentials; | |
| import okhttp3.Interceptor; | |
| import okhttp3.OkHttpClient; | |
| import okhttp3.Request; | |
| import okhttp3.Response; | |
| import retrofit2.Retrofit; | |
| import retrofit2.converter.gson.GsonConverterFactory; | |
| /** | |
| * Created by mzennis on 4/10/17. | |
| */ | |
| public class ApiClient { | |
| private static Retrofit retrofit = null; | |
| public static Retrofit getClient(Context context) { | |
| PreferenceHelper preferenceHelper = new PreferenceHelper(context); | |
| String baseUrl = "https://YOUR_DOMAIN:9091/"; | |
| Profile profile = preferenceHelper.getObj(PreferenceHelper.USERDATA, Profile.class); | |
| return retrofit(okhttpBuilder(context, profile), baseUrl); | |
| } | |
| public static OkHttpClient.Builder okhttpBuilder(Context context, Profile profile) { | |
| OkHttpClient.Builder okhttpBuilder = new OkHttpClient().newBuilder(); | |
| okhttpBuilder.connectTimeout(60, TimeUnit.SECONDS); | |
| okhttpBuilder.writeTimeout(60, TimeUnit.SECONDS); | |
| okhttpBuilder.readTimeout(60, TimeUnit.SECONDS); | |
| int cacheSize = 10 * 1024 * 1024; // 10 MiB | |
| Cache cache = new Cache(context.getCacheDir(), cacheSize); | |
| okhttpBuilder.cache(cache); | |
| final String credentials = Credentials.basic(profile.getUsername(), profile.getPassword()); | |
| okhttpBuilder.addInterceptor(new Interceptor() { | |
| @Override | |
| public Response intercept(Chain chain) throws IOException { | |
| Request request = chain.request(); | |
| Request authenticatedRequest = request.newBuilder() | |
| .header("Authorization", credentials) | |
| .header("Accept", "application/json") | |
| .build(); | |
| return chain.proceed(authenticatedRequest); | |
| } | |
| }); | |
| try { | |
| CertificateFactory cf = CertificateFactory.getInstance("X.509"); | |
| InputStream caInput = new BufferedInputStream(context | |
| .getResources().openRawResource(R.raw.your_keystore)); | |
| Certificate ca; | |
| try { | |
| ca = cf.generateCertificate(caInput); | |
| System.out.println("ca=" + ((X509Certificate) ca).getSubjectDN()); | |
| } finally { | |
| caInput.close(); | |
| } | |
| String keyStoreType = KeyStore.getDefaultType(); | |
| KeyStore keyStore = KeyStore.getInstance(keyStoreType); | |
| keyStore.load(null, null); | |
| keyStore.setCertificateEntry("ca", ca); | |
| String tmfAlgorithm = TrustManagerFactory.getDefaultAlgorithm(); | |
| TrustManagerFactory tmf = TrustManagerFactory.getInstance(tmfAlgorithm); | |
| tmf.init(keyStore); | |
| SSLContext _context = SSLContext.getInstance("TLS"); | |
| _context.init(null, tmf.getTrustManagers(), null); | |
| okhttpBuilder.sslSocketFactory(_context.getSocketFactory()); | |
| } catch (CertificateException | IOException | NoSuchAlgorithmException | KeyManagementException | KeyStoreException e) { | |
| e.printStackTrace(); | |
| } | |
| return okhttpBuilder; | |
| } | |
| public static Retrofit retrofit(OkHttpClient.Builder okhttpBuilder, String baseUrl) { | |
| GsonBuilder gsonBuilder = new GsonBuilder(); | |
| Gson gson = gsonBuilder.create(); | |
| return retrofit = new Retrofit.Builder() | |
| .baseUrl(baseUrl) | |
| .client(okhttpBuilder.build()) | |
| .addConverterFactory(GsonConverterFactory.create(gson)) | |
| .build(); | |
| } |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment