IOSHTTPS网络请求的单向验证
HTTPS - SSL加密html
使用AFNetWoking进行证书的验证服务器
//session
// PPHTTPRequestOperationManager.mapp
// PPDatepost
// Created by 郭远强 on 16/3/30.atom
// Copyright © 2016年 郭远强. All rights reserved.加密
//lua
#import "PPHTTPRequestOperationManager.h"url
#import "PPTaskEngine.h"
#import "PPHTTPRequestSerializer.h"
#import "PPHTTPResponseSerializer.h"
#import <AFNetworking/AFNetworkActivityIndicatorManager.h>
@interface NSDictionary (description)
- (NSString *)descriptionWithPrefix:(NSMutableString *)prefix;
@end
@interface PPHTTPRequestOperationManager ()
@property (nonatomic,strong) PPTaskEngine * engine;
@end
@implementation PPHTTPRequestOperationManager
+(instancetype)manager
{
static dispatch_once_t token;
static PPHTTPRequestOperationManager * _manager;
dispatch_once(&token, ^{
_manager = [[[self class] alloc] initWithBaseURL:[NSURL URLWithString:kPPUrlHttp]];
// _manager.engine = [PPTaskEngine sharedEngine];
});
return _manager;
}
- (instancetype)initWithBaseURL:(NSURL *)url
{
self = [super initWithBaseURL:url];
if (self)
{
self.requestSerializer = [PPHTTPRequestSerializer serializer];
self.responseSerializer = [PPHTTPResponseSerializer serializer];
self.responseSerializer.acceptableContentTypes = [self.responseSerializer.acceptableContentTypes setByAddingObjectsFromArray:@[@"text/plain",@"text/html"]];
[[AFNetworkActivityIndicatorManager sharedManager] setEnabled:YES];
self.requestSerializer.timeoutInterval = 30;
// self.requestSerializer.allowsCellularAccess = YES;
#ifdef openHttpsSSL
[self setSecurityPolicy:[self customSecurityPolicy]];
WS(weakSelf);
[self setSessionDidReceiveAuthenticationChallengeBlock:^NSURLSessionAuthChallengeDisposition(NSURLSession * _Nonnull session, NSURLAuthenticationChallenge * _Nonnull challenge, NSURLCredential *__autoreleasing _Nullable * _Nullable credential) {
return [weakSelf p_CertificateCalibrateByAuthenticationChallenge:challenge completionHandler:^(NSURLSessionAuthChallengeDisposition disposition, NSURLCredential *credential) {
}];
}];
#endif
}
return self;
}
//证书校验
- (NSURLSessionAuthChallengeDisposition)p_CertificateCalibrateByAuthenticationChallenge:(NSURLAuthenticationChallenge *)challenge completionHandler:(void (^)(NSURLSessionAuthChallengeDisposition disposition, NSURLCredential *credential))completionHandler
{
NSURLCredential * credential = nil;
NSURLSessionAuthChallengeDisposition disposition = NSURLSessionAuthChallengePerformDefaultHandling;
// 判断服务器的证书是否被服务器所信任
if ([challenge.protectionSpace.authenticationMethod isEqualToString:NSURLAuthenticationMethodServerTrust])
{
BOOL ret = [self.securityPolicy evaluateServerTrust:challenge.protectionSpace.serverTrust forDomain:challenge.protectionSpace.host];
if (ret) {
credential = [NSURLCredential credentialForTrust:challenge.protectionSpace.serverTrust];
[challenge.sender useCredential:credential forAuthenticationChallenge:challenge];
disposition =NSURLSessionAuthChallengeUseCredential;
}else{
[challenge.sender cancelAuthenticationChallenge:challenge];
disposition = NSURLSessionAuthChallengeCancelAuthenticationChallenge;
PPTLogInfo(@"证书不一致");
}
}
//安装证书
if (completionHandler) {
completionHandler(disposition, credential);
}
return disposition;
}
- (AFSecurityPolicy*)customSecurityPolicy
{
// /先导入证书
//NSString *cerPath = [[NSBundle mainBundle] pathForResource:certificate ofType:@"cer"];
//证书的路径
//NSData *certData = [NSData dataWithContentsOfFile:cerPath];
// AFSSLPinningModeCertificate 使用证书验证模式
AFSecurityPolicy *securityPolicy = [AFSecurityPolicy policyWithPinningMode:AFSSLPinningModeCertificate];
// allowInvalidCertificates 是否容许无效证书(也就是自建的证书),默认为NO
// 若是是须要验证自建证书,须要设置为YES
securityPolicy.allowInvalidCertificates = YES;
//validatesDomainName 是否须要验证域名,默认为YES;
//假如证书的域名与你请求的域名不一致,需把该项设置为NO;如设成NO的话,即服务器使用其余可信任机构颁发的证书,也能够创建链接,这个很是危险,建议打开。
//置为NO,主要用于这种状况:客户端请求的是子域名,而证书上的是另一个域名。由于SSL证书上的域名是独立的,假如证书上注册的域名是www.google.com,那么mail.google.com是没法验证经过的;固然,有钱能够注册通配符的域名*.google.com,但这个仍是比较贵的。
securityPolicy.validatesDomainName = NO;
//if (certData) {
// securityPolicy.pinnedCertificates = [NSSet setWithArray:@[certData]];
//}
return securityPolicy;
}
- (NSURLSessionDataTask *)dataTaskWithRequest:(NSURLRequest *)request
completionHandler:(nullable void (^)(NSURLResponse *response, id _Nullable responseObject, NSError * _Nullable error))completionHandler
{
void (^successBlock)(NSURLResponse *, id,id) = ^( NSURLResponse *operation, id responseObject,NSError *error)
{
if (completionHandler) {
completionHandler(operation,responseObject,error);
}
[self showAlertViewWithRequest:request responseObject:responseObject error:nil];
};
void (^failureBlock)(NSURLResponse *, id,id) = ^( NSURLResponse *operation, id responseObject,NSError * error)
{
if (completionHandler) {
completionHandler(operation, nil,error);
}
[self showAlertViewWithRequest:request responseObject:nil error:error];
};
return [super dataTaskWithRequest:request completionHandler:successBlock?successBlock:failureBlock];
}
- (NSURLSessionDataTask *)GET:(NSString *)URLString parameters:(id)parameters progress:(void (^)(NSProgress * _Nonnull))downloadProgress success:(void (^)(NSURLSessionDataTask * _Nonnull, id _Nullable))success failure:(void (^)(NSURLSessionDataTask * _Nullable, NSError * _Nonnull))failure
{
void (^successBlock)(NSURLSessionDataTask *,id) = ^( NSURLSessionDataTask *operation, id responseObject)
{
if (success) {
success(operation,responseObject);
}
[self showAlertViewWithRequest:operation.currentRequest responseObject:responseObject error:nil];
};
void (^failureBlock)(NSURLSessionDataTask *, id) = ^( NSURLSessionDataTask *operation,NSError * error)
{
if (failure) {
failure(operation,error);
}
[self showAlertViewWithRequest:operation.currentRequest responseObject:nil error:error];
};
return [super GET:URLString parameters:parameters progress:downloadProgress success:successBlock failure:failureBlock];
}
- (NSURLSessionDataTask *)POST:(NSString *)URLString parameters:(id)parameters progress:(void (^)(NSProgress * _Nonnull))uploadProgress success:(void (^)(NSURLSessionDataTask * _Nonnull, id _Nullable))success failure:(void (^)(NSURLSessionDataTask * _Nullable, NSError * _Nonnull))failure
{
void (^successBlock)(NSURLSessionDataTask *,id) = ^( NSURLSessionDataTask *operation, id responseObject)
{
if (success) {
success(operation,responseObject);
}
[self showAlertViewWithRequest:operation.currentRequest responseObject:responseObject error:nil];
};
void (^failureBlock)(NSURLSessionDataTask *, id) = ^( NSURLSessionDataTask *operation,NSError * error)
{
if (failure) {
failure(operation,error);
}
[self showAlertViewWithRequest:operation.currentRequest responseObject:nil error:error];
};
return [super POST:URLString parameters:parameters progress:uploadProgress success:successBlock failure:failureBlock];
}
- (NSURLSessionDataTask *)POST:(NSString *)URLString parameters:(id)parameters constructingBodyWithBlock:(void (^)(id<AFMultipartFormData> _Nonnull))block progress:(void (^)(NSProgress * _Nonnull))uploadProgress success:(void (^)(NSURLSessionDataTask * _Nonnull, id _Nullable))success failure:(void (^)(NSURLSessionDataTask * _Nullable, NSError * _Nonnull))failure
{
void (^successBlock)(NSURLSessionDataTask *,id) = ^( NSURLSessionDataTask *operation, id responseObject)
{
if (success) {
success(operation,responseObject);
}
[self showAlertViewWithRequest:operation.currentRequest responseObject:responseObject error:nil];
};
void (^failureBlock)(NSURLSessionDataTask *, id) = ^( NSURLSessionDataTask *operation,NSError * error)
{
if (failure) {
failure(operation,error);
}
[self showAlertViewWithRequest:operation.currentRequest responseObject:nil error:error];
};
return [super POST:URLString parameters:parameters constructingBodyWithBlock:block progress:uploadProgress success:successBlock failure:failureBlock];
}
//- (AFHTTPRequestOperation *)HTTPRequestOperationWithRequest:(NSURLRequest *)request success:(void (^)(AFHTTPRequestOperation *, id))success failure:(void (^)(AFHTTPRequestOperation *, NSError *))failure
//{
// void (^successBlock)(AFHTTPRequestOperation *, id) = ^( AFHTTPRequestOperation *operation, id responseObject)
// {
// if (success) {
// success(operation, responseObject);
// }
// [self showAlertViewWithRequest:request responseObject:responseObject error:nil];
// };
//
// void (^failureBlock)(AFHTTPRequestOperation *, NSError *) = ^( AFHTTPRequestOperation *operation, NSError * error)
// {
// if (failure) {
// failure(operation, error);
// }
// [self showAlertViewWithRequest:request responseObject:nil error:error];
// };
//
// return [super HTTPRequestOperationWithRequest:request success:successBlock failure:failureBlock];
//}
- (void)showAlertViewWithRequest:(NSURLRequest *)request responseObject:(id)responseObject error:(NSError *)error
{
if(![responseObject isKindOfClass:[NSDictionary class]])
{
return;
}
PPHTTPResponse *response = [MTLJSONAdapter modelOfClass:[PPHTTPResponse class] fromJSONDictionary:responseObject error:&error];
if (response.code.integerValue == 402 && [response.message containsString:@"token"]) {
//[[NSNotificationCenter defaultCenter] postNotificationName:kPPObserverTokenInvalid object:nil];
[[PPDataEngine shareEngine]logoutEasemodLogoutCompletion:^(EMError *aError) {
}];
}
if (!kPPShowRequestAlert) {
return ;
}
NSDictionary *param = [self paramsWithQuery:[request.URL query]];
NSString *baseUrl = [[request.URL absoluteString] substringToIndex:[[request.URL absoluteString] length] - [[request.URL query] length] - 1];
NSString *string = [NSString stringWithFormat:@"服务器地址\n%@\n请求参数\n%@\n返回结果\n%@", baseUrl, [param descriptionWithPrefix:nil] ,error ? error : [responseObject descriptionWithPrefix:nil]];
EVDialogView *dialogView = PPLoadNib(@"EVDialogView");
[dialogView showWithText:string];
}
- (NSDictionary *)paramsWithQuery:(NSString *)aQuery
{
if (aQuery.length <= 0)
{
return nil;
}
NSArray *kvPairs = [aQuery componentsSeparatedByString:@"&"];
NSMutableDictionary *params = [NSMutableDictionary dictionary];
for (NSString *kvPair in kvPairs)
{
NSArray *kvArr = [kvPair componentsSeparatedByString:@"="];
if ([kvArr count] > 1)
{
NSString *value = [kvArr objectAtIndex:1];
//url解码
value = [value stringByReplacingPercentEscapesUsingEncoding:NSUTF8StringEncoding];
[params setObject:value forKey:[kvArr firstObject]];
}
}
return params;
}
@end
@implementation NSDictionary (description)
- (NSString *)descriptionWithPrefix:(NSMutableString *)prefix
{
if (!prefix) {
prefix = [[NSMutableString alloc] init];
}
NSArray *allKeys = [self allKeys];
NSString *curPrefix = [NSString stringWithString:prefix];
NSMutableString *str = [[NSMutableString alloc] initWithFormat:@"%@{\n", curPrefix];
for (NSString *key in allKeys) {
id value = self[key];
if ([value isKindOfClass:[NSDictionary class]]) {
[prefix appendFormat:@"\t"];
NSString *valueString = [value descriptionWithPrefix:prefix];
[str appendFormat:@"%@\t\"%@\" : %@\n", curPrefix, key, valueString];
}else if ([value isKindOfClass:[NSArray class]])
{
[prefix appendFormat:@"\t"];
[str appendFormat:@"%@\t\"%@\" : (",curPrefix, key];
int i = 0;
for (id subValue in value) {
NSString *substring = [subValue descriptionWithPrefix:prefix];
if (i == 0) {
[str appendFormat:@"\n%@",substring];
}else
{
[str appendFormat:@", \n%@", substring];
}
i ++;
}
[str appendFormat:@"\n%@\t)\n", curPrefix];
}else
{
[str appendFormat:@"%@\t\"%@\" : \"%@\"\n",curPrefix, key, value];
}
}
[str appendFormat:@"%@}", curPrefix];
return str;
}
@end
- 1. 网络请求重定向
- 2. https HttpsURLConnection请求的单向认证
- 3. Spring Boot 简单的请求示例(包括请求体验证)
- 4. Swift:面向协议的网络请求
- 5. ASP.NET中的请求验证
- 6. ThinkPHP5 表单请求和验证 - 02
- 7. ThinkPHP5 表单请求和验证 - 01
- 8. 网络请求
- 9. js简单的网络请求封装
- 10. 最简单的iOS网络请求
- 更多相关文章...
- • PHP 表单验证 - PHP教程
- • Web 网页 验证 - 网站建设指南
- • 互联网组织的未来:剖析GitHub员工的任性之源
- • TiDB 在摩拜单车在线数据业务的应用和实践
-
每一个你不满意的现在,都有一个你没有努力的曾经。
- 1. Window下Ribbit MQ安装
- 2. Linux下Redis安装及集群搭建
- 3. shiny搭建网站填坑战略
- 4. Mysql8.0.22安装与配置详细教程
- 5. Hadoop安装及配置
- 6. Python爬虫初学笔记
- 7. 部署LVS-Keepalived高可用集群
- 8. keepalived+mysql高可用集群
- 9. jenkins 公钥配置
- 10. HA实用详解