Search in sources :

Example 1 with CipherSuite

use of okhttp3.CipherSuite in project okhttp by square.

the class JavaApiConverter method createOkResponseForCacheGet.

/**
   * Creates an OkHttp {@link Response} using the supplied {@link Request} and {@link CacheResponse}
   * to supply the data.
   */
static Response createOkResponseForCacheGet(Request request, CacheResponse javaResponse) throws IOException {
    // Build a cache request for the response to use.
    Headers responseHeaders = createHeaders(javaResponse.getHeaders());
    Headers varyHeaders;
    if (HttpHeaders.hasVaryAll(responseHeaders)) {
        // "*" means that this will be treated as uncacheable anyway.
        varyHeaders = new Headers.Builder().build();
    } else {
        varyHeaders = HttpHeaders.varyHeaders(request.headers(), responseHeaders);
    }
    Request cacheRequest = new Request.Builder().url(request.url()).method(request.method(), null).headers(varyHeaders).build();
    Response.Builder okResponseBuilder = new Response.Builder();
    // Request: Use the cacheRequest we built.
    okResponseBuilder.request(cacheRequest);
    // Status line: Java has this as one of the headers.
    StatusLine statusLine = StatusLine.parse(extractStatusLine(javaResponse));
    okResponseBuilder.protocol(statusLine.protocol);
    okResponseBuilder.code(statusLine.code);
    okResponseBuilder.message(statusLine.message);
    // Response headers
    Headers okHeaders = extractOkHeaders(javaResponse, okResponseBuilder);
    okResponseBuilder.headers(okHeaders);
    // Response body
    ResponseBody okBody = createOkBody(okHeaders, javaResponse);
    okResponseBuilder.body(okBody);
    // Handle SSL handshake information as needed.
    if (javaResponse instanceof SecureCacheResponse) {
        SecureCacheResponse javaSecureCacheResponse = (SecureCacheResponse) javaResponse;
        // Handshake doesn't support null lists.
        List<Certificate> peerCertificates;
        try {
            peerCertificates = javaSecureCacheResponse.getServerCertificateChain();
        } catch (SSLPeerUnverifiedException e) {
            peerCertificates = Collections.emptyList();
        }
        List<Certificate> localCertificates = javaSecureCacheResponse.getLocalCertificateChain();
        if (localCertificates == null) {
            localCertificates = Collections.emptyList();
        }
        String cipherSuiteString = javaSecureCacheResponse.getCipherSuite();
        CipherSuite cipherSuite = CipherSuite.forJavaName(cipherSuiteString);
        Handshake handshake = Handshake.get(null, cipherSuite, peerCertificates, localCertificates);
        okResponseBuilder.handshake(handshake);
    }
    return okResponseBuilder.build();
}
Also used : SecureCacheResponse(java.net.SecureCacheResponse) HttpHeaders(okhttp3.internal.http.HttpHeaders) Headers(okhttp3.Headers) JavaNetHeaders(okhttp3.internal.JavaNetHeaders) CipherSuite(okhttp3.CipherSuite) SSLPeerUnverifiedException(javax.net.ssl.SSLPeerUnverifiedException) CacheRequest(okhttp3.internal.cache.CacheRequest) Request(okhttp3.Request) ResponseBody(okhttp3.ResponseBody) CacheResponse(java.net.CacheResponse) Response(okhttp3.Response) SecureCacheResponse(java.net.SecureCacheResponse) StatusLine(okhttp3.internal.http.StatusLine) Certificate(java.security.cert.Certificate) Handshake(okhttp3.Handshake)

Example 2 with CipherSuite

use of okhttp3.CipherSuite in project okhttp by square.

the class JavaApiConverter method createOkResponseForCachePut.

/**
   * Creates an OkHttp {@link Response} using the supplied {@link URI} and {@link URLConnection} to
   * supply the data. The URLConnection is assumed to already be connected. If this method returns
   * {@code null} the response is uncacheable.
   */
public static Response createOkResponseForCachePut(URI uri, URLConnection urlConnection) throws IOException {
    HttpURLConnection httpUrlConnection = (HttpURLConnection) urlConnection;
    Response.Builder okResponseBuilder = new Response.Builder();
    // Request: Create one from the URL connection.
    Headers responseHeaders = createHeaders(urlConnection.getHeaderFields());
    // Some request headers are needed for Vary caching.
    Headers varyHeaders = varyHeaders(urlConnection, responseHeaders);
    if (varyHeaders == null) {
        return null;
    }
    // OkHttp's Call API requires a placeholder body; the real body will be streamed separately.
    String requestMethod = httpUrlConnection.getRequestMethod();
    RequestBody placeholderBody = HttpMethod.requiresRequestBody(requestMethod) ? Util.EMPTY_REQUEST : null;
    Request okRequest = new Request.Builder().url(uri.toString()).method(requestMethod, placeholderBody).headers(varyHeaders).build();
    okResponseBuilder.request(okRequest);
    // Status line
    StatusLine statusLine = StatusLine.parse(extractStatusLine(httpUrlConnection));
    okResponseBuilder.protocol(statusLine.protocol);
    okResponseBuilder.code(statusLine.code);
    okResponseBuilder.message(statusLine.message);
    // A network response is required for the Cache to find any Vary headers it needs.
    Response networkResponse = okResponseBuilder.build();
    okResponseBuilder.networkResponse(networkResponse);
    // Response headers
    Headers okHeaders = extractOkResponseHeaders(httpUrlConnection, okResponseBuilder);
    okResponseBuilder.headers(okHeaders);
    // Response body
    ResponseBody okBody = createOkBody(urlConnection);
    okResponseBuilder.body(okBody);
    // Handle SSL handshake information as needed.
    if (httpUrlConnection instanceof HttpsURLConnection) {
        HttpsURLConnection httpsUrlConnection = (HttpsURLConnection) httpUrlConnection;
        Certificate[] peerCertificates;
        try {
            peerCertificates = httpsUrlConnection.getServerCertificates();
        } catch (SSLPeerUnverifiedException e) {
            peerCertificates = null;
        }
        Certificate[] localCertificates = httpsUrlConnection.getLocalCertificates();
        String cipherSuiteString = httpsUrlConnection.getCipherSuite();
        CipherSuite cipherSuite = CipherSuite.forJavaName(cipherSuiteString);
        Handshake handshake = Handshake.get(null, cipherSuite, nullSafeImmutableList(peerCertificates), nullSafeImmutableList(localCertificates));
        okResponseBuilder.handshake(handshake);
    }
    return okResponseBuilder.build();
}
Also used : HttpHeaders(okhttp3.internal.http.HttpHeaders) Headers(okhttp3.Headers) JavaNetHeaders(okhttp3.internal.JavaNetHeaders) CipherSuite(okhttp3.CipherSuite) SSLPeerUnverifiedException(javax.net.ssl.SSLPeerUnverifiedException) CacheRequest(okhttp3.internal.cache.CacheRequest) Request(okhttp3.Request) ResponseBody(okhttp3.ResponseBody) CacheResponse(java.net.CacheResponse) Response(okhttp3.Response) SecureCacheResponse(java.net.SecureCacheResponse) StatusLine(okhttp3.internal.http.StatusLine) HttpURLConnection(java.net.HttpURLConnection) HttpsURLConnection(javax.net.ssl.HttpsURLConnection) RequestBody(okhttp3.RequestBody) Certificate(java.security.cert.Certificate) Handshake(okhttp3.Handshake)

Example 3 with CipherSuite

use of okhttp3.CipherSuite in project AntennaPod by AntennaPod.

the class SslClientSetup method installCertificates.

public static void installCertificates(OkHttpClient.Builder builder) {
    if (BuildConfig.FLAVOR.equals("free")) {
        // The Free flavor bundles a modern conscrypt (security provider), so CustomSslSocketFactory
        // is only used to make sure that modern protocols (TLSv1.3 and TLSv1.2) are enabled and
        // that old, deprecated, protocols (like SSLv3, TLSv1.0 and TLSv1.1) are disabled.
        X509TrustManager trustManager = BackportTrustManager.create();
        builder.sslSocketFactory(new NoV1SslSocketFactory(trustManager), trustManager);
    } else if (Build.VERSION.SDK_INT < 21) {
        X509TrustManager trustManager = BackportTrustManager.create();
        builder.sslSocketFactory(new NoV1SslSocketFactory(trustManager), trustManager);
        // workaround for Android 4.x for certain web sites.
        // see: https://github.com/square/okhttp/issues/4053#issuecomment-402579554
        List<CipherSuite> cipherSuites = new ArrayList<>(ConnectionSpec.MODERN_TLS.cipherSuites());
        cipherSuites.add(CipherSuite.TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA);
        cipherSuites.add(CipherSuite.TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA);
        ConnectionSpec legacyTls = new ConnectionSpec.Builder(ConnectionSpec.MODERN_TLS).cipherSuites(cipherSuites.toArray(new CipherSuite[0])).build();
        builder.connectionSpecs(Arrays.asList(legacyTls, ConnectionSpec.CLEARTEXT));
    }
}
Also used : ConnectionSpec(okhttp3.ConnectionSpec) X509TrustManager(javax.net.ssl.X509TrustManager) CipherSuite(okhttp3.CipherSuite) List(java.util.List) ArrayList(java.util.ArrayList)

Example 4 with CipherSuite

use of okhttp3.CipherSuite in project okhttp by square.

the class LoggingEventListenerTest method get.

@Test
public void get() throws Exception {
    TestUtil.assumeNotWindows();
    server.enqueue(new MockResponse().setBody("Hello!").setHeader("Content-Type", PLAIN));
    Response response = client.newCall(request().build()).execute();
    assertThat(response.body()).isNotNull();
    response.body().bytes();
    logRecorder.assertLogMatch("callStart: Request\\{method=GET, url=" + url + "\\}").assertLogMatch("proxySelectStart: " + url).assertLogMatch("proxySelectEnd: \\[DIRECT\\]").assertLogMatch("dnsStart: " + url.host()).assertLogMatch("dnsEnd: \\[.+\\]").assertLogMatch("connectStart: " + url.host() + "/.+ DIRECT").assertLogMatch("connectEnd: http/1.1").assertLogMatch("connectionAcquired: Connection\\{" + url.host() + ":\\d+, proxy=DIRECT hostAddress=" + url.host() + "/.+ cipherSuite=none protocol=http/1\\.1\\}").assertLogMatch("requestHeadersStart").assertLogMatch("requestHeadersEnd").assertLogMatch("responseHeadersStart").assertLogMatch("responseHeadersEnd: Response\\{protocol=http/1\\.1, code=200, message=OK, url=" + url + "\\}").assertLogMatch("responseBodyStart").assertLogMatch("responseBodyEnd: byteCount=6").assertLogMatch("connectionReleased").assertLogMatch("callEnd").assertNoMoreLogs();
}
Also used : Response(okhttp3.Response) MockResponse(mockwebserver3.MockResponse) MockResponse(mockwebserver3.MockResponse) Test(org.junit.jupiter.api.Test)

Example 5 with CipherSuite

use of okhttp3.CipherSuite in project okhttp by square.

the class LoggingEventListenerTest method secureGet.

@Test
public void secureGet() throws Exception {
    TestUtil.assumeNotWindows();
    platform.assumeNotBouncyCastle();
    server.useHttps(handshakeCertificates.sslSocketFactory(), false);
    url = server.url("/");
    server.enqueue(new MockResponse());
    Response response = client.newCall(request().build()).execute();
    assertThat(response.body()).isNotNull();
    response.body().bytes();
    platform.assumeHttp2Support();
    logRecorder.assertLogMatch("callStart: Request\\{method=GET, url=" + url + "\\}").assertLogMatch("proxySelectStart: " + url).assertLogMatch("proxySelectEnd: \\[DIRECT\\]").assertLogMatch("dnsStart: " + url.host()).assertLogMatch("dnsEnd: \\[.+\\]").assertLogMatch("connectStart: " + url.host() + "/.+ DIRECT").assertLogMatch("secureConnectStart").assertLogMatch("secureConnectEnd: Handshake\\{" + "tlsVersion=TLS_1_[23] " + "cipherSuite=TLS_.* " + "peerCertificates=\\[CN=localhost\\] " + "localCertificates=\\[\\]}").assertLogMatch("connectEnd: h2").assertLogMatch("connectionAcquired: Connection\\{" + url.host() + ":\\d+, proxy=DIRECT hostAddress=" + url.host() + "/.+ cipherSuite=.+ protocol=h2\\}").assertLogMatch("requestHeadersStart").assertLogMatch("requestHeadersEnd").assertLogMatch("responseHeadersStart").assertLogMatch("responseHeadersEnd: Response\\{protocol=h2, code=200, message=, url=" + url + "\\}").assertLogMatch("responseBodyStart").assertLogMatch("responseBodyEnd: byteCount=0").assertLogMatch("connectionReleased").assertLogMatch("callEnd").assertNoMoreLogs();
}
Also used : Response(okhttp3.Response) MockResponse(mockwebserver3.MockResponse) MockResponse(mockwebserver3.MockResponse) Test(org.junit.jupiter.api.Test)

Aggregations

Response (okhttp3.Response)5 CipherSuite (okhttp3.CipherSuite)3 Request (okhttp3.Request)3 CacheResponse (java.net.CacheResponse)2 SecureCacheResponse (java.net.SecureCacheResponse)2 Certificate (java.security.cert.Certificate)2 SSLPeerUnverifiedException (javax.net.ssl.SSLPeerUnverifiedException)2 MockResponse (mockwebserver3.MockResponse)2 Handshake (okhttp3.Handshake)2 Headers (okhttp3.Headers)2 ResponseBody (okhttp3.ResponseBody)2 JavaNetHeaders (okhttp3.internal.JavaNetHeaders)2 CacheRequest (okhttp3.internal.cache.CacheRequest)2 HttpHeaders (okhttp3.internal.http.HttpHeaders)2 StatusLine (okhttp3.internal.http.StatusLine)2 Test (org.junit.jupiter.api.Test)2 IOException (java.io.IOException)1 HttpURLConnection (java.net.HttpURLConnection)1 ArrayList (java.util.ArrayList)1 List (java.util.List)1