question-mark
Stuck on an issue?

Lightrun Answers was designed to reduce the constant googling that comes with debugging 3rd party libraries. It collects links to all the places you might be looking at while hunting down a tough bug.

And, if you’re still stuck at the end, we’re happy to hop on a call to see how we can help out.

Allow to get all domain policies from TrustKitConfiguration

See original GitHub issue

Hello, I’m trying to use TrustKit-Android with React Native. As discussed in https://github.com/datatheorem/TrustKit-Android/issues/6, I’m also going to use CertificatePinner in OkHttp3 but I need hostname to retrieve pins from TrustKitConfiguration in this scenario.

Currently, my application has a lot of target domains like*.domain-a.com and *.domain-b.com. So, I’d like to manage domains and pins at one place in order to keep maintainability. Also, I have to insert the pinner for all domains at first because RN doesn’t allow us to recreate OkHttpClient for another domain at that time.

To create the pinner for all necessary domains, I’d like to retrieve all pins from TrustKitConfiguration without hostname. For example,

final TrustKitConfiguration config = TrustKit.getInstance().getConfiguration();
Set<DomainPinningPolicy> domainPolicies = config.getAllPolicies(); // <-- new api to retrieve all policies
 
CertificatePinner.Builder certificatePinnerBuilder = new CertificatePinner.Builder();
for (DomainPinningPolicy domainPolicy : domainPolicies) {
    Set<PublicKeyPin> pins = domainPolicy.getPublicKeyPins();
    for (PublicKeyPin pin : pins) {
        certificatePinnerBuilder.add(domainPolicy.getHostname(), "sha256/" + pin.toString());
    }
}
CertificatePinner certificatePinner = certificatePinnerBuilder.build();
 
final OkHttpClient.Builder builder = OkHttpClientProvider.createClient().newBuilder()
        .certificatePinner(certificatePinner);

I can contribute if this idea is acceptable for the library. What about it? Thanks

Issue Analytics

  • State:closed
  • Created 5 years ago
  • Comments:5 (3 by maintainers)

github_iconTop GitHub Comments

1reaction
jobot0commented, Aug 21, 2018

Thanks @tomoyukim ! The 1.1.0 contains your PR 😃

1reaction
nabla-c0d3commented, Jul 31, 2018

Ok, that makes sense. Yes, the new getAllPolicies() API would be fine.

Read more comments on GitHub >

github_iconTop Results From Across the Web

Group policy application rules for domain controllers
In this article. Summary; More information. This article describes group policy application rules for domain controllers.
Read more >
Managing GPOs in Active Directory
Select the domain for which the policy settings have to created and applied. Double-click on the domain to see a list of OUs...
Read more >
Group Policy Editor Guide: Access Options and How to Use
Get -GPOReport: This cmdlet returns all or the specified GPO(s) that exist in a domain in an XML or HTML file. Very useful...
Read more >
Group Policy Best Practices - Netwrix
The Default Domain Policy applies at the domain level so it affects all ... Group Policy can get out of control if you...
Read more >
Using GPResult Command to Check Applied GPOs and RSoP ...
The GPResult.exe command-line tool is used to get a Resultant Set of ... GPResult allows you to display a list of domain policies...
Read more >

github_iconTop Related Medium Post

No results found

github_iconTop Related StackOverflow Question

No results found

github_iconTroubleshoot Live Code

Lightrun enables developers to add logs, metrics and snapshots to live code - no restarts or redeploys required.
Start Free

github_iconTop Related Reddit Thread

No results found

github_iconTop Related Hackernoon Post

No results found

github_iconTop Related Tweet

No results found

github_iconTop Related Dev.to Post

No results found

github_iconTop Related Hashnode Post

No results found