Allow to get all domain policies from TrustKitConfiguration
See original GitHub issueHello, I’m trying to use TrustKit-Android with React Native. As discussed in https://github.com/datatheorem/TrustKit-Android/issues/6, I’m also going to use CertificatePinner in OkHttp3 but I need hostname to retrieve pins from TrustKitConfiguration in this scenario.
Currently, my application has a lot of target domains like*.domain-a.com
and *.domain-b.com
.
So, I’d like to manage domains and pins at one place in order to keep maintainability. Also, I have to insert the pinner for all domains at first because RN doesn’t allow us to recreate OkHttpClient for another domain at that time.
To create the pinner for all necessary domains, I’d like to retrieve all pins from TrustKitConfiguration without hostname. For example,
final TrustKitConfiguration config = TrustKit.getInstance().getConfiguration();
Set<DomainPinningPolicy> domainPolicies = config.getAllPolicies(); // <-- new api to retrieve all policies
CertificatePinner.Builder certificatePinnerBuilder = new CertificatePinner.Builder();
for (DomainPinningPolicy domainPolicy : domainPolicies) {
Set<PublicKeyPin> pins = domainPolicy.getPublicKeyPins();
for (PublicKeyPin pin : pins) {
certificatePinnerBuilder.add(domainPolicy.getHostname(), "sha256/" + pin.toString());
}
}
CertificatePinner certificatePinner = certificatePinnerBuilder.build();
final OkHttpClient.Builder builder = OkHttpClientProvider.createClient().newBuilder()
.certificatePinner(certificatePinner);
I can contribute if this idea is acceptable for the library. What about it? Thanks
Issue Analytics
- State:
- Created 5 years ago
- Comments:5 (3 by maintainers)
Top GitHub Comments
Thanks @tomoyukim ! The
1.1.0
contains your PR 😃Ok, that makes sense. Yes, the new
getAllPolicies()
API would be fine.