Now, I'm planing to send a NSURLRequest to the server with a local certificate for server to validate. But I check the function in NSURLRequest, I cannot find a way to include the certificate. Does anyone know how to include a certificate in a NSUrlRequest? Or must I use a open source function, like ASIHttpRequest.
Try to give a look to this quite good tutorial
Authenticating an HTTP Request with Client Certificates in iOS
It explains how to use the NSURLConnectionDelegate method
- (void)connection:(NSURLConnection *)connection
didReceiveAuthenticationChallenge:(NSURLAuthenticationChallenge *)challenge
In order to provide the certificate.
Let me know if that helped.
UPDATE
In case support just for iOS >= 5.0 is provided, it's better to adopt the new non deprecated method
connection:willSendRequestForAuthenticationChallenge
Related
Inside the delegate
- (void)connection:(NSURLConnection *)connection willSendRequestForAuthenticationChallenge:(NSURLAuthenticationChallenge *)challenge
After getting Server Challenge, i am able to extract X.509 Certificate using following code:
SecTrustRef serverTrust = challenge.protectionSpace.serverTrust;
SecCertificateRef certificate = SecTrustGetCertificateAtIndex(serverTrust, 0);
Now I Need to get the expire date from this SecCertificateRef.
And also want to check whether the certificate is having valid domain name.
I have gone through apple docs and googled for long time, some suggested to use SLL library to get these details. In project no Third party libraries are permitted. Is any way to get these details without third party libs?
I want connect my app to my database with https .
But I don know what i have to do ?
I have files with jks format, crt format .
I want to know what is the real format in iOS ?
what are steps to connect with https ?
I see a lot of forums with the method :
(void)connection:(NSURLConnection *)connection
didReceiveAuthenticationChallenge:(NSURLAuthenticationChallenge *)challenge
But i don t understand what send in Nsurlauthenticationchallenge etc ...
I really need help please .
You can get detail info to beget connected with https using Apple's Making HTTP and HTTPS Requests
Can anybody help me to know how https request are processing using NSRULConnection? I had gone through lot of tutorials and Apple documentation. But I am not able to understand how it is working. I have implemented the following delegates to process an https request.
- (BOOL)connection:(NSURLConnection *)connection canAuthenticateAgainstProtectionSpace:(NSURLProtectionSpace *)protectionSpace
{
return [protectionSpace.authenticationMethod isEqualToString:NSURLAuthenticationMethodServerTrust];
}
- (void)connection:(NSURLConnection *)connection didReceiveAuthenticationChallenge:(NSURLAuthenticationChallenge *)challenge
{
[challenge.sender useCredential:[NSURLCredential credentialForTrust:challenge.protectionSpace.serverTrust] forAuthenticationChallenge:challenge];
}
When I implemented the above delegate, I got response from the server successfully. Can anyone help me to know how this is working. Also what are each parameters in the delegate and what it is doing?
Thanks in advance.
Think of the protectionSpace as the server. The delegate method connection: canAuthenticateAgainstProtectionSpace is used to ask you if you can handle the authentication requirements of the server. In your case, you say "if we're talking about the SSL certificate (that's what NSURLAuthenticationMethodServerTrust usually means), yes, I can handle that".
The connection then asks you to do just that with connection:didReceiveAuthenticationChallenge and provide a NSURLCredential for this specific server. With credentialForTrust: you create the credential by using the information stored in your keychain for the certificate of this server. With useCredential:forAuthenticationChallenge: you finally tell the connection to answer the challenge with this credential, i.e. use the keychain data to validate the certificate.
This example will help you How To Use iOS NSURLConnection By Example
I have an API end point which has an SSL Certificate (secure https API). My iOS app bundle also includes that certificate so when I try to reach the API end point, objective C verifies if the certificate matches or not. My implementation of matching certificates works fine.
But I also need to verify if the API provides an SSL Certificate or not.
I am using AFNetworking for matching the certificates, and the place where it verifies the certificate: - (void)connection:(NSURLConnection *)connection
willSendRequestForAuthenticationChallenge:(NSURLAuthenticationChallenge *)challenge does not even gets called when there is no certificate present. Hence the app doesn't verify anything.
I need something to verify in first place if the API has certificate or not, and if it doesn't then the app should not reach to the API end point.
Is it possible for me to authenticate an iOS App without user interaction to the level where it can make Facebook requests for Page data?
For example, in an app for a musician, I would like to be able to make facebook requests for the musician's artist page including wall posts. I could then get the raw data for their page and style it however I please. This wouldn't require a user to log in and session authentication would be done asynchronously by the app itself, using embedded credentials.
I'd like to use the SDK but am thinking this would require manual OAuth Access Token requests and posts.
Thanks for the help!
UPDATE:
To clarify, I am curious about the possibility of the following:
1) App loads and makes a request for an OAuth Access Token using credentials baked into the App
2) App can then make requests to facebook for feed data from a predetermined page feed
3) None of this requires any user interaction or bounces the application to mobile safari, etc.
I dont really understand what you want, but it is possible to authenticate without user interaction:
If the request requires authentication in order to make the
connection, valid credentials must already be available in the
NSURLCredentialStorage, or must be provided as part of the requested
URL. If the credentials are not available or fail to authenticate, the
URL loading system responds by sending the NSURLProtocol subclass
handling the connection a
continueWithoutCredentialForAuthenticationChallenge: message.
https://developer.apple.com/library/mac/documentation/Cocoa/Conceptual/URLLoadingSystem/Articles/AuthenticationChallenges.html#//apple_ref/doc/uid/TP40009507-SW1
There is a way for authentication:
- (BOOL)connection:(NSURLConnection *)connection canAuthenticateAgainstProtectionSpace:(NSURLProtectionSpace *)protectionSpace {
return [protectionSpace.authenticationMethod isEqualToString:NSURLAuthenticationMethodServerTrust];
}
- (void)connection:(NSURLConnection *)connection didReceiveAuthenticationChallenge:(NSURLAuthenticationChallenge *)challenge {
if ([challenge.protectionSpace.authenticationMethod isEqualToString:NSURLAuthenticationMethodServerTrust])
[challenge.sender useCredential:[NSURLCredential credentialForTrust:challenge.protectionSpace.serverTrust] forAuthenticationChallenge:challenge];
[challenge.sender continueWithoutCredentialForAuthenticationChallenge:challenge];
}
Ok - I figured this out. Feel pretty silly that I didn't know you could do this.
You can request an access token for an app id & secret. This will allow you to make public data requests that require an access token.
TO REQUEST ACCESS TOKEN:
https://graph.facebook.com/oauth/access_token?grant_type=client_credentials&client_id=11111111&client_secret=9999999999
Then, simply use the returned Access Token in your Feed Request:
https://graph.facebook.com/musicpage/feed?access_token=ACCESS_TOKEN
If this is against TOS or deprecated - please let me know. For now this seems like the solution!