ios - App freezes when didReceiveChallenge method called -

-

i attempting connect api using self-signed certificate testing.

  -(nsdata*)getdatafrompostrequestwithheaders:(nsdictionary*)headers      withpostdata:(nsdata*)postdata fromurl:(nsstring*)urlstring     {     __block nsdata* responsedata;      nslog(@"url %@", urlstring);     nsmutableurlrequest *request = [nsmutableurlrequest requestwithurl:[nsurl urlwithstring:urlstring]                                                            cachepolicy:nsurlrequestuseprotocolcachepolicy                                                        timeoutinterval:10.0];     [request sethttpmethod:@"post"];     [request sethttpbody:postdata];     [request setallhttpheaderfields:headers];      nsurlsessionconfiguration *config = [nsurlsessionconfiguration defaultsessionconfiguration];    // [config sethttpadditionalheaders:headers];     nsurlsession *session = [nsurlsession sessionwithconfiguration:config delegate:self delegatequeue:nil];     nslog(@"%@", @"nsurlsession started successfully");     // i.e. no not need have queue of sessions running in parallel currently.    nsurlsessiondatatask *datatask = [session datataskwithrequest:request                                                 completionhandler:^(nsdata *data, nsurlresponse *response, nserror *error)                                             {                                                 nslog(@"%@", @"completionhandler called successfully");                                                     if (error) {                                                         nslog(@"error whilst executing post request: %@", error);                                                     } else {                                                         nshttpurlresponse *httpresponse = (nshttpurlresponse *) response;                                                         nslog(@"http response request %@", httpresponse);                                                         responsedata = data;                                                     }                                                 }];     [datatask resume];      return responsedata; }

this didreceivechallenge() method:

-(void)urlsession:(nsurlsession *)session didreceivechallenge:(nsurlauthenticationchallenge *)challenge completionhandler:(void (^)(nsurlsessionauthchallengedisposition, nsurlcredential *))completionhandler {     nslog(@"%@", @"didreceivechallenge method of nsurlsessiondelegate called successfully");    if ([challenge.protectionspace.authenticationmethod isequaltostring:nsurlauthenticationmethodservertrust])     {         if ([challenge.protectionspace.host isequaltostring:@"https://dongu.ravenlabs.co.uk"])         {             nsurlcredential *credential = [nsurlcredential credentialfortrust:challenge.protectionspace.servertrust];             completionhandler(nsurlsessionauthchallengeusecredential, credential); // i.e. if domain, yes can trust it.         }     } }

the first 1 called within login method so:

-(nsstring*)loginuserandretrievesessionid:(nsstring*)username withpassword:(nsstring*)password {     __block nsdictionary *responsedict;    nsdictionary *loginheaders = @{ @"content-type": @"application/json",                                @"accept": @"application/json",                                @"cache-control": @"no-cache",                                };     nsdictionary *parameters = @{ @"login": username,                                   @"password": password };      nsdata *postdata = [nsjsonserialization datawithjsonobject:parameters options:0 error:nil];     nsstring *urlstring = [dongu_api_base_url stringbyappendingstring:@"/session/"];     nsdata *responsedata = [self getdatafrompostrequestwithheaders:loginheaders withpostdata:postdata fromurl:urlstring];     if (responsedata)     {     responsedict = [self getdictionaryfromresponsedata:responsedata];     }     nslog(@"%@", @"end of login method reached.");     return [responsedict objectforkey:@"session-token"];  }

whenever didreceivechallenge called, app freezes completely. there way around this? i've tried using gcd calling login method, , no joy. there way around this?

you must call provided completion handler every time method called, or else connection make no further progress. if don't know do particular challenge, call ...performdefaulthandling.

additionally, please aware way you're disabling certificate validation very, unsafe. @ bare minimum, should comparing provided public key known-valid public key stored in app somewhere, , if matches should tell os use credential. otherwise, run risk of code accidentally ending in shipping app, , losing benefits of tls.


Comments

Post a Comment

Popular posts from this blog

Django REST Framework perform_create: You cannot call `.save()` after accessing `serializer.data` -

-
i have following viewset: class artistprofileviewset(viewsets.modelviewset): queryset = artistprofile.objects.all() serializer_class = artistprofileserializer def perform_create(self, serializer): if serializer.is_valid(): serializer.save() with following serializers: class simpleartisttrackserializer(serializers.hyperlinkedmodelserializer): class meta: model = artisttrack fields = (...my fields...) class artistprofileserializer(serializers.hyperlinkedmodelserializer): owners = userserializer(many=true, required=false) tracks = simpleartisttrackserializer(many=true, required=false) class meta: model = artistprofile fields = (...my fields...) i getting following error: assertionerror: cannot call `.save()` after accessing `serializer.data`.if need access data before committing database inspect 'serializer.validated_data' instead. i don't see editing serializer.data object. th...
Read more

Why does Go error when trying to marshal this JSON? -

-
i'm trying rather simple example of trying decode json file structs using golang. however, when attempting error that json: cannot unmarshal object go value of type []main.track which don't understand. here's code in question, , json can found here . package main import ( "encoding/json" "fmt" "net/http" "os" ) // tracks group of track types type tracks struct { tracks []track } // track represents singular track type track struct { name string url string artist artist } // artist represents single artist type artist struct { name string mbid string url string } func main() { url := "http://ws.audioscrobbler.com/2.0/?method=geo.gettoptracks&api_key=c1572082105bd40d247836b5c1819623&format=json&country=netherlands" response, err := http.get(url) if err != nil { fmt.printf("%s\n", err) os.exit(1) } de...
Read more