我需要访问一个具有无效证书和基本身份验证的 API。在我搜索时,我需要编写自定义 SessionManager 并向 plist 文件添加一个值。经过几天的搜索和大量帖子,我仍然无法访问 API。
struct CustomManagerClass{
static let instance = CustomManagerClass()
var sessionManager : SessionManager = {
let serverTrustPolicies: [String: ServerTrustPolicy] = [
"baseurl.com:8443": .disableEvaluation
]
// Create custom manager
let configuration = URLSessionConfiguration.default
configuration.httpAdditionalHeaders = Alamofire.SessionManager.defaultHTTPHeaders
let manager = Alamofire.SessionManager(
configuration: configuration,
serverTrustPolicyManager: ServerTrustPolicyManager(policies: serverTrustPolicies)
)
return manager
}()
Plist 文件:
<key>NSAppTransportSecurity</key>
<dict>
<key>NSAllowsArbitraryLoads</key>
<true/>
<key>baseurl.com</key>
<dict>
<key>NSTemporaryExceptionMinimumTLSVersion</key>
<string>TLSv1.2</string>
<key>NSIncludesSubdomains</key>
<true/>
<key>NSExceptionRequiresForwardSecrecy</key>
<false/>
<key>NSExceptionAllowsInsecureHTTPLoads</key>
<true/>
</dict>
</dict>
我怎么调用它:
CustomManagerClass.instance.sessionManager.request(route).responseJSON(completionHandler: { (result) in
completion(result)
}) //Route in here is a ServiceConfiguration class which defines http method, parameters and basic auth.
它仍然返回;
Task <4CE5991B-2650-471C-AB77-69D54B8E36F3>.<1> finished with error - code: -1202 The certificate for this server is invalid. You might be connecting to a server that is pretending to be “baseurl.com” which could put your confidential information at risk.
我得到帮助的帖子: Certificate Invalid Issue with Alamofire 4.0
How to use Alamofires ServerTrustPolicy.disableEvaluation in swift 3
编辑:我将以下代码添加到信任证书中。现在它返回 HTTP 500
CustomManagerClass.instance.sessionManager.delegate.sessionDidReceiveChallenge = { session, challenge in
var disposition: URLSession.AuthChallengeDisposition = .performDefaultHandling
var credential: URLCredential?
print("received challenge")
if challenge.protectionSpace.authenticationMethod == NSURLAuthenticationMethodServerTrust {
disposition = URLSession.AuthChallengeDisposition.useCredential
credential = URLCredential(trust: challenge.protectionSpace.serverTrust!)
} else {
if challenge.previousFailureCount > 0 {
disposition = .cancelAuthenticationChallenge
} else {
credential = CustomManagerClass.instance.sessionManager.session.configuration.urlCredentialStorage?.defaultCredential(for: challenge.protectionSpace)
if credential != nil {
disposition = .useCredential
}
}
}
return (disposition, credential)
}
最佳答案
我建议在 SessionManager
委托(delegate)上为 sessionDidReceiveChallenge 事件添加此处理程序。
let challengeHandler: ((URLSession, URLAuthenticationChallenge) -> (URLSession.AuthChallengeDisposition, URLCredential?))? = { result, challenge in
return (.useCredential, URLCredential(trust: challenge.protectionSpace.serverTrust!))
}
然后在以这种方式初始化 manager
对象时分配闭包。
manager.delegate.sessionDidReceiveChallenge = challengeHandler
此外,serverTrustPolicies 可以为空,因为处理程序将忽略它将收到的所有信任挑战。
关于ios - 在 Alamofire 上使用 DisableEvaluation 信任无效证书,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/53335849/