Skip to content

Commit

Permalink
create api to allow clients to present a client credential for authen…
Browse files Browse the repository at this point in the history
…tication (facebook#22316)

Summary:
Pull Request resolved: facebook#22316

Pull Request resolved: facebook#22315

In order for TLS Mutual Auth to work for webviews, the caller must present a credential. Expose a setter that can be called to set a credential.

Reviewed By: RSNara

Differential Revision: D13095969

fbshipit-source-id: d136556a0030f799651d574b6e47ce38295b108e
  • Loading branch information
jsonblob authored and facebook-github-bot committed Nov 17, 2018
1 parent f14fca2 commit ace0858
Show file tree
Hide file tree
Showing 2 changed files with 22 additions and 0 deletions.
1 change: 1 addition & 0 deletions React/Views/RCTWKWebView.h
Original file line number Diff line number Diff line change
Expand Up @@ -36,6 +36,7 @@ shouldStartLoadForRequest:(NSMutableDictionary<NSString *, id> *)request
@property (nonatomic, assign) UIEdgeInsets contentInset;
@property (nonatomic, assign) BOOL automaticallyAdjustContentInsets;

+ (void)setClientAuthenticationCredential:(nullable NSURLCredential*)credential;
- (void)postMessage:(NSString *)message;
- (void)injectJavaScript:(NSString *)script;
- (void)goForward;
Expand Down
21 changes: 21 additions & 0 deletions React/Views/RCTWKWebView.m
Original file line number Diff line number Diff line change
Expand Up @@ -10,6 +10,8 @@
#import "RCTAutoInsetsProtocol.h"

static NSString *const MessageHanderName = @"ReactNative";
static NSURLCredential* clientAuthenticationCredential;


@interface RCTWKWebView () <WKUIDelegate, WKNavigationDelegate, WKScriptMessageHandler, UIScrollViewDelegate, RCTAutoInsetsProtocol>
@property (nonatomic, copy) RCTDirectEventBlock onLoadingStart;
Expand Down Expand Up @@ -310,6 +312,25 @@ - (void) webView:(WKWebView *)webView
[self setBackgroundColor: _savedBackgroundColor];
}

+ (void)setClientAuthenticationCredential:(nullable NSURLCredential*)credential {
clientAuthenticationCredential = credential;
}

- (void) webView:(WKWebView *)webView
didReceiveAuthenticationChallenge:(NSURLAuthenticationChallenge *)challenge
completionHandler:(void (^)(NSURLSessionAuthChallengeDisposition disposition, NSURLCredential * _Nullable))completionHandler
{
if (!clientAuthenticationCredential) {
completionHandler(NSURLSessionAuthChallengePerformDefaultHandling, nil);
return;
}
if ([[challenge protectionSpace] authenticationMethod] == NSURLAuthenticationMethodClientCertificate) {
completionHandler(NSURLSessionAuthChallengeUseCredential, clientAuthenticationCredential);
} else {
completionHandler(NSURLSessionAuthChallengePerformDefaultHandling, nil);
}
}

- (void)evaluateJS:(NSString *)js
thenCall: (void (^)(NSString*)) callback
{
Expand Down

0 comments on commit ace0858

Please sign in to comment.