|
|
@@ -1060,18 +1060,48 @@ typedef NS_ENUM(NSInteger, CHOOSETYPE) {
|
|
|
|
|
|
- (void)webView:(WKWebView *)webView didReceiveAuthenticationChallenge:(NSURLAuthenticationChallenge *)challenge completionHandler:(void (^)(NSURLSessionAuthChallengeDisposition, NSURLCredential *_Nullable))completionHandler
|
|
|
{
|
|
|
-
|
|
|
dispatch_queue_t queue = dispatch_queue_create("webViewChallengeQueue", NULL);
|
|
|
dispatch_async(queue, ^{
|
|
|
- if ([challenge.protectionSpace.authenticationMethod isEqualToString:NSURLAuthenticationMethodServerTrust]) {
|
|
|
- if (challenge.previousFailureCount == 0) {
|
|
|
- NSURLCredential *credential = [NSURLCredential credentialForTrust:challenge.protectionSpace.serverTrust];
|
|
|
- completionHandler(NSURLSessionAuthChallengeUseCredential, credential);
|
|
|
- } else {
|
|
|
+ if (SSL_AUTH) {
|
|
|
+
|
|
|
+ NSURLSessionAuthChallengeDisposition disposition = NSURLSessionAuthChallengePerformDefaultHandling;
|
|
|
+ NSURLCredential *customCredential = nil;
|
|
|
+
|
|
|
+ if ([challenge.protectionSpace.authenticationMethod isEqualToString:NSURLAuthenticationMethodServerTrust]) {
|
|
|
+ // 默认信任
|
|
|
+ customCredential = [NSURLCredential credentialForTrust:challenge.protectionSpace.serverTrust];
|
|
|
+ disposition = NSURLSessionAuthChallengeUseCredential;
|
|
|
+ }
|
|
|
+ else if ([challenge.protectionSpace.authenticationMethod isEqualToString:NSURLAuthenticationMethodClientCertificate]) {
|
|
|
+ // client authentication
|
|
|
+ SecIdentityRef identity = NULL;
|
|
|
+ SecTrustRef trust = NULL;
|
|
|
+ if ([AuthChallengeManager extractIdentity:&identity andTrust:&trust filePath:CERT_PATH]) {
|
|
|
+ SecCertificateRef certificate = NULL;
|
|
|
+ SecIdentityCopyCertificate(identity, &certificate);
|
|
|
+ const void*certs[] = {certificate};
|
|
|
+ CFArrayRef certArray =CFArrayCreate(kCFAllocatorDefault, certs,1,NULL);
|
|
|
+ customCredential =[NSURLCredential credentialWithIdentity:identity certificates:(__bridge NSArray*)certArray persistence:NSURLCredentialPersistencePermanent];
|
|
|
+ disposition = NSURLSessionAuthChallengeUseCredential;
|
|
|
+ }
|
|
|
+ }
|
|
|
+
|
|
|
+ if (completionHandler) {
|
|
|
+ completionHandler(disposition, customCredential);
|
|
|
+ }
|
|
|
+ }
|
|
|
+ else {
|
|
|
+ if ([challenge.protectionSpace.authenticationMethod isEqualToString:NSURLAuthenticationMethodServerTrust]) {
|
|
|
+ if (challenge.previousFailureCount == 0) {
|
|
|
+ NSURLCredential *credential = [NSURLCredential credentialForTrust:challenge.protectionSpace.serverTrust];
|
|
|
+ completionHandler(NSURLSessionAuthChallengeUseCredential, credential);
|
|
|
+ } else {
|
|
|
+ completionHandler(NSURLSessionAuthChallengeCancelAuthenticationChallenge, nil);
|
|
|
+ }
|
|
|
+ }
|
|
|
+ else {
|
|
|
completionHandler(NSURLSessionAuthChallengeCancelAuthenticationChallenge, nil);
|
|
|
}
|
|
|
- } else {
|
|
|
- completionHandler(NSURLSessionAuthChallengeCancelAuthenticationChallenge, nil);
|
|
|
}
|
|
|
});
|
|
|
}
|
Steven