Permalink
Browse files

create api to allow clients to present a client credential for authen…

…tication (#22316)

Summary:
Pull Request resolved: #22316

Pull Request resolved: #22315

In order for TLS Mutual Auth to work for webviews, the caller must present a credential. Expose a setter that can be called to set a credential.

Reviewed By: RSNara

Differential Revision: D13095969

fbshipit-source-id: d136556a0030f799651d574b6e47ce38295b108e
  • Loading branch information...
mjhu authored and facebook-github-bot committed Nov 17, 2018
1 parent 17ced57 commit 8911353c47af018f78c1cff59dfab05b975e39ed
Showing with 22 additions and 0 deletions.
  1. +1 −0 React/Views/RCTWKWebView.h
  2. +21 −0 React/Views/RCTWKWebView.m
@@ -36,6 +36,7 @@ shouldStartLoadForRequest:(NSMutableDictionary<NSString *, id> *)request
@property (nonatomic, assign) UIEdgeInsets contentInset;
@property (nonatomic, assign) BOOL automaticallyAdjustContentInsets;

+ (void)setClientAuthenticationCredential:(nullable NSURLCredential*)credential;
- (void)postMessage:(NSString *)message;
- (void)injectJavaScript:(NSString *)script;
- (void)goForward;
@@ -10,6 +10,8 @@
#import "RCTAutoInsetsProtocol.h"

static NSString *const MessageHanderName = @"ReactNative";
static NSURLCredential* clientAuthenticationCredential;


@interface RCTWKWebView () <WKUIDelegate, WKNavigationDelegate, WKScriptMessageHandler, UIScrollViewDelegate, RCTAutoInsetsProtocol>
@property (nonatomic, copy) RCTDirectEventBlock onLoadingStart;
@@ -310,6 +312,25 @@ - (void) webView:(WKWebView *)webView
[self setBackgroundColor: _savedBackgroundColor];
}

+ (void)setClientAuthenticationCredential:(nullable NSURLCredential*)credential {
clientAuthenticationCredential = credential;
}

- (void) webView:(WKWebView *)webView
didReceiveAuthenticationChallenge:(NSURLAuthenticationChallenge *)challenge
completionHandler:(void (^)(NSURLSessionAuthChallengeDisposition disposition, NSURLCredential * _Nullable))completionHandler
{
if (!clientAuthenticationCredential) {
completionHandler(NSURLSessionAuthChallengePerformDefaultHandling, nil);
return;
}
if ([[challenge protectionSpace] authenticationMethod] == NSURLAuthenticationMethodClientCertificate) {
completionHandler(NSURLSessionAuthChallengeUseCredential, clientAuthenticationCredential);
} else {
completionHandler(NSURLSessionAuthChallengePerformDefaultHandling, nil);
}
}

- (void)evaluateJS:(NSString *)js
thenCall: (void (^)(NSString*)) callback
{

0 comments on commit 8911353

Please sign in to comment.