Closed annathomasQB closed 3 years ago
I was able to resolve this issue by creating a customSessionDelegate class for SessionDelegate and overriding the delegate function like this :
class CustomSessionDelegate: SessionDelegate {
override func urlSession(_ session: URLSession,
task: URLSessionTask,
didReceive challenge: URLAuthenticationChallenge,
completionHandler: @escaping (URLSession.AuthChallengeDisposition, URLCredential?) -> Void) {
// Call into TrustKit here to do pinning validation
if TrustKit.sharedInstance().pinningValidator.handle(challenge, completionHandler: completionHandler) == false {
// TrustKit did not handle this challenge: perhaps it was not for server trust
// or the domain was not pinned. Fall back to the default behavior
completionHandler(.performDefaultHandling, nil)
}
}
}
and then assigned this CustomSessionDelegate as my sessionDelegate when creating the session :
let session = Session(delegate:CustomSessionDelegate(), eventMonitors: [ Logger() ])
@annathomasQB Would you mind converting the above override method in objective c, I am not a native guy so help would much appreciated.
@anishtr4 The objective C equivalent for this method is listed at the bottom of Sample Usage of TrustKit. You just need to add the override button if you're planning on adding the CustomSessionDelegate class.
Hi,
Please help me out.
I'm following the docs and have implemented SSLPinning with the following parameters. But still when I check using Burp Suite trusted certificate in my phone, the app is still loading. If SSL Pinning is in place it should throw error right ? I'm not sure what I've done wrong.
Here's my code inside Security.swift :
In my AppDelegate didFinishLaunchingWithOptions :
Security.startSSLPinning()
In my network layer, I'm implementing the pinning validator code as per the documentation inside didReceiveChallenge. This method is visible inside a eventMonitor type class of Alamofire.
and my session is defined so :
let session = Session(eventMonitors: [ Logger() ])
I know something is missing, but not exactly sure what. It could be some issue with delegate not getting set right, or I need to implement more methods? Please help.