[GH-ISSUE #54] Support for Self Signed SSL certificates #36

New issue

Closed

opened 2026-03-03 16:45:00 +03:00 by kerem · 8 comments

kerem commented 2026-03-03 16:45:00 +03:00

Owner

Copy link

Originally created by @acoleman-apc on GitHub (Apr 19, 2015).
Original GitHub issue: https://github.com/OAuthSwift/OAuthSwift/issues/54

It would be great if you would factor the code found here:
http://stackoverflow.com/questions/24063927/swift-how-to-request-a-url-with-a-self-signed-certificate

Into your project as it would allow for the use of self-signed SSL certificates with your plug in.

This could would need to be added to the OAuthSwiftHTTPRequest.swift file and re-factored to change the "www.myhost.com" line to match the expected host.

Thanks

Originally created by @acoleman-apc on GitHub (Apr 19, 2015). Original GitHub issue: https://github.com/OAuthSwift/OAuthSwift/issues/54 It would be great if you would factor the code found here: http://stackoverflow.com/questions/24063927/swift-how-to-request-a-url-with-a-self-signed-certificate Into your project as it would allow for the use of self-signed SSL certificates with your plug in. This could would need to be added to the OAuthSwiftHTTPRequest.swift file and re-factored to change the "www.myhost.com" line to match the expected host. Thanks

kerem 2026-03-03 16:45:00 +03:00

• closed this issue
• added the
  enhancement
  label

kerem commented 2026-03-03 16:45:01 +03:00

Author

Owner

Copy link

@phimage commented on GitHub (Dec 1, 2015):

NSURLConnection is no more used replaced by NSURLSession with OAuthSwiftHTTPRequest as NSURLSessionDelegate
In the two case there is more to do than stackoverflow code, many way to valid or not (always trust (bad), user/password credential, certificate), count failure, ...

Without an example of server I can't test or develop something, so I will close

If this is necessarry(request it) a delegate parameters could be added to OAuthSwiftHTTPRequest to let framework user custom the behaviours
NSURLSessionTaskDelegate could be used intead of NSURLSessionDelegate

Some code
https://github.com/search?l=swift&q=didReceiveChallenge+&type=Code&utf8=%E2%9C%93
https://gist.github.com/edwardmp/df8517aa9f1752e73353

func URLSession(session: NSURLSession, didReceiveChallenge challenge: NSURLAuthenticationChallenge, completionHandler: (NSURLSessionAuthChallengeDisposition, NSURLCredential!) -> Void) {
// accept
    completionHandler(NSURLSessionAuthChallengeDisposition.UseCredential, NSURLCredential(forTrust: challenge.protectionSpace.serverTrust))
// or cancel
    completionHandler(NSURLSessionAuthChallengeDisposition.CancelAuthenticationChallenge, nil)

<!-- gh-comment-id:161025775 --> @phimage commented on GitHub (Dec 1, 2015): `NSURLConnection` is no more used replaced by `NSURLSession` with `OAuthSwiftHTTPRequest` as `NSURLSessionDelegate` In the two case there is more to do than stackoverflow code, many way to valid or not (always trust (bad), user/password credential, certificate), count failure, ... Without an example of server I can't test or develop something, so I will close If this is necessarry(request it) a delegate parameters could be added to `OAuthSwiftHTTPRequest` to let framework user custom the behaviours NSURLSessionTaskDelegate could be used intead of NSURLSessionDelegate Some code https://github.com/search?l=swift&q=didReceiveChallenge+&type=Code&utf8=%E2%9C%93 https://gist.github.com/edwardmp/df8517aa9f1752e73353 ``` swift func URLSession(session: NSURLSession, didReceiveChallenge challenge: NSURLAuthenticationChallenge, completionHandler: (NSURLSessionAuthChallengeDisposition, NSURLCredential!) -> Void) { // accept completionHandler(NSURLSessionAuthChallengeDisposition.UseCredential, NSURLCredential(forTrust: challenge.protectionSpace.serverTrust)) // or cancel completionHandler(NSURLSessionAuthChallengeDisposition.CancelAuthenticationChallenge, nil) ```

kerem commented 2026-03-03 16:45:01 +03:00

Author

Owner

Copy link

@makeitTim commented on GitHub (Sep 18, 2017):

Was this (or a way to set my own delegate) ever implemented?

I am using my own id provider, so in the development environment it's a created SSL cert. So this is needed.

<!-- gh-comment-id:330274611 --> @makeitTim commented on GitHub (Sep 18, 2017): Was this (or a way to set my own delegate) ever implemented? I am using my own id provider, so in the development environment it's a created SSL cert. So this is needed.

kerem commented 2026-03-03 16:45:02 +03:00

Author

Owner

Copy link

@phimage commented on GitHub (Sep 19, 2017):

@makeitTim
You can set your own url session delegate for all url session created by oauthswift

var sessionFactory = URLSessionFactory.default
sessionFactory.delegate = <your delegate>

And some framework methods use URLSessionFactory as parameter, for advanced use, and use another factory.

<!-- gh-comment-id:330462339 --> @phimage commented on GitHub (Sep 19, 2017): @makeitTim You can set your own url session delegate for all url session created by oauthswift ``` var sessionFactory = URLSessionFactory.default sessionFactory.delegate = <your delegate> ``` And some framework methods use `URLSessionFactory` as parameter, for advanced use, and use another factory.

kerem commented 2026-03-03 16:45:02 +03:00

Author

Owner

Copy link

@makeitTim commented on GitHub (Sep 19, 2017):

Thanks! I just found the SessionFactory struct and have been trying to figure out how to use it.

Xcode does not like the code you gave me, default can only appear in a switch statement. I cannot get it to run.

The convention for singleton naming in Swift seems to be shared:

public static var shared = URLSessionFactory()

<!-- gh-comment-id:330512618 --> @makeitTim commented on GitHub (Sep 19, 2017): Thanks! I just found the SessionFactory struct and have been trying to figure out how to use it. Xcode does not like the code you gave me, `default can only appear in a switch statement`. I cannot get it to run. The convention for singleton naming in Swift seems to be shared: ``` public static var shared = URLSessionFactory() ```

kerem commented 2026-03-03 16:45:02 +03:00

Author

Owner

Copy link

@phimage commented on GitHub (Sep 19, 2017):

I agree with naming bug with swift 3 you can use default

I edit the code, by replacing ; by =

<!-- gh-comment-id:330514492 --> @phimage commented on GitHub (Sep 19, 2017): I agree with naming bug with swift 3 you can use `default` I edit the code, by replacing `;` by `=`

kerem commented 2026-03-03 16:45:02 +03:00

Author

Owner

Copy link

@makeitTim commented on GitHub (Sep 19, 2017):

Thanks for the quick response... I don't follow you? What would allow swift to use a variable named default?

<!-- gh-comment-id:330517717 --> @makeitTim commented on GitHub (Sep 19, 2017): Thanks for the quick response... I don't follow you? What would allow swift to use a variable named `default`?

kerem commented 2026-03-03 16:45:02 +03:00

Author

Owner

Copy link

@phimage commented on GitHub (Sep 19, 2017):

This not a forbidden keyword, go to the URLSessionFactory code and you will see
Just ass some magic quote and you can use default

<!-- gh-comment-id:330524439 --> @phimage commented on GitHub (Sep 19, 2017): This not a forbidden keyword, go to the `URLSessionFactory` code and you will see Just ass some magic quote and you can use default

kerem commented 2026-03-03 16:45:02 +03:00

Author

Owner

Copy link

@makeitTim commented on GitHub (Sep 19, 2017):

Ok, I was able to access the session factory with var sessionFactory = URLSessionFactory.default. I have not been able to get a self-signed SSL cert to work, even with implementing a URLSessionDelegate. But I think we're gonna try to get a verified certificate for dev anyways as that's a better way to work and Apple will require it in the end.

Keep up the good work!

<!-- gh-comment-id:330538672 --> @makeitTim commented on GitHub (Sep 19, 2017): Ok, I was able to access the session factory with `var sessionFactory = URLSessionFactory.default`. I have not been able to get a self-signed SSL cert to work, even with implementing a URLSessionDelegate. But I think we're gonna try to get a verified certificate for dev anyways as that's a better way to work and Apple will require it in the end. Keep up the good work!

kerem referenced this issue 2026-03-03 16:49:07 +03:00

[PR #36] [MERGED] Allow optional skipping the oauth verifier #495

Sign in to join this conversation.

No Branch/Tag specified

Branches Tags

master

ci/action/danger

ci/action/release-drafter

pkce

ci/action/tvos

ci/travis

2.1.0

2.0.0

fix/fitbiterror

swift3

digu-demo

swift3.0objc

swift2.2

swift2.3

swift2.0

2.2.0

2.1.2

2.1.1

2.1.0

2.0.1

2.0.0

1.4.1

1.4.0

1.3.0

1.2.2

1.2.1

1.2.0

1.1.2

1.1.1

1.1.0

1.0.0

0.6.0

0.5.2

v0.5.2

0.5.1

0.5.0

0.4.8

0.4.6

v0.4.6

0.4.5

v0.4.5

0.4.4

v0.4.4

0.4.3

0.4.2

0.4.1

v0.4.1

0.4.0

v0.4.0

Swift1.x

0.3.7

v0.3.7

0.3.6

v0.3.6

0.3.5

v0.3.5

0.3.4

v0.3.4

0.3.3

v0.3.3

v0.3.2

0.3.2

0.3.1

v0.3.1

0.3.0

v0.3.0

0.2.1

0.2.0

v0.2.0

0.1.9

0.1.8

0.1.7

v0.1.7

v0.1.6

Labels

Clear labels   

bug

  

cocoapod

  

duplicate

  

enhancement

  

feature-request

  

help wanted

  

help wanted

  

invalid

  

pull-request

Mirrored from GitHub Pull Request

  

question

  

wontfix

No labels

bug

cocoapod

duplicate

enhancement

feature-request

help wanted

help wanted

invalid

pull-request

question

wontfix

Milestone

Clear milestone

No items

No milestone

Projects

Clear projects

No items

No project

Assignees

Clear assignees

No assignees

1 participant

Notifications

Subscribe

Due date

The due date is invalid or out of range. Please use the format "yyyy-mm-dd".

No due date set.

Dependencies

No dependencies set.

Reference

starred/OAuthSwift#36

No description provided.