In Xamarin Forms app I am using System.Net.Http.HttpClient to establish connection to server via https. Visual Studio version 16.5.4, Xamarin Forms version 4.5.0.617, android: target framework: Android 9.0 (Pie), iOS: SDK version 13.4. I want to accept only one certificate that comes from CA. Just after start, before first request, I am validating server certificate by:
private const string SupportedPublicKey = "118SDD782...HA4JD";
public static void SetUp()
{
ServicePointManager.SecurityProtocol = SecurityProtocolType.Tls12;
ServicePointManager.ServerCertificateValidationCallback += ValidateServerCertficate;
}
private static bool ValidateServerCertficate(object sender, X509Certificate certificate, X509Chain chain, SslPolicyErrors sslPolicyErrors)
{
var certKey = certificate?.GetPublicKeyString();
return SupportedPublicKey == certificate?.GetPublicKeyString();
}
Program is hitting breakpoint at SetUp method, but the breakpoint inside event is never hitted. I have put there Console.WriteLine() there methods to check if debugger is broken, but console is clear, so program never reach that code.
Right now application on both platforms, on emulators and real devices, behaves like it accepts all certificates, no matter where they come from and connect to other servers via https.
I have tried to change project properties on android: HttpClient implementation from "default" to "Managed" and "android" and on iOS: from "managed(default)" to "NSUrlSession (iOS 7+)" and "CFNetwork (iOS 6+)" to but there is no effect.
How can I fix it?
Try to change your code to use the new HttpClientHandler.ServerCertificateCustomValidationCallback APIs from .NET Core.
public static void SetUp()
{
HttpClientHandler httpClientHandler = new HttpClientHandler();
httpClientHandler.ServerCertificateCustomValidationCallback = ValidateServerCertficate;
}
private static bool ValidateServerCertficate(object sender, X509Certificate certificate, X509Chain chain, SslPolicyErrors sslPolicyErrors)
{
var certKey = certificate?.GetPublicKeyString();
return SupportedPublicKey == certificate?.GetPublicKeyString();
}
You could refer this on github
Related
I have to access Google contacts in our Xamarin. ios app so, We have generated Google's people API key and client id in Google developer portal
But I don’t know how to consume API in Xamarin.ios app. We need to get Google contact details using API.
We got some code for .net in Google documentation but unfortunately, it’s not working in Xamarin.ios platform. DLL not supported in xamarin platform.
Please help me to solve this issue.
I have solved it by using Xamarin.Auth library.
Auth = new OAuth2Authenticator(
Configuration.ClientId,
string.Empty,
"https://www.googleapis.com/auth/contacts",
new Uri("https://accounts.google.com/o/oauth2/v2/auth"),
new Uri(Configuration.RedirectUrl),
new Uri("https://www.googleapis.com/oauth2/v4/token"),
isUsingNativeUI: true);
var viewController = Auth.GetUI();
PresentViewController(viewController, true, null);
Auth.Completed += Auth_Completed;
Auth.Error += Auth_Error;
private void Auth_Error(object sender, AuthenticatorErrorEventArgs e)
{
}
private void Auth_Completed(object sender, AuthenticatorCompletedEventArgs e)
{
// SFSafariViewController doesn't dismiss itself
DismissViewController(true, null);
if (e.IsAuthenticated)
{
}
}
Must implement OpentUrl() in Appdelegate.cs calss upto iOS 12 and above iOS 13 implement OpenUrlContexts() method in SceneDelegate.cs
I am writing a .net core(Standard 1.6) library that connects to my WebAPI. The WebApi requires a client certificate.
The .net core library is something being called from a Xamarin iOS app.
I cannot for the life of me send an HTTP request with a Client Certificate header.
I can use the library and post to the API with a client certificate from Visual Studio 2017 on a windows machine.
When I move the same project into my Xamarin iOS app using VS for Mac I get:
"Method Not Implemented" when setting the SslProtocol or adding the client certificate:
var handler = new HttpClientHandler();
handler.ClientCertificateOptions = ClientCertificateOption.Manual;
handler.SslProtocols = SslProtocols.Tls12;
handler.ClientCertificates.Add(new X509Certificate2(certificate));
Relevant libraries:
using System.Net;
using System.Net.Http;
using System.Security;
using System.Security.Cryptography.X509Certificates;
Any help would be greatly appreciated.
Alright, this took me quite a while but i was able to send a client certificate in a web request to use for client auth on our server.
First, as awesome as Xamarin and .netCore are, they are missing alot of the methods .net developers are used to. I was not able to build a crossplatform request that would work on both Android and ios such as the HttpWebRequest.
For ios, i created a custom class that inherits from:NSUrlConnectionDataDelegate
I then override the:
public override void WillSendRequestForAuthenticationChallenge(NSUrlConnection
connection, NSUrlAuthenticationChallenge challenge)
{
byte[] cert = System.IO.File.ReadAllBytes("clientCertificate.pfx");
NSUrlCredential credential = iSecurity.ImportPK12File(cert, "certPassword");
challenge.Sender.UseCredential(credential, challenge);
}
I then created a class that returns the credential:
//cert is a byte array of a .pfx file included in the resource file
//iSecurity Custom class
NSUrlCredential credential = iSecurity.ImportPK12File(cert, "certpassword");
public static NSUrlCredential ImportPK12File(byte[] fileBytes, string passPhrase)
{
var cert = new X509Certificate2(fileBytes, passPhrase);
var options = NSDictionary.FromObjectAndKey(NSObject.FromObject(passPhrase), SecImportExport.Passphrase);
NSDictionary[] importStatus;
SecStatusCode statusCode = SecImportExport.ImportPkcs12(fileBytes, options, out importStatus);
if(statusCode != SecStatusCode.Success){
throw new Exception("Error importing certificate. ");
}
NSObject obj = importStatus[0]["trust"];
IntPtr secTrustRef = obj.Handle;
var identityHandle = importStatus[0][SecImportExport.Identity];
var identity = new SecIdentity(identityHandle.Handle);
var certificate = new SecCertificate(cert.GetRawCertData());
SecCertificate[] certificates = { certificate };
return NSUrlCredential.FromIdentityCertificatesPersistance(identity, certificates, NSUrlCredentialPersistence.ForSession);
}
You may also be able to override this method and send the creds:
public override void ReceivedAuthenticationChallenge(NSUrlConnection connection, NSUrlAuthenticationChallenge challenge)
{
base.ReceivedAuthenticationChallenge(connection, challenge);
}
And i may move it to there but in order to fire this off you create the delegate of your class that inherits from :NSUrlConnectionDataDelegate
and add this to your connection. Any request fired through this connection will override the method and pass the certificate.
I'm trying to pass my full Rest service from http to https.
I created a self-signed certificate, I had it to IIS Express. I validate it on google Chrome and it work perfectly fine with postman. My rest service work in http and https.
I use a PCL project (IOS and Android) everything is working fine with http request but I have exception with https request. the exception message is null.
I tried to create a test certificate directly from Visual Studio 2015 but the button is disabled in properties ->Signing.
I also tried to install my self-signed certificate as a Trusted Root but no success for the communication between my simulator and my rest Service.
my code
public partial class MainPage : ContentPage
{
private string url = string.Empty;
private HttpClient _client;
public MainPage()
{
InitializeComponent();
switch (Device.RuntimePlatform)
{
case Device.iOS:
_client = new HttpClient(new NSUrlSessionHandler());
break;
case Device.Android:
_client = new HttpClient();
break;
}
_client = new HttpClient();
test();
}
private async void test()
{
//url = "http://192.168.1.106:9630/PrototypeB.svc/Test";
url = "https://192.168.1.106:44301/PrototypeB.svc/Test";
try
{
var _content = await _client.GetStringAsync(url);
List<Test> _posts = JsonConvert.DeserializeObject<List<Test>>(_content);
}
catch (HttpRequestException e)
{
string test = e.Message;
}
catch (Exception e)
{
string test = e.Message;
}
}
}
How can I communicate with my Android and IOS Simulator with https and self-signed certificate?
You can use ServicePointManager to ignore the certificate validation check.
Execute the code in your iOS and Android platforms like this:
System.Net.ServicePointManager.ServerCertificateValidationCallback += (se, cert, chain, sslerror) => {
return true;
};
References:
Untrusted HTTPS
certificate
HTTPS ignore
certificate
Ignore SSL certificate errors in Xamarin.Forms (PCL)
SSL Validation in
PCL
Also, ModernHttpClient Pro provide this feature, but it is not free.
Am finding hard to launch Cordova Windows App, from another native Windows App.
Using Protocol invocation, I am passing few parameters to Cordova Windows App, to see if the Cordova app identifies those parameters from the Windows Native App.
Is there anyway to pass Parameters from native Windows App to Cordova App, so that Cordova App identifies the parameters as arguments?
In native windows 8 store app I am using app protocol association to send parameters one app to another app. like
in sender app:
mainpage.xaml.cs on button click
var url = "apptest:?" + name;
Uri uri = new Uri(url);
await Launcher.LaunchUriAsync(uri);
in received app
Package.appxmanifest:
Declarations --> available declarations add --> protocol --> name = apptest
app.xaml.cs
protected override void OnActivated(IActivatedEventArgs args)
{
if (args.Kind == ActivationKind.Protocol)
{
ProtocolActivatedEventArgs protocolArgs = args as ProtocolActivatedEventArgs;
var rootFrame = new Frame();
rootFrame.Navigate(typeof(MainPage), protocolArgs);
Window.Current.Content = rootFrame;
}
Window.Current.Activate();
}
mainpage.xaml.cs
protected override void OnNavigatedTo(NavigationEventArgs e)
{
ProtocolActivatedEventArgs pa = e.Parameter as ProtocolActivatedEventArgs;
if(pa != null)enter code here
{
string qS = pa.Uri.Query;
if (!string.IsNullOrEmpty(qS))
{
Txt_name.Text = qS;
}
}
}
in this way i will take the data from sender app.
Same like is there any way to receive data from windows 10 native app to cordova app. it is very hard to find the solution. not able to find the exact piece of code.
I'm trying to download a regular JSON string from this url https://valueboxtest.lb.dk/mobile/categories from a Windows Phone 7 Application.
I have tried to both use WebClient and HttpWebRequest. They both throw an exception
“The remote server returned an error: NotFound”
This is the code for using the WebClient
var webClient = new WebClient();
webClient.DownloadStringCompleted += (client_DownloadStringCompleted);
webClient.DownloadStringAsync(new Uri("https://valueboxtest.lb.dk/mobile/categories"));
The eventhandler then just show the content, but e.Result throws the above mentioned exception:
void client_DownloadStringCompleted(object sender, DownloadStringCompletedEventArgs e)
{
if (e.Error == null && !e.Cancelled) MessageBox.Show(e.Result);
}
For the HttpWebRequest my code looks as follows:
var httpReq = (HttpWebRequest)WebRequest.Create(new Uri("https://valueboxtest.lb.dk/mobile/categories"));
httpReq.BeginGetResponse(HTTPWebRequestCallBack, httpReq);
With the following callback:
private void HTTPWebRequestCallBack(IAsyncResult result)
{
var httpRequest = (HttpWebRequest)result.AsyncState;
var response = httpRequest.EndGetResponse(result);
var stream = response.GetResponseStream();
var reader = new StreamReader(stream);
this.Dispatcher.BeginInvoke(
new delegateUpdate(update),
new Object[] { reader.ReadToEnd() }
);
}
And with the delegate method
delegate void delegateUpdate(string content);
private void update(string content)
{
MessageBox.Show(content);
}
Running it in a console application
Everything works just fine and the JSON string is returned with no problems and I am able to print the result to the console.
Different URL does work on WP7
The weird thing is that the URL http://mobiforge.com/rssfeed actually works fine in both of the above mentioned scenarios.
This issue occurs both in the Emulator and on an actual device.
What could be wrong? Is the REST service returning the data in misbehaving way? I really hope you can help me!
Note: I'm not running Fiddler2 at the same time!
The reason is because that site does not have a valid certificate. Just try it on Mobile Internet Explorer and you'll get the prompt about an issue with the certificate.
How to ignore SSL certificates
Mobile devices are stricter when it comes to SSL certificates.
If you want to get this app into a production environment, you'll either need to write a wrapper for this server (if it's not your own), or get a valid certificate. In the short-term, for testing, you can add a certificate into your device.
Here's a tool which might help you install a certificate.