Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- //
- // BSConnectionService.swift
- // Nexo
- //
- // Created by Enrique Gonzalez on 9/6/16.
- // Copyright © 2016 capitandurango. All rights reserved.
- //
- import Foundation
- class BSConnectionService: NSObject, NSURLConnectionDelegate {
- fileprivate var _connection: NSURLConnection?
- fileprivate var _lookServerResponseData:Data!
- fileprivate var _uniqueIdentifier: String = String.Empty
- var delegate: BSConnectionServiceDelegate?
- override init() {
- super.init()
- _uniqueIdentifier = UUID().uuidString
- }
- func submitRequest(_ request: NSMutableURLRequest) {
- _connection = NSURLConnection(request: request as URLRequest, delegate: self, startImmediately: true)
- }
- func cancelRequestWithIdentifier(_ identifier: String) {
- println("Metodo no implementado \(#function)")
- }
- func cancelRequest() {
- _connection?.cancel()
- }
- func connection(_ connection: NSURLConnection, didReceiveResponse response: URLResponse ) {
- _lookServerResponseData = Data()
- self.delegate?.bsReceiveResponse(didReceiveResponse: response)
- }
- func connection(_ connection: NSURLConnection, didReceiveData data: Data) {
- _lookServerResponseData.append(data)
- }
- func connection(_ connection: NSURLConnection, willCacheResponse cachedResponse: CachedURLResponse) -> CachedURLResponse? {
- return nil
- }
- func connectionDidFinishLoading(_ connection: NSURLConnection) {
- do {
- let raw = try JSONSerialization.jsonObject(with: _lookServerResponseData, options: JSONSerialization.ReadingOptions.allowFragments)
- self.delegate?.bsReceiveData(receiveRawDictionary: raw as! NSDictionary)
- }
- catch let error as NSError {
- if let responseString = NSString(data: _lookServerResponseData as Data, encoding: String.Encoding.ascii.rawValue) {
- println("########## Error: \(#function) => ResponseString: \(responseString)")
- }
- self.delegate?.bsRequestFailWithError(didFailWithError: error)
- }
- }
- func connection(_ connection: NSURLConnection, didFailWithError error: Error) {
- connection.cancel()
- println("ERROR DESDE EL MOTOR \(#function): \(error.localizedDescription)")
- let innerError:NSError!
- if error._code == NSURLErrorTimedOut {
- println(error)
- innerError = BSUtils.Error("Se sobrepaso el tiempo de espera, favor de reintentar")
- }
- else if error._domain == NSURLErrorDomain {
- println(error)
- innerError = BSUtils.Error("Servicio no disponible, favor de reintentar mas tarde !!!")
- }
- else {
- println(error)
- innerError = error as NSError!
- }
- self.delegate?.bsRequestFailWithError(didFailWithError: innerError)
- }
- /////////////////////////////////////////////////////////////////////////////////////////////////////////
- //TODO: Pruebas Certificado y Tipo de Autenticación
- /////////////////////////////////////////////////////////////////////////////////////////////////////////
- func connection(_ connection: NSURLConnection, willSendRequestFor challenge: URLAuthenticationChallenge) {
- // println("#SSLPinning")
- // println("......... \(#function) authenticationMethod: \(challenge.protectionSpace.authenticationMethod)")
- //
- // switch challenge.protectionSpace.authenticationMethod {
- // case NSURLAuthenticationMethodServerTrust:
- // println("..........send credential Server Trust")
- //
- // //let credential = NSURLCredential(forTrust: challenge.protectionSpace.serverTrust!)
- // //challenge.sender?.useCredential(credential, forAuthenticationChallenge: challenge)
- //
- // challenge.sender?.continueWithoutCredential(for: challenge)
- //
- // break
- // case NSURLAuthenticationMethodHTTPBasic:
- // println("..........send credential HTTP Basic")
- //
- // let defaultCredentials: URLCredential = URLCredential(user: "usernameFoo",
- // password: "passwordFoo",
- // persistence: URLCredential.Persistence.forSession)
- //
- // challenge.sender?.use(defaultCredentials, for: challenge)
- //
- // break
- // case NSURLAuthenticationMethodNTLM:
- // println("..........send credential NTLM")
- //
- // break
- // default:
- // println("..........send credential Ninguna de las anteriores")
- //
- // challenge.sender?.performDefaultHandling?(for: challenge)
- // }
- while true {
- let serverTrust = challenge.protectionSpace.serverTrust
- print("ServerTrust \(nil != serverTrust ? "YES" : "NO")")
- if !(nil != serverTrust) {
- print("Error - El servidor no es de confianza")
- break
- }
- let status: OSStatus = SecTrustEvaluate(serverTrust!, nil)
- print("SecTrustEvaluate: \(errSecSuccess == status ? "YES" : "NO caducado o autofirmado") ")
- if !(errSecSuccess == status) {
- print("failed: el certificado está caducado o autofirmado")
- break
- }
- var _serverCertificate: SecCertificate?
- if let serverCertificate: SecCertificate = SecTrustGetCertificateAtIndex(serverTrust!, 0) {
- println("SecCertificateREF: True")
- _serverCertificate = serverCertificate
- } else {
- println("SecCertificateRef: False")
- println("failed: no existe el certificado")
- break
- }
- // CFDataRef serverCertificateData = SecCertificateCopyData(serverCertificate);
- // SBLogInfo(@"CFDataRef: %@", serverCertificateData?@"YES":@"NO");
- //
- // if (!(nil != serverCertificateData)) {
- // SBLogInfo(@"No se pudieron obtener los datos del certificado");
- // break;
- // }
- //
- // const UInt8* const data = CFDataGetBytePtr(serverCertificateData);
- // const CFIndex size = CFDataGetLength(serverCertificateData);
- if let _server_Certificate = _serverCertificate {
- if let serverCertificateData: CFData = SecCertificateCopyData(_server_Certificate) {
- print("CFData: True")
- } else {
- print("No se pudieron obtener los datos del certificado")
- break
- }
- } else {
- break
- }
- let data = CFDataGetBytePtr(serverCertificateData)
- let size: CFIndex = CFDataGetLength(serverCertificateData)
- if !(nil != data) || !(size > 0) {
- SBLogInfo("ailed: se presentó un error ara UInt8 y CFIndex en los datos del certificado")
- break
- }
- let serverCertificateNSD = NSData(bytes: data, length: Int(size))
- if !(nil != serverCertificateData) {
- //SBLogInfo("failed: Certificado recibido no se ha podido obtener")
- break
- }
- /* * * Certificado local * * */
- let file: String? = Bundle.main.path(forResource: "bancomermovil", ofType: "crt")
- if !(nil != file) {
- //SBLogInfo("failed: o se pudo obtener la URL del certificado local")
- break
- }
- let localCertificateNSD = NSData(contentsOfFile: file!) as Data?
- if !(nil != localCertificateNSD) {
- //SBLogInfo("failed: no se pudo obtener el certificado local")
- break
- }
- let equal: Bool = serverCertificateNSD.isEqual(to: localCertificateNSD!)
- if !(false != equal) {
- //SBLogInfo("failed: el certificado enviado por el servidor no es igual al certificado local")
- break
- }
- //SBLogInfo("el Certificado enviado por el servidor es igual al certficado local")
- return challenge.sender!.use(URLCredential(trust: serverTrust!), for: challenge)
- }
- }
- /*func connection(_ connection: NSURLConnection, canAuthenticateAgainstProtectionSpace protectionSpace: URLProtectionSpace) -> Bool {
- println("::::::: authenticationMethod: \(protectionSpace.authenticationMethod)")
- //return protectionSpace.authenticationMethod == NSURLAuthenticationMethodServerTrust
- return true
- }*/
- func removeReferenceContext(){
- _connection?.cancel()
- _connection = nil
- self.delegate = nil
- }
- }
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement