I have implemented SSL pinning in my react-native app in the android code and i want to get some sort of message/warning when the request is rejected due to invalid SSL hash, so i added an interceptor to get the message from the response.
Here is code of the added interceptor,
OkHttpClient.Builder clientBuilder = OkHttpClientProvider.createClientBuilder();
return clientBuilder
.certificatePinner(certificatePinner)
.addInterceptor(new CustomInterceptor())
.build();
The problem is when i add an invalid key (for testing purposes), the code below chain.proceed(request) never runs, i am not familiar with OKHTTP or android, but i am guessing it automatically returns a null response in case the request is rejected.
Is there any way to get the response object even if the request is rejected due to invalid SSL hash.
Here is code for my interceptor.
public class CustomInterceptor implements Interceptor {
@Override
public Response intercept(Chain chain) throws IOException {
Request request = chain.request();
System.out.println("My Client::: Intercepted request: " +request.toString());
Response res= chain.proceed(request);
System.out.println("My Client::: Intercepted response: " + res.toString());
return res;
}
}
In my app Axios is used as a network managing library and i haven’t found any library for SSL pinning which works with Axios, that is the reason i had to add that directly at native code. Any other solution regarding this is also welcome.
2
Answers
I have been able to get around this problem by adding the chain.proceed(request) in try-catch block and catching the exception. Exception object contains the message that request failed due to invalid SSL hash.
Have you considered adding your
CustomInterceptoras a "network interceptor"? That might help to get more information from it (not completely sure that’s actually what you need in the long run, though).