private static OkHttpClient buildClient(ConnectionSpec... specs) { return new OkHttpClient.Builder().connectionSpecs(Arrays.asList(specs)).build(); }
private static OkHttpClient createOkHttpClient() { final OkHttpClient.Builder builder = new OkHttpClient.Builder() .connectionSpecs(CONNECTION_SPEC_LIST); configureLogging(builder); return builder.build(); }
public CustomCipherSuites() throws GeneralSecurityException { // Configure cipher suites to demonstrate how to customize which cipher suites will be used for // an OkHttp request. In order to be selected a cipher suite must be included in both OkHttp's // connection spec and in the SSLSocket's enabled cipher suites array. Most applications should // not customize the cipher suites list. List<CipherSuite> customCipherSuites = Arrays.asList( CipherSuite.TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256, CipherSuite.TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256, CipherSuite.TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384, CipherSuite.TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384); final ConnectionSpec spec = new ConnectionSpec.Builder(ConnectionSpec.MODERN_TLS) .cipherSuites(customCipherSuites.toArray(new CipherSuite[0])) .build(); X509TrustManager trustManager = defaultTrustManager(); SSLSocketFactory sslSocketFactory = defaultSslSocketFactory(trustManager); SSLSocketFactory customSslSocketFactory = new DelegatingSSLSocketFactory(sslSocketFactory) { @Override protected SSLSocket configureSocket(SSLSocket socket) throws IOException { socket.setEnabledCipherSuites(javaNames(spec.cipherSuites())); return socket; } }; client = new OkHttpClient.Builder() .connectionSpecs(Collections.singletonList(spec)) .sslSocketFactory(customSslSocketFactory, trustManager) .build(); }
@Override public void onCreate(Bundle savedInstanceState) { super.onCreate(savedInstanceState); setHasOptionsMenu(true); queryRequest = new QueryRequest() .setSize(ITEM_COUNT_PER_PAGE); // workaround to avoid SSLHandshakeException on Android 7 devices // see: https://stackoverflow.com/questions/39133437/sslhandshakeexception-handshake-failed-on-android-n-7-0 ConnectionSpec spec = new ConnectionSpec.Builder(ConnectionSpec.MODERN_TLS) .tlsVersions(TlsVersion.TLS_1_1, TlsVersion.TLS_1_2) .build(); OkHttpClient client = new OkHttpClient.Builder() .connectionSpecs(Collections.singletonList(spec)) .build(); Retrofit retrofit = new Retrofit.Builder() .baseUrl("https://mediathekviewweb.de/api/") .client(client) .addConverterFactory(GsonConverterFactory.create()) .build(); service = retrofit.create(MediathekService.class); }
/** * Used while building the {@link GPlayMusic} instance. If no {@link OkHttpClient.Builder} is * provided via {@link #setHttpClientBuilder(OkHttpClient.Builder)} the instance returned by * this method will be used for building. * * @return Returns the default {@link OkHttpClient.Builder} instance */ public static OkHttpClient.Builder getDefaultHttpBuilder() { ConnectionSpec spec = new ConnectionSpec.Builder(ConnectionSpec.MODERN_TLS) .tlsVersions(TlsVersion.TLS_1_2) .cipherSuites( CipherSuite.TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256, CipherSuite.TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256, CipherSuite.TLS_DHE_RSA_WITH_AES_128_GCM_SHA256) .build(); return new OkHttpClient.Builder() .connectionSpecs(Collections.singletonList(spec)); }
@VisibleForTesting static okhttp3.OkHttpClient newRawOkHttpClient( Optional<TrustContext> trustContext, Optional<ProxySelector> proxySelector, String userAgent) { // Don't allow retrying on connection failures - see ticket #2194 okhttp3.OkHttpClient.Builder builder = new okhttp3.OkHttpClient.Builder() .connectionSpecs(CONNECTION_SPEC_WITH_CYPHER_SUITES) .connectionPool(new ConnectionPool(CONNECTION_POOL_SIZE, KEEP_ALIVE_TIME_MILLIS, TimeUnit.MILLISECONDS)) .proxySelector(proxySelector.orElse(ProxySelector.getDefault())) .retryOnConnectionFailure(false); if (trustContext.isPresent()) { builder.sslSocketFactory(trustContext.get().sslSocketFactory(), trustContext.get().x509TrustManager()); } builder.interceptors().add(new UserAgentAddingInterceptor(userAgent)); globalClientSettings.accept(builder); return builder.build(); }
@SuppressLint("ObsoleteSdkInt") public static OkHttpClient.Builder enableTls12OnPreLollipop(OkHttpClient.Builder client) { if (Build.VERSION.SDK_INT >= 16 && Build.VERSION.SDK_INT < 22) { try { SSLContext sc = SSLContext.getInstance("TLSv1.2"); sc.init(null, null, null); client.sslSocketFactory(new Tls12SocketFactory(sc.getSocketFactory())); final ConnectionSpec cs = new ConnectionSpec.Builder(ConnectionSpec.MODERN_TLS) .build(); final List<ConnectionSpec> specs = new ArrayList<>(); specs.add(cs); client.connectionSpecs(specs); } catch (Exception e) { UserError.Log.e("OkHttpTLSCompat", "Error while setting TLS 1.2", e); } } return client; }
/** * Configures the HTTP client. * * @return the HTTP client */ private OkHttpClient configureHttpClient() { final OkHttpClient.Builder builder = new OkHttpClient.Builder(); addCookieJar(builder); builder.connectTimeout(60, TimeUnit.SECONDS); builder.writeTimeout(60, TimeUnit.SECONDS); builder.readTimeout(90, TimeUnit.SECONDS); builder.addNetworkInterceptor(HttpLogging.getLoggingInterceptor()); ConnectionSpec spec = new ConnectionSpec.Builder(ConnectionSpec.MODERN_TLS).allEnabledCipherSuites().build(); builder.connectionSpecs(Arrays.asList(spec, ConnectionSpec.CLEARTEXT)); setupTLSProtocol(builder); return builder.build(); }
@SuppressLint("ObsoleteSdkInt") public static OkHttpClient.Builder enableTls12OnPreLollipop(OkHttpClient.Builder client) { if (Build.VERSION.SDK_INT >= 16 && Build.VERSION.SDK_INT < 22) { try { SSLContext sc = SSLContext.getInstance("TLSv1.2"); sc.init(null, null, null); client.sslSocketFactory(new Tls12SocketFactory(sc.getSocketFactory())); final ConnectionSpec cs = new ConnectionSpec.Builder(ConnectionSpec.MODERN_TLS) .build(); final List<ConnectionSpec> specs = new ArrayList<>(); specs.add(cs); client.connectionSpecs(specs); } catch (Exception e) { UserError.Log.e("OkHttpTLSCompat", "Error while setting TLS 1.2", e); } } return client; }
@SuppressLint("BadHostnameVerifier") static OkHttpClient.Builder getUnsafeClientBuilder() { OkHttpClient.Builder builder = getSafeClientBuilder(); try { if (sSSLSocketFactory == null) { final SSLContext sslContext = SSLContext.getInstance("SSL"); sslContext.init(null, new X509TrustManager[]{TRUST_ALL_CERTS}, null); sSSLSocketFactory = sslContext.getSocketFactory(); } builder.connectionSpecs(createConnectionSpecs(ConnectionSpec.MODERN_TLS, true)); builder.sslSocketFactory(sSSLSocketFactory, TRUST_ALL_CERTS); builder.hostnameVerifier((hostname, session) -> hostname != null); } catch (NoSuchAlgorithmException | KeyManagementException e) { // Ignore } return builder; }
/** * Configures the HTTP client. * * @return the HTTP client */ private OkHttpClient configureHttpClient() { final OkHttpClient.Builder builder = new OkHttpClient.Builder(); addCookieJar(builder); builder.connectTimeout(60, TimeUnit.SECONDS); builder.writeTimeout(60, TimeUnit.SECONDS); builder.readTimeout(90, TimeUnit.SECONDS); builder.addNetworkInterceptor(HttpLogging.getLoggingInterceptor()); ConnectionSpec spec = new ConnectionSpec.Builder(ConnectionSpec.MODERN_TLS).allEnabledCipherSuites().build(); builder.connectionSpecs(Arrays.asList(spec, ConnectionSpec.CLEARTEXT)); setupTLSProtocol(builder); return builder.build(); }
@Override public void onCreate() { super.onCreate(); Fresco.initialize(this); OkHttpClient okHttpClient = new OkHttpClient.Builder() .connectionSpecs(Arrays.asList( ConnectionSpec.MODERN_TLS, ConnectionSpec.COMPATIBLE_TLS, ConnectionSpec.CLEARTEXT)) .addInterceptor(new LoggerInterceptor("==http")) .connectTimeout(10000L, TimeUnit.MILLISECONDS) .readTimeout(10000L, TimeUnit.MILLISECONDS) .build(); OkHttpUtils.initClient(okHttpClient); } }
private OkHttpClient buildOkHttpClient() { okHttpClientBuilder .readTimeout(readTimeoutSeconds, TimeUnit.SECONDS) .connectTimeout(connectTimeoutSeconds, TimeUnit.SECONDS) .followSslRedirects(false) .addInterceptor(new PlaidApiHeadersInterceptor()) .connectionSpecs(Collections.singletonList(CONNECTION_SPEC)); if (httpLogLevel != null) { okHttpClientBuilder.addInterceptor(new HttpLoggingInterceptor().setLevel(httpLogLevel)); } checkRuntimeSupportsTls12(okHttpClientBuilder); return okHttpClientBuilder.build(); }
public FastHttpClientBuilder connectionSpecs(List<ConnectionSpec> connectionSpecs) { builder.connectionSpecs(connectionSpecs); return this; }
public static OkHttpClient.Builder getSafeClientBuilder() { if (sDelegatingSocketFactory == null) { sDelegatingSocketFactory = new DelegatingSocketFactory(SocketFactory.getDefault()); } return new OkHttpClient.Builder() .connectionSpecs(createConnectionSpecs()) .socketFactory(sDelegatingSocketFactory); }
public static OkHttpClient.Builder getSafeClientBuilder() { if (sDelegatingSocketFactory == null) { sDelegatingSocketFactory = new DelegatingSocketFactory(SocketFactory.getDefault()); } return new OkHttpClient.Builder() .connectionSpecs(createConnectionSpecs(ConnectionSpec.RESTRICTED_TLS, false)) .socketFactory(sDelegatingSocketFactory); }
public OkHttpClientHttpUrlConnectionFactory() { clientBuilder.connectionSpecs(Arrays.asList( new ConnectionSpec[]{ ConnectionSpec.CLEARTEXT, // for http new ConnectionSpec.Builder(ConnectionSpec.MODERN_TLS) .allEnabledTlsVersions() .allEnabledCipherSuites() .build() // for https })); }
.tlsVersions(config.getTlsVersions()) .build(); httpClientBuilder.connectionSpecs(Arrays.asList(spec, CLEARTEXT));
@VisibleForTesting static okhttp3.OkHttpClient newRawOkHttpClient( Optional<TrustContext> trustContext, Optional<ProxySelector> proxySelector, String userAgent) { // Don't allow retrying on connection failures - see ticket #2194 okhttp3.OkHttpClient.Builder builder = new okhttp3.OkHttpClient.Builder() .connectionSpecs(CONNECTION_SPEC_WITH_CYPHER_SUITES) .connectionPool(new ConnectionPool(CONNECTION_POOL_SIZE, KEEP_ALIVE_TIME_MILLIS, TimeUnit.MILLISECONDS)) .proxySelector(proxySelector.orElse(ProxySelector.getDefault())) .retryOnConnectionFailure(false); if (trustContext.isPresent()) { builder.sslSocketFactory(trustContext.get().sslSocketFactory(), trustContext.get().x509TrustManager()); } builder.interceptors().add(new UserAgentAddingInterceptor(userAgent)); globalClientSettings.accept(builder); return builder.build(); }
.supportsTlsExtensions(true) .build(); builder.connectionSpecs(asList(tls, ConnectionSpec.CLEARTEXT));