1
0
mirror of https://github.com/immich-app/immich.git synced 2024-12-26 10:50:29 +02:00
immich/mobile/lib/utils/http_ssl_cert_override.dart
shenlong 27488ceb67
deps(mobile): flutter 3.16 (#6677)
* dep(mobile): update flutter and deps

* chore: dart analyzer

* chore: update flutter workflow version

* chore: dart format

* fix: gallery_viewer PopScope

---------

Co-authored-by: shenlong-tanwen <139912620+shalong-tanwen@users.noreply.github.com>
2024-01-27 10:14:32 -06:00

38 lines
1.3 KiB
Dart

import 'dart:io';
import 'package:immich_mobile/modules/settings/services/app_settings.service.dart';
import 'package:immich_mobile/shared/models/store.dart';
import 'package:logging/logging.dart';
class HttpSSLCertOverride extends HttpOverrides {
@override
HttpClient createHttpClient(SecurityContext? context) {
return super.createHttpClient(context)
..badCertificateCallback = (X509Certificate cert, String host, int port) {
var log = Logger("HttpSSLCertOverride");
AppSettingsEnum setting = AppSettingsEnum.allowSelfSignedSSLCert;
// Check if user has allowed self signed SSL certificates.
bool selfSignedCertsAllowed =
Store.get(setting.storeKey as StoreKey<bool>, setting.defaultValue);
bool isLoggedIn = Store.tryGet(StoreKey.currentUser) != null;
// Conduct server host checks if user is logged in to avoid making
// insecure SSL connections to services that are not the immich server.
if (isLoggedIn && selfSignedCertsAllowed) {
String serverHost =
Uri.parse(Store.tryGet(StoreKey.serverEndpoint) ?? "").host;
selfSignedCertsAllowed &= serverHost.contains(host);
}
if (!selfSignedCertsAllowed) {
log.severe("Invalid SSL certificate for $host:$port");
}
return selfSignedCertsAllowed;
};
}
}