Http request action streamlined to also cover the insecure setting in the same function.

2026-03-01 00:20:53 +01:00
parent 4cea4391eb
commit e3e2a87b5e
3 changed files with 43 additions and 8 deletions
--- a/app/src/main/java/com/jens/automation2/Action.java
+++ b/app/src/main/java/com/jens/automation2/Action.java
@@ -769,10 +769,10 @@ public class Action
 	    		Miscellaneous.logEvent("i", "HTTP Request", "Attempt " + String.valueOf(attempts++) + " of " + String.valueOf(Settings.httpAttempts), 3);

 				// Either thorough checking or no encryption
-				if(!Settings.httpAcceptAllCertificates || !urlString.toLowerCase(Locale.getDefault()).contains("https"))
+//				if(!Settings.httpAcceptAllCertificates || !urlString.toLowerCase(Locale.getDefault()).contains("https"))
 					response = Miscellaneous.downloadURL(urlString, urlUsername, urlPassword, method, httpParams);
-				else
-					response = Miscellaneous.downloadUrlWithoutCertificateChecking(urlString, urlUsername, urlPassword, method, httpParams);
+//				else
+//					response = Miscellaneous.downloadUrlWithoutCertificateChecking(urlString, urlUsername, urlPassword, method, httpParams);

 				try
 				{
--- a/app/src/main/java/com/jens/automation2/Miscellaneous.java
+++ b/app/src/main/java/com/jens/automation2/Miscellaneous.java
@@ -92,6 +92,7 @@ import java.security.KeyManagementException;
 import java.security.KeyStore;
 import java.security.MessageDigest;
 import java.security.NoSuchAlgorithmException;
+import java.security.SecureRandom;
 import java.security.cert.CertificateException;
 import java.security.cert.X509Certificate;
 import java.text.DateFormat;
@@ -135,6 +136,27 @@ public class Miscellaneous extends Service

 	public static final String lineSeparator = System.getProperty("line.separator");

+	public static class TrustAllCertificates implements X509TrustManager
+	{
+		@Override
+		public void checkClientTrusted(X509Certificate[] chain, String authType)
+		{
+			// Do nothing (trust all clients)
+		}
+
+		@Override
+		public void checkServerTrusted(X509Certificate[] chain, String authType)
+		{
+			// Do nothing (trust all servers)
+		}
+
+		@Override
+		public X509Certificate[] getAcceptedIssuers()
+		{
+			return new X509Certificate[0]; // No accepted issuers
+		}
+	}
+
 	public static String downloadURL(String url, String username, String password, String method, Map<String, String> httpParams)
 	{
 		HttpClient httpclient = new DefaultHttpClient();
@@ -149,12 +171,24 @@ public class Miscellaneous extends Service
                HttpURLConnection connection;
                
                if(url.toLowerCase().contains("https"))
-                {
-                	connection = (HttpsURLConnection) urlObject.openConnection();
-                }
+				{
+					connection = (HttpsURLConnection) urlObject.openConnection();
+					if(Settings.httpAcceptAllCertificates)
+					{
+						SSLContext sslContext = SSLContext.getInstance("TLS"); // Use "TLS" (not "SSL" which is outdated)
+						sslContext.init(
+								null, // No KeyManager (client authentication not needed)
+								new TrustManager[]{new TrustAllCertificates()}, // Use our trust manager
+								new SecureRandom() // Secure random number generator
+						);
+						((HttpsURLConnection)connection).setSSLSocketFactory(sslContext.getSocketFactory());
+						((HttpsURLConnection)connection).setHostnameVerifier((hostname, session) -> true); // Trust all hostnames
+
+					}
+				}
                else
                	connection = (HttpURLConnection) urlObject.openConnection();
-                                
+
                // Add http simple authentication if specified
                if(username != null && password != null)
                {