.. java:import:: android.app Activity .. java:import:: com.idopte.scmapi SCMEnvironment .. java:import:: com.idopte.scmapi.ui ManagerActivity .. java:import:: com.idopte.scmiddleware Log .. java:import:: android.webkit ClientCertRequest .. java:import:: android.webkit WebResourceError .. java:import:: android.webkit WebResourceRequest .. java:import:: android.webkit WebView .. java:import:: android.webkit WebViewClient .. java:import:: androidx.annotation NonNull .. java:import:: androidx.fragment.app FragmentActivity .. java:import:: com.idopte.scmapi Certificate .. java:import:: com.idopte.scmapi Pin .. java:import:: com.idopte.scmapi PrivateKey .. java:import:: com.idopte.scmapi Reader .. java:import:: com.idopte.scmapi ReaderEvents .. java:import:: com.idopte.scmapi SCMException .. java:import:: com.idopte.scmapi Token .. java:import:: com.idopte.scmapi TokenObject .. java:import:: com.idopte.scmapi Util .. java:import:: com.idopte.scmapi.jca Provider .. java:import:: com.idopte.scmapi.ui ChooseCertificate .. java:import:: com.idopte.scmapi.ui ChooseCertificateDialog .. java:import:: com.idopte.scmapi.ui EnterPin .. java:import:: com.idopte.scmapi.ui EnterPinDialog .. java:import:: com.idopte.scmapiembed SCMActivity .. java:import:: com.idopte.scmapiembed SCMEmbedEnvironment .. java:import:: com.idopte.scmapiembed SCMHelper .. java:import:: com.idopte.scmjavaapi R .. java:import:: java.security Principal .. java:import:: java.security Security .. java:import:: java.security.cert X509Certificate .. java:import:: java.util ArrayList .. java:import:: java.util List SSLWebViewClient ================ .. java:package:: com.idopte.ssl :noindex: .. java:type:: public class SSLWebViewClient extends WebViewClient Implementation of an ``android.webkit.WebViewClient`` which manages SSL client certificate request. Current activity \ **must have initialized**\ SCM software components, using \ :java:ref:`SCMHelper`\ for instance or \ :java:ref:`SCMActivity`\ . Since cryptographic operations are to be done with a physical token through \ :java:ref:`Security`\ class providers, *Idopte JCA* (\ :java:ref:`Provider`\ ) is internally added to security providers at index ``1``. \ **SSL client request handling:**\ When a SSL client request is to be handled, the following steps are done: .. * The user will be asked to choose a client certificate from user registered certificates. To register certificates from token, user can use certificates registration process provided by Manager (using \ :java:ref:`ManagerActivity`\ )or \ :java:ref:`SCMEnvironment.registerCertificates(Token)`\ . Only user certificates (non CA) and certificates with same issuer as defined in SSL client request are taken in account. If the user cancels to choose a certificate, request is *canceled*. * Login will be asked to allow signature with private key corresponding to the certificate. If login succeeds, request is *proceeded*. If PIN is blocked or login is canceled by the user, request is *canceled*. Following these steps, SSL client certificate request is *proceeded* or *canceled* if a problem occurred. Note that user's choice is remembered for future requests, even if token is removed. See \ :java:ref:`WebView.clearClientCertPreferences(Runnable)`\ . Typically, you can call the previous method in \ :java:ref:`ReaderEvents.onTokenRemoval(Reader)`\ implemented method in your current activity. Using \ :java:ref:`SSLWebViewClient(FragmentActivity)`\ constructor, default UI implementations will be used for user interaction. This can be changed using \ :java:ref:`SSLWebViewClient(Activity,ChooseCertificate,EnterPin)`\ constructor. \ **Usage:**\ This class can be used by setting the ``WebViewClient`` instance of a ``WebView`` object for instance, and use this ``WebView`` to load an URL with a SSL client certificate request. For example: .. parsed-literal:: // create a web view and set its WebViewClient WebView webView = new WebView(myContext); webView.setWebViewClient(new SSLWebViewClient(myFragmentActivity)); // load url with SSL client certificate request // certificate choice and login will be done indirectly in following line: webView.loadUrl(my_url_with_SSL_request); Constructors ------------ SSLWebViewClient ^^^^^^^^^^^^^^^^ .. java:constructor:: public SSLWebViewClient(FragmentActivity activity) :outertype: SSLWebViewClient Creates a ``SSLWebViewClient``. ``SSLWebViewClient`` instance will use \ :java:ref:`ChooseCertificateDialog`\ and \ :java:ref:`EnterPinDialog`\ implementations. :param activity: current activity. Used to show several UI elements. SSLWebViewClient ^^^^^^^^^^^^^^^^ .. java:constructor:: public SSLWebViewClient(Activity activity, ChooseCertificate chooseCertificate, EnterPin enterPin) :outertype: SSLWebViewClient Creates a ``SSLWebViewClient`` using passed interfaces for user interaction. :param activity: current activity. Used to show several UI elements. :param chooseCertificate: object to use asking the user to choose a certificate. :param enterPin: object to use asking the user to enter PIN code. Methods ------- cleanUp ^^^^^^^ .. java:method:: public void cleanUp() :outertype: SSLWebViewClient Cleans up ``SSLWebViewClient`` instance by resetting its state. This method must be called if ``SSLWebViewClient`` instance is no longer used, for instance, in current activity ``onDestroy`` method. getSslEnabled ^^^^^^^^^^^^^ .. java:method:: public boolean getSslEnabled() :outertype: SSLWebViewClient Gets whether SSL client certificate requests are to be handled. hasCanceledRequest ^^^^^^^^^^^^^^^^^^ .. java:method:: public static boolean hasCanceledRequest() :outertype: SSLWebViewClient Returns if a request has been canceled since last call. Further calls of this function will return ``false`` until new request is canceled. hasProceededRequest ^^^^^^^^^^^^^^^^^^^ .. java:method:: public static boolean hasProceededRequest() :outertype: SSLWebViewClient Returns if a request has been proceeded since last call. Further calls of this function will return ``false`` until new request is proceeded. setSslEnabled ^^^^^^^^^^^^^ .. java:method:: public void setSslEnabled(boolean enabled) :outertype: SSLWebViewClient Sets whether SSL client certificate requests are to be handled or directly cancelled. The default value is true. If set to ``false``, \ :java:ref:`hasCanceledRequest`\ update is still updated.