Skip to content

Cordova / Phonegap plugin for communicating with HTTP servers. Allows for SSL pinning!

License

Notifications You must be signed in to change notification settings

angegar/SecureHTTP

 
 

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

93 Commits
 
 
 
 
 
 
 
 
 
 
 
 

Repository files navigation

cordovaHTTP

Cordova / Phonegap plugin for communicating with HTTP servers. Supports iOS and Android.

Advantages over Javascript requests

  • Background threading - all requests are done in a background thread.
  • SSL Pinning - read more at LumberBlog.

Installation

The plugin conforms to the Cordova plugin specification, it can be installed using the Cordova / Phonegap command line interface.

phonegap plugin add https://github.com/wymsee/cordova-HTTP.git

cordova plugin add https://github.com/wymsee/cordova-HTTP.git

Usage

AngularJS

This plugin creates a cordovaHTTP service inside of a cordovaHTTP module. You must load the module when you create your app's module.

var app = angular.module('myApp', ['ngRoute', 'ngAnimate', 'cordovaHTTP']);

You can then inject the cordovaHTTP service into your controllers. The functions can then be used identically to the examples shown below except that instead of accepting success and failure callback functions, each function returns a promise. For more information on promises in AngularJS read the AngularJS docs. For more info on promises in general check out this article on html5rocks. Make sure that you load cordova.js or phonegap.js after AngularJS is loaded.

Not AngularJS

This plugin registers a cordovaHTTP global on window

Functions

All available functions are documented below. Every function takes a success and error callback function as the last 2 arguments.

useBasicAuth

This sets up all future requests to use Basic HTTP authentication with the given username and password.

cordovaHTTP.useBasicAuth("user", "password", function() {
    console.log('success!');
}, function() {
    console.log('error :(');
});

setHeader

Set a header for all future requests. Takes a header and a value.

cordovaHTTP.setHeader("Header", "Value", function() {
    console.log('success!');
}, function() {
    console.log('error :(');
});

enableSSLPinning

Enable or disable SSL pinning. To use SSL pinning you must include at least one .cer SSL certificate in your app project. You can pin to your server certificate or to one of the issuing CA certificates. For ios include your certificate in the root level of your bundle (just add the .cer file to your project/target at the root level). For android include your certificate in your project's platforms/android/assets folder. In both cases all .cer files found will be loaded automatically. If you only have a .pem certificate see this stackoverflow answer. You want to convert it to a DER encoded certificate with a .cer extension.

As an alternative, you can store your .cer files in the www/certificates folder.

cordovaHTTP.enableSSLPinning(true, function() {
    console.log('success!');
}, function() {
    console.log('error :(');
});

acceptAllCerts

Accept all SSL certificates. Or disable accepting all certificates.

cordovaHTTP.acceptAllCerts(true, function() {
    console.log('success!');
}, function() {
    console.log('error :(');
});

post

Execute a POST request. Takes a URL, parameters, and headers.

success

The success function receives a response object with 2 properties: status and data. Status is the HTTP response code and data is the response from the server as a string. Here's a quick example:

{
    status: 200,
    data: "{'id': 12, 'message': 'test'}"
}

Most apis will return JSON meaning you'll want to parse the data like in the example below:

cordovaHTTP.post("https://google.com/", {
    id: 12,
    message: "test"
}, { Authorization: "OAuth2: token" }, function(response) {
    // prints 200
    console.log(response.status);
    try {
        response.data = JSON.parse(response.data);
        // prints test
        console.log(response.data.message);
    } catch(e) {
        console.error("JSON parsing error");
    }
}, function(response) {
    // prints 403
    console.log(response.status);
    
    //prints Permission denied 
    console.log(response.error);
});

failure

The error function receives a response object with 2 properties: status and error. Status is the HTTP response code. Error is the error response from the server as a string. Here's a quick example:

{
    status: 403,
    error: "Permission denied"
}

get

Execute a GET request. Takes a URL, parameters, and headers. See the post documentation for details on what is returned on success and failure.

cordovaHTTP.get("https://google.com/", {
    id: 12,
    message: "test"
}, { Authorization: "OAuth2: token" }, function(response) {
    console.log(response.status);
}, function(response) {
    console.error(response.error);
});

uploadFile

Uploads a file saved on the device. Takes a URL, parameters, headers, filePath, and the name of the parameter to pass the file along as. See the post documentation for details on what is returned on success and failure.

cordovaHTTP.uploadFile("https://google.com/", {
    id: 12,
    message: "test"
}, { Authorization: "OAuth2: token" }, "file:///somepicture.jpg", "picture", function(response) {
    console.log(response.status);
}, function(response) {
    console.error(response.error);
});

downloadFile

Downloads a file and saves it to the device. Takes a URL, parameters, headers, and a filePath. See post documentation for details on what is returned on failure. On success this function returns a cordova FileEntry object.

cordovaHTTP.downloadFile("https://google.com/", {
    id: 12,
    message: "test"
}, { Authorization: "OAuth2: token" }, "file:///somepicture.jpg", function(entry) {
    // prints the filename
    console.log(entry.name);
    
    // prints the filePath
    console.log(entry.fullPath);
}, function(response) {
    console.error(response.error);
});

loginSiteMinder

Authenticate a user to siteMinder. In the following sample the plugin was injected by angular as a module dependancy.

var promise = this.$cordovaHTTP.loginSiteMinder(username, password,authUrl,targetUrl);
promise.then(
			//Success
			function (response){
				var data = JSON.parse(response.data);
				if(typeof success === "function"){
					success(data);				
				}
			},
			//Fail
			function (msg){
				if( typeof failure === "function"){
					failure(msg);
				}
			}						
);

clearAllCookies

This function will remove all the cookies associated with the HTTP connection. It is use to log out. In the following sample the plugin was injected by angular as a module dependancy.

var promise = this.$cordovaHTTP.clearAllCookies();
	promise.then(
		//Success
		function(){
			_this.$log.debug("LOGOUT SUCCEED");			
				if(typeof success === "function"){
					success();				
				}
		}
	);			

Libraries

This plugin utilizes some awesome open source networking libraries. These are both MIT licensed:

We made a few modifications to http-request. They can be found in a separate repo here: https://github.com/wymsee/http-request

Limitations

This plugin isn't equivalent to using XMLHttpRequest or Ajax calls in Javascript. For instance, the following features are currently not supported:

  • cookies support (a cookie set by a request isn't sent in subsequent requests)
  • read content of error responses (only the HTTP status code and message are returned)
  • read returned HTTP headers (e.g. in case security tokens are returned as headers)

Take this into account when using this plugin into your application.

About

Cordova / Phonegap plugin for communicating with HTTP servers. Allows for SSL pinning!

Resources

License

Stars

Watchers

Forks

Packages

No packages published

Languages

  • Java 84.8%
  • Objective-C 15.2%