import java.net.Proxy;
import java.util.Map;
import javax.annotation.Nullable;
+import javax.net.ssl.SSLSocketFactory;
+import javax.net.ssl.X509TrustManager;
+
import okhttp3.Call;
import okhttp3.Credentials;
import okhttp3.Headers;
okHttpClientBuilder.setProxyPassword(builder.proxyPassword);
okHttpClientBuilder.setConnectTimeoutMs(builder.connectTimeoutMs);
okHttpClientBuilder.setReadTimeoutMs(builder.readTimeoutMs);
+ okHttpClientBuilder.setSSLSocketFactory(builder.sslSocketFactory);
+ okHttpClientBuilder.setTrustManager(builder.sslTrustManager);
this.okHttpClient = okHttpClientBuilder.build();
}
private String proxyPassword;
private int connectTimeoutMs = DEFAULT_CONNECT_TIMEOUT_MILLISECONDS;
private int readTimeoutMs = DEFAULT_READ_TIMEOUT_MILLISECONDS;
+ private SSLSocketFactory sslSocketFactory = null;
+ private X509TrustManager sslTrustManager = null;
/**
* Private since 5.5.
this.connectTimeoutMs = i;
return this;
}
+
+ /**
+ * Optional SSL socket factory with which SSL sockets will be created to establish SSL connections.
+ * If not set, a default SSL socket factory will be used, base d on the JVM's default key store.
+ */
+ public Builder setSSLSocketFactory(@Nullable SSLSocketFactory sslSocketFactory) {
+ this.sslSocketFactory = sslSocketFactory;
+ return this;
+ }
+
+ /**
+ * Optional SSL trust manager used to validate certificates.
+ * If not set, a default system trust manager will be used, based on the JVM's default truststore.
+ */
+ public Builder setTrustManager(@Nullable X509TrustManager sslTrustManager) {
+ this.sslTrustManager = sslTrustManager;
+ return this;
+ }
/**
* Sets the read timeout to a specified timeout, in milliseconds.
private String proxyPassword;
private long connectTimeoutMs = -1;
private long readTimeoutMs = -1;
+ private SSLSocketFactory sslSocketFactory = null;
+ private X509TrustManager sslTrustManager = null;
/**
* Optional User-Agent. If set, then all the requests sent by the
return this;
}
+ /**
+ * Optional SSL socket factory with which SSL sockets will be created to establish SSL connections.
+ * If not set, a default SSL socket factory will be used, base d on the JVM's default key store.
+ */
+ public OkHttpClientBuilder setSSLSocketFactory(@Nullable SSLSocketFactory sslSocketFactory) {
+ this.sslSocketFactory = sslSocketFactory;
+ return this;
+ }
+
+ /**
+ * Optional SSL trust manager used to validate certificates.
+ * If not set, a default system trust manager will be used, based on the JVM's default truststore.
+ */
+ public OkHttpClientBuilder setTrustManager(@Nullable X509TrustManager sslTrustManager) {
+ this.sslTrustManager = sslTrustManager;
+ return this;
+ }
+
/**
* Optional proxy. If set, then all the requests sent by the
* {@link OkHttpClient} will reach the proxy. If not set,
.supportsTlsExtensions(true)
.build();
builder.connectionSpecs(asList(tls, ConnectionSpec.CLEARTEXT));
- X509TrustManager systemDefaultTrustManager = systemDefaultTrustManager();
- builder.sslSocketFactory(systemDefaultSslSocketFactory(systemDefaultTrustManager), systemDefaultTrustManager);
+
+ X509TrustManager trustManager = sslTrustManager != null ? sslTrustManager : systemDefaultTrustManager();
+ SSLSocketFactory sslFactory = sslSocketFactory != null ? sslSocketFactory : systemDefaultSslSocketFactory(trustManager);
+ builder.sslSocketFactory(sslFactory, trustManager);
return builder.build();
}
import org.junit.rules.ExpectedException;
import static org.assertj.core.api.Assertions.assertThat;
+import static org.mockito.Mockito.mock;
+
+import javax.net.ssl.SSLSocketFactory;
public class OkHttpClientBuilderTest {
assertThat(okHttpClient.sslSocketFactory()).isNotNull();
}
+ @Test
+ public void build_with_custom_sslSocketFactory() {
+ SSLSocketFactory sslSocketFactory = mock(SSLSocketFactory.class);
+ OkHttpClient okHttpClient = underTest
+ .setSSLSocketFactory(sslSocketFactory)
+ .build();
+
+ assertThat(okHttpClient.sslSocketFactory()).isEqualTo(sslSocketFactory);
+ }
+
@Test
public void build_throws_IAE_if_connect_timeout_is_negative() {
expectedException.expect(IllegalArgumentException.class);