Using Moya for iOS to obtain an access token from a server

Question

I'm using Moya for iOS networking. Our server (on a virtual machine) uses OAuth and the requests need to be made with an access token. I'm trying to retrieve the initial access token with POST /oauth/token to our endpoint.

What I'm getting back is:

The certificate for this server is invalid. You might be connecting to a server that is pretending to be “xxxxxx” which could put your confidential information at risk." Would you like to connect to the server anyway?

The VM does not validate certificates.

Could this be the issue?

If so, how should Moya be configured to disregard the certificate validation?

If not, any ideas of how to use Moya for this purpose?

Below is the Moya configuration:

enum MyApi {
    case auth
}

extension MyApi: TargetType {
    var baseURL: URL {
        return URL(string: "https://server.nb/api/oauth/token")!
    }
    
    var path: String {
        return ""
    }
    
    var method: Moya.Method {
        return .post
    }
    
    var sampleData: Data {
        return Data()
    }
    
    var task: Task {
        let params = [
            "client_id": "xxxxxxx",
            "client_secret": "xxxxxxxx",
            "grant_type": "password",
            "password": "xxxxxxxx",
            "username": "niv@bp.com"
        ]
        
        return .requestParameters(parameters: params, encoding: URLEncoding.default)
    }
    
    var headers: [String : String]? {
        let headers = [
            "Content-Type": " application/x-www-form-urlencoded",
        ]
        return headers
    }
}

EDIT:

This is the info.plist:

<key>NSAppTransportSecurity</key>
    <dict>
        <key>NSAllowsArbitraryLoads</key>
        <true/>
        <key>NSExceptionDomains</key>
        <dict>
            <key>https://server.nb</key>
            <dict>
                <key>NSExceptionAllowsInsecureHTTPLoads</key>
                <true/>
                <key>NSExceptionRequiresForwardSecrecy</key>
                <false/>
                <key>NSIncludesSubdomains</key>
                <true/>
                <key>NSAllowsArbitraryLoads</key>
                <true/>
            </dict>
        </dict>
    </dict>

This is the Moya provider service:

struct MoyaNetworkService {
    private let moyaProvider: MoyaProvider<MyApi>!

    init(moyaProvider: MoyaProvider<MyApi> = MoyaProvider<MyApi>()) {
        self.moyaProvider = moyaProvider
    }

    func auth() {
        moyaProvider.request(.auth) { (result) in
        }
    }
}

Maybe you need to use http instead of https? If you are not using certificate. I also think you need to specify the doman like so - server.nb also. Maybe this could help https://stackoverflow.com/questions/23241872/nsurlconnection-cfurlconnection-http-load-failed-kcfstreamerrordomainssl-9813/30081871#30081871 — CloudBalancing, Jan 31 '21 at 20:00

Lena Bru · Answer 1 · 2021-01-31T22:40:42.957

0

extension ServerTrustPolicy {

    static let defaultTrustPolicy: ServerTrustPolicy = .pinPublicKeys(
        publicKeys: ServerTrustPolicy.publicKeys(),
        validateCertificateChain: true,
        validateHost: true
    )
    
    static let noEvaluationPolicy: ServerTrustPolicy = .disableEvaluation <== this is what you need
}

fileprivate lazy var trustPolicies: [String: ServerTrustPolicy] = {
        var trustPolicies = [String :ServerTrustPolicy]()
        trustPolicies["your_host_sans_https"] = .noEvaluationPolicy
        return trustPolicies
}()

fileprivate let manager = Manager (
    configuration: alamofireConfiguration,
    serverTrustPolicyManager: ServerTrustPolicyManager(policies: trustPolicies)
)

func getProvider() -> MoyaProvider<MyApi> {
    let provider = MoyaProvider<MyApi>(manager : manager)
    return provider
}

edited Jan 31 '21 at 22:40

answered Jan 31 '21 at 22:13

Lena Bru

13,521
11
61
126

Thank you for the answer @lena-bru. Unfortunately, `MoyaProvider` does not have an initializer with `manager` anymore. This is the initializer: `MoyaProvider(endpointClosure: requestClosure: stubClosure: callbackQueue: session: plugins: trackInflights:) ` – nivbp Feb 01 '21 at 07:43
which version of moya are you using ? – Lena Bru Feb 01 '21 at 11:36
14.0.0. I have also tried with URLSession and still does not work. I'm guessing this has to do with the ATS settings. I'm not sure which other settings to try – nivbp Feb 01 '21 at 14:24

score 0 · Answer 2 · answered Feb 01 '21 at 16:08

0

The issue was with the VM, which need a certificate. This is a link to a tech Q&A for how to set this up. I opted to use our VPN. https://developer.apple.com/library/archive/qa/qa1948/_index.html

answered Feb 01 '21 at 16:08

nivbp

310
1
11

Using Moya for iOS to obtain an access token from a server

2 Answers2