CtrlK
BlogDocsLog inGet started
Tessl Logo

tessl/maven-com-squareup-okhttp3--okhttp

Square's meticulous HTTP client for Java and Kotlin

Pending
Overview
Eval results
Files

security.mddocs/

Security and TLS

TLS configuration, certificate management, and authentication handling in OkHttp.

CertificatePinner

Constrains SSL connections to trusted certificates.

class CertificatePinner private constructor() {
    fun check(hostname: String, peerCertificates: List<Certificate>)
    fun findMatchingPins(hostname: String): List<Pin>
    
    class Builder {
        fun add(hostname: String, vararg pins: String): Builder
        fun build(): CertificatePinner
    }
    
    data class Pin(val hostname: String, val hashAlgorithm: String, val hash: ByteString)
    
    companion object {
        val DEFAULT: CertificatePinner
        fun pin(certificate: Certificate): String
        fun sha1Hash(certificate: Certificate): String  
        fun sha256Hash(certificate: Certificate): String
    }
}

ConnectionSpec

Specifies configuration for HTTPS connections.

class ConnectionSpec private constructor() {
    val isTls: Boolean
    val tlsVersions: List<TlsVersion>?
    val cipherSuites: List<CipherSuite>?
    val supportsTlsExtensions: Boolean
    
    fun isCompatible(socket: SSLSocket): Boolean
    fun apply(sslSocket: SSLSocket, isFallback: Boolean)
    
    class Builder(modern: Boolean) {
        constructor(connectionSpec: ConnectionSpec)
        
        fun allEnabledTlsVersions(): Builder
        fun tlsVersions(vararg tlsVersions: TlsVersion): Builder  
        fun tlsVersions(tlsVersions: List<TlsVersion>): Builder
        fun allEnabledCipherSuites(): Builder
        fun cipherSuites(vararg cipherSuites: CipherSuite): Builder
        fun cipherSuites(cipherSuites: List<CipherSuite>): Builder
        fun supportsTlsExtensions(supportsTlsExtensions: Boolean): Builder
        fun build(): ConnectionSpec
    }
    
    companion object {
        val MODERN_TLS: ConnectionSpec
        val COMPATIBLE_TLS: ConnectionSpec  
        val CLEARTEXT: ConnectionSpec
    }
}

Authenticator

Handles authentication challenges from web servers and proxies.

interface Authenticator {
    fun authenticate(route: Route?, response: Response): Request?
    
    companion object {
        val NONE: Authenticator
        val JAVA_NET_AUTHENTICATOR: Authenticator
    }
}

Basic Authentication Example

val authenticator = Authenticator { route, response ->
    if (response.request.header("Authorization") != null) {
        null // Give up, we've already attempted to authenticate
    } else {
        val credential = Credentials.basic("username", "password")
        response.request.newBuilder()
            .header("Authorization", credential)
            .build()
    }
}

val client = OkHttpClient.Builder()
    .authenticator(authenticator)
    .build()

Install with Tessl CLI

npx tessl i tessl/maven-com-squareup-okhttp3--okhttp

docs

caching.md

cookies.md

forms-multipart.md

http-client.md

index.md

interceptors.md

networking.md

requests-responses.md

security.md

urls.md

websockets.md

tile.json