I'm doing some research on cross-platform mobile development with NativeScript and I've been unable to find any information on certificate pinning in NativeScript. I know Telerik provides the secure-http module to achieve true certificate pinning for hybrid mobile apps, maybe I looked over it in their roadmap.
Cheers.
Yes you can do it via one module is called nativescript-https
Install the plugin:
tns plugin add nativescript-https
You required to setup certificate as well, Please check this nativescript-https for more details
Related
I am building a cross platform application with React Native for MDM managed devices. The authentication to the Azure AD should be SSO (automatically based on the work profile / intune information) and not through a classic WebView.
I heard that this could be done by Broker Authentication Support (e.g. for Microsoft Authenticator) but I couldn't find any library supporting that. I've tried following libraries but most of them are not maintained anymore or they are following the WebView approach: react-native-ms-adal, react-native-azure-adal, react-native-azure-ad.
Has anyone build such an use case or does know a working library?
• To enable broker authentication support for react native applications on Azure AD MDM managed devices, you will have to ensure that the following method is enabled for broker component support in ADAL for Android 3.0.0: -
Microsoft.ADAL.AuthenticationSettings.setUseBroker(true);
Developer needs to register special ‘redirectUri’ for broker usage. ‘RedirectUri’ is in the format of ‘msauth://packagename/Base64UrlencodedSignature’. Thus, since ADALis deprecated and MSAL is in place for it, you will have to use MSAL for Android 3.0+ library. For that purpose, you will have to install dependencies and declare it on MSAL as below: -
dependencies {
implementation 'com.microsoft.identity.client:msal:3.0.+'
}
Thus, in this way, you can configure Azure AD broker authentication in MDM devices. For more information, kindly refer to the below documentation link: -
https://github.com/AzureAD/microsoft-authentication-library-for-android
https://github.com/northwesternmutual/azure-activedirectory-library-for-react-native/blob/master/README.md#android-quirks
Keeping things simple: I need to add client certificate to a mobile app developed in Titanium but I have no clue about how to start.
I have found no info on the next, except:
A reference on Titanium Dev Site to a 'securityManager' class, which should finally implement a platform-based method.
An HTTPS module for Titanium but seems to cover only server key pinning, not client certificate.
On the other hand I was trying to find any additional component which speeds up integration of a TLS layer, including the client cert. feature. So far I have found this but it seems that the HTTP feature is not well documented.
Basically the question is, is there any way to implement client certificates on Titanium Appcelerator? (versions SDK 5.5.0; Studio 4.7.1).
Any suggestion will be greatly appreciated.
Unfortunately the pinning was not enough in our case, we have a client asking specifically for Certificate Authentication.
I ended up rewriting a whole new http client starting from this module
https://github.com/ioxdue/two-way-authentication/tree/master/HTTPSSLTiModule
The delegate "didReceiveAuthenticationChallenge" only works with NSURLConnection, Titanium used to use that library up to the 3.4.0 SDK but then switched to a different library.
SSL pinning on MobileFirst 6.3 project
Is it possible to implement SSL pinning on MobileFirst 6.3 project ?
Built-in Certificate Pinning is available in MobileFirst 7.1; consider upgrading.
Otherwise you may be able to find 3rd part Cordova plug-ins that provide Certificate Pinning functionality.
I am developing a native android app on MobileFirst platform. Does MobileFirst provide any code to connect to a web service instead of going through adapters? This is basically only for Native Android development and not for Hybrid app.
The MobileFirst SDK only provides what is required to work with features provided by MobileFirst, such as connecting to various backends using Adapters with the added benefit of the MobileFirst security framework, and other features.
If you have a need to connect to backends not via MobileFirst, use other common client-side utilities to achieve that.
I used the following code and it worked.
WLResourceRequest request = new WLResourceRequest("Actual server path here", GET);
request.addHeader(new BasicHeader("IfAnyHeader", "here"));
request.send(new ResponseListener());
If you are using native Android, you could use volley (or similar) to call external web services or REST apis.
http://developer.android.com/training/volley/index.html
Nothing to do with MobileFirst though, all totally standard Android native coding.
I am looking for reference and tutorial of MobileFirst Platform Foundation provided LDAP authentication.
AFAIK and as far as I can get from sources out there, MFPF provides LDAP auth for hybrid app only as can be read from here.
I followed this tutorial to create native API and import all MFPF jar into native project and tried to import com.worklightcore.auth.ext.ldapLoginModule as seen from example code in hybrid below, but can't.
Does Worklight supports LDAP auth for native?
Tried to import it where? What exactly did you try to import?
This is all server-side, so while the sample project contains a Hybrid application - the LDAP part is a server-side component (as it is defined in the authenticationConfig.xml file) and is valid for native apps as well.
Be it Hybrid or Native, both would communicate with the server via an adapter.
Be it Hybrid or Native, the adapter and any server-side configuration, including LDAP, is done in the MobileFirst project in Eclipse, and not in the native project (Xcode, Android Studio and so on).
You will need to better illustrate what you have done.
Even better, provide your native project for later debugging.
You can also take the LDAP sample project and keep it as-is.
Only add a NativeAPI, copy over the SDK files into your native project and implement in the native app the same client-side code done in the Hybrid app (adapter calls, logic, if there's a challenge handler then that as well).