Skip to content

Commit

Permalink
feat(cli): add ssl pinning copy logic (#6312)
Browse files Browse the repository at this point in the history
Co-authored-by: Chace Daniels <chaced12@gmail.com>
  • Loading branch information
IT-MikeS and ItsChaceD authored Feb 21, 2023
1 parent 364497d commit cce66c1
Showing 1 changed file with 64 additions and 0 deletions.
64 changes: 64 additions & 0 deletions cli/src/tasks/copy.ts
Original file line number Diff line number Diff line change
Expand Up @@ -94,6 +94,14 @@ export async function copy(
usesLiveUpdates = true;
}

let usesSSLPinning = false;
if (
allPlugins.filter(plugin => plugin.id === '@ionic-enterprise/ssl-pinning')
.length > 0
) {
usesSSLPinning = true;
}

if (platformName === config.ios.name) {
if (usesCapacitorPortals) {
await copyFederatedWebDirs(config, await config.ios.webDirAbs);
Expand All @@ -118,6 +126,13 @@ export async function copy(
config.ios.nativeTargetDirAbs,
);
}
if (usesSSLPinning && config.app.extConfig?.plugins?.SSLPinning?.certs) {
await copySSLCert(
config.app.extConfig.plugins.SSLPinning?.certs as unknown as string[],
config.app.rootDir,
await config.ios.webDirAbs,
);
}
await copyCapacitorConfig(config, config.ios.nativeTargetDirAbs);
const cordovaPlugins = await getCordovaPlugins(config, platformName);
await handleCordovaPluginsJS(cordovaPlugins, config, platformName);
Expand Down Expand Up @@ -145,6 +160,13 @@ export async function copy(
config.android.assetsDirAbs,
);
}
if (usesSSLPinning && config.app.extConfig?.plugins?.SSLPinning?.certs) {
await copySSLCert(
config.app.extConfig.plugins.SSLPinning?.certs as unknown as string[],
config.app.rootDir,
config.android.assetsDirAbs,
);
}
await copyCapacitorConfig(config, config.android.assetsDirAbs);
const cordovaPlugins = await getCordovaPlugins(config, platformName);
await handleCordovaPluginsJS(cordovaPlugins, config, platformName);
Expand Down Expand Up @@ -281,3 +303,45 @@ async function copySecureLiveUpdatesKey(
},
);
}

async function copySSLCert(
sslCertPaths: string[],
rootDir: string,
targetDir: string,
) {
const validCertPaths: string[] = [];
for (const sslCertPath of sslCertPaths) {
const certAbsFromPath = join(rootDir, sslCertPath);
if (!/^.+\.(cer)$/.test(certAbsFromPath)) {
logger.warn(
`Cannot copy file from ${c.strong(certAbsFromPath)}\n` +
`The file is not a .cer SSL Certificate file.`,
);

return;
}
if (!(await pathExists(certAbsFromPath))) {
logger.warn(
`Cannot copy SSL Certificate file from ${c.strong(certAbsFromPath)}\n` +
`SSL Certificate does not exist at specified path.`,
);

return;
}
validCertPaths.push(certAbsFromPath);
}
const certsDirAbsToPath = join(targetDir, 'certs');
const certsDirRelToDir = relative(rootDir, targetDir);
await runTask(
`Copying SSL Certificates from to ${certsDirRelToDir}`,
async () => {
const promises: Promise<void>[] = [];
for (const certPath of validCertPaths) {
promises.push(
fsCopy(certPath, join(certsDirAbsToPath, basename(certPath))),
);
}
return Promise.all(promises);
},
);
}

0 comments on commit cce66c1

Please sign in to comment.