AndroidMessageHandler Class
Definition
Important
Some information relates to prerelease product that may be substantially modified before it’s released. Microsoft makes no warranties, express or implied, with respect to the information provided here.
A custom implementation of HttpMessageHandler which internally uses HttpURLConnection (or its HTTPS incarnation) to send HTTP requests.
public class AndroidMessageHandler : System.Net.Http.HttpMessageHandler
type AndroidMessageHandler = class
inherit HttpMessageHandler
- Inheritance
-
AndroidMessageHandler
Remarks
Instance of this class is used to configure HttpClient instance in the following way:
The class supports pre-authentication of requests albeit in a slightly "manual" way. Namely, whenever a request to a server requiring authentication is made and no authentication credentials are provided in the PreAuthenticationData property (which is usually the case on the first request), the RequestNeedsAuthorization property will return true
and the RequestedAuthentication property will contain all the authentication information gathered from the server. The application must then fill in the blanks (i.e. the credentials) and re-send the request configured to perform pre-authentication. The reason for this manual process is that the underlying Java HTTP client API supports only a single, VM-wide, authentication handler which cannot be configured to handle credentials for several requests. AndroidMessageHandler, therefore, implements the authentication in managed .NET code. Message handler supports both Basic and Digest authentication. If an authentication scheme that's not supported by AndroidMessageHandler is requested by the server, the application can provide its own authentication module (AuthenticationData, PreAuthenticationData) to handle the protocol authorization.
AndroidMessageHandler also supports requests to servers with "invalid" (e.g. self-signed) SSL certificates. Since this process is a bit convoluted using the Java APIs, AndroidMessageHandler defines two ways to handle the situation. First, easier, is to store the necessary certificates (either CA or server certificates) in the TrustedCerts collection or, after deriving a custom class from AndroidMessageHandler, by overriding one or more methods provided for this purpose (ConfigureTrustManagerFactory(KeyStore), ConfigureKeyManagerFactory(KeyStore) and ConfigureKeyStore(KeyStore)). The former method should be sufficient for most use cases, the latter allows the application to provide fully customized key store, trust manager and key manager, if needed. Note that the instance of AndroidMessageHandler configured to accept an "invalid" certificate from the particular server will most likely fail to validate certificates from other servers (even if they use a certificate with a fully validated trust chain) unless you store the CA certificates from your Android system in TrustedCerts along with the self-signed certificate(s).
Constructors
AndroidMessageHandler() |
Properties
AllowAutoRedirect | |
AutomaticDecompression | |
CheckCertificateRevocationList | |
ClientCertificateOptions | |
ClientCertificates | |
ConnectTimeout |
Specifies the connect timeout The native Java client supports two separate timeouts - one for reading from the connection (ReadTimeout) and another for establishing the connection. This property sets the value of the latter timeout, unless it is set to Zero in which case the native Java client defaults are used.
The default value is |
CookieContainer | |
Credentials | |
DefaultProxyCredentials | |
MaxAutomaticRedirections | |
MaxConnectionsPerServer | |
MaxResponseHeadersLength | |
PreAuthenticate | |
PreAuthenticationData |
Gets or sets the pre authentication data for the request. This property must be set by the application before the request is made. Generally the value can be taken from RequestedAuthentication after the initial request, without any authentication data, receives the authorization request from the server. The application must then store credentials in instance of AuthenticationData and assign the instance to this property before retrying the request. The property is never set by AndroidMessageHandler. |
Properties | |
Proxy | |
ProxyAuthenticationRequested |
Server authentication response indicates that the request to authorize comes from a proxy if this property is |
ReadTimeout |
Specifies the connection read timeout. Since there's no way for the handler to access Timeout directly, this property should be set by the calling party to the same desired value. Value of this property will be passed to the native Java HTTP client, unless it is set to Zero
The default value is |
RequestedAuthentication |
If the website requires authentication, this property will contain data about each scheme supported
by the server after the response. Note that unauthorized request will return a valid response - you
need to check the status code and and (re)configure AndroidMessageHandler instance accordingly by providing
both the credentials and the authentication scheme by setting the PreAuthenticationData
property. If AndroidMessageHandler is not able to detect the kind of authentication scheme it will store an
instance of AuthenticationData with its Scheme property
set to |
RequestNeedsAuthorization |
If |
ServerCertificateCustomValidationCallback | |
SslProtocols | |
SupportsAutomaticDecompression | |
SupportsProxy | |
SupportsRedirectConfiguration | |
TrustedCerts |
If the request is to the server protected with a self-signed (or otherwise untrusted) SSL certificate, the request will fail security chain verification unless the application provides either the CA certificate of the entity which issued the server's certificate or, alternatively, provides the server public key. Whichever the case, the certificate(s) must be stored in this property in order for AndroidMessageHandler to configure the request to accept the server certificate. AndroidMessageHandler uses a custom KeyStore and TrustManagerFactory to configure the connection. If, however, the application requires finer control over the SSL configuration (e.g. it implements its own TrustManager) then it should leave this property empty and instead derive a custom class from AndroidMessageHandler and override, as needed, the ConfigureTrustManagerFactory(KeyStore), ConfigureKeyManagerFactory(KeyStore) and ConfigureKeyStore(KeyStore) methods instead |
UseCookies | |
UseProxy |
Methods
AssertSelf() | |
ConfigureCustomSSLSocketFactory(HttpsURLConnection) |
Configure and return a custom SSLSocketFactory for the passed HTTPS |
ConfigureKeyManagerFactory(KeyStore) |
Create and configure an instance of KeyManagerFactory. The |
ConfigureKeyStore(KeyStore) |
Configures the key store. The |
ConfigureTrustManagerFactory(KeyStore) |
Create and configure an instance of TrustManagerFactory. The |
Dispose(Boolean) | |
GetJavaProxy(Uri, CancellationToken) | |
GetSSLHostnameVerifier(HttpsURLConnection) |
Returns a custom host name verifier for a HTTPS connection. By default it returns |
SendAsync(HttpRequestMessage, CancellationToken) |
Creates, configures and processes an asynchronous request to the indicated resource. |
SetupRequest(HttpRequestMessage, HttpURLConnection) |
Configure the HttpURLConnection before the request is sent. This method is meant to be overriden by applications which need to perform some extra configuration steps on the connection. It is called with all the request headers set, pre-authentication performed (if applicable) but before the request body is set (e.g. for POST requests). The default implementation in AndroidMessageHandler does nothing. |
WriteRequestContentToOutput(HttpRequestMessage, HttpURLConnection, CancellationToken) |