Add self-signed trust for webview

app/src/main/java/gallery/memories/MainActivity.kt

@@ -4,6 +4,7 @@ import android.annotation.SuppressLint
 import android.content.Intent
 import android.graphics.Color
 import android.net.Uri
+import android.net.http.SslError
 import android.os.Build
 import android.os.Bundle
 import android.util.Log
@@ -11,6 +12,7 @@ import android.view.KeyEvent
 import android.view.View
 import android.view.WindowInsetsController
 import android.webkit.CookieManager
+import android.webkit.SslErrorHandler
 import android.webkit.WebResourceRequest
 import android.webkit.WebResourceResponse
 import android.webkit.WebView
@@ -29,6 +31,7 @@ import androidx.media3.exoplayer.source.ProgressiveMediaSource
 import gallery.memories.databinding.ActivityMainBinding
 import java.util.concurrent.Executors
 
+
 @UnstableApi
 class MainActivity : AppCompatActivity() {
     companion object {
@@ -149,6 +152,19 @@ class MainActivity : AppCompatActivity() {
                     nativex.handleRequest(request)
                 } else null
             }
+
+            override fun onReceivedSslError(
+                view: WebView?,
+                handler: SslErrorHandler?,
+                error: SslError?
+            ) {
+                if (nativex.http.isTrustingAllCertificates) {
+                    handler?.proceed()
+                } else {
+                    nativex.toast("Failed to load due to SSL error: ${error?.primaryError}", true)
+                    super.onReceivedSslError(view, handler, error)
+                }
+            }
         }
 
         // Pass through touch events

app/src/main/java/gallery/memories/service/AccountService.kt

@@ -17,7 +17,6 @@ class AccountService(private val mCtx: MainActivity, private val mHttp: HttpServ
     }
 
     private val store = SecureStorage(mCtx)
-    private var mTrustAll = false
 
     /**
      * Make the first request to log in
@@ -26,7 +25,6 @@ class AccountService(private val mCtx: MainActivity, private val mHttp: HttpServ
      */
     fun login(url: String, trustAll: Boolean) {
         try {
-            mTrustAll = trustAll
             mHttp.build(url, trustAll)
 
             val res = mHttp.getApiDescription()
@@ -189,7 +187,7 @@ class AccountService(private val mCtx: MainActivity, private val mHttp: HttpServ
     fun storeCredentials(url: String, user: String, password: String) {
         store.saveCredentials(Credential(
             url = url,
-            trustAll = mTrustAll,
+            trustAll = mHttp.isTrustingAllCertificates,
             username = user,
             token = password,
         ))

app/src/main/java/gallery/memories/service/HttpService.kt

@@ -25,7 +25,14 @@ class HttpService {
 
     private var client = OkHttpClient()
     private var authHeader: String? = null
-    private var baseUrl: String? = null
+    private var mBaseUrl: String? = null
+    private var mTrustAll = false
+
+    /**
+     * Check if all certificates are trusted
+     */
+    val isTrustingAllCertificates: Boolean
+        get() = mTrustAll
 
     /**
      * Check if the HTTP service is logged in
@@ -40,7 +47,8 @@ class HttpService {
      * @param trustAll Whether to trust all certificates
      */
     fun build(url: String?, trustAll: Boolean) {
-        baseUrl = url
+        mBaseUrl = url
+        mTrustAll = trustAll
         client = if (trustAll) {
             val trustAllCerts = arrayOf<TrustManager>(
                 object : X509TrustManager {
@@ -97,8 +105,8 @@ class HttpService {
      */
     fun loadWebView(webView: WebView, subpath: String? = null): String? {
         // Load app interface if authenticated
-        if (authHeader != null && baseUrl != null) {
+        if (authHeader != null && mBaseUrl != null) {
-            var url = baseUrl
+            var url = mBaseUrl
             if (subpath != null) url += subpath
 
             // Get host name
@@ -174,7 +182,7 @@ class HttpService {
     /** Build a GET request */
     private fun buildGet(path: String, auth: Boolean = true): Request {
         val builder = Request.Builder()
-            .url(baseUrl + path)
+            .url(mBaseUrl + path)
             .header("User-Agent", "Memories")
             .get()