Coder Social home page Coder Social logo

Comments (7)

OGKevin avatar OGKevin commented on August 19, 2024

waw 🤦‍♂️ 👏, lets hope that they will be more careful when doing this on prod. This prob means that all SDK's are broken. There is a way you can fix this yourself however, anyone can update the hardcoded cert. I forgot the command however, it was in my notes back in the day. @kojoru If esan is still there, you can ask him if he remembers.

from sdk_java.

erwindeg avatar erwindeg commented on August 19, 2024

This should be the new value:
sha256/9Y+oZve6H+r17Kdn+lN5sT0ijgxLyDGIuQtUwLupawA=

from sdk_java.

OGKevin avatar OGKevin commented on August 19, 2024

This should be the new value:
sha256/9Y+oZve6H+r17Kdn+lN5sT0ijgxLyDGIuQtUwLupawA=

A nice, create a pull request I would say 😊 Also, it would be a good idea to add a comment in the code in https://github.com/bunq/sdk_java/blob/f3818e3380b472cafd1dbe69bf45a78434f54c84/src/main/java/com/bunq/sdk/context/ApiEnvironmentType.java on the command to run to update it 😊

from sdk_java.

erwindeg avatar erwindeg commented on August 19, 2024

Yes, I just did :)

from sdk_java.

mwlynch avatar mwlynch commented on August 19, 2024

FYI: This is how we got the new value.
Run this and grab the new key from the log output.

        String hostname = "public-api.sandbox.bunq.com";

        CertificatePinner certificatePinner = new CertificatePinner.Builder()
                .add(hostname, "sha256/AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA=")
                .build();

        OkHttpClient client = new OkHttpClient.Builder()
                .certificatePinner(certificatePinner)
                .build();

        Request request = new Request.Builder()
                .url("https://" + hostname)
                .build();
        client.newCall(request).execute();

from sdk_java.

OGKevin avatar OGKevin commented on August 19, 2024

hmm, I used to use the openssl command to get this. That was the command I was referring tho. Interesting method however :P

from sdk_java.

mwlynch avatar mwlynch commented on August 19, 2024

There, I figured it out :-P

openssl s_client -connect sandbox.bunq.com:443 -showcerts < /dev/null 2> /dev/null | openssl x509 -pubkey -noout | openssl enc -base64 -d | openssl dgst -sha256 -binary | openssl enc -base64

(and yes, this is considerably more classy than grabbing it from okhttp's error output...)

from sdk_java.

Related Issues (20)

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. 📊📈🎉

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google ❤️ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.