Added security policy.

Author: devedbox

.DS_Store

@@ -43,6 +43,7 @@
 #import <NJKWebViewProgress/NJKWebViewProgressView.h>
 #if AX_WEB_VIEW_CONTROLLER_USING_WEBKIT
 #import <WebKit/WebKit.h>
+#import "AFSecurityPolicy.h"
 #endif
 #ifndef AX_REQUIRES_SUPER
 #if __has_attribute(objc_requires_super)
@@ -101,6 +102,8 @@ typedef NS_ENUM(NSInteger, AXWebViewControllerNavigationType) {
 - (void)webViewController:(AXWebViewController *)webViewController didFailLoadWithError:(NSError *)error;
 @end
 #if AX_WEB_VIEW_CONTROLLER_USING_WEBKIT
+typedef NSURLSessionAuthChallengeDisposition (^WKWebViewDidReceiveAuthenticationChallengeHandler)(WKWebView *webView, NSURLAuthenticationChallenge *challenge, NSURLCredential * _Nullable __autoreleasing * _Nullable credential);
+
 @interface AXWebViewController : UIViewController <WKUIDelegate, WKNavigationDelegate>
 {
     @protected
@@ -238,4 +241,14 @@ typedef NS_ENUM(NSInteger, AXWebViewControllerNavigationType) {
 ///
 @property(readonly, nonatomic) UILabel *descriptionLabel;
 @end
+
+#if AX_WEB_VIEW_CONTROLLER_USING_WEBKIT
+@interface AXWebViewController (Security)
+/// Challenge handler for the credential.
+@property(copy, nonatomic, nullable) WKWebViewDidReceiveAuthenticationChallengeHandler challengeHandler;
+/// The security policy used by created session to evaluate server trust for secure connections.
+/// `AXWebViewController` uses the `defaultPolicy` unless otherwise specified.
+@property (strong, nonatomic, nullable) AFSecurityPolicy *securityPolicy;
+@end
+#endif
 NS_ASSUME_NONNULL_END

AXWebViewController/AXWebViewController/AXWebViewController.h

@@ -49,6 +49,9 @@ @interface AXWebViewController ()<NJKWebViewProgressDelegate>
     NSURL *_baseURL;
 #if AX_WEB_VIEW_CONTROLLER_USING_WEBKIT
     WKWebViewConfiguration *_configuration;
+    
+    WKWebViewDidReceiveAuthenticationChallengeHandler _challengeHandler;
+    AFSecurityPolicy *_securityPolicy;
 #endif
 
     NSURLRequest *_request;
@@ -1096,6 +1099,32 @@ - (void)webView:(WKWebView *)webView didFailNavigation:(null_unspecified WKNavig
     [self didFailLoadWithError:error];
 }
 - (void)webView:(WKWebView *)webView didReceiveAuthenticationChallenge:(NSURLAuthenticationChallenge *)challenge completionHandler:(void (^)(NSURLSessionAuthChallengeDisposition disposition, NSURLCredential *__nullable credential))completionHandler {
+    // !!!: Do add the security policy if using a custom credential.
+    NSURLSessionAuthChallengeDisposition disposition = NSURLSessionAuthChallengePerformDefaultHandling;
+    __block NSURLCredential *credential = nil;
+    
+    if (self.challengeHandler) {
+        disposition = self.challengeHandler(webView, challenge, &credential);
+    } else {
+        if ([challenge.protectionSpace.authenticationMethod isEqualToString:NSURLAuthenticationMethodServerTrust]) {
+            if ([self.securityPolicy evaluateServerTrust:challenge.protectionSpace.serverTrust forDomain:challenge.protectionSpace.host]) {
+                credential = [NSURLCredential credentialForTrust:challenge.protectionSpace.serverTrust];
+                if (credential) {
+                    disposition = NSURLSessionAuthChallengeUseCredential;
+                } else {
+                    disposition = NSURLSessionAuthChallengePerformDefaultHandling;
+                }
+            } else {
+                disposition = NSURLSessionAuthChallengePerformDefaultHandling;
+            }
+        } else {
+            disposition = NSURLSessionAuthChallengePerformDefaultHandling;
+        }
+    }
+    
+    if (completionHandler) {
+        completionHandler(disposition, credential);
+    }
     completionHandler(NSURLSessionAuthChallengePerformDefaultHandling, nil);
 }
 #if __IPHONE_OS_VERSION_MIN_REQUIRED >= __IPHONE_9_0
@@ -1523,6 +1552,24 @@ - (void)orientationChanged:(NSNotification *)note  {
 }
 @end
 
+@implementation AXWebViewController (Security)
+- (WKWebViewDidReceiveAuthenticationChallengeHandler)challengeHandler {
+    return _challengeHandler;
+}
+
+- (AFSecurityPolicy *)securityPolicy {
+    return _securityPolicy;
+}
+
+- (void)setChallengeHandler:(WKWebViewDidReceiveAuthenticationChallengeHandler)challengeHandler {
+    _challengeHandler = [challengeHandler copy];
+}
+
+- (void)setSecurityPolicy:(AFSecurityPolicy *)securityPolicy {
+    _securityPolicy = securityPolicy;
+}
+@end
+
 #if AX_WEB_VIEW_CONTROLLER_USING_WEBKIT
 @implementation UIProgressView (WebKit)
 + (void)load {