kiosk-ops-sdk/com.sarastarquant.kioskops.sdk.transport.security/CertificatePinningInterceptor

CertificatePinningInterceptor

class CertificatePinningInterceptor(pins: List<CertificatePin>, onPinValidationFailure: (String, String) -> Unit? = null) : Interceptor

Deprecated

Pin validation here runs post-handshake; use okhttp3.CertificatePinner on OkHttpClient.Builder and observe failures via EventListener instead. The SDK wires this automatically when TransportSecurityPolicy.certificatePins is non-empty.

OkHttp interceptor for certificate pinning validation.

Deprecated in 1.2.0: pin validation here runs after the TLS handshake and body exchange, so a misconfigured or rogue certificate can observe the request body before the interceptor rejects the response. The SDK wires okhttp3.CertificatePinner directly on the okhttp3.OkHttpClient.Builder instead, which fails the handshake itself. The host-provided error listener and audit trail still see the failure via an okhttp3.EventListener installed on the SDK-built client; callers using the SDK's HTTP stack get this behavior for free from TransportSecurityPolicy.certificatePins.

Retained for source compatibility; scheduled for removal in 1.4.0.

Constructors

Link copied to clipboard
constructor(pins: List<CertificatePin>, onPinValidationFailure: (String, String) -> Unit? = null)

Types

Link copied to clipboard
object Companion

Functions

Link copied to clipboard
open override fun intercept(chain: Interceptor.Chain): Response
Generated by Dokka
© 2026 Copyright