BlackBerry Dynamics Adds OkHttp Support on Android
Version 10.1 of the BlackBerry Dynamics SDK for Android added support for using OkHttp client and routing network traffic through the BlackBerry Dynamics (BD) secure network tunnel. You can find an overview of the BD secure network tunneling capabilities in the Architecture Overview.
We have implemented this capability by creating an OkHttp application interceptor, called BBCustomInterceptor that you add to your app’s OkHttp stack. This interceptor directs network connections through the BD network layer.
Here’s a code snippet of BBCustomInterceptor being added:
OkHttp has two kinds of Interceptor: network interceptors and application interceptors. When you build an OkHttpClient, it internally builds an interceptor stack like this:
When using OkHttp without BlackBerry Dynamics, the bottom-most interceptor, CallServerInterceptor, does the work of communicating with a server. We need to avoid that and instead use the BD HTTP stack. Above that are network interceptors, but these don't prevent the CallServerInterceptor from being called. Application interceptors are at the top of the stack, and don't have to call the rest of the stack. This was our choice to circumvent normal OkHttp network communications and substitute it with our own. However, the downside of this is that we don't get the functionality of the interceptors in between, specifically the following are not supported in our first release:
RetryAndFollowUpInterceptor - Handles retries, redirection, authentication etc.
BridgeInterceptor - Bridges between app requests and network requests. For example, it adds missing headers like Host, Content-Length, Accept-Encoding and handles cookies via a CookieJar.
CacheInterceptor – Allows you to specify a cache when building the client.
Note: Any interceptors added after BBCutstomInterceptor are ignored, so be sure to add BBCutstomInterceptor last when building your OkHttpClient.
An important note about Authenticators in the initial release. If you use an Authenticator that is added before BBCustomInterceptor and it provides everything required for authentication, it should work just fine. But if the Authenticator must react to anything, such as a 401, it will fail because multiple attempts are not currently made when using our solution. This is a capability we are planning to add in a future SDK release.
Kerberos PKINIT and Kerberos Constrained Delegation (KCD) should work as they are handled transparently by the BD network stack. No authenticator is required to use these.
Support of OkHttp CookieJar is planned for a future release. This means that cookie manipulation using OkHttp APIs is not available in the initial release. However, you can use BlackBerry Dynamics APIs to manipulate cookies. To do this, get an instance of the BD cookie handling singleton by creating a GDHttpClient and calling getCookieStore() and use that for cookie manipulation. This will allow cookies to be shared between OkHttp, GDHttpClient and BBWebView.
BBCustomInterceptor supports proxies that have been configured in your BlackBerry UEM Admin Console. Both manual and PAC-based configurations can be used. Proxy authentication will also be handled automatically when configured within BlackBerry UEM. User-based or app-based authentication to proxy servers should also work, assuming the 407 HTTP status is handled by your app.
Check Out Our Sample and Watch for New Features!
We have created a BlackBerry Dynamics sample project, demonstrating the use of BBCustomInterceptor. It’s called OkHttpBD, and you can find it in the BlackBerry-Dynamics-Android-Samples repository. Give it a try and let us know your feedback.
We’re also working on adding additional capabilities to our OkHttp implementation, so be sure to check the release notes of the version of BlackBerry Dynamics SDK for Android you are using. Some of the limitations noted above may have already been resolved.