Skip to content

feat: add --root-certificate-path option for mobile dev #13358

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Open
wants to merge 1 commit into
base: dev
Choose a base branch
from
Open

feat: add --root-certificate-path option for mobile dev #13358

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
5 changes: 5 additions & 0 deletions .changes/load-cert-mobile.md
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,5 @@
---
"tauri": minor:feat
---

Load root certificate from CLI-set environment variable and use it on the mobile dev server proxy.
6 changes: 6 additions & 0 deletions .changes/mobile-dev-root-cert.md
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,6 @@
---
"tauri-cli": minor:feat
"@tauri-apps/cli": minor:feat
---

Added `--root-certificate-path` option to `android dev` and `ios dev` to be able to connect to HTTPS dev servers.
12 changes: 11 additions & 1 deletion crates/tauri-cli/src/mobile/android/dev.rs
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -34,7 +34,7 @@ use cargo_mobile2::{
target::TargetTrait,
};

use std::env::set_current_dir;
use std::{env::set_current_dir, path::PathBuf};

#[derive(Debug, Clone, Parser)]
#[clap(
Expand Down Expand Up @@ -96,6 +96,9 @@ pub struct Options {
/// Specify port for the built-in dev server for static files. Defaults to 1430.
#[clap(long, env = "TAURI_CLI_PORT")]
pub port: Option<u16>,
/// Path to the certificate file used by your dev server. Required when using HTTPS.
#[clap(long, env = "TAURI_DEV_ROOT_CERTIFICATE_PATH")]
pub root_certificate_path: Option<PathBuf>,
}

impl From<Options> for DevOptions {
Expand Down Expand Up @@ -129,6 +132,13 @@ pub fn command(options: Options, noise_level: NoiseLevel) -> Result<()> {

fn run_command(options: Options, noise_level: NoiseLevel) -> Result<()> {
delete_codegen_vars();
// setup env additions before calling env()
if let Some(root_certificate_path) = &options.root_certificate_path {
std::env::set_var(
"TAURI_DEV_ROOT_CERTIFICATE",
std::fs::read_to_string(root_certificate_path).context("failed to read certificate file")?,
);
}

let tauri_config = get_tauri_config(
tauri_utils::platform::Target::Android,
Expand Down
13 changes: 12 additions & 1 deletion crates/tauri-cli/src/mobile/ios/dev.rs
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -32,7 +32,7 @@ use cargo_mobile2::{
opts::{NoiseLevel, Profile},
};

use std::env::set_current_dir;
use std::{env::set_current_dir, path::PathBuf};

const PHYSICAL_IPHONE_DEV_WARNING: &str = "To develop on physical phones you need the `--host` option (not required for Simulators). See the documentation for more information: https://v2.tauri.app/develop/#development-server";

Expand Down Expand Up @@ -101,6 +101,9 @@ pub struct Options {
/// Specify port for the built-in dev server for static files. Defaults to 1430.
#[clap(long, env = "TAURI_CLI_PORT")]
pub port: Option<u16>,
/// Path to the certificate file used by your dev server. Required when using HTTPS.
#[clap(long, env = "TAURI_DEV_ROOT_CERTIFICATE_PATH")]
pub root_certificate_path: Option<PathBuf>,
}

impl From<Options> for DevOptions {
Expand Down Expand Up @@ -133,6 +136,14 @@ pub fn command(options: Options, noise_level: NoiseLevel) -> Result<()> {
}

fn run_command(options: Options, noise_level: NoiseLevel) -> Result<()> {
// setup env additions before calling env()
if let Some(root_certificate_path) = &options.root_certificate_path {
std::env::set_var(
"TAURI_DEV_ROOT_CERTIFICATE",
std::fs::read_to_string(root_certificate_path).context("failed to read certificate file")?,
);
}

let env = env()?;
let device = if options.open {
None
Expand Down
37 changes: 36 additions & 1 deletion crates/tauri/src/protocol/tauri.rs
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -114,7 +114,42 @@ fn get_response<R: Runtime>(
decoded_path.trim_start_matches('/')
);

let mut proxy_builder = reqwest::ClientBuilder::new()
let mut client = reqwest::ClientBuilder::new();

if url.starts_with("https://") {
// we can't load env vars at runtime, gotta embed them in the lib
if let Some(cert_pem) = option_env!("TAURI_DEV_ROOT_CERTIFICATE") {
#[cfg(any(
feature = "native-tls",
feature = "native-tls-vendored",
feature = "rustls-tls"
))]
{
log::info!("adding dev server root certificate");
client = client.add_root_certificate(
reqwest::Certificate::from_pem(cert_pem.as_bytes())
.expect("failed to parse TAURI_DEV_ROOT_CERTIFICATE"),
);
}

#[cfg(not(any(
feature = "native-tls",
feature = "native-tls-vendored",
feature = "rustls-tls"
)))]
{
log::warn!(
"the dev root-certificate-path option was provided, but you must enable one of the following Tauri features in Cargo.toml: native-tls, native-tls-vendored, rustls-tls"
);
}
} else {
log::warn!(
"loading HTTPS URL; you might need to provide a certificate via the `dev --root-certificate-path` option. You must enable one of the following Tauri features in Cargo.toml: native-tls, native-tls-vendored, rustls-tls"
);
}
}

let mut proxy_builder = client
.build()
.unwrap()
.request(request.method().clone(), &url);
Expand Down
Loading