getDioClient function
Dio
getDioClient(})
Implementation
Dio getDioClient(
String baseUrl, {
bool enableAppAttestation = false,
bool enableSSLPinning = false,
bool sendHashInHeader = false,
bool sendHashInPayload = false,
}) {
var dio = Dio(BaseOptions(baseUrl: baseUrl));
// SSL Pinning
if (enableSSLPinning) {
dio.interceptors.add(CertificatePinningInterceptor());
}
// App Attestation
if (enableAppAttestation) {
dio.interceptors.add(
InterceptorsWrapper(
onRequest: (options, handler) async {
String decryptedString = decryptFileData(
await rootBundle.load('packages/quixxi/asset/info.txt'));
Map<String, dynamic> jsonData = jsonDecode(decryptedString);
String appAttestationKey = jsonData['secure_hash'];
if (sendHashInHeader) {
// Inject into headers
options.headers['SecureHash'] = appAttestationKey;
}
if (sendHashInPayload) {
// REST: JSON or FormData payload injection
if (options.data == null) {
options.data = {'SecureHash': appAttestationKey};
} else if (options.data is Map<String, dynamic>) {
(options.data as Map<String, dynamic>)['SecureHash'] =
appAttestationKey;
} else if (options.data is FormData) {
(options.data as FormData)
.fields
.add(MapEntry('SecureHash', appAttestationKey));
} else if (options.data is String &&
options.headers['Content-Type']?.contains("xml") == true) {
// SOAP: Inject into XML envelope before </soap:Body>
options.data = (options.data as String).replaceFirst(
'</soap:Body>',
'<SecureHash>$appAttestationKey</SecureHash></soap:Body>',
);
} else {
// Fallback: wrap the original payload
options.data = {
'originalPayload': options.data,
'SecureHash': appAttestationKey,
};
}
}
return handler.next(options);
},
),
);
}
return dio;
}