I'm trying to create a group room using Twilio REST API, but i am facing a crash:
Process: com.example.twilioroom, PID: 25401
java.lang.NoSuchFieldError: No static field INSTANCE of type Lorg/apache/http/conn/ssl/AllowAllHostnameVerifier; in class Lorg/apache/http/conn/ssl/AllowAllHostnameVerifier; or its superclasses (declaration of 'org.apache.http.conn.ssl.AllowAllHostnameVerifier' appears in /system/framework/framework.jar!classes2.dex)
at org.apache.http.conn.ssl.SSLConnectionSocketFactory.<clinit>(SSLConnectionSocketFactory.java:151)
at org.apache.http.conn.ssl.SSLConnectionSocketFactory.getSystemSocketFactory(SSLConnectionSocketFactory)
Here is my code where i'm trying to verify hostname:
Twilio.init(multiAccountSID,multiAccountAuthToken)
val httpClientBuilder = HttpClientBuilder.create()
httpClientBuilder.setSSLHostnameVerifier(object : HostnameVerifier{
override fun verify(hostname: String?, session: SSLSession?): Boolean {
certs = try {
session!!.peerCertificates
} catch (e: SSLException) {
return false
}
val x509: X509Certificate = certs[0] as X509Certificate
val hostName = hostname!!.trim().toLowerCase(Locale.ENGLISH)
val firstCn: String = getFirstCn(x509)
if (Pattern.matches(hostName, firstCn)) {
return true
}
for (cn in getDNSSubjectAlts(x509)) {
if (Pattern.matches(hostName, cn!!)) {
return true
}
}
return true
}
})
val verifier = SSLConnectionSocketFactory.ALLOW_ALL_HOSTNAME_VERIFIER
val sslSocketFactory = SSLConnectionSocketFactory.getSocketFactory()
httpClientBuilder.setSSLSocketFactory(sslSocketFactory)
httpClientBuilder.build()
val networkHttpClient = NetworkHttpClient(httpClientBuilder)
val twilioRestClient = TwilioRestClient.Builder(multiAccountSID,multiAccountAuthToken).httpClient(networkHttpClient).build()
Log.d("networkHttpClient", "getAccessToken: "+networkHttpClient.lastResponse.statusCode)
but i'm getting error on:
val sslSocketFactory = SSLConnectionSocketFactory.getSocketFactory()
Can someone help me what I'm doing wrong?
The Twilio Java library is not built to be used in an Android application. This is because the Twilio library requires your account credentials in order to make requests to the API and if your application is handling those credentials a malicious user could decompile the application, extract the credentials and use them to abuse your account.
Instead, you should make the requests to the Twilio API from a server side application, where you can keep the API credentials safe, and trigger that request from your application.
Here is more about why you should not make API requests from your Android application and an example how to build a server side application that can make these requests for your application (the example is to send an SMS, but you can switch that out for using the Verify API).