Remove custom certificate handling (#1635)

Certificate validation logic implemented in the
Data SDK is a subject of transient errors, as
it is implemented on top of deprecated APIs.

Given that there's no handling of the custom
certificates and logic corresponds to the
default certificate handling in the iOS, custom
implementation can be removed in the faviour
of default handling.

Relates-To: HERESDK-5806

Signed-off-by: Mykhailo Diachenko <[email protected]>

Author: diachenko-mischa

olp-cpp-sdk-core/src/http/ios/OLPHttpClient.mm

@@ -452,34 +452,14 @@ - (void)URLSession:(NSURLSession*)session
                           "didReceiveChallenge failed - invalid session, "
                           "task_id=%u",
                           (unsigned int)dataTask.taskIdentifier);
+    // Don't hang in non-happy path
+    completionHandler(NSURLSessionAuthChallengeCancelAuthenticationChallenge,
+                      nil);
     return;
   }
 
-  @autoreleasepool {
-    if ([challenge.protectionSpace.authenticationMethod
-            isEqualToString:NSURLAuthenticationMethodServerTrust]) {
-      if (dataTask) {
-        OLPHttpTask* httpTask =
-            [self taskWithTaskDescription:dataTask.taskDescription];
-        if (![httpTask isValid]) {
-          return;
-        }
-        // TODO: Don't verify certificate is not implemented
-        if (![self shouldTrustProtectionSpace:challenge.protectionSpace]) {
-          completionHandler(
-              NSURLSessionAuthChallengeCancelAuthenticationChallenge, nil);
-          return;
-        }
-      }
-
-      NSURLCredential* credential = [NSURLCredential
-          credentialForTrust:challenge.protectionSpace.serverTrust];
-      completionHandler(NSURLSessionAuthChallengeUseCredential, credential);
-      return;
-    }
-
-    completionHandler(NSURLSessionAuthChallengePerformDefaultHandling, nil);
-  }
+  // Use iOS default certificate validation for all authentication challenges
+  completionHandler(NSURLSessionAuthChallengePerformDefaultHandling, nil);
 }
 
 - (void)URLSession:(NSURLSession*)session
@@ -533,31 +513,6 @@ - (void)URLSession:(NSURLSession*)session
   completionHandler(newRequest);
 }
 
-// http://goo.gl/jmZ4Uv
-- (BOOL)shouldTrustProtectionSpace:(NSURLProtectionSpace*)protectionSpace {
-  if (!protectionSpace) {
-    return NO;
-  }
-
-  SecTrustRef serverTrust = protectionSpace.serverTrust;
-  if (!serverTrust) {
-    return NO;
-  }
-
-  // TODO - certificate paths are not supported!
-
-  // evaluate server trust against certificate
-  SecTrustResultType trustResult = kSecTrustResultInvalid;
-  OSStatus status = SecTrustEvaluate(serverTrust, &trustResult);
-
-  if (errSecSuccess != status) {
-    return NO;
-  }
-
-  return (trustResult == kSecTrustResultUnspecified ||
-          trustResult == kSecTrustResultProceed);
-}
-
 - (void)URLSession:(NSURLSession*)session
                  downloadTask:(NSURLSessionTask*)dataTask
                  didWriteData:(int64_t)bytesWritten