feat(app): Improve SSL certificate trust management function

Jankin-Wu · Jankin-Wu · commit 33ac64a46953 · 2026-02-17T19:24:52.000+08:00
diff --git a/composeApp/src/commonMain/kotlin/com/jankinwu/fntv/client/App.kt b/composeApp/src/commonMain/kotlin/com/jankinwu/fntv/client/App.kt
@@ -36,6 +36,7 @@ import androidx.compose.ui.input.pointer.pointerHoverIcon
 import androidx.compose.ui.text.font.FontWeight
 import androidx.compose.ui.unit.dp
 import androidx.compose.ui.unit.sp
+import co.touchlab.kermit.Logger
 import coil3.ImageLoader
 import coil3.compose.setSingletonImageLoaderFactory
 import coil3.disk.DiskCache
@@ -52,6 +53,7 @@ import com.jankinwu.fntv.client.icons.CategoryIcon
 import com.jankinwu.fntv.client.icons.Heart
 import com.jankinwu.fntv.client.icons.Home
 import com.jankinwu.fntv.client.icons.MediaLibrary
+import com.jankinwu.fntv.client.manager.LoginStateManager
 import com.jankinwu.fntv.client.manager.PlayerResourceManager
 import com.jankinwu.fntv.client.manager.UpdateStatus
 import com.jankinwu.fntv.client.ui.component.common.ComponentItem
@@ -98,6 +100,8 @@ import javax.net.ssl.SSLContext
 import javax.net.ssl.TrustManager
 import javax.net.ssl.X509TrustManager
 
+private val logger = Logger.withTag("App")
+
 val components = mutableStateListOf<ComponentItem>()
 
 // 刷新状态数据类
@@ -143,6 +147,10 @@ fun App(
     SslTrustDialogHost(
         onAllow = {
             refreshManager.requestRefresh(refreshState.onRefresh)
+        },
+        onReject = {
+            logger.i("Reject SSL trust")
+            LoginStateManager.updateLoginStatus(false)
         }
     )
 }
diff --git a/composeApp/src/commonMain/kotlin/com/jankinwu/fntv/client/data/network/impl/FnOfficialApiImpl.kt b/composeApp/src/commonMain/kotlin/com/jankinwu/fntv/client/data/network/impl/FnOfficialApiImpl.kt
@@ -59,6 +59,7 @@ import com.jankinwu.fntv.client.data.network.fnOfficialClient
 import com.jankinwu.fntv.client.data.network.fnOfficialInsecureClient
 import com.jankinwu.fntv.client.data.network.impl.FnApiHelper.genAuthxForOfficial
 import com.jankinwu.fntv.client.data.store.AccountDataCache
+import com.jankinwu.fntv.client.data.store.SslTrustDecision
 import com.jankinwu.fntv.client.data.store.SslTrustManager
 import io.ktor.client.request.HttpRequestBuilder
 import io.ktor.client.request.delete
@@ -556,12 +557,18 @@ class FnOfficialApiImpl : FnOfficialApi {
                 throw e
             }
             logger.w { "SSL trust prompt triggered, request: $requestTag, host: $host, error: ${e.message}" }
-            val allow = SslTrustManager.requestTrust(host)
-            if (!allow) {
+            when (SslTrustManager.requestTrust(host)) {
+                SslTrustDecision.Reject -> {
                 logger.e { "用户拒绝了证书信任, request: $requestTag, host: $host" }
                 throw e
             }
-            SslTrustManager.addHostToWhitelist(host)
+                SslTrustDecision.AllowTemporary -> {
+                    SslTrustManager.addHostToTemporaryWhitelist(host)
+                }
+                SslTrustDecision.AllowPersist -> {
+                    SslTrustManager.addHostToWhitelist(host)
+                }
+            }
             block(fnOfficialInsecureClient)
         }
     }
diff --git a/composeApp/src/commonMain/kotlin/com/jankinwu/fntv/client/data/store/AppSettingsStore.kt b/composeApp/src/commonMain/kotlin/com/jankinwu/fntv/client/data/store/AppSettingsStore.kt
@@ -126,19 +126,26 @@ object AppSettingsStore {
         set(value) = settings.set(scopedKey("kcef_initialized_version"), value)
 }
 
+enum class SslTrustDecision {
+    Reject,
+    AllowTemporary,
+    AllowPersist
+}
+
 data class SslTrustPrompt(
     val host: String,
-    val deferred: CompletableDeferred<Boolean>
+    val deferred: CompletableDeferred<SslTrustDecision>
 )
 
 object SslTrustManager {
     private val promptMutex = Mutex()
     private val _pendingPrompt = MutableStateFlow<SslTrustPrompt?>(null)
     val pendingPrompt: StateFlow<SslTrustPrompt?> = _pendingPrompt.asStateFlow()
+    private val temporaryWhitelist = mutableSetOf<String>()
 
     fun isHostWhitelisted(host: String): Boolean {
         val key = normalizeHost(host)
-        return key.isNotBlank() && AppSettingsStore.sslIgnoreHostWhitelist.contains(key)
+        return key.isNotBlank() && (temporaryWhitelist.contains(key) || AppSettingsStore.sslIgnoreHostWhitelist.contains(key))
     }
 
     fun addHostToWhitelist(host: String) {
@@ -147,17 +154,23 @@ object SslTrustManager {
         AppSettingsStore.sslIgnoreHostWhitelist = AppSettingsStore.sslIgnoreHostWhitelist + key
     }
 
-    suspend fun requestTrust(host: String): Boolean {
+    fun addHostToTemporaryWhitelist(host: String) {
+        val key = normalizeHost(host)
+        if (key.isBlank()) return
+        temporaryWhitelist.add(key)
+    }
+
+    suspend fun requestTrust(host: String): SslTrustDecision {
         val key = normalizeHost(host)
-        if (key.isBlank()) return false
+        if (key.isBlank()) return SslTrustDecision.Reject
         while (true) {
             val prompt = promptMutex.withLock {
                 val existing = _pendingPrompt.value
                 if (existing != null && !existing.deferred.isCompleted) {
                     // Reuse active prompt to avoid duplicate dialogs
                     return@withLock existing
                 }
-                val deferred = CompletableDeferred<Boolean>()
+                val deferred = CompletableDeferred<SslTrustDecision>()
                 val next = SslTrustPrompt(key, deferred)
                 // Publish new prompt for current host
                 _pendingPrompt.value = next
@@ -176,10 +189,10 @@ object SslTrustManager {
         }
     }
 
-    fun resolvePrompt(allow: Boolean) {
+    fun resolvePrompt(decision: SslTrustDecision) {
         val prompt = _pendingPrompt.value ?: return
         if (!prompt.deferred.isCompleted) {
-            prompt.deferred.complete(allow)
+            prompt.deferred.complete(decision)
         }
         _pendingPrompt.value = null
     }
diff --git a/composeApp/src/commonMain/kotlin/com/jankinwu/fntv/client/ui/component/common/dialog/Dialog.kt b/composeApp/src/commonMain/kotlin/com/jankinwu/fntv/client/ui/component/common/dialog/Dialog.kt
@@ -41,6 +41,7 @@ import androidx.compose.ui.unit.sp
 import androidx.compose.ui.window.Dialog
 import com.jankinwu.fntv.client.data.constants.Colors
 import com.jankinwu.fntv.client.data.constants.Constants
+import com.jankinwu.fntv.client.data.store.SslTrustDecision
 import com.jankinwu.fntv.client.data.store.SslTrustManager
 import com.jankinwu.fntv.client.icons.SkipLink
 import com.jankinwu.fntv.client.icons.Warning
@@ -179,7 +180,9 @@ fun CustomConfirmDialog(
     dismissButtonText: String = "取消",
     onDismissClick: () -> Unit = {},
     confirmButtonText: String,
-    onConfirmClick: () -> Unit = {}
+    onConfirmClick: () -> Unit = {},
+    extraButtonText: String? = null,
+    onExtraClick: () -> Unit = {}
 ) {
     val store = LocalStore.current
     Dialog(onDismissRequest = onDismissRequest) {
@@ -256,6 +259,21 @@ fun CustomConfirmDialog(
                     ) {
                         Text(confirmButtonText, color = primaryTextColor)
                     }
+                    if (extraButtonText != null) {
+                        Button(
+                            onClick = {
+                                onExtraClick()
+                                onDismissRequest()
+                            },
+                            shape = RoundedCornerShape(8.dp),
+                            colors = ButtonDefaults.buttonColors(
+                                containerColor = confirmButtonColor
+                            ),
+                            modifier = Modifier.weight(1f)
+                        ) {
+                            Text(extraButtonText, color = primaryTextColor)
+                        }
+                    }
                 }
             }
         }
@@ -269,7 +287,9 @@ fun CustomContentDialog(
     content: @Composable () -> Unit,
     primaryButtonText: String,
     secondaryButtonText: String? = null,
+    tertiaryButtonText: String? = null,
     onButtonClick: (ContentDialogButton) -> Unit,
+    onTertiaryClick: () -> Unit = {},
     size: DialogSize = DialogSize.Standard,
     isWarning: Boolean = false
 ) {
@@ -318,31 +338,77 @@ fun CustomContentDialog(
                     .padding(horizontal = 25.dp, vertical = 8.dp),
                 Alignment.CenterEnd
             ) {
-                Row(
-                    horizontalArrangement = Arrangement.spacedBy(8.dp, Alignment.End),
-                    verticalAlignment = Alignment.CenterVertically,
-                    modifier = Modifier.fillMaxWidth()
-                ) {
-                    if (secondaryButtonText != null) Button(
-                        modifier = Modifier.pointerHoverIcon(PointerIcon.Hand),
-                        onClick = { onButtonClick(ContentDialogButton.Secondary) },
+                if (tertiaryButtonText != null) {
+                    Row(
+                        horizontalArrangement = Arrangement.SpaceBetween,
+                        verticalAlignment = Alignment.CenterVertically,
+                        modifier = Modifier.fillMaxWidth()
                     ) {
-                        Text(
-                            secondaryButtonText,
-                            style = LocalTypography.current.bodyStrong,
-                            color = FluentTheme.colors.text.text.primary
-                        )
+                        if (secondaryButtonText != null) Button(
+                            modifier = Modifier.pointerHoverIcon(PointerIcon.Hand),
+                            onClick = { onButtonClick(ContentDialogButton.Secondary) },
+                        ) {
+                            Text(
+                                secondaryButtonText,
+                                style = LocalTypography.current.bodyStrong,
+                                color = FluentTheme.colors.text.text.primary
+                            )
+                        }
+                        Row(
+                            horizontalArrangement = Arrangement.spacedBy(8.dp, Alignment.End),
+                            verticalAlignment = Alignment.CenterVertically,
+                            modifier = Modifier.fillMaxWidth()
+                        ) {
+                            Button(
+                                modifier = Modifier.pointerHoverIcon(PointerIcon.Hand),
+                                onClick = { onButtonClick(ContentDialogButton.Secondary) },
+                            ) {
+                                Text(
+                                    tertiaryButtonText,
+                                    style = LocalTypography.current.bodyStrong,
+                                    color = FluentTheme.colors.text.text.primary
+                                )
+                            }
+                            AccentButton(
+                                modifier = Modifier.pointerHoverIcon(PointerIcon.Hand),
+                                onClick = { onButtonClick(ContentDialogButton.Primary) },
+                                buttonColors = if (isWarning) customDangerButtonColors() else customAccentButtonColors()
+                            ) {
+                                Text(
+                                    primaryButtonText,
+                                    style = LocalTypography.current.bodyStrong,
+                                    color = FluentTheme.colors.text.text.primary
+                                )
+                            }
+                        }
                     }
-                    AccentButton(
-                        modifier = Modifier.pointerHoverIcon(PointerIcon.Hand),
-                        onClick = { onButtonClick(ContentDialogButton.Primary) },
-                        buttonColors = if (isWarning) customDangerButtonColors() else customAccentButtonColors()
+                } else {
+                    Row(
+                        horizontalArrangement = Arrangement.spacedBy(8.dp, Alignment.End),
+                        verticalAlignment = Alignment.CenterVertically,
+                        modifier = Modifier.fillMaxWidth()
                     ) {
-                        Text(
-                            primaryButtonText,
-                            style = LocalTypography.current.bodyStrong,
-                            color = FluentTheme.colors.text.text.primary
-                        )
+                        if (secondaryButtonText != null) Button(
+                            modifier = Modifier.pointerHoverIcon(PointerIcon.Hand),
+                            onClick = { onButtonClick(ContentDialogButton.Secondary) },
+                        ) {
+                            Text(
+                                secondaryButtonText,
+                                style = LocalTypography.current.bodyStrong,
+                                color = FluentTheme.colors.text.text.primary
+                            )
+                        }
+                        AccentButton(
+                            modifier = Modifier.pointerHoverIcon(PointerIcon.Hand),
+                            onClick = { onButtonClick(ContentDialogButton.Primary) },
+                            buttonColors = if (isWarning) customDangerButtonColors() else customAccentButtonColors()
+                        ) {
+                            Text(
+                                primaryButtonText,
+                                style = LocalTypography.current.bodyStrong,
+                                color = FluentTheme.colors.text.text.primary
+                            )
+                        }
                     }
                 }
             }
@@ -357,22 +423,33 @@ fun SslTrustDialogHost(
 ) {
     val prompt by SslTrustManager.pendingPrompt.collectAsState()
     val host = prompt?.host ?: return
-    CustomConfirmDialog(
-        onDismissRequest = {
-            SslTrustManager.resolvePrompt(false)
-            onReject?.invoke(host)
-        },
+    CustomContentDialog(
         title = "证书校验失败",
-        contentText = "$host 的证书校验失败，可能存在安全风险，是否继续连接？",
-        dismissButtonText = "取消",
-        onDismissClick = {
-            SslTrustManager.resolvePrompt(false)
-            onReject?.invoke(host)
+        visible = true,
+        primaryButtonText = "忽略风险，继续访问",
+        secondaryButtonText = "取消访问",
+        tertiaryButtonText = "将此 ip 或域名加入白名单",
+        size = DialogSize.Max,
+        isWarning = true,
+        onButtonClick = { button ->
+            when (button) {
+                ContentDialogButton.Primary -> {
+                    SslTrustManager.resolvePrompt(SslTrustDecision.AllowTemporary)
+                    onAllow?.invoke(host)
+                }
+                ContentDialogButton.Secondary -> {
+                    SslTrustManager.resolvePrompt(SslTrustDecision.Reject)
+                    onReject?.invoke(host)
+                }
+                else -> Unit
+            }
         },
-        confirmButtonText = "忽略风险",
-        onConfirmClick = {
-            SslTrustManager.resolvePrompt(true)
+        onTertiaryClick = {
+            SslTrustManager.resolvePrompt(SslTrustDecision.AllowPersist)
             onAllow?.invoke(host)
+        },
+        content = {
+            Text("「$host」的证书校验不通过，可能是证书过期、域名不匹配或自签名证书。继续连接将绕过安全保护，是否继续访问？")
         }
     )
 }
