fix: 404 when getting client domain crl [WPB-11243] (#3026) (#3028) (#…

…3038)

* fix: 404 when getting client domain crl

* detekt

Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
Co-authored-by: Mohamad Jaara <[email protected]>

logic/src/commonMain/kotlin/com/wire/kalium/logic/feature/e2ei/CheckCrlRevocationListUseCase.kt

@@ -45,6 +45,6 @@ class CheckCrlRevocationListUseCase internal constructor(
                     }
                 }
             }
-        }
+        } ?: logger.w("No CRLs found.")
     }
 }

network/src/commonMain/kotlin/com/wire/kalium/network/api/base/unbound/acme/ACMEApi.kt

@@ -44,7 +44,6 @@ import io.ktor.client.request.setBody
 import io.ktor.client.statement.HttpResponse
 import io.ktor.http.ContentType
 import io.ktor.http.URLBuilder
-import io.ktor.http.URLProtocol
 import io.ktor.http.Url
 import io.ktor.http.contentType
 import io.ktor.http.isSuccess
@@ -269,8 +268,11 @@ class ACMEApiImpl internal constructor(
         }
 
         return wrapKaliumResponse {
-            val httpUrl = if (proxyUrl.isNullOrEmpty()) URLBuilder(url).apply { this.protocol = URLProtocol.HTTP }.build()
-            else URLBuilder(proxyUrl).apply { this.pathSegments = this.pathSegments.plus(url) }.build()
+            val crlUrlBuilder: URLBuilder = URLBuilder(url)
+            val proxyUrlBuilder: URLBuilder? = if (proxyUrl.isNullOrEmpty()) null else URLBuilder(proxyUrl)
+
+            val httpUrl = proxyUrlBuilder?.apply { this.pathSegments += crlUrlBuilder.host }?.build()
+                ?: crlUrlBuilder.build()
 
             clearTextTrafficHttpClient.get(httpUrl)
         }

network/src/commonTest/kotlin/com/wire/kalium/api/common/ACMEApiTest.kt

@@ -211,6 +211,49 @@ internal class ACMEApiTest : ApiTest() {
         }
     }
 
+    @Test
+    fun givenProxyAndCrl_whenGettingClientDomainCRL_thenUseProxyUrlWithCRLHostAddedToPath() = runTest {
+        val crlUrl = "https://crl.wire.com/crl"
+        val proxyUrl = "https://proxy.wire:9000/proxy"
+        val expected = "$proxyUrl/crl.wire.com"
+        val networkClient = mockUnboundNetworkClient(
+            "",
+            statusCode = HttpStatusCode.OK,
+            assertion = {
+                assertJson()
+                assertUrlEqual(expected)
+                assertGet()
+                assertNoQueryParams()
+            }
+        )
+        val acmeApi: ACMEApi = ACMEApiImpl(networkClient, networkClient)
+
+        acmeApi.getClientDomainCRL(url = crlUrl, proxyUrl = proxyUrl).also { actual ->
+            assertIs<NetworkResponse.Success<CertificateChain>>(actual)
+        }
+    }
+
+    @Test
+    fun givenCRLWithHttpsProtocol_whenGettingClientDomainCRL_thenItShouldNotBeChanged() = runTest {
+        val crlUrl = "https://crl.wire.com/crl"
+        val expected = crlUrl
+        val networkClient = mockUnboundNetworkClient(
+            "",
+            statusCode = HttpStatusCode.OK,
+            assertion = {
+                assertJson()
+                assertUrlEqual(expected)
+                assertGet()
+                assertNoQueryParams()
+            }
+        )
+        val acmeApi: ACMEApi = ACMEApiImpl(networkClient, networkClient)
+
+        acmeApi.getClientDomainCRL(url = crlUrl, proxyUrl = null).also { actual ->
+            assertIs<NetworkResponse.Success<CertificateChain>>(actual)
+        }
+    }
+
     companion object {
         private const val ACME_DISCOVERY_URL = "https://balderdash.hogwash.work:9000/acme/google-android/directory"
         private const val ACME_DIRECTORIES_PATH = "https://balderdash.hogwash.work:9000/acme/google-android/directory"