fix #126

domain_admin/api/cert_api.py

@@ -4,7 +4,7 @@
 from flask import request, Response
 
 from domain_admin.enums.role_enum import RoleEnum
-from domain_admin.service import auth_service
+from domain_admin.service import auth_service, cert_service
 from domain_admin.utils import domain_util
 from domain_admin.utils.cert_util import cert_openssl_v2, cert_common
 
@@ -21,19 +21,7 @@ def get_cert_information():
         domain = request.json['domain']
 
     # 解析域名
-    resolve_domain = domain_util.parse_domain(domain)
-
-    cert = cert_openssl_v2.get_ssl_cert(resolve_domain)
-    parsed_cert = cert_common.parse_cert(cert)
-    cert_pem = cert_common.dump_certificate_to_pem(cert)
-    cert_text = cert_common.dump_certificate_to_text(cert)
-
-    return {
-        'resolve_domain': resolve_domain,
-        'parsed_cert': parsed_cert.to_dict() if parsed_cert else parsed_cert,
-        'cert_pem': cert_pem,
-        'cert_text': cert_text,
-    }
+    return cert_service.get_cert_information(domain=domain)
 
 
 @auth_service.permission(role=RoleEnum.USER)

domain_admin/service/cert_service.py

@@ -0,0 +1,30 @@
+# -*- coding: utf-8 -*-
+"""
+@File    : cert_service.py
+@Date    : 2024-08-05
+"""
+
+from domain_admin.utils import domain_util
+from domain_admin.utils.cert_util import cert_openssl_v2, cert_common
+
+
+def get_cert_information(domain):
+    """
+    获取域名证书信息
+    :return:
+    """
+
+    # 解析域名
+    resolve_domain = domain_util.parse_domain(domain)
+
+    cert = cert_openssl_v2.get_ssl_cert(resolve_domain)
+    parsed_cert = cert_common.parse_cert(cert)
+    cert_pem = cert_common.dump_certificate_to_pem(cert)
+    cert_text = cert_common.dump_certificate_to_text(cert)
+
+    return {
+        'resolve_domain': resolve_domain,
+        'parsed_cert': parsed_cert.to_dict() if parsed_cert else parsed_cert,
+        'cert_pem': cert_pem,
+        'cert_text': cert_text,
+    }

domain_admin/utils/cert_util/cert_common.py

@@ -100,11 +100,19 @@ def get_cert_brand(cert):
             return cert_brand
 
 
+def is_extended_validation(cn):
+    if 'Extended Validation' in cn:
+        return True
+    else:
+        return False
+
+
 def get_cert_type_by_verify_type(cert):
     """
     :param cert:
     :return:
     """
+
     org = cert.issuer.get('CN')
     cert_types = [
         CertTypeByVerifyWayEnum.OV,
@@ -116,6 +124,9 @@ def get_cert_type_by_verify_type(cert):
         if cert_type in org:
             return cert_type
 
+    if is_extended_validation(org):
+        return CertTypeByVerifyWayEnum.EV
+
     if cert.subject.get('O'):
         return CertTypeByVerifyWayEnum.OV
 
@@ -266,7 +277,6 @@ def certTypeByVerifyWayLabel(self):
         return CertTypeByVerifyWayEnumMap.get(self.certTypeByVerifyWay)
 
 
-
 def dump_certificate_to_text(ssl_cert):
     """
     将证书对象转为字符串text形式
@@ -349,4 +359,4 @@ def parse_public_cert(public_cert):
     """
     cert = OpenSSL.crypto.load_certificate(OpenSSL.crypto.FILETYPE_PEM, public_cert.encode())
 
-    return parse_cert(cert)
+    return parse_cert(cert)

tests/service/cert_service_test.py

@@ -0,0 +1,22 @@
+# -*- coding: utf-8 -*-
+"""
+@File    : cert_service_test.py
+@Date    : 2024-08-05
+"""
+import unittest
+
+from domain_admin.service import cert_service
+from domain_admin.utils import json_util
+from domain_admin.utils.cert_util import cert_common, cert_openssl_v2
+
+
+class CertServiceTest(unittest.TestCase):
+    def test_get_cert_information(self):
+        domain = 'https://www.boc.cn/'
+        ret = cert_service.get_cert_information(domain=domain)
+        print(json_util.json_dump(ret))
+
+    def test_is_extended_validation(self):
+        cert = cert_openssl_v2.get_ssl_cert('www.boc.cn')
+        # ret = cert_common.is_extended_validation(cert)
+        # print(ret)