GitHub - UntactOrder/UntactOrder.CertServer: UntactOrder Cert Server(언택트오더 시스템 인증서 서버)
Info
: CertServer API Reference
: CertServer is HTTPS Root CA of UntactOrder System.
: You can get your Bridge/Pos Server’s cert by HTTPS POST Request.
: Refer to the repository's src/test/test_client.py for detailed usage.
Module Import
""" <?-- Server Side --> """
# in src/main/app.py
from flask import Flask, request, jsonify, make_response
from waitress import serve
from cert_generator import proceed_certificate_generation, UnitType
# in src/main/cert_generator.py
from geocoder import ipinfo
from settings import *
# in src/main/settings.py
from os import path
import sys
import platform
from getpass import getpass
from OpenSSL import crypto
""" <?-- Client Side --> """
# in src/test/test_client.py
# you may need these modules
import os
import requests
import socket
import json
def create_app():
returns flask instance for waitress serve
app = Flask(name)
def index():
- @app.route('/')
- You will receive this function’s response if you just access the server address by GET method.
- This is to check if the server is running.
- This returns your public ip address with hello text.
return f"Hello, {public_ip}!”
def cert_request():
- @app.route('/cert_request/<unit_type>', methods=['POST'])
- You will receive this function’s response if you access to server with '/cert_request/<unit_type>' by POST method.
- You can get Certificate for your Bridge/Pos server’s HTTPS Connection by calling this function.
- You have to use 'bridge' or 'pos' in 'unit_type' thing in request URL.
- In case of 'bridge', you don’t need to put any 'Content-type' and contents when post. And the server is going to put your public ip address to certificate’s subject and extension.
- In case of 'pos', you have to put your private ip address (json key name doesn't matter, so you can use anything) when post, because the server checks request json’s length and makes error response if that length is not 1 or the value doesn’t looks like ipv4/v6’s address shape. And the server is going to put your public&private ip address to extension. The extension contains the public IP address(as IP.1) and the private IP address(as IP.2) in order. Only the private IP address registered to certificate’s subject.
- This returns new certificate and key in the form of a json object.
- For safer use, it is recommended to encrypt the key with a password in your program.
return {'crt': crt_dump.decode(), 'key': key_dump.decode()}