admin/crm_ecosplay
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

fix: SonarQube - checkSslCertificate 6->2 returns via parseSslCertificate

Browse Source 
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
This commit is contained in:
Serreau Jovann
2026-04-08 13:43:55 +02:00
parent 28533d8ae2
commit e2ef53e2b6
1 changed files with 44 additions and 48 deletions
Download Patch File Download Diff File Expand all files Collapse all files

92
src/Service/SeoService.php
View File

@@ -238,60 +238,17 @@ class SeoService
$result = ['is_https' => false, 'valid' => false, 'issuer' => null, 'expires' => null, 'days_remaining' => null, 'issues' => []];
$parsed = parse_url($url);
if (!isset($parsed['host'])) {
$result['issues'][] = 'URL invalide';
if (!isset($parsed['host']) || 'https' !== ($parsed['scheme'] ?? '')) {
$result['issues'][] = !isset($parsed['host']) ? 'URL invalide' : 'Site non HTTPS';
$result['is_https'] = isset($parsed['host']) && 'https' === ($parsed['scheme'] ?? '');
return $result;
}
$result['is_https'] = 'https' === ($parsed['scheme'] ?? '');
if (!$result['is_https']) {
$result['issues'][] = 'Site non HTTPS';
return $result;
}
$host = $parsed['host'];
$port = $parsed['port'] ?? 443;
$result['is_https'] = true;
try {
$context = stream_context_create(['ssl' => ['capture_peer_cert' => true, 'verify_peer' => false]]);
$socket = @stream_socket_client('ssl://'.$host.':'.$port, $errno, $errstr, 10, \STREAM_CLIENT_CONNECT, $context);
if (false === $socket) {
$result['issues'][] = 'Connexion SSL impossible : '.$errstr;
return $result;
}
$params = stream_context_get_params($socket);
fclose($socket);
$cert = $params['options']['ssl']['peer_certificate'] ?? null;
if (null === $cert) {
$result['issues'][] = 'Certificat non recuperable';
return $result;
}
$certInfo = openssl_x509_parse($cert);
if (false === $certInfo) {
$result['issues'][] = 'Certificat non parsable';
return $result;
}
$result['valid'] = true;
$result['issuer'] = $certInfo['issuer']['O'] ?? $certInfo['issuer']['CN'] ?? null;
$result['expires'] = date('Y-m-d', $certInfo['validTo_time_t']);
$result['days_remaining'] = (int) (($certInfo['validTo_time_t'] - time()) / 86400);
if ($result['days_remaining'] < 0) {
$result['valid'] = false;
$result['issues'][] = 'Certificat expire depuis '.abs($result['days_remaining']).' jours';
} elseif ($result['days_remaining'] < 30) {
$result['issues'][] = 'Certificat expire dans '.$result['days_remaining'].' jours';
}
$this->parseSslCertificate($parsed['host'], $parsed['port'] ?? 443, $result);
} catch (\Throwable $e) {
$result['issues'][] = 'Erreur verification SSL : '.$e->getMessage();
}
@@ -299,6 +256,45 @@ class SeoService
return $result;
}
/**
* @param array{is_https: bool, valid: bool, issuer: ?string, expires: ?string, days_remaining: ?int, issues: list<string>} $result
*/
private function parseSslCertificate(string $host, int|string $port, array &$result): void
{
$context = stream_context_create(['ssl' => ['capture_peer_cert' => true, 'verify_peer' => false]]);
$socket = @stream_socket_client('ssl://'.$host.':'.$port, $errno, $errstr, 10, \STREAM_CLIENT_CONNECT, $context);
if (false === $socket) {
$result['issues'][] = 'Connexion SSL impossible : '.$errstr;
return;
}
$params = stream_context_get_params($socket);
fclose($socket);
$cert = $params['options']['ssl']['peer_certificate'] ?? null;
$certInfo = null !== $cert ? openssl_x509_parse($cert) : false;
if (false === $certInfo) {
$result['issues'][] = null === $cert ? 'Certificat non recuperable' : 'Certificat non parsable';
return;
}
$result['valid'] = true;
$result['issuer'] = $certInfo['issuer']['O'] ?? $certInfo['issuer']['CN'] ?? null;
$result['expires'] = date('Y-m-d', $certInfo['validTo_time_t']);
$result['days_remaining'] = (int) (($certInfo['validTo_time_t'] - time()) / 86400);
if ($result['days_remaining'] < 0) {
$result['valid'] = false;
$result['issues'][] = 'Certificat expire depuis '.abs($result['days_remaining']).' jours';
} elseif ($result['days_remaining'] < 30) {
$result['issues'][] = 'Certificat expire dans '.$result['days_remaining'].' jours';
}
}
/**
* Verifie les headers de securite.
*