1 /* 2 * Copyright (c) 2014, 2019, Oracle and/or its affiliates. All rights reserved. 3 * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. 4 * 5 * This code is free software; you can redistribute it and/or modify it 6 * under the terms of the GNU General Public License version 2 only, as 7 * published by the Free Software Foundation. Oracle designates this 8 * particular file as subject to the "Classpath" exception as provided 9 * by Oracle in the LICENSE file that accompanied this code. 10 * 11 * This code is distributed in the hope that it will be useful, but WITHOUT 12 * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or 13 * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License 14 * version 2 for more details (a copy is included in the LICENSE file that 15 * accompanied this code). 16 * 17 * You should have received a copy of the GNU General Public License version 18 * 2 along with this work; if not, write to the Free Software Foundation, 19 * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. 20 * 21 * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA 22 * or visit www.oracle.com if you need additional information or have any 23 * questions. 24 */ 25 26 package jdk.incubator.jpackage.internal; 27 28 import java.io.File; 29 import java.io.IOException; 30 import java.text.MessageFormat; 31 import java.util.*; 32 33 import static jdk.incubator.jpackage.internal.StandardBundlerParam.*; 34 import static jdk.incubator.jpackage.internal.MacAppBundler.*; 35 import static jdk.incubator.jpackage.internal.OverridableResource.createResource; 36 37 public class MacAppStoreBundler extends MacBaseInstallerBundler { 38 39 private static final ResourceBundle I18N = ResourceBundle.getBundle( 40 "jdk.incubator.jpackage.internal.resources.MacResources"); 41 42 private static final String TEMPLATE_BUNDLE_ICON_HIDPI = "java.icns"; 43 private final static String DEFAULT_ENTITLEMENTS = 44 "Mac.entitlements"; 45 private final static String DEFAULT_INHERIT_ENTITLEMENTS = 46 "Mac_Inherit.entitlements"; 47 48 public static final BundlerParamInfo<String> MAC_APP_STORE_APP_SIGNING_KEY = 49 new StandardBundlerParam<>( 50 "mac.signing-key-app", 51 String.class, 52 params -> { 53 String result = MacBaseInstallerBundler.findKey( 54 "3rd Party Mac Developer Application: " + 55 SIGNING_KEY_USER.fetchFrom(params), 56 SIGNING_KEYCHAIN.fetchFrom(params), 57 VERBOSE.fetchFrom(params)); 58 if (result != null) { 59 MacCertificate certificate = new MacCertificate(result); 60 61 if (!certificate.isValid()) { 62 Log.error(MessageFormat.format( 63 I18N.getString("error.certificate.expired"), 64 result)); 65 } 66 } 67 68 return result; 69 }, 70 (s, p) -> s); 71 72 public static final BundlerParamInfo<String> MAC_APP_STORE_PKG_SIGNING_KEY = 73 new StandardBundlerParam<>( 74 "mac.signing-key-pkg", 75 String.class, 76 params -> { 77 String result = MacBaseInstallerBundler.findKey( 78 "3rd Party Mac Developer Installer: " + 79 SIGNING_KEY_USER.fetchFrom(params), 80 SIGNING_KEYCHAIN.fetchFrom(params), 81 VERBOSE.fetchFrom(params)); 82 83 if (result != null) { 84 MacCertificate certificate = new MacCertificate(result); 85 86 if (!certificate.isValid()) { 87 Log.error(MessageFormat.format( 88 I18N.getString("error.certificate.expired"), 89 result)); 90 } 91 } 92 93 return result; 94 }, 95 (s, p) -> s); 96 97 /* 98 public static final StandardBundlerParam<File> MAC_ENTITLEMENTS = 99 new StandardBundlerParam<>( 100 Arguments.CLIOptions.MAC_ENTITLEMENTS.getId(), 101 File.class, 102 params -> null, 103 (s, p) -> new File(s)); 104 105 public static final StandardBundlerParam<File> MAC_INHERIT_ENTITLEMENTS = 106 new StandardBundlerParam<>( 107 Arguments.CLIOptions.MAC_INHERIT_ENTITLEMENTS.getId(), 108 File.class, 109 params -> null, 110 (s, p) -> new File(s)); 111 */ 112 113 public static final BundlerParamInfo<String> INSTALLER_SUFFIX = 114 new StandardBundlerParam<> ( 115 "mac.app-store.installerName.suffix", 116 String.class, 117 params -> "-MacAppStore", 118 (s, p) -> s); 119 120 public File bundle(Map<String, ? super Object> params, 121 File outdir) throws PackagerException { 122 Log.verbose(MessageFormat.format(I18N.getString( 123 "message.building-bundle"), APP_NAME.fetchFrom(params))); 124 125 IOUtils.writableOutputDir(outdir.toPath()); 126 127 // first, load in some overrides 128 // icns needs @2 versions, so load in the @2 default 129 params.put(DEFAULT_ICNS_ICON.getID(), TEMPLATE_BUNDLE_ICON_HIDPI); 130 131 // now we create the app 132 File appImageDir = APP_IMAGE_TEMP_ROOT.fetchFrom(params); 133 try { 134 appImageDir.mkdirs(); 135 136 try { 137 MacAppImageBuilder.addNewKeychain(params); 138 } catch (InterruptedException e) { 139 Log.error(e.getMessage()); 140 } 141 // first, make sure we don't use the local signing key 142 params.put(DEVELOPER_ID_APP_SIGNING_KEY.getID(), null); 143 File appLocation = prepareAppBundle(params); 144 145 prepareEntitlements(params); 146 147 String signingIdentity = 148 MAC_APP_STORE_APP_SIGNING_KEY.fetchFrom(params); 149 String identifierPrefix = 150 BUNDLE_ID_SIGNING_PREFIX.fetchFrom(params); 151 String entitlementsFile = 152 getConfig_Entitlements(params).toString(); 153 String inheritEntitlements = 154 getConfig_Inherit_Entitlements(params).toString(); 155 156 MacAppImageBuilder.signAppBundle(params, appLocation.toPath(), 157 signingIdentity, identifierPrefix, 158 entitlementsFile, inheritEntitlements); 159 MacAppImageBuilder.restoreKeychainList(params); 160 161 ProcessBuilder pb; 162 163 // create the final pkg file 164 File finalPKG = new File(outdir, INSTALLER_NAME.fetchFrom(params) 165 + INSTALLER_SUFFIX.fetchFrom(params) 166 + ".pkg"); 167 outdir.mkdirs(); 168 169 String installIdentify = 170 MAC_APP_STORE_PKG_SIGNING_KEY.fetchFrom(params); 171 172 List<String> buildOptions = new ArrayList<>(); 173 buildOptions.add("productbuild"); 174 buildOptions.add("--component"); 175 buildOptions.add(appLocation.toString()); 176 buildOptions.add("/Applications"); 177 buildOptions.add("--sign"); 178 buildOptions.add(installIdentify); 179 buildOptions.add("--product"); 180 buildOptions.add(appLocation + "/Contents/Info.plist"); 181 String keychainName = SIGNING_KEYCHAIN.fetchFrom(params); 182 if (keychainName != null && !keychainName.isEmpty()) { 183 buildOptions.add("--keychain"); 184 buildOptions.add(keychainName); 185 } 186 buildOptions.add(finalPKG.getAbsolutePath()); 187 188 pb = new ProcessBuilder(buildOptions); 189 190 IOUtils.exec(pb); 191 return finalPKG; 192 } catch (PackagerException pe) { 193 throw pe; 194 } catch (Exception ex) { 195 Log.verbose(ex); 196 throw new PackagerException(ex); 197 } 198 } 199 200 private File getConfig_Entitlements(Map<String, ? super Object> params) { 201 return new File(CONFIG_ROOT.fetchFrom(params), 202 APP_NAME.fetchFrom(params) + ".entitlements"); 203 } 204 205 private File getConfig_Inherit_Entitlements( 206 Map<String, ? super Object> params) { 207 return new File(CONFIG_ROOT.fetchFrom(params), 208 APP_NAME.fetchFrom(params) + "_Inherit.entitlements"); 209 } 210 211 private void prepareEntitlements(Map<String, ? super Object> params) 212 throws IOException { 213 createResource(DEFAULT_ENTITLEMENTS, params) 214 .setCategory( 215 I18N.getString("resource.mac-entitlements")) 216 // .setExternal(MAC_ENTITLEMENTS.fetchFrom(params)) 217 .saveToFile(getConfig_Entitlements(params)); 218 219 createResource(DEFAULT_INHERIT_ENTITLEMENTS, params) 220 .setCategory(I18N.getString( 221 "resource.mac-inherit-entitlements")) 222 // .setExternal(MAC_INHERIT_ENTITLEMENTS.fetchFrom(params)) 223 .saveToFile(getConfig_Inherit_Entitlements(params)); 224 } 225 226 /////////////////////////////////////////////////////////////////////// 227 // Implement Bundler 228 /////////////////////////////////////////////////////////////////////// 229 230 @Override 231 public String getName() { 232 return I18N.getString("store.bundler.name"); 233 } 234 235 @Override 236 public String getID() { 237 return "mac.appStore"; 238 } 239 240 @Override 241 public boolean validate(Map<String, ? super Object> params) 242 throws ConfigException { 243 try { 244 Objects.requireNonNull(params); 245 246 // hdiutil is always available so there's no need to test for 247 // availability. 248 // run basic validation to ensure requirements are met 249 250 // we are not interested in return code, only possible exception 251 validateAppImageAndBundeler(params); 252 253 // reject explicitly set to not sign 254 if (!Optional.ofNullable(MacAppImageBuilder. 255 SIGN_BUNDLE.fetchFrom(params)).orElse(Boolean.TRUE)) { 256 throw new ConfigException( 257 I18N.getString("error.must-sign-app-store"), 258 I18N.getString("error.must-sign-app-store.advice")); 259 } 260 261 // make sure we have settings for signatures 262 if (MAC_APP_STORE_APP_SIGNING_KEY.fetchFrom(params) == null) { 263 throw new ConfigException( 264 I18N.getString("error.no-app-signing-key"), 265 I18N.getString("error.no-app-signing-key.advice")); 266 } 267 if (MAC_APP_STORE_PKG_SIGNING_KEY.fetchFrom(params) == null) { 268 throw new ConfigException( 269 I18N.getString("error.no-pkg-signing-key"), 270 I18N.getString("error.no-pkg-signing-key.advice")); 271 } 272 273 // things we could check... 274 // check the icons, make sure it has hidpi icons 275 // check the category, 276 // make sure it fits in the list apple has provided 277 // validate bundle identifier is reverse dns 278 // check for \a+\.\a+\.. 279 280 return true; 281 } catch (RuntimeException re) { 282 if (re.getCause() instanceof ConfigException) { 283 throw (ConfigException) re.getCause(); 284 } else { 285 throw new ConfigException(re); 286 } 287 } 288 } 289 290 @Override 291 public File execute(Map<String, ? super Object> params, 292 File outputParentDir) throws PackagerException { 293 return bundle(params, outputParentDir); 294 } 295 296 @Override 297 public boolean supported(boolean runtimeInstaller) { 298 // return (!runtimeInstaller && 299 // Platform.getPlatform() == Platform.MAC); 300 return false; // mac-app-store not yet supported 301 } 302 303 @Override 304 public boolean isDefault() { 305 return false; 306 } 307 308 }