1 /* 2 * Copyright (c) 2014, 2015, Oracle and/or its affiliates. All rights reserved. 3 * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. 4 * 5 * This code is free software; you can redistribute it and/or modify it 6 * under the terms of the GNU General Public License version 2 only, as 7 * published by the Free Software Foundation. Oracle designates this 8 * particular file as subject to the "Classpath" exception as provided 9 * by Oracle in the LICENSE file that accompanied this code. 10 * 11 * This code is distributed in the hope that it will be useful, but WITHOUT 12 * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or 13 * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License 14 * version 2 for more details (a copy is included in the LICENSE file that 15 * accompanied this code). 16 * 17 * You should have received a copy of the GNU General Public License version 18 * 2 along with this work; if not, write to the Free Software Foundation, 19 * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. 20 * 21 * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA 22 * or visit www.oracle.com if you need additional information or have any 23 * questions. 24 */ 25 26 package com.oracle.tools.packager.mac; 27 28 import com.oracle.tools.packager.BundlerParamInfo; 29 import com.oracle.tools.packager.JreUtils; 30 import com.oracle.tools.packager.RelativeFileSet; 31 import com.oracle.tools.packager.StandardBundlerParam; 32 import com.oracle.tools.packager.Log; 33 import com.oracle.tools.packager.ConfigException; 34 import com.oracle.tools.packager.IOUtils; 35 import com.oracle.tools.packager.UnsupportedPlatformException; 36 37 import java.io.File; 38 import java.io.FileNotFoundException; 39 import java.io.IOException; 40 import java.text.MessageFormat; 41 import java.util.ArrayList; 42 import java.util.Arrays; 43 import java.util.Collection; 44 import java.util.LinkedHashSet; 45 import java.util.List; 46 import java.util.Map; 47 import java.util.Optional; 48 import java.util.ResourceBundle; 49 50 import static com.oracle.tools.packager.StandardBundlerParam.*; 51 import static com.oracle.tools.packager.mac.MacAppBundler.*; 52 53 public class MacAppStoreBundler extends MacBaseInstallerBundler { 54 55 private static final ResourceBundle I18N = 56 ResourceBundle.getBundle(MacAppStoreBundler.class.getName()); 57 58 private static final String TEMPLATE_BUNDLE_ICON_HIDPI = "GenericAppHiDPI.icns"; 59 private final static String DEFAULT_ENTITLEMENTS = "MacAppStore.entitlements"; 60 private final static String DEFAULT_INHERIT_ENTITLEMENTS = "MacAppStore_Inherit.entitlements"; 61 62 public static final BundlerParamInfo<String> MAC_APP_STORE_APP_SIGNING_KEY = new StandardBundlerParam<>( 63 I18N.getString("param.signing-key-app.name"), 64 I18N.getString("param.signing-key-app.description"), 65 "mac.signing-key-app", 66 String.class, 67 params -> MacBaseInstallerBundler.findKey("3rd Party Mac Developer Application: " + SIGNING_KEY_USER.fetchFrom(params), SIGNING_KEYCHAIN.fetchFrom(params), VERBOSE.fetchFrom(params)), 68 (s, p) -> s); 69 70 public static final BundlerParamInfo<String> MAC_APP_STORE_PKG_SIGNING_KEY = new StandardBundlerParam<>( 71 I18N.getString("param.signing-key-pkg.name"), 72 I18N.getString("param.signing-key-pkg.description"), 73 "mac.signing-key-pkg", 74 String.class, 75 params -> MacBaseInstallerBundler.findKey("3rd Party Mac Developer Installer: " + SIGNING_KEY_USER.fetchFrom(params), SIGNING_KEYCHAIN.fetchFrom(params), VERBOSE.fetchFrom(params)), 76 (s, p) -> s); 77 78 public static final StandardBundlerParam<File> MAC_APP_STORE_ENTITLEMENTS = new StandardBundlerParam<>( 79 I18N.getString("param.mac-app-store-entitlements.name"), 80 I18N.getString("param.mac-app-store-entitlements.description"), 81 "mac.app-store-entitlements", 82 File.class, 83 params -> null, 84 (s, p) -> new File(s)); 85 86 public static final BundlerParamInfo<String> INSTALLER_SUFFIX = new StandardBundlerParam<> ( 87 I18N.getString("param.installer-suffix.name"), 88 I18N.getString("param.installer-suffix.description"), 89 "mac.app-store.installerName.suffix", 90 String.class, 91 params -> "-MacAppStore", 92 (s, p) -> s); 93 94 public MacAppStoreBundler() { 95 super(); 96 baseResourceLoader = MacResources.class; 97 } 98 99 //@Override 100 public File bundle(Map<String, ? super Object> p, File outdir) { 101 Log.info(MessageFormat.format(I18N.getString("message.building-bundle"), APP_NAME.fetchFrom(p))); 102 if (!outdir.isDirectory() && !outdir.mkdirs()) { 103 throw new RuntimeException(MessageFormat.format(I18N.getString("error.cannot-create-output-dir"), outdir.getAbsolutePath())); 104 } 105 if (!outdir.canWrite()) { 106 throw new RuntimeException(MessageFormat.format(I18N.getString("error.cannot-write-to-output-dir"), outdir.getAbsolutePath())); 107 } 108 109 // first, load in some overrides 110 // icns needs @2 versions, so load in the @2 default 111 p.put(DEFAULT_ICNS_ICON.getID(), TEMPLATE_BUNDLE_ICON_HIDPI); 112 113 // next we need to change the jdk/jre stripping to strip gstreamer 114 p.put(MAC_RULES.getID(), createMacAppStoreRuntimeRules(p)); 115 116 // now we create the app 117 File appImageDir = APP_IMAGE_BUILD_ROOT.fetchFrom(p); 118 try { 119 appImageDir.mkdirs(); 120 121 // first, make sure we don't use the local signing key 122 p.put(DEVELOPER_ID_APP_SIGNING_KEY.getID(), null); 123 File appLocation = prepareAppBundle(p); 124 125 prepareEntitlements(p); 126 127 String signingIdentity = MAC_APP_STORE_APP_SIGNING_KEY.fetchFrom(p); 128 String identifierPrefix = BUNDLE_ID_SIGNING_PREFIX.fetchFrom(p); 129 String entitlementsFile = getConfig_Entitlements(p).toString(); 130 String inheritEntitlements = getConfig_Inherit_Entitlements(p).toString(); 131 132 signAppBundle(p, appLocation, signingIdentity, identifierPrefix, entitlementsFile, inheritEntitlements); 133 ProcessBuilder pb; 134 135 // create the final pkg file 136 File finalPKG = new File(outdir, INSTALLER_NAME.fetchFrom(p) 137 + INSTALLER_SUFFIX.fetchFrom(p) 138 + ".pkg"); 139 outdir.mkdirs(); 140 141 List<String> buildOptions = new ArrayList<>(); 142 buildOptions.add("productbuild"); 143 buildOptions.add("--component"); 144 buildOptions.add(appLocation.toString()); 145 buildOptions.add("/Applications"); 146 buildOptions.add("--sign"); 147 buildOptions.add(MAC_APP_STORE_PKG_SIGNING_KEY.fetchFrom(p)); 148 buildOptions.add("--product"); 149 buildOptions.add(appLocation + "/Contents/Info.plist"); 150 String keychainName = SIGNING_KEYCHAIN.fetchFrom(p); 151 if (keychainName != null && !keychainName.isEmpty()) { 152 buildOptions.add("--keychain"); 153 buildOptions.add(keychainName); 154 } 155 buildOptions.add(finalPKG.getAbsolutePath()); 156 157 pb = new ProcessBuilder(buildOptions); 158 159 IOUtils.exec(pb, VERBOSE.fetchFrom(p)); 160 return finalPKG; 161 } catch (Exception ex) { 162 Log.info("App Store Ready Bundle failed : " + ex.getMessage()); 163 ex.printStackTrace(); 164 Log.debug(ex); 165 return null; 166 } finally { 167 try { 168 if (appImageDir != null && !Log.isDebug()) { 169 IOUtils.deleteRecursive(appImageDir); 170 } else if (appImageDir != null) { 171 Log.info(MessageFormat.format(I18N.getString("mesasge.intermediate-bundle-location"), appImageDir.getAbsolutePath())); 172 } 173 if (!VERBOSE.fetchFrom(p)) { 174 //cleanup 175 cleanupConfigFiles(p); 176 } else { 177 Log.info(MessageFormat.format(I18N.getString("message.config-save-location"), CONFIG_ROOT.fetchFrom(p).getAbsolutePath())); 178 } 179 } catch (FileNotFoundException ex) { 180 //noinspection ReturnInsideFinallyBlock 181 return null; 182 } 183 } 184 } 185 186 protected void cleanupConfigFiles(Map<String, ? super Object> params) { 187 if (getConfig_Entitlements(params) != null) { 188 getConfig_Entitlements(params).delete(); 189 } 190 if (getConfig_Inherit_Entitlements(params) != null) { 191 getConfig_Inherit_Entitlements(params).delete(); 192 } 193 if (MAC_APP_IMAGE.fetchFrom(params) == null) { 194 APP_BUNDLER.fetchFrom(params).cleanupConfigFiles(params); 195 } 196 } 197 198 private File getConfig_Entitlements(Map<String, ? super Object> params) { 199 return new File(CONFIG_ROOT.fetchFrom(params), APP_NAME.fetchFrom(params) + ".entitlements"); 200 } 201 202 private File getConfig_Inherit_Entitlements(Map<String, ? super Object> params) { 203 return new File(CONFIG_ROOT.fetchFrom(params), APP_NAME.fetchFrom(params) + "_Inherit.entitlements"); 204 } 205 206 private void prepareEntitlements(Map<String, ? super Object> params) throws IOException { 207 File entitlements = MAC_APP_STORE_ENTITLEMENTS.fetchFrom(params); 208 if (entitlements == null || !entitlements.exists()) { 209 fetchResource(getEntitlementsFileName(params), 210 I18N.getString("resource.mac-app-store-entitlements"), 211 DEFAULT_ENTITLEMENTS, 212 getConfig_Entitlements(params), 213 VERBOSE.fetchFrom(params), 214 DROP_IN_RESOURCES_ROOT.fetchFrom(params)); 215 } else { 216 fetchResource(getEntitlementsFileName(params), 217 I18N.getString("resource.mac-app-store-entitlements"), 218 entitlements, 219 getConfig_Entitlements(params), 220 VERBOSE.fetchFrom(params), 221 DROP_IN_RESOURCES_ROOT.fetchFrom(params)); 222 } 223 fetchResource(getInheritEntitlementsFileName(params), 224 I18N.getString("resource.mac-app-store-inherit-entitlements"), 225 DEFAULT_INHERIT_ENTITLEMENTS, 226 getConfig_Inherit_Entitlements(params), 227 VERBOSE.fetchFrom(params), 228 DROP_IN_RESOURCES_ROOT.fetchFrom(params)); 229 } 230 231 private String getEntitlementsFileName(Map<String, ? super Object> params) { 232 return MAC_BUNDLER_PREFIX+ APP_NAME.fetchFrom(params) +".entitlements"; 233 } 234 235 private String getInheritEntitlementsFileName(Map<String, ? super Object> params) { 236 return MAC_BUNDLER_PREFIX+ APP_NAME.fetchFrom(params) +"_Inherit.entitlements"; 237 } 238 239 240 public static JreUtils.Rule[] createMacAppStoreRuntimeRules(Map<String, ? super Object> params) { 241 //Subsetting of JRE is restricted. 242 //JRE README defines what is allowed to strip: 243 // http://www.oracle.com/technetwork/java/javase/jre-8-readme-2095710.html 244 // 245 246 List<JreUtils.Rule> rules = new ArrayList<>(); 247 248 rules.addAll(Arrays.asList(createMacRuntimeRules(params))); 249 250 File baseDir; 251 252 if (params.containsKey(MAC_RUNTIME.getID())) { 253 Object o = params.get(MAC_RUNTIME.getID()); 254 if (o instanceof RelativeFileSet) { 255 256 baseDir = ((RelativeFileSet) o).getBaseDirectory(); 257 } else { 258 baseDir = new File(o.toString()); 259 } 260 } else { 261 baseDir = new File(System.getProperty("java.home")); 262 } 263 264 // we accept either pointing at the directories typically installed at: 265 // /Libraries/Java/JavaVirtualMachine/jdk1.8.0_40/ 266 // * . 267 // * Contents/Home 268 // * Contents/Home/jre 269 // /Library/Internet\ Plug-Ins/JavaAppletPlugin.plugin/ 270 // * . 271 // * /Contents/Home 272 // version may change, and if we don't detect any Contents/Home or Contents/Home/jre we will 273 // presume we are at a root. 274 275 276 try { 277 String path = baseDir.getCanonicalPath(); 278 if (path.endsWith("/Contents/Home/jre")) { 279 baseDir = baseDir.getParentFile().getParentFile().getParentFile(); 280 } else if (path.endsWith("/Contents/Home")) { 281 baseDir = baseDir.getParentFile().getParentFile(); 282 } 283 } catch (IOException e) { 284 throw new RuntimeException(e); 285 } 286 287 if (!baseDir.exists()) { 288 throw new RuntimeException(I18N.getString("error.non-existent-runtime"), 289 new ConfigException(I18N.getString("error.non-existent-runtime"), 290 I18N.getString("error.non-existent-runtime.advice"))); 291 } 292 293 if (new File(baseDir, "Contents/Home/lib/libjfxmedia_qtkit.dylib").exists() 294 || new File(baseDir, "Contents/Home/jre/lib/libjfxmedia_qtkit.dylib").exists()) 295 { 296 rules.add(JreUtils.Rule.suffixNeg("/lib/libjfxmedia_qtkit.dylib")); 297 } else { 298 rules.add(JreUtils.Rule.suffixNeg("/lib/libjfxmedia.dylib")); 299 } 300 return rules.toArray(new JreUtils.Rule[rules.size()]); 301 } 302 303 ////////////////////////////////////////////////////////////////////////////////// 304 // Implement Bundler 305 ////////////////////////////////////////////////////////////////////////////////// 306 307 @Override 308 public String getName() { 309 return I18N.getString("bundler.name"); 310 } 311 312 @Override 313 public String getDescription() { 314 return I18N.getString("bundler.description"); 315 } 316 317 @Override 318 public String getID() { 319 return "mac.appStore"; 320 } 321 322 @Override 323 public Collection<BundlerParamInfo<?>> getBundleParameters() { 324 Collection<BundlerParamInfo<?>> results = new LinkedHashSet<>(); 325 results.addAll(getAppBundleParameters()); 326 results.addAll(getMacAppStoreBundleParameters()); 327 return results; 328 } 329 330 public Collection<BundlerParamInfo<?>> getMacAppStoreBundleParameters() { 331 Collection<BundlerParamInfo<?>> results = new LinkedHashSet<>(); 332 333 results.addAll(getAppBundleParameters()); 334 results.remove(DEVELOPER_ID_APP_SIGNING_KEY); 335 results.addAll(Arrays.asList( 336 INSTALLER_SUFFIX, 337 MAC_APP_STORE_APP_SIGNING_KEY, 338 MAC_APP_STORE_ENTITLEMENTS, 339 MAC_APP_STORE_PKG_SIGNING_KEY, 340 SIGNING_KEYCHAIN 341 )); 342 343 return results; 344 } 345 346 @Override 347 public boolean validate(Map<String, ? super Object> params) throws UnsupportedPlatformException, ConfigException { 348 try { 349 if (!System.getProperty("os.name").toLowerCase().contains("os x")) { 350 throw new UnsupportedPlatformException(); 351 } 352 353 if (params == null) { 354 throw new ConfigException( 355 I18N.getString("error.parameters-null"), 356 I18N.getString("error.parameters-null.advice")); 357 } 358 359 // hdiutil is always available so there's no need to test for availability. 360 //run basic validation to ensure requirements are met 361 362 // Mac App Store apps cannot use the system runtime 363 if (params.containsKey(MAC_RUNTIME.getID()) && params.get(MAC_RUNTIME.getID()) == null) { 364 throw new ConfigException( 365 I18N.getString("error.no-system-runtime"), 366 I18N.getString("error.no-system-runtime.advice")); 367 } 368 369 //we need to change the jdk/jre stripping to strip qtkit code 370 params.put(MAC_RULES.getID(), createMacAppStoreRuntimeRules(params)); 371 372 //we are not interested in return code, only possible exception 373 validateAppImageAndBundeler(params); 374 375 // reject explicitly set to not sign 376 if (!Optional.ofNullable(SIGN_BUNDLE.fetchFrom(params)).orElse(Boolean.TRUE)) { 377 throw new ConfigException( 378 I18N.getString("error.must-sign-app-store"), 379 I18N.getString("error.must-sign-app-store.advice")); 380 } 381 382 // make sure we have settings for signatures 383 if (MAC_APP_STORE_APP_SIGNING_KEY.fetchFrom(params) == null) { 384 throw new ConfigException( 385 I18N.getString("error.no-app-signing-key"), 386 I18N.getString("error.no-app-signing-key.advice")); 387 } 388 if (MAC_APP_STORE_PKG_SIGNING_KEY.fetchFrom(params) == null) { 389 throw new ConfigException( 390 I18N.getString("error.no-pkg-signing-key"), 391 I18N.getString("error.no-pkg-signing-key.advice")); 392 } 393 394 // things we could check... 395 // check the icons, make sure it has hidpi icons 396 // check the category, make sure it fits in the list apple has provided 397 // validate bundle identifier is reverse dns 398 // check for \a+\.\a+\.. 399 400 return true; 401 } catch (RuntimeException re) { 402 if (re.getCause() instanceof ConfigException) { 403 throw (ConfigException) re.getCause(); 404 } else { 405 throw new ConfigException(re); 406 } 407 } 408 } 409 410 @Override 411 public File execute(Map<String, ? super Object> params, File outputParentDir) { 412 return bundle(params, outputParentDir); 413 } 414 }