author | herrick |
Fri, 21 Dec 2018 07:40:47 -0500 | |
branch | JDK-8200758-branch |
changeset 57091 | 06bc4bd64599 |
parent 57067 | 9c17d779808e |
child 57096 | d06bec27f8c9 |
permissions | -rw-r--r-- |
57038 | 1 |
/* |
2 |
* Copyright (c) 2014, 2018, Oracle and/or its affiliates. All rights reserved. |
|
3 |
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. |
|
4 |
* |
|
5 |
* This code is free software; you can redistribute it and/or modify it |
|
6 |
* under the terms of the GNU General Public License version 2 only, as |
|
7 |
* published by the Free Software Foundation. Oracle designates this |
|
8 |
* particular file as subject to the "Classpath" exception as provided |
|
9 |
* by Oracle in the LICENSE file that accompanied this code. |
|
10 |
* |
|
11 |
* This code is distributed in the hope that it will be useful, but WITHOUT |
|
12 |
* ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or |
|
13 |
* FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License |
|
14 |
* version 2 for more details (a copy is included in the LICENSE file that |
|
15 |
* accompanied this code). |
|
16 |
* |
|
17 |
* You should have received a copy of the GNU General Public License version |
|
18 |
* 2 along with this work; if not, write to the Free Software Foundation, |
|
19 |
* Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. |
|
20 |
* |
|
21 |
* Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA |
|
22 |
* or visit www.oracle.com if you need additional information or have any |
|
23 |
* questions. |
|
24 |
*/ |
|
25 |
||
57039 | 26 |
package jdk.jpackage.internal; |
57038 | 27 |
|
28 |
import java.io.File; |
|
29 |
import java.io.IOException; |
|
30 |
import java.text.MessageFormat; |
|
31 |
import java.util.ArrayList; |
|
32 |
import java.util.Arrays; |
|
33 |
import java.util.Collection; |
|
34 |
import java.util.LinkedHashSet; |
|
35 |
import java.util.List; |
|
36 |
import java.util.Map; |
|
37 |
import java.util.Optional; |
|
38 |
import java.util.ResourceBundle; |
|
39 |
||
57039 | 40 |
import static jdk.jpackage.internal.StandardBundlerParam.*; |
41 |
import static jdk.jpackage.internal.MacAppBundler.*; |
|
57038 | 42 |
|
43 |
public class MacAppStoreBundler extends MacBaseInstallerBundler { |
|
44 |
||
57059 | 45 |
private static final ResourceBundle I18N = ResourceBundle.getBundle( |
46 |
"jdk.jpackage.internal.resources.MacResources"); |
|
57038 | 47 |
|
48 |
private static final String TEMPLATE_BUNDLE_ICON_HIDPI = |
|
49 |
"GenericAppHiDPI.icns"; |
|
50 |
private final static String DEFAULT_ENTITLEMENTS = |
|
51 |
"MacAppStore.entitlements"; |
|
52 |
private final static String DEFAULT_INHERIT_ENTITLEMENTS = |
|
53 |
"MacAppStore_Inherit.entitlements"; |
|
54 |
||
55 |
public static final BundlerParamInfo<String> MAC_APP_STORE_APP_SIGNING_KEY = |
|
56 |
new StandardBundlerParam<>( |
|
57 |
I18N.getString("param.signing-key-app.name"), |
|
58 |
I18N.getString("param.signing-key-app.description"), |
|
59 |
"mac.signing-key-app", |
|
60 |
String.class, |
|
61 |
params -> { |
|
62 |
String result = MacBaseInstallerBundler.findKey( |
|
63 |
"3rd Party Mac Developer Application: " + |
|
64 |
SIGNING_KEY_USER.fetchFrom(params), |
|
65 |
SIGNING_KEYCHAIN.fetchFrom(params), |
|
66 |
VERBOSE.fetchFrom(params)); |
|
67 |
if (result != null) { |
|
68 |
MacCertificate certificate = new MacCertificate(result, |
|
69 |
VERBOSE.fetchFrom(params)); |
|
70 |
||
71 |
if (!certificate.isValid()) { |
|
72 |
Log.error(MessageFormat.format( |
|
73 |
I18N.getString("error.certificate.expired"), |
|
74 |
result)); |
|
75 |
} |
|
76 |
} |
|
77 |
||
78 |
return result; |
|
79 |
}, |
|
80 |
(s, p) -> s); |
|
81 |
||
82 |
public static final BundlerParamInfo<String> MAC_APP_STORE_PKG_SIGNING_KEY = |
|
83 |
new StandardBundlerParam<>( |
|
84 |
I18N.getString("param.signing-key-pkg.name"), |
|
85 |
I18N.getString("param.signing-key-pkg.description"), |
|
86 |
"mac.signing-key-pkg", |
|
87 |
String.class, |
|
88 |
params -> { |
|
89 |
String result = MacBaseInstallerBundler.findKey( |
|
90 |
"3rd Party Mac Developer Installer: " + |
|
91 |
SIGNING_KEY_USER.fetchFrom(params), |
|
92 |
SIGNING_KEYCHAIN.fetchFrom(params), |
|
93 |
VERBOSE.fetchFrom(params)); |
|
94 |
||
95 |
if (result != null) { |
|
96 |
MacCertificate certificate = new MacCertificate( |
|
97 |
result, VERBOSE.fetchFrom(params)); |
|
98 |
||
99 |
if (!certificate.isValid()) { |
|
100 |
Log.error(MessageFormat.format( |
|
101 |
I18N.getString("error.certificate.expired"), |
|
102 |
result)); |
|
103 |
} |
|
104 |
} |
|
105 |
||
106 |
return result; |
|
107 |
}, |
|
108 |
(s, p) -> s); |
|
109 |
||
110 |
public static final StandardBundlerParam<File> MAC_APP_STORE_ENTITLEMENTS = |
|
111 |
new StandardBundlerParam<>( |
|
112 |
I18N.getString("param.mac-app-store-entitlements.name"), |
|
113 |
I18N.getString("param.mac-app-store-entitlements.description"), |
|
114 |
Arguments.CLIOptions.MAC_APP_STORE_ENTITLEMENTS.getId(), |
|
115 |
File.class, |
|
116 |
params -> null, |
|
117 |
(s, p) -> new File(s)); |
|
118 |
||
119 |
public static final BundlerParamInfo<String> INSTALLER_SUFFIX = |
|
120 |
new StandardBundlerParam<> ( |
|
121 |
I18N.getString("param.installer-suffix.name"), |
|
122 |
I18N.getString("param.installer-suffix.description"), |
|
123 |
"mac.app-store.installerName.suffix", |
|
124 |
String.class, |
|
125 |
params -> "-MacAppStore", |
|
126 |
(s, p) -> s); |
|
127 |
||
128 |
//@Override |
|
129 |
public File bundle(Map<String, ? super Object> p, File outdir) { |
|
130 |
Log.verbose(MessageFormat.format(I18N.getString( |
|
131 |
"message.building-bundle"), APP_NAME.fetchFrom(p))); |
|
132 |
if (!outdir.isDirectory() && !outdir.mkdirs()) { |
|
133 |
throw new RuntimeException(MessageFormat.format(I18N.getString( |
|
134 |
"error.cannot-create-output-dir"), |
|
135 |
outdir.getAbsolutePath())); |
|
136 |
} |
|
137 |
if (!outdir.canWrite()) { |
|
138 |
throw new RuntimeException(MessageFormat.format(I18N.getString( |
|
139 |
"error.cannot-write-to-output-dir"), |
|
140 |
outdir.getAbsolutePath())); |
|
141 |
} |
|
142 |
||
143 |
// first, load in some overrides |
|
144 |
// icns needs @2 versions, so load in the @2 default |
|
145 |
p.put(DEFAULT_ICNS_ICON.getID(), TEMPLATE_BUNDLE_ICON_HIDPI); |
|
146 |
||
147 |
// now we create the app |
|
148 |
File appImageDir = APP_IMAGE_BUILD_ROOT.fetchFrom(p); |
|
149 |
try { |
|
150 |
appImageDir.mkdirs(); |
|
151 |
||
152 |
try { |
|
153 |
MacAppImageBuilder.addNewKeychain(p); |
|
154 |
} catch (InterruptedException e) { |
|
155 |
Log.error(e.getMessage()); |
|
156 |
} |
|
157 |
// first, make sure we don't use the local signing key |
|
158 |
p.put(DEVELOPER_ID_APP_SIGNING_KEY.getID(), null); |
|
159 |
File appLocation = prepareAppBundle(p, false); |
|
160 |
||
161 |
prepareEntitlements(p); |
|
162 |
||
163 |
String signingIdentity = MAC_APP_STORE_APP_SIGNING_KEY.fetchFrom(p); |
|
164 |
String identifierPrefix = BUNDLE_ID_SIGNING_PREFIX.fetchFrom(p); |
|
165 |
String entitlementsFile = getConfig_Entitlements(p).toString(); |
|
166 |
String inheritEntitlements = |
|
167 |
getConfig_Inherit_Entitlements(p).toString(); |
|
168 |
||
169 |
MacAppImageBuilder.signAppBundle(p, appLocation.toPath(), |
|
170 |
signingIdentity, identifierPrefix, |
|
171 |
entitlementsFile, inheritEntitlements); |
|
172 |
MacAppImageBuilder.restoreKeychainList(p); |
|
173 |
||
174 |
ProcessBuilder pb; |
|
175 |
||
176 |
// create the final pkg file |
|
177 |
File finalPKG = new File(outdir, INSTALLER_NAME.fetchFrom(p) |
|
178 |
+ INSTALLER_SUFFIX.fetchFrom(p) |
|
179 |
+ ".pkg"); |
|
180 |
outdir.mkdirs(); |
|
181 |
||
182 |
String installIdentify = |
|
183 |
MAC_APP_STORE_PKG_SIGNING_KEY.fetchFrom(p); |
|
184 |
||
185 |
List<String> buildOptions = new ArrayList<>(); |
|
186 |
buildOptions.add("productbuild"); |
|
187 |
buildOptions.add("--component"); |
|
188 |
buildOptions.add(appLocation.toString()); |
|
189 |
buildOptions.add("/Applications"); |
|
190 |
buildOptions.add("--sign"); |
|
191 |
buildOptions.add(installIdentify); |
|
192 |
buildOptions.add("--product"); |
|
193 |
buildOptions.add(appLocation + "/Contents/Info.plist"); |
|
194 |
String keychainName = SIGNING_KEYCHAIN.fetchFrom(p); |
|
195 |
if (keychainName != null && !keychainName.isEmpty()) { |
|
196 |
buildOptions.add("--keychain"); |
|
197 |
buildOptions.add(keychainName); |
|
198 |
} |
|
199 |
buildOptions.add(finalPKG.getAbsolutePath()); |
|
200 |
||
201 |
pb = new ProcessBuilder(buildOptions); |
|
202 |
||
203 |
IOUtils.exec(pb, false); |
|
204 |
return finalPKG; |
|
205 |
} catch (Exception ex) { |
|
206 |
Log.error("App Store Ready Bundle failed : " + ex.getMessage()); |
|
207 |
Log.verbose(ex); |
|
208 |
return null; |
|
209 |
} finally { |
|
210 |
try { |
|
211 |
if (appImageDir != null && |
|
212 |
PREDEFINED_APP_IMAGE.fetchFrom(p) == null && |
|
213 |
(PREDEFINED_RUNTIME_IMAGE.fetchFrom(p) == null || |
|
214 |
!Arguments.CREATE_JRE_INSTALLER.fetchFrom(p)) && |
|
215 |
!Log.isDebug() && |
|
216 |
!Log.isVerbose()) { |
|
217 |
IOUtils.deleteRecursive(appImageDir); |
|
218 |
} else if (appImageDir != null) { |
|
219 |
Log.verbose(MessageFormat.format(I18N.getString( |
|
220 |
"mesasge.intermediate-bundle-location"), |
|
221 |
appImageDir.getAbsolutePath())); |
|
222 |
} |
|
223 |
||
224 |
//cleanup |
|
225 |
cleanupConfigFiles(p); |
|
226 |
} catch (IOException ex) { |
|
227 |
//noinspection ReturnInsideFinallyBlock |
|
228 |
Log.debug(ex.getMessage()); |
|
229 |
return null; |
|
230 |
} |
|
231 |
} |
|
232 |
} |
|
233 |
||
234 |
protected void cleanupConfigFiles(Map<String, ? super Object> params) { |
|
235 |
if (Log.isDebug() || Log.isVerbose()) { |
|
236 |
return; |
|
237 |
} |
|
238 |
||
239 |
if (getConfig_Entitlements(params) != null) { |
|
240 |
getConfig_Entitlements(params).delete(); |
|
241 |
} |
|
242 |
if (getConfig_Inherit_Entitlements(params) != null) { |
|
243 |
getConfig_Inherit_Entitlements(params).delete(); |
|
244 |
} |
|
245 |
if (PREDEFINED_APP_IMAGE.fetchFrom(params) == null) { |
|
246 |
APP_BUNDLER.fetchFrom(params).cleanupConfigFiles(params); |
|
247 |
} |
|
248 |
} |
|
249 |
||
250 |
private File getConfig_Entitlements(Map<String, ? super Object> params) { |
|
251 |
return new File(CONFIG_ROOT.fetchFrom(params), |
|
252 |
APP_NAME.fetchFrom(params) + ".entitlements"); |
|
253 |
} |
|
254 |
||
255 |
private File getConfig_Inherit_Entitlements( |
|
256 |
Map<String, ? super Object> params) { |
|
257 |
return new File(CONFIG_ROOT.fetchFrom(params), |
|
258 |
APP_NAME.fetchFrom(params) + "_Inherit.entitlements"); |
|
259 |
} |
|
260 |
||
261 |
private void prepareEntitlements(Map<String, ? super Object> params) |
|
262 |
throws IOException { |
|
263 |
File entitlements = MAC_APP_STORE_ENTITLEMENTS.fetchFrom(params); |
|
264 |
if (entitlements == null || !entitlements.exists()) { |
|
265 |
fetchResource(getEntitlementsFileName(params), |
|
266 |
I18N.getString("resource.mac-app-store-entitlements"), |
|
267 |
DEFAULT_ENTITLEMENTS, |
|
268 |
getConfig_Entitlements(params), |
|
269 |
VERBOSE.fetchFrom(params), |
|
57091
06bc4bd64599
8215515: Add a command line option to override internal resources.
herrick
parents:
57067
diff
changeset
|
270 |
RESOURCE_DIR.fetchFrom(params)); |
57038 | 271 |
} else { |
272 |
fetchResource(getEntitlementsFileName(params), |
|
273 |
I18N.getString("resource.mac-app-store-entitlements"), |
|
274 |
entitlements, |
|
275 |
getConfig_Entitlements(params), |
|
276 |
VERBOSE.fetchFrom(params), |
|
57091
06bc4bd64599
8215515: Add a command line option to override internal resources.
herrick
parents:
57067
diff
changeset
|
277 |
RESOURCE_DIR.fetchFrom(params)); |
57038 | 278 |
} |
279 |
fetchResource(getInheritEntitlementsFileName(params), |
|
280 |
I18N.getString("resource.mac-app-store-inherit-entitlements"), |
|
281 |
DEFAULT_INHERIT_ENTITLEMENTS, |
|
282 |
getConfig_Inherit_Entitlements(params), |
|
283 |
VERBOSE.fetchFrom(params), |
|
57091
06bc4bd64599
8215515: Add a command line option to override internal resources.
herrick
parents:
57067
diff
changeset
|
284 |
RESOURCE_DIR.fetchFrom(params)); |
57038 | 285 |
} |
286 |
||
287 |
private String getEntitlementsFileName(Map<String, ? super Object> params) { |
|
57091
06bc4bd64599
8215515: Add a command line option to override internal resources.
herrick
parents:
57067
diff
changeset
|
288 |
return APP_NAME.fetchFrom(params) + ".entitlements"; |
57038 | 289 |
} |
290 |
||
291 |
private String getInheritEntitlementsFileName( |
|
292 |
Map<String, ? super Object> params) { |
|
57091
06bc4bd64599
8215515: Add a command line option to override internal resources.
herrick
parents:
57067
diff
changeset
|
293 |
return APP_NAME.fetchFrom(params) + "_Inherit.entitlements"; |
57038 | 294 |
} |
295 |
||
296 |
||
297 |
/////////////////////////////////////////////////////////////////////// |
|
298 |
// Implement Bundler |
|
299 |
/////////////////////////////////////////////////////////////////////// |
|
300 |
||
301 |
@Override |
|
302 |
public String getName() { |
|
57059 | 303 |
return I18N.getString("store.bundler.name"); |
57038 | 304 |
} |
305 |
||
306 |
@Override |
|
307 |
public String getDescription() { |
|
57059 | 308 |
return I18N.getString("store.bundler.description"); |
57038 | 309 |
} |
310 |
||
311 |
@Override |
|
312 |
public String getID() { |
|
313 |
return "mac.appStore"; |
|
314 |
} |
|
315 |
||
316 |
@Override |
|
317 |
public Collection<BundlerParamInfo<?>> getBundleParameters() { |
|
318 |
Collection<BundlerParamInfo<?>> results = new LinkedHashSet<>(); |
|
319 |
results.addAll(getAppBundleParameters()); |
|
320 |
results.addAll(getMacAppStoreBundleParameters()); |
|
321 |
return results; |
|
322 |
} |
|
323 |
||
324 |
public Collection<BundlerParamInfo<?>> getMacAppStoreBundleParameters() { |
|
325 |
Collection<BundlerParamInfo<?>> results = new LinkedHashSet<>(); |
|
326 |
||
327 |
results.addAll(getAppBundleParameters()); |
|
328 |
results.remove(DEVELOPER_ID_APP_SIGNING_KEY); |
|
329 |
results.addAll(Arrays.asList( |
|
330 |
INSTALLER_SUFFIX, |
|
331 |
MAC_APP_STORE_APP_SIGNING_KEY, |
|
332 |
MAC_APP_STORE_ENTITLEMENTS, |
|
333 |
MAC_APP_STORE_PKG_SIGNING_KEY, |
|
334 |
SIGNING_KEYCHAIN |
|
335 |
)); |
|
336 |
||
337 |
return results; |
|
338 |
} |
|
339 |
||
340 |
@Override |
|
341 |
public boolean validate(Map<String, ? super Object> params) |
|
342 |
throws UnsupportedPlatformException, ConfigException { |
|
343 |
try { |
|
344 |
if (Platform.getPlatform() != Platform.MAC) { |
|
345 |
throw new UnsupportedPlatformException(); |
|
346 |
} |
|
347 |
||
348 |
if (params == null) { |
|
349 |
throw new ConfigException( |
|
350 |
I18N.getString("error.parameters-null"), |
|
351 |
I18N.getString("error.parameters-null.advice")); |
|
352 |
} |
|
353 |
||
354 |
// hdiutil is always available so there's no need to test for |
|
355 |
// availability. |
|
356 |
// run basic validation to ensure requirements are met |
|
357 |
||
358 |
// TODO Mac App Store apps cannot use the system runtime |
|
359 |
||
360 |
// we are not interested in return code, only possible exception |
|
361 |
validateAppImageAndBundeler(params); |
|
362 |
||
363 |
// reject explicitly set to not sign |
|
364 |
if (!Optional.ofNullable(MacAppImageBuilder. |
|
365 |
SIGN_BUNDLE.fetchFrom(params)).orElse(Boolean.TRUE)) { |
|
366 |
throw new ConfigException( |
|
367 |
I18N.getString("error.must-sign-app-store"), |
|
368 |
I18N.getString("error.must-sign-app-store.advice")); |
|
369 |
} |
|
370 |
||
371 |
// make sure we have settings for signatures |
|
372 |
if (MAC_APP_STORE_APP_SIGNING_KEY.fetchFrom(params) == null) { |
|
373 |
throw new ConfigException( |
|
374 |
I18N.getString("error.no-app-signing-key"), |
|
375 |
I18N.getString("error.no-app-signing-key.advice")); |
|
376 |
} |
|
377 |
if (MAC_APP_STORE_PKG_SIGNING_KEY.fetchFrom(params) == null) { |
|
378 |
throw new ConfigException( |
|
379 |
I18N.getString("error.no-pkg-signing-key"), |
|
380 |
I18N.getString("error.no-pkg-signing-key.advice")); |
|
381 |
} |
|
382 |
||
383 |
// things we could check... |
|
384 |
// check the icons, make sure it has hidpi icons |
|
385 |
// check the category, |
|
386 |
// make sure it fits in the list apple has provided |
|
387 |
// validate bundle identifier is reverse dns |
|
388 |
// check for \a+\.\a+\.. |
|
389 |
||
390 |
return true; |
|
391 |
} catch (RuntimeException re) { |
|
392 |
if (re.getCause() instanceof ConfigException) { |
|
393 |
throw (ConfigException) re.getCause(); |
|
394 |
} else { |
|
395 |
throw new ConfigException(re); |
|
396 |
} |
|
397 |
} |
|
398 |
} |
|
399 |
||
400 |
@Override |
|
401 |
public File execute(Map<String, ? super Object> params, |
|
402 |
File outputParentDir) { |
|
403 |
return bundle(params, outputParentDir); |
|
404 |
} |
|
405 |
||
406 |
@Override |
|
407 |
public boolean supported() { |
|
408 |
return !Arguments.isJreInstaller() && |
|
409 |
Platform.getPlatform() == Platform.MAC; |
|
410 |
} |
|
411 |
} |