// If multiple valid ones, find the one which matches the most specifically. I.e.,
// XXXXXXXXXX.com.example.* will match over XXXXXXXXXX.* for com.example.TestApp
// TODO(user): Account for differences between development and distribution certificates.
@VisibleForTesting
static Optional<ProvisioningProfileMetadata> getBestProvisioningProfile(
ImmutableSet<ProvisioningProfileMetadata> profiles,
String bundleID,
Optional<String> provisioningProfileUUID,
Optional<String> prefix) {
int bestMatchLength = -1;
Optional<ProvisioningProfileMetadata> bestMatch =
Optional.<ProvisioningProfileMetadata>absent();
for (ProvisioningProfileMetadata profile : profiles) {
if (provisioningProfileUUID.isPresent()
&& profile.getUUID().equals(provisioningProfileUUID.get())) {
return Optional.<ProvisioningProfileMetadata>of(profile);
}
if (profile.getExpirationDate().after(new Date())) {
Pair<String, String> appID = profile.getAppID();
LOG.debug("Looking at provisioning profile " + profile.getUUID() + "," + appID.toString());
if (!prefix.isPresent() || prefix.get().equals(appID.getFirst())) {
String profileBundleID = appID.getSecond();
boolean match;
if (profileBundleID.endsWith("*")) {
// Chop the ending * if wildcard.
profileBundleID = profileBundleID.substring(0, profileBundleID.length() - 1);
match = bundleID.startsWith(profileBundleID);
} else {
match = (bundleID.equals(profileBundleID));
}
if (match && profileBundleID.length() > bestMatchLength) {
bestMatchLength = profileBundleID.length();
bestMatch = Optional.<ProvisioningProfileMetadata>of(profile);
}
}
}
}
LOG.debug("Found provisioning profile " + bestMatch.toString());
return bestMatch;
}
@Override
public int execute(ExecutionContext context) throws InterruptedException {
final String bundleID;
try {
bundleID =
AppleInfoPlistParsing.getBundleIdFromPlistStream(
filesystem.getInputStreamForRelativePath(infoPlist))
.get();
} catch (IOException e) {
throw new HumanReadableException("Unable to get bundle ID from info.plist: " + infoPlist);
}
final Optional<ImmutableMap<String, NSObject>> entitlements;
final String prefix;
if (entitlementsPlist.isPresent()) {
try {
NSDictionary entitlementsPlistDict =
(NSDictionary) PropertyListParser.parse(entitlementsPlist.get().toFile());
entitlements = Optional.of(ImmutableMap.copyOf(entitlementsPlistDict.getHashMap()));
prefix = ProvisioningProfileMetadata.prefixFromEntitlements(entitlements.get());
} catch (IOException e) {
throw new HumanReadableException(
"Unable to find entitlement .plist: " + entitlementsPlist.get());
} catch (Exception e) {
throw new HumanReadableException(
"Malformed entitlement .plist: " + entitlementsPlist.get());
}
} else {
entitlements = ProvisioningProfileStore.MATCH_ANY_ENTITLEMENT;
prefix = "*";
}
Optional<ProvisioningProfileMetadata> bestProfile =
provisioningProfileUUID.isPresent()
? provisioningProfileStore.getProvisioningProfileByUUID(provisioningProfileUUID.get())
: provisioningProfileStore.getBestProvisioningProfile(bundleID, entitlements);
if (!bestProfile.isPresent()) {
throw new HumanReadableException(
"No valid non-expired provisioning profiles match for " + prefix + "." + bundleID);
}
selectedProvisioningProfileFuture.set(bestProfile.get());
Path provisioningProfileSource = bestProfile.get().getProfilePath();
// Copy the actual .mobileprovision.
try {
filesystem.copy(
provisioningProfileSource, provisioningProfileDestination, CopySourceMode.FILE);
} catch (IOException e) {
context.logError(e, "Failed when trying to copy: %s", getDescription(context));
return 1;
}
// Merge tne entitlements with the profile, and write out.
if (entitlementsPlist.isPresent()) {
return (new PlistProcessStep(
filesystem,
entitlementsPlist.get(),
signingEntitlementsTempPath,
bestProfile.get().getEntitlements(),
ImmutableMap.<String, NSObject>of(),
PlistProcessStep.OutputFormat.XML))
.execute(context);
} else {
// No entitlements.plist explicitly specified; write out the minimal entitlements needed.
String appID = bestProfile.get().getAppID().getFirst() + "." + bundleID;
NSDictionary entitlementsPlist = new NSDictionary();
entitlementsPlist.putAll(bestProfile.get().getEntitlements());
entitlementsPlist.put(APPLICATION_IDENTIFIER, appID);
entitlementsPlist.put(KEYCHAIN_ACCESS_GROUPS, new String[] {appID});
return (new WriteFileStep(
filesystem,
entitlementsPlist.toXMLPropertyList(),
signingEntitlementsTempPath,
/* executable */ false))
.execute(context);
}
}
@Override
public int execute(ExecutionContext context) throws InterruptedException {
final String bundleID;
try {
bundleID =
AppleInfoPlistParsing.getBundleIdFromPlistStream(
context.getProjectFilesystem().getInputStreamForRelativePath(infoPlist))
.get();
} catch (IOException e) {
throw new HumanReadableException("Unable to get bundle ID from info.plist: " + infoPlist);
}
// What to look for in the provisioning profile.
final Optional<String> prefix; // e.g. ABCDE12345
if (entitlementsPlist.isPresent()) {
NSDictionary entitlementsPlistDict;
try {
entitlementsPlistDict =
(NSDictionary) PropertyListParser.parse(entitlementsPlist.get().toFile());
} catch (Exception e) {
throw new HumanReadableException(
"Malformed entitlement .plist: " + entitlementsPlist.get());
}
try {
String appID =
((NSArray) entitlementsPlistDict.get("keychain-access-groups"))
.objectAtIndex(0)
.toString();
prefix = Optional.<String>of(ProvisioningProfileMetadata.splitAppID(appID).getFirst());
} catch (Exception e) {
throw new HumanReadableException(
"Malformed entitlement .plist (missing keychain-access-groups): "
+ entitlementsPlist.get());
}
} else {
prefix = Optional.<String>absent();
}
Optional<ProvisioningProfileMetadata> bestProfile =
getBestProvisioningProfile(profiles, bundleID, provisioningProfileUUID, prefix);
if (!bestProfile.isPresent()) {
throw new HumanReadableException(
"No valid non-expired provisioning profiles match for " + prefix + "." + bundleID);
}
Path provisioningProfileSource = bestProfile.get().getProfilePath().get();
// Copy the actual .mobileprovision.
try {
context
.getProjectFilesystem()
.copy(provisioningProfileSource, provisioningProfileDestination, CopySourceMode.FILE);
} catch (IOException e) {
context.logError(e, "Failed when trying to copy: %s", getDescription(context));
return 1;
}
// Merge tne entitlements with the profile, and write out.
if (entitlementsPlist.isPresent()) {
return (new PlistProcessStep(
entitlementsPlist.get(),
signingEntitlementsTempPath,
bestProfile.get().getEntitlements(),
ImmutableMap.<String, NSObject>of(),
PlistProcessStep.OutputFormat.XML))
.execute(context);
} else {
// No entitlements.plist explicitly specified; write out the minimal entitlements needed.
String appID = bestProfile.get().getAppID().getFirst() + "." + bundleID;
NSDictionary entitlements = new NSDictionary();
entitlements.putAll(bestProfile.get().getEntitlements());
entitlements.put(APPLICATION_IDENTIFIER, appID);
entitlements.put(KEYCHAIN_ACCESS_GROUPS, new String[] {appID});
return (new WriteFileStep(
filesystem,
entitlements.toXMLPropertyList(),
signingEntitlementsTempPath,
/* executable */ false))
.execute(context);
}
}