cert 0.2.1 → 0.3.0.beta1

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: 1613b46cf5a0b4f57ac5e90ba9b08551c03bb78c
-  data.tar.gz: 635914b5ce20080fd08c25d8536d4b471a1c59af
+  metadata.gz: 760a074d01502ea87e72833b5d0f2f2c222ee237
+  data.tar.gz: e4f2bbc5e8615419ea0b75adaffc6d540a372004
 SHA512:
-  metadata.gz: 7d5ccf6591453392d977741fc12ff51e4151f7f4b4a35a7d85f7797a46f053714ef308767e811ebd5bad37ef4e406e41f0ee8f7d4389b9f232a405346db35af4
-  data.tar.gz: ed9086fc6162cf754b612b0e0019be63ebc5b99836f38f123245e6c4577bbb4ea392d263e2b6d5df621736fb1a6eac7408099ccd2f2f4564aa0e91990890fd03
+  metadata.gz: a0ed0694a68b3a3c2e1ee8f0466b2acaac80315ca14f8b6b4c34ddc2f1ab5a99bf32b24030475c6b20a7cbf46afd3d6bc6da238ce8e34f8d1ae9c6fa37629d3e
+  data.tar.gz: 11c9f32bc56455b8ef79eb06c304adba30f124c20d3a68761c7e791cb0a88540331d0cb9af583eb0940b318cd9e2747dc6599759ce7efd7de926de2af4ae7c10

data/README.md

@@ -120,12 +120,6 @@ end
 This will result in `sigh` always using the correct signing certificate, which is installed on the local machine.
 
 
-# How does it work?
-
-- `cert` accesses the ```iOS Dev Center``` to create or download your certificate. See: [developer_center.rb](https://github.com/KrauseFx/cert/blob/master/lib/cert/developer_center.rb).
-- The ```.certSigningRequest``` file will be generated in [signing_request.rb](https://github.com/KrauseFx/cert/blob/master/lib/cert/signing_request.rb)
-
-
 ## How is my password stored?
 ```cert``` uses the [password manager](https://github.com/fastlane/CredentialsManager) from `fastlane`. Take a look the [CredentialsManager README](https://github.com/fastlane/CredentialsManager) for more information.
 

data/bin/cert

@@ -31,7 +31,7 @@ class CertApplication
 
       c.action do |args, options|
         Cert.config = FastlaneCore::Configuration.create(Cert::Options.available_options, options.__hash__)
-        Cert::CertRunner.run
+        Cert::CertRunner.new.launch
       end
     end
 

data/lib/cert/cert_runner.rb

@@ -1,10 +1,99 @@
 module Cert
   class CertRunner
-    def self.run
-      Cert::DeveloperCenter.new.run
+    def launch
+      run
 
-      installed = Cert::CertChecker.is_installed?ENV["CER_FILE_PATH"]
+      installed = FastlaneCore::CertChecker.is_installed?ENV["CER_FILE_PATH"]
       raise "Could not find the newly generated certificate installed" unless installed
     end
+
+    def run
+      Helper.log.info "Starting login"
+      Spaceship.login(Cert.config[:username], nil)
+      Spaceship.select_team
+      Helper.log.info "Successfully logged in"
+
+      if find_existing_cert
+        return # success
+      else
+        if create_certificate # no certificate here, creating a new one
+          return # success
+        else
+          raise "Something went wrong when trying to create a new certificate..."
+        end
+      end
+    end
+
+    def find_existing_cert
+      certificates.each do |certificate|
+        path = store_certificate(certificate)
+
+        if FastlaneCore::CertChecker.is_installed?path
+          # This certificate is installed on the local machine
+          ENV["CER_CERTIFICATE_ID"] = certificate.id
+          ENV["CER_FILE_PATH"] = path
+
+          Helper.log.info "Found the certificate #{certificate.id} (#{certificate.name}) which is installed on the local machine. Using this one.".green
+
+          return path
+        end
+      end
+
+      Helper.log.info "Couldn't find an existing certificate... creating a new one"
+      return nil
+    end
+
+    # All certificates of this type
+    def certificates
+      certificate_type.all
+    end
+
+    # The kind of certificate we're interested in
+    def certificate_type
+      cert_type = Spaceship.certificate.production
+      cert_type = Spaceship.certificate.development if Cert.config[:development]
+      cert_type = Spaceship.certificate.in_house if Spaceship.client.in_house?
+
+      cert_type
+    end
+
+    def create_certificate
+      # Create a new certificate signing request
+      csr, pkey = Spaceship.certificate.create_certificate_signing_request
+
+      # Use the signing request to create a new distribution certificate
+      begin
+        certificate = certificate_type.create!(csr: csr)
+      rescue => ex
+        Helper.log.error "Could not create another certificate, reached the maximum number of available certificates.".red
+        raise ex
+      end
+
+      # Store all that onto the filesystem
+      request_path = File.join(Cert.config[:output_path], 'CertCertificateSigningRequest.certSigningRequest')
+      File.write(request_path, csr.to_pem)
+      private_key_path = File.join(Cert.config[:output_path], 'private_key.p12')
+      File.write(private_key_path, pkey)
+      cert_path = store_certificate(certificate)
+
+      # Import all the things into the Keychain
+      KeychainImporter.import_file(private_key_path)
+      KeychainImporter.import_file(cert_path)
+
+      # Environment variables for the fastlane action
+      ENV["CER_CERTIFICATE_ID"] = certificate.id
+      ENV["CER_FILE_PATH"] = cert_path
+
+      Helper.log.info "Successfully generated #{certificate.id} which was imported to the local machine.".green
+
+      return cert_path
+    end
+
+    def store_certificate(certificate)
+      path = File.join(Cert.config[:output_path], "#{certificate.id}.cer")
+      raw_data = certificate.download_raw
+      File.write(path, raw_data)
+      return path
+    end
   end
-end
+end

data/lib/cert/options.rb

@@ -25,6 +25,10 @@ module Cert
                                      verify_block: Proc.new do |value|
                                         ENV["FASTLANE_TEAM_ID"] = value
                                      end),
+        FastlaneCore::ConfigItem.new(key: :output_path,
+                                     env_name: "CERT_OUTPUT_PATH",
+                                     description: "The path to a directory in which all certificates and private keys should be stored",
+                                     default_value: "."),
         FastlaneCore::ConfigItem.new(key: :keychain_path,
                                      short_option: "-k",
                                      env_name: "CERT_KEYCHAIN_PATH",

data/lib/cert/signing_request.rb

@@ -28,7 +28,7 @@ module Cert
 
       # Import the private key into the Keychain
       puts `chmod 600 '#{private_key_path}'` # otherwise we're not allowed to import the private key
-      KeychainImporter::import_file(private_key_path)
+      KeychainImporter.import_file(private_key_path)
 
       Helper.log.info "Successfully generated .certSigningRequest at path '#{path}'".green
       return path

data/lib/cert/version.rb

@@ -1,3 +1,3 @@
 module Cert
-  VERSION = "0.2.1"
+  VERSION = "0.3.0.beta1"
 end

data/lib/cert.rb

@@ -1,12 +1,11 @@
 require 'cert/version'
 require 'cert/dependency_checker'
-require 'cert/developer_center'
 require 'cert/cert_runner'
-require 'cert/cert_checker'
 require 'cert/signing_request'
 require 'cert/keychain_importer'
 
 require 'fastlane_core'
+require 'spaceship'
 
 module Cert
   # Use this to just setup the configuration attribute and set it later somewhere else

metadata

@@ -1,127 +1,127 @@
 --- !ruby/object:Gem::Specification
 name: cert
 version: !ruby/object:Gem::Version
-  version: 0.2.1
+  version: 0.3.0.beta1
 platform: ruby
 authors:
 - Felix Krause
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2015-05-22 00:00:00.000000000 Z
+date: 2015-07-08 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: fastlane_core
   requirement: !ruby/object:Gem::Requirement
     requirements:
-    - - '>='
+    - - ">="
       - !ruby/object:Gem::Version
-        version: 0.7.2
+        version: 0.9.1
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
-    - - '>='
+    - - ">="
       - !ruby/object:Gem::Version
-        version: 0.7.2
+        version: 0.9.1
+- !ruby/object:Gem::Dependency
+  name: spaceship
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: 0.0.10
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: 0.0.10
 - !ruby/object:Gem::Dependency
   name: bundler
   requirement: !ruby/object:Gem::Requirement
     requirements:
-    - - '>='
+    - - ">="
       - !ruby/object:Gem::Version
         version: '0'
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
-    - - '>='
+    - - ">="
       - !ruby/object:Gem::Version
         version: '0'
 - !ruby/object:Gem::Dependency
   name: rake
   requirement: !ruby/object:Gem::Requirement
     requirements:
-    - - '>='
+    - - ">="
       - !ruby/object:Gem::Version
         version: '0'
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
-    - - '>='
+    - - ">="
       - !ruby/object:Gem::Version
         version: '0'
 - !ruby/object:Gem::Dependency
   name: rspec
   requirement: !ruby/object:Gem::Requirement
     requirements:
-    - - ~>
+    - - "~>"
       - !ruby/object:Gem::Version
         version: 3.1.0
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
-    - - ~>
+    - - "~>"
       - !ruby/object:Gem::Version
         version: 3.1.0
 - !ruby/object:Gem::Dependency
   name: pry
   requirement: !ruby/object:Gem::Requirement
     requirements:
-    - - '>='
+    - - ">="
       - !ruby/object:Gem::Version
         version: '0'
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
-    - - '>='
+    - - ">="
       - !ruby/object:Gem::Version
         version: '0'
 - !ruby/object:Gem::Dependency
   name: yard
   requirement: !ruby/object:Gem::Requirement
     requirements:
-    - - ~>
+    - - "~>"
       - !ruby/object:Gem::Version
         version: 0.8.7.4
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
-    - - ~>
+    - - "~>"
       - !ruby/object:Gem::Version
         version: 0.8.7.4
 - !ruby/object:Gem::Dependency
   name: webmock
   requirement: !ruby/object:Gem::Requirement
     requirements:
-    - - ~>
+    - - "~>"
       - !ruby/object:Gem::Version
         version: 1.19.0
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
-    - - ~>
+    - - "~>"
       - !ruby/object:Gem::Version
         version: 1.19.0
-- !ruby/object:Gem::Dependency
-  name: codeclimate-test-reporter
-  requirement: !ruby/object:Gem::Requirement
-    requirements:
-    - - '>='
-      - !ruby/object:Gem::Version
-        version: '0'
-  type: :development
-  prerelease: false
-  version_requirements: !ruby/object:Gem::Requirement
-    requirements:
-    - - '>='
-      - !ruby/object:Gem::Version
-        version: '0'
 description: Create new iOS code signing certificates
 email:
 - cert@krausefx.com
@@ -134,10 +134,8 @@ files:
 - README.md
 - bin/cert
 - lib/cert.rb
-- lib/cert/cert_checker.rb
 - lib/cert/cert_runner.rb
 - lib/cert/dependency_checker.rb
-- lib/cert/developer_center.rb
 - lib/cert/keychain_importer.rb
 - lib/cert/options.rb
 - lib/cert/signing_request.rb
@@ -152,17 +150,17 @@ require_paths:
 - lib
 required_ruby_version: !ruby/object:Gem::Requirement
   requirements:
-  - - '>='
+  - - ">="
     - !ruby/object:Gem::Version
       version: 2.0.0
 required_rubygems_version: !ruby/object:Gem::Requirement
   requirements:
-  - - '>='
+  - - ">"
     - !ruby/object:Gem::Version
-      version: '0'
+      version: 1.3.1
 requirements: []
 rubyforge_project: 
-rubygems_version: 2.2.2
+rubygems_version: 2.4.6
 signing_key: 
 specification_version: 4
 summary: Create new iOS code signing certificates

data/lib/cert/cert_checker.rb

@@ -1,30 +0,0 @@
-module Cert
-  # This class checks if a specific certificate is installed on the current mac
-  class CertChecker
-    def self.is_installed?(path)
-      raise "Could not find file '#{path}'".red unless File.exists?(path)
-
-      ids = installed_identies
-      finger_print = sha1_fingerprint(path)
-
-      return ids.include?finger_print
-    end
-
-    def self.installed_identies
-      available = `security find-identity -v -p codesigning`
-      ids = []
-      available.split("\n").each do |current|
-        (ids << current.match(/.*\) (.*) \".*/)[1]) rescue nil # the last line does not match
-      end
-
-      return ids
-    end
-
-    def self.sha1_fingerprint(path)
-      result = `openssl x509 -in "#{path}" -inform der -noout -sha1 -fingerprint`
-      result = result.match(/SHA1 Fingerprint=(.*)/)[1]
-      result.gsub!(":", "")
-      return result
-    end
-  end
-end

data/lib/cert/developer_center.rb

@@ -1,194 +0,0 @@
-require 'fastlane_core/developer_center/developer_center'
-
-module Cert
-  class DeveloperCenter < FastlaneCore::DeveloperCenter
-    DISTRIBUTION = "Distribution"
-    DEVELOPMENT = "Development"
-
-    CERTS_URL = "https://developer.apple.com/account/ios/certificate/certificateList.action?type=distribution"
-    CERTS_URL_DEV = "https://developer.apple.com/account/ios/certificate/certificateList.action?type=development"
-    CREATE_CERT_URL = "https://developer.apple.com/account/ios/certificate/certificateCreate.action"
-
-    # This will check if there is at least one of the certificates already installed on the local machine
-    # This will store the resulting file name in ENV 'CER_FILE_PATH' and the Cert ID in 'CER_CERTIFICATE_ID'
-    def run
-      @type = (Cert.config[:development] ? DEVELOPMENT : DISTRIBUTION)
-      file = find_existing_cert
-      if file
-        # We don't need to do anything :)
-        ENV["CER_FILE_PATH"] = file
-      else
-        create_certificate
-      end
-    rescue => ex
-      error_occured(ex)
-    end
-
-    def find_existing_cert
-      if @type == DEVELOPMENT
-        visit CERTS_URL_DEV
-      else
-        visit CERTS_URL
-      end
-
-      # Download all available certs to check if they are installed using the SHA1 hash
-      certs = code_signing_certificate
-      certs.each do |current|
-        display_id = current['certificateId']
-        type_id = current['certificateTypeDisplayId']
-        url = "/account/ios/certificate/certificateContentDownload.action?displayId=#{display_id}&type=#{type_id}"
-
-        output = File.join(TMP_FOLDER, "#{display_id}-#{type_id}.cer")
-        download_url(url, output)
-        if Cert::CertChecker.is_installed?output
-          # We'll use this one, since it's installed on the local machine
-          ENV["CER_CERTIFICATE_ID"] = display_id
-          Helper.log.info "Found the certificate #{display_id}-#{type_id} which is installed on the local machine. Using this one.".green
-          return output
-        end
-      end
-
-      Helper.log.info "Couldn't find an existing certificate... creating a new one"
-      return false
-    rescue => ex
-      error_occured(ex)
-    end
-
-    # This will actually create a new certificate
-    def create_certificate
-      visit CREATE_CERT_URL
-      wait_for_elements("form[name='certificateSave']")
-
-      Helper.log.info "Creating a new code signing certificate"
-
-      # select certificate type
-      if @type == DEVELOPMENT
-        app_store_toggle = first("input#type-development")
-      else
-        app_store_toggle = first("input#type-iosNoOCSP") || first("input#type-iosOCSP")
-      end
-      
-      if !!app_store_toggle['disabled']
-        # Limit of certificates already reached
-        raise "Could not create another certificate, reached the maximum number of available certificates.".red
-      end
-
-      app_store_toggle.click
-
-      click_next # submit the certificate type
-      sleep 2
-      click_next # information about how to upload the file (no action required on this step)
-
-      cert_signing_request = Cert::SigningRequest.get_path
-      Helper.log.info "Uploading the cert signing request '#{cert_signing_request}'"
-
-      wait_for_elements("input[name='upload']").first.set cert_signing_request # upload the cert signing request
-      sleep 1
-      click_next
-
-      sleep 3
-
-      while all(:css, '.loadingMessage').count > 0
-        Helper.log.debug "Waiting for iTC to generate the profile"
-        sleep 2
-      end
-
-      Helper.log.info "Downloading newly generated certificate"
-      sleep 2
-
-      # Now download the certificate
-      download_button = wait_for_elements(".button.small.blue").first
-      url = download_button['href']
-
-      path = File.join(TMP_FOLDER, "certificate.cer")
-      download_url(url, path)
-
-      certificate_id = url.match(/.*displayId=(.*)&type.*/)[1]
-
-      ENV["CER_FILE_PATH"] = path
-      ENV["CER_CERTIFICATE_ID"] = certificate_id
-      Helper.log.info "Successfully downloaded latest .cer file to '#{path}' (#{certificate_id})".green
-
-      Cert::KeychainImporter::import_file(path)
-    rescue => ex
-      error_occured(ex)
-    end
-
-
-    private
-      def download_url(url, output_path)
-        host = Capybara.current_session.current_host
-        url = [host, url].join('')
-        Helper.log.info "Downloading URL: '#{url}'"
-
-        cookie_string = page.driver.cookies.collect { |key, cookie| "#{cookie.name}=#{cookie.value}" }.join(";")
-        data = open(url, {'Cookie' => cookie_string}).read
-
-        raise "Something went wrong when downloading the certificate" unless data
-
-        # write data to file
-        dataWritten = File.open(output_path, "wb") do |f|
-          f.write(data)
-        end
-
-        if dataWritten == 0
-          raise "Can't write to #{output_path}"
-        end
-      end
-
-      # Returns a hash, that contains information about the iOS certificate
-      # @example
-        # {"certRequestId"=>"B23Q2P396B",
-        # "name"=>"SunApps GmbH",
-        # "statusString"=>"Issued",
-        # "expirationDate"=>"2015-11-25T22:45:50Z",
-        # "expirationDateString"=>"Nov 25, 2015",
-        # "ownerType"=>"team",
-        # "ownerName"=>"SunApps GmbH",
-        # "ownerId"=>"....",
-        # "canDownload"=>true,
-        # "canRevoke"=>true,
-        # "certificateId"=>"....",
-        # "certificateStatusCode"=>0,
-        # "certRequestStatusCode"=>4,
-        # "certificateTypeDisplayId"=>"...",
-        # "serialNum"=>"....",
-        # "typeString"=>"iOS Distribution"},
-      def code_signing_certificate
-        if @type == DEVELOPMENT
-          visit CERTS_URL_DEV
-        else
-          visit CERTS_URL
-        end
-
-        certificateDataURL = wait_for_variable('certificateDataURL')
-        certificateRequestTypes = wait_for_variable('certificateRequestTypes')
-        certificateStatuses = wait_for_variable('certificateStatuses')
-
-        url = [certificateDataURL, certificateRequestTypes, certificateStatuses].join('')
-
-        # https://developer.apple.com/services-account/.../account/ios/certificate/listCertRequests.action?content-type=application/x-www-form-urlencoded&accept=application/json&requestId=...&userLocale=en_US&teamId=...&types=...&status=4&certificateStatus=0&type=distribution&pageSize=50&pageNumber=1&sort=name=asc
-
-        available = []
-
-        certTypeName = 'iOS Distribution'
-        certTypeName = 'iOS Development' if @type == DEVELOPMENT
-        certs = post_ajax(url, "{pageNumber: 1, pageSize: 500, sort: 'name%3dasc'}")['certRequests']
-
-        raise "Something went wrong with request to #{url}" unless certs
-        certs.each do |current_cert|
-          if current_cert['typeString'] == certTypeName and current_cert['canDownload']
-            # The other profiles are push profiles or ones we are not allowed to download
-            # We only care about the distribution profile that we can download
-            available << current_cert # mostly we only care about the 'certificateId'
-          end
-        end
-
-        return available
-      end
-
-      def click_next
-        wait_for_elements('.button.small.blue.right.submit').last.click
-      end
-  end
-end