passbook2 1.0.0

data/lib/passbook/signer.rb

@@ -0,0 +1,75 @@
+require 'openssl'
+require 'base64'
+
+module Passbook
+  class Signer
+    attr_accessor :certificate,
+                  :password,
+                  :rsa_private_key,
+                  :apple_intermediate_cert,
+                  :p12_cert
+    attr_reader :key_hash
+
+    def initialize(params = {})
+
+      # Path to your X509 cert. This is downloaded after generating
+      # a certificate from your apple Pass Type ID on apple's developer site
+      @certificate = params[:certificate] || Passbook.certificate
+
+      # Path to the .pem file generated from public key of the RSA keypair
+      # that was generated when you made a Certificate Signing Request
+      # It'll be in your keychain under the "Common Name" you specified
+      # for the signing request.
+      @rsa_private_key         = params[:rsa_private_key] || Passbook.rsa_private_key
+
+      # this should be the password that goes along with the rsa public key
+      @password    = params[:password] || Passbook.password
+
+      # "Apple Intermediate Certificate Worldwide Developer Relations" certificate
+      # downloaded from here <https://www.apple.com/certificateauthority/>
+      # Path to your Apple Intermediate Certificate Worldwide Developer Relations
+      # cert.
+      # downloaded from here https://www.apple.com/certificateauthority/
+      # download that .cer file (binary)
+      @apple_intermediate_cert   = params[:apple_intermediate_cert] || Passbook.apple_intermediate_cert
+      compute_cert
+    end
+
+    def sign(data)
+      apple_cert  = OpenSSL::X509::Certificate.new file_data(apple_intermediate_cert)
+      # In PKCS#7 SignedData, attached and detached formats are supported… In
+      # detached format, data that is signed is not embedded inside the
+      # SignedData package instead it is placed at some external location…
+
+      pk7   = OpenSSL::PKCS7.sign(
+        key_hash[:certificate],
+        key_hash[:rsa_private_key],
+        data.to_s,
+        [apple_cert],
+        OpenSSL::PKCS7::BINARY | OpenSSL::PKCS7::DETACHED
+      )
+      pk7_data  = OpenSSL::PKCS7.write_smime pk7
+
+      str_debut = "filename=\"smime.p7s\"\n\n"
+      pk7_data      = pk7_data[pk7_data.index(str_debut)+str_debut.length..pk7_data.length-1]
+      str_end   = "\n\n------"
+      pk7_data      = pk7_data[0..pk7_data.index(str_end)-1]
+
+      Base64.decode64(pk7_data)
+    end
+
+    def compute_cert
+      @key_hash = {
+        rsa_private_key: OpenSSL::PKey::RSA.new(file_data(rsa_private_key), password),
+        certificate: OpenSSL::X509::Certificate.new(file_data(certificate))
+      }
+    end
+
+    def file_data(data)
+      raise "file_data passed nil" if data.nil?
+      return data if data.is_a? String
+
+      data.respond_to?(:read) ? data.read : File.read(data)
+    end
+  end
+end

data/lib/passbook/version.rb

@@ -0,0 +1,3 @@
+module Passbook
+  VERSION = "1.0.0"
+end

data/lib/passbook2.rb

@@ -0,0 +1,21 @@
+require "passbook/version"
+require "passbook/pkpass"
+require "passbook/pk_multi_pass"
+require "passbook/signer"
+require 'active_support/core_ext/module/attribute_accessors'
+require 'passbook/push_notification'
+require 'grocer'
+
+module Passbook
+  mattr_accessor :certificate,
+                 :password,
+                 :apple_intermediate_cert,
+                 :rsa_private_key,
+                 :notification_cert,
+                 :notification_gateway,
+                 :notification_passphrase
+
+  def self.configure
+    yield self
+  end
+end

data/passbook.gemspec

@@ -0,0 +1,59 @@
+require_relative "lib/passbook/version"
+
+
+Gem::Specification.new do |s|
+  s.name = "passbook2"
+  s.version = Passbook::VERSION
+
+  s.required_rubygems_version = Gem::Requirement.new(">= 0") if s.respond_to? :required_rubygems_version=
+  s.require_paths = ["lib"]
+  s.authors = ["Thomas Lauro", "Lance Gleason", "Kay Rhodes"]
+  s.date = "2024-06-11"
+  s.description = "This gem allows you to create Apple Passbook files."
+  s.email = ["thomas@lauro.fr", "lgleason@polyglotprogramminginc.com", "masukomi@masukomi.org"]
+  s.extra_rdoc_files = [
+    "LICENSE",
+    "README.md"
+  ]
+  s.files = [
+    ".travis.yml",
+    "Gemfile",
+    "Gemfile.lock",
+    "LICENSE",
+    "README.md",
+    "Rakefile",
+    "VERSION",
+    "lib/passbook2.rb",
+    "lib/passbook/pk_multi_pass.rb",
+    "lib/passbook/pkpass.rb",
+    "lib/passbook/push_notification.rb",
+    "lib/passbook/signer.rb",
+    "lib/passbook/version.rb",
+    "passbook.gemspec",
+    "spec/data/icon.png",
+    "spec/data/icon@2x.png",
+    "spec/data/logo.png",
+    "spec/data/logo@2x.png",
+    "spec/lib/passbook/pk_multi_pass_spec.rb",
+    "spec/lib/passbook/pkpass_spec.rb",
+    "spec/lib/passbook/push_notification_spec.rb",
+    "spec/lib/passbook/signer_spec.rb",
+    "spec/spec_helper.rb"
+  ]
+  s.homepage = "https://github.com/masukomi/passbook2"
+  s.licenses = ["MIT"]
+  s.rubygems_version = "3.4.17"
+  s.summary = "An Apple Passbook file generator."
+
+  s.specification_version = 4
+
+  # runtime dependencies
+  s.add_dependency(%q<grocer>, [">= 0"])
+  s.add_dependency(%q<rubyzip>, [">= 1.0.0"])
+  s.add_dependency(%q<activesupport>.freeze, [">= 0"])
+
+  # development dependencies
+  s.add_development_dependency(%q<debug>, [">= 0"])
+  s.add_development_dependency(%q<rspec>, [">= 0"])
+  s.add_development_dependency(%q<yard>, [">= 0"])
+end

data/spec/lib/passbook/pk_multi_pass_spec.rb

@@ -0,0 +1,67 @@
+require 'spec_helper'
+require 'tmpdir'
+require 'zip'
+
+describe Passbook do
+  let(:content) do
+    {
+      formatVersion: 1,
+      passTypeIdentifier: 'pass.passbook.test',
+      serialNumber: '001',
+      teamIdentifier: ENV['APPLE_TEAM_ID'],
+      organizationName: 'WorldCo',
+      description: 'description',
+      eventTicket: {
+        primaryFields: [
+          {
+            key: 'date',
+            label: 'DATE',
+            value: 'date'
+          }
+        ]
+      }
+    }
+  end
+
+  let(:signer) { double 'signer' }
+  let(:pass) { Passbook::PKPass.new( content.to_json, signer) }
+  let(:base_path) { 'spec/data' }
+  let(:entries) { ['pass.json', 'manifest.json', 'signature', 'icon.png', 'icon@2x.png', 'logo.png', 'logo@2x.png'] }
+  let(:passes){ [pass, pass] }
+
+  before :each do
+    pass.add_files(
+      [
+        "#{base_path}/icon.png",
+        "#{base_path}/icon@2x.png",
+        "#{base_path}/logo.png",
+        "#{base_path}/logo@2x.png"
+      ]
+    )
+    allow(signer).to(receive(:sign).and_return('Signed by the Honey Badger'))
+  end
+
+  describe ".create_multi_pass" do
+    it "should create a file where specified" do
+      Dir.mktmpdir do |dir|
+        temp_file = Passbook::PKMultiPass.create_multipass(
+          passes,
+          File.join(dir, "foo.pkpasses")
+        )
+        expect(File.exist?(temp_file)).to(eq(true))
+      end
+    end
+
+    it "should contain 2 files", :aggregate_failures do
+      Dir.mktmpdir do |dir|
+        temp_file = Passbook::PKMultiPass.create_multipass(
+          passes,
+          File.join(dir, "foo.pkpasses")
+        )
+        entries = Zip::File.open(temp_file).entries
+        expect(entries.count).to(eq(2))
+        expect(entries.map(&:name)).to(match_array(["1.pkpass", "2.pkpass"]))
+      end
+    end
+  end
+end

data/spec/lib/passbook/pkpass_spec.rb

@@ -0,0 +1,169 @@
+require 'spec_helper'
+require 'tempfile'
+require 'tmpdir'
+
+describe Passbook do
+  let(:content) do
+    {
+      formatVersion: 1,
+      passTypeIdentifier: 'pass.passbook.test',
+      serialNumber: '001',
+      teamIdentifier: ENV['APPLE_TEAM_ID'],
+      relevantDate: '2012-10-02',
+      locations: [ # TODO
+        {
+          longitude: 2.35403,
+          latitude: 48.893855
+        }
+      ],
+      organizationName: 'WorldCo',
+      description: 'description',
+      foregroundColor: 'rgb(227,210,18)',
+      backgroundColor: 'rgb(60, 65, 76)',
+      logoText: 'Event',
+      eventTicket: {
+        primaryFields: [
+          {
+            key: 'date',
+            label: 'DATE',
+            value: 'date'
+          }
+        ],
+        backFields: [
+          {
+            key: 'description',
+            label: 'DESCRIPTION',
+            value: 'description'
+          },
+          {
+            key: 'aboutUs',
+            label: 'MORE',
+            value: 'about us'
+          }
+        ]
+      }
+    }
+  end
+
+  let(:signer) { double 'signer' }
+  let(:pass) { Passbook::PKPass.new content.to_json, signer }
+  let(:base_path) { 'spec/data' }
+  let(:entries) { ['pass.json', 'manifest.json', 'signature', 'icon.png', 'icon@2x.png', 'logo.png', 'logo@2x.png'] }
+
+  before :each do
+    allow(signer).to(receive(:sign).and_return('Signed by the Honey Badger'))
+  end
+  describe '#file' do
+    context 'when adding a file as File' do
+      before do
+        pass.add_file(File.new("#{base_path}/icon.png"))
+        pass.add_files(
+          [
+            "#{base_path}/icon@2x.png",
+            "#{base_path}/logo.png",
+            "#{base_path}/logo@2x.png"
+          ].map { |x| File.new(x) }
+        )
+      end
+
+      it 'should work with no options', :aggregate_failures do
+        temp_file = pass.file
+        expect(File.basename(temp_file.path)).to(eq('pass.pkpass'))
+        expect(File.dirname(temp_file)).to(eq(Dir.tmpdir))
+      end
+    end
+    context 'when adding files as strings' do
+      before do
+        pass.add_file("#{base_path}/icon.png")
+        pass.add_files(
+          [
+            "#{base_path}/icon@2x.png",
+            "#{base_path}/logo.png",
+            "#{base_path}/logo@2x.png"
+          ]
+        )
+      end
+
+      it 'should work with no options', :aggregate_failures do
+        temp_file = pass.file
+        expect(File.basename(temp_file.path)).to(eq('pass.pkpass'))
+        expect(File.dirname(temp_file)).to(eq(Dir.tmpdir))
+      end
+      it 'should honor the file_name specified' do
+        temp_file = pass.file(file_name: 'foo.pkpass')
+        expect(File.basename(temp_file)).to(eq('foo.pkpass'))
+      end
+
+      it 'should honor the directory specified as a string' do
+        Dir.mktmpdir do |dir| # dir is a String
+          temp_file = pass.file(directory: dir)
+          expect(File.dirname(temp_file)).to(eq(dir))
+        end
+      end
+
+      it 'should honor the directory specified as a Dir' do
+        Dir.mktmpdir do |dir|
+          temp_file = pass.file(directory: Dir.new(dir))
+          expect(File.dirname(temp_file)).to(eq(dir))
+        end
+      end
+      context 'outputs' do
+        before do
+          @file_entries = []
+          Zip::InputStream.open(zip_path) do |io|
+            while (entry = io.get_next_entry)
+              @file_entries << entry.name
+            end
+          end
+        end
+
+        context 'zip file' do
+          let(:zip_path) { pass.file.path }
+
+          it 'should have the expected files' do
+            expect(entries).to(eq(@file_entries))
+          end
+        end
+
+        context 'StringIO' do
+          let(:temp_file) { Tempfile.new('pass.pkpass') }
+          let(:zip_path) do
+            zip_out = pass.stream
+            expect(zip_out.class).to(eq(StringIO))
+            # creating file, re-reading zip to see if correctly formed
+            temp_file.write zip_out.string
+            temp_file.close
+            temp_file.path
+          end
+
+          it 'should contain the expected files' do
+            expect(entries).to(eq(@file_entries))
+          end
+
+          after do
+            temp_file.delete
+          end
+        end
+      end
+    end
+  end
+
+  # TODO: find a proper way to do this
+  context 'Error catcher' do
+    context 'formatVersion' do
+      let(:base_path) { 'spec/data' }
+
+      before :each do
+        pass.add_files ["#{base_path}/icon.png", "#{base_path}/icon@2x.png", "#{base_path}/logo.png",
+                       "#{base_path}/logo@2x.png"]
+        tpass = JSON.parse(pass.pass)
+        tpass['formatVersion'] = 'It should be a numeric'
+        pass.pass = tpass.to_json
+      end
+
+      it 'raise an error' do
+        expect { pass.build }.to raise_error('Format Version should be a numeric')
+      end
+    end
+  end
+end

data/spec/lib/passbook/push_notification_spec.rb

@@ -0,0 +1,23 @@
+require 'spec_helper'
+require 'grocer'
+
+describe Passbook::PushNotification  do
+
+  context 'send notification' do
+    let(:grocer_pusher) {double 'Grocer'}
+    let(:notification) {double 'Grocer::Notification'}
+    let(:notification_settings) {{:certificate => './notification_cert.pem', :gateway => 'honeybadger.apple.com', :passphrase => 'ah@rdvintAge'}}
+
+    before :each do
+      allow(Passbook).to(receive(:notification_cert).and_return('./notification_cert.pem'))
+      allow(Grocer::PassbookNotification).to(receive(:new).with(:device_token => 'my token').and_return(notification))
+      allow(grocer_pusher).to(receive(:push).with(notification).and_return(55))
+      allow(Grocer).to(receive(:pusher).with(notification_settings).and_return(grocer_pusher))
+      allow(Passbook).to(receive(:notification_gateway).and_return('honeybadger.apple.com'))
+      allow(Passbook).to(receive(:notification_passphrase).and_return('ah@rdvintAge'))
+    end
+
+    subject {Passbook::PushNotification.send_notification('my token')}
+    it {should eq 55}
+  end
+end

data/spec/lib/passbook/signer_spec.rb

@@ -0,0 +1,100 @@
+require 'spec_helper'
+
+describe 'Signer'  do
+  context 'signatures' do
+
+    context 'using default config info' do
+      before do
+        expect(Passbook).to(receive(:password).and_return 'password')
+        expect(Passbook).to(receive(:rsa_private_key).and_return 'my_rsa_key')
+        expect(Passbook).to(receive(:certificate).and_return 'my_X509_certificate')
+        expect(Passbook).to(
+          receive(:apple_intermediate_cert)
+            .and_return( 'apple_intermediate_cert_file')
+        )
+      end
+
+      context "getting the default config" do
+        context "ignoring signing" do
+          before do
+            # don't care if signing works yet. just dealing with defaults
+            allow_any_instance_of(Passbook::Signer).to(receive(:compute_cert))
+          end
+
+          let(:signer){
+            Passbook::Signer.new
+          }
+          it "should contain rsa_private_key" do
+            expect(signer.rsa_private_key).to(eq('my_rsa_key'))
+          end
+          it "should contain certificate" do
+            expect(signer.certificate).to(eq('my_X509_certificate'))
+          end
+          it "should contain apple_intermediate_cert" do
+            expect(signer.apple_intermediate_cert).to(eq('apple_intermediate_cert_file'))
+          end
+          it "should contain password" do
+            expect(signer.password).to(eq('password'))
+          end
+        end
+      end
+      context "computing cert" do
+        before do
+            expect(OpenSSL::PKey::RSA).to(
+              receive(:new)
+                .with('my_rsa_key', 'password')
+                .and_return 'my_rsa_key' # bogus example
+            )
+
+            expect(OpenSSL::X509::Certificate).to(
+                receive(:new)
+                .with('my_X509_certificate')
+                .and_return 'my_X509_data' # bogus example
+            )
+        end
+        context "signing" do
+          let(:signer){Passbook::Signer.new}
+
+          # this is just checking that
+          # the inputs and outputs of the cert things
+          # are all wired together correctly
+          it "should do the signing dance" do
+
+            # 2nd X509 cert loading...
+            expect(OpenSSL::X509::Certificate).to(
+                receive(:new)
+                .with('apple_intermediate_cert_file')
+                .and_return 'apples_X509_data' # bogus example
+            )
+
+            expect(OpenSSL::PKCS7).to(
+                receive(:sign)
+                  .with(
+                    'my_X509_data', # from above
+                    'my_rsa_key',   # also from above
+                    'passbook_sign_data', # the param to Signer#sign(...)
+                    ['apples_X509_data'],
+                    OpenSSL::PKCS7::BINARY | OpenSSL::PKCS7::DETACHED
+                  )
+                  .and_return('pk7') # bogus example
+              )
+            expect(OpenSSL::PKCS7).to(
+                receive(:write_smime)
+                  .with('pk7')
+                  .and_return("filename=\"smime.p7s\"\n\nsecret_pk7_stuff\n\n------")
+              )
+            expect(Base64).to(
+              receive(:decode64)
+                .with('secret_pk7_stuff') #from above
+            )
+
+            # and... kick it all off
+            signer.sign('passbook_sign_data')
+
+          end
+        end
+      end
+    end
+
+  end
+end

data/spec/spec_helper.rb

@@ -0,0 +1,8 @@
+require 'rubygems'
+require 'bundler'
+require 'json'
+require 'grocer'
+require 'debug'
+
+Dir['lib/passbook/**/*.rb'].each {|f| require File.join(File.dirname(__FILE__), '..', f.gsub(/.rb/, ''))}
+Dir['lib/rack/**/*.rb'].each {|f| require File.join(File.dirname(__FILE__), '..', f.gsub(/.rb/, ''))}

metadata

@@ -0,0 +1,156 @@
+--- !ruby/object:Gem::Specification
+name: passbook2
+version: !ruby/object:Gem::Version
+  version: 1.0.0
+platform: ruby
+authors:
+- Thomas Lauro
+- Lance Gleason
+- Kay Rhodes
+autorequire:
+bindir: bin
+cert_chain: []
+date: 2024-06-11 00:00:00.000000000 Z
+dependencies:
+- !ruby/object:Gem::Dependency
+  name: grocer
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+- !ruby/object:Gem::Dependency
+  name: rubyzip
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: 1.0.0
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: 1.0.0
+- !ruby/object:Gem::Dependency
+  name: activesupport
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+- !ruby/object:Gem::Dependency
+  name: debug
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+- !ruby/object:Gem::Dependency
+  name: rspec
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+- !ruby/object:Gem::Dependency
+  name: yard
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+description: This gem allows you to create Apple Passbook files.
+email:
+- thomas@lauro.fr
+- lgleason@polyglotprogramminginc.com
+- masukomi@masukomi.org
+executables: []
+extensions: []
+extra_rdoc_files:
+- LICENSE
+- README.md
+files:
+- ".travis.yml"
+- Gemfile
+- Gemfile.lock
+- LICENSE
+- README.md
+- Rakefile
+- VERSION
+- lib/passbook/pk_multi_pass.rb
+- lib/passbook/pkpass.rb
+- lib/passbook/push_notification.rb
+- lib/passbook/signer.rb
+- lib/passbook/version.rb
+- lib/passbook2.rb
+- passbook.gemspec
+- spec/data/icon.png
+- spec/data/icon@2x.png
+- spec/data/logo.png
+- spec/data/logo@2x.png
+- spec/lib/passbook/pk_multi_pass_spec.rb
+- spec/lib/passbook/pkpass_spec.rb
+- spec/lib/passbook/push_notification_spec.rb
+- spec/lib/passbook/signer_spec.rb
+- spec/spec_helper.rb
+homepage: https://github.com/masukomi/passbook2
+licenses:
+- MIT
+metadata: {}
+post_install_message:
+rdoc_options: []
+require_paths:
+- lib
+required_ruby_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - ">="
+    - !ruby/object:Gem::Version
+      version: '0'
+required_rubygems_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - ">="
+    - !ruby/object:Gem::Version
+      version: '0'
+requirements: []
+rubygems_version: 3.4.20
+signing_key:
+specification_version: 4
+summary: An Apple Passbook file generator.
+test_files: []