From e318e784446921af84537d071cf0023680cc66b0 Mon Sep 17 00:00:00 2001
From: Kyle Spearrin <kyle.spearrin@gmail.com>
Date: Tue, 1 Oct 2019 20:15:05 -0400
Subject: [PATCH] clean out desktop safari app signing

---
 gulpfile.js                   | 96 -----------------------------------
 package.json                  |  6 +--
 resources/safari.entitlements | 14 -----
 scripts/after-sign.js         | 13 -----
 4 files changed, 2 insertions(+), 127 deletions(-)
 delete mode 100644 resources/safari.entitlements

diff --git a/gulpfile.js b/gulpfile.js
index dcbbdd0f05..497ac1c378 100644
--- a/gulpfile.js
+++ b/gulpfile.js
@@ -2,7 +2,6 @@ const gulp = require('gulp');
 const googleWebFonts = require('gulp-google-webfonts');
 const del = require('del');
 const fs = require('fs');
-const child = require('child_process');
 
 const paths = {
     cssDir: './src/css/',
@@ -37,104 +36,9 @@ function fixSweetAlert(cb) {
     cb();
 }
 
-function pkgMas(cb) {
-    const appPath = paths.dist + 'mas/Bitwarden.app';
-    const pkgPath = paths.dist + 'mas/Bitwarden-mas.pkg';
-    const pkgSignedPath = paths.dist + 'mas/Bitwarden-mas-signed.pkg';
-
-    return del([paths.dist + 'mas/Bitwarden*.pkg'])
-        .then(() => {
-            return signMas(cb);
-        }).then(() => {
-            const proc = child.spawn('productbuild', [
-                '--component',
-                appPath,
-                '/Applications',
-                pkgPath]);
-            stdOutProc(proc);
-            return new Promise((resolve) => proc.on('close', resolve));
-        }).then(() => {
-            const proc = child.spawn('productsign', [
-                '--sign',
-                '3rd Party Mac Developer Installer: 8bit Solutions LLC',
-                pkgPath,
-                pkgSignedPath]);
-            stdOutProc(proc);
-            return new Promise((resolve) => proc.on('close', resolve));
-        }).then(() => {
-            return cb;
-        }, () => {
-            return cb;
-        });
-}
-
-function signMas(cb) {
-    return signApp(cb, 'mas');
-}
-
-function signMac(cb) {
-    return signApp(cb, 'mac');
-}
-
-function signApp(cb, dir) {
-    const appPath = paths.dist + dir + '/Bitwarden.app';
-    const safariAppexPath = appPath + '/Contents/PlugIns/safari.appex';
-    const safariAppexFrameworkPath = safariAppexPath + '/Contents/Frameworks/';
-    const safariEntitlementsPath = paths.resources + 'safari.entitlements';
-    const appEntitlementsPath = paths.resources + 'entitlements.' + dir + '.plist';
-
-    const libs = fs.readdirSync(safariAppexFrameworkPath).filter((p) => p.endsWith('.dylib'))
-        .map((p) => safariAppexFrameworkPath + p);
-    const libPromises = [];
-    var args = dir === 'mas' ?
-        [
-            '--verbose',
-            '--force',
-            '--sign',
-            '3rd Party Mac Developer Application: 8bit Solutions LLC',
-            '--entitlements'
-        ] :
-        [
-            '--verbose',
-            '--force',
-            '-o',
-            'runtime',
-            '--sign',
-            'Developer ID Application: 8bit Solutions LLC',
-            '--entitlements'
-        ];
-    libs.forEach((i) => {
-        const proc = child.spawn('codesign', args.concat([safariEntitlementsPath, i]));
-        stdOutProc(proc);
-        libPromises.push(new Promise((resolve) => proc.on('close', resolve)));
-        libPromises.push(new Promise((resolve) => setTimeout(() => resolve(), 10000)));
-    });
-    return Promise.all(libPromises).then(() => {
-        const proc = child.spawn('codesign', args.concat([safariEntitlementsPath, safariAppexPath]));
-        stdOutProc(proc);
-        return new Promise((resolve) => proc.on('close', resolve));
-    }).then(() => {
-        const proc = child.spawn('codesign', args.concat([appEntitlementsPath, appPath]));
-        stdOutProc(proc);
-        return new Promise((resolve) => proc.on('close', resolve));
-    }).then(() => {
-        return cb;
-    }, () => {
-        return cb;
-    });
-}
-
-function stdOutProc(proc) {
-    proc.stdout.on('data', (data) => console.log(data.toString()));
-    proc.stderr.on('data', (data) => console.error(data.toString()));
-}
-
 exports.clean = clean;
 exports.cleanupAotIssue = cleanupAotIssue;
 exports.webfonts = gulp.series(clean, webfonts);
 exports['prebuild:renderer'] = gulp.parallel(webfonts, cleanupAotIssue);
 exports.fixSweetAlert = fixSweetAlert;
-exports.pkgMas = pkgMas;
-exports.signMas = signMas;
-exports.signMac = signMac;
 exports.postinstall = fixSweetAlert;
diff --git a/package.json b/package.json
index 57945363c5..d0c0b3f287 100644
--- a/package.json
+++ b/package.json
@@ -35,14 +35,12 @@
     "clean:l10n": "git push origin --delete l10n_master",
     "pack:lin": "npm run clean:dist && electron-builder --linux --x64 -p never",
     "pack:mac": "npm run clean:dist && electron-builder --mac -p never",
-    "pack:mac:mas": "npm run clean:dist && electron-builder --mac mas -p never",
-    "pack:mac:masdev": "npm run clean:dist && electron-builder --mac mas-dev -p never",
+    "pack:mac:mas": "npm run clean:dist && electron-builder --mac mas mas-dev -p never",
     "pack:win": "npm run clean:dist && electron-builder --win --x64 --ia32 -p never -c.win.certificateSubjectName=\"8bit Solutions LLC\"",
     "pack:win:ci": "npm run clean:dist && electron-builder --win --x64 --ia32 -p never",
     "dist:lin": "npm run build && npm run pack:lin",
     "dist:mac": "npm run build && npm run pack:mac",
-    "dist:mac:mas": "npm run build && npm run pack:mac:mas && gulp pkgMas",
-    "dist:mac:masdev": "npm run build && npm run pack:mac:masdev",
+    "dist:mac:mas": "npm run build && npm run pack:mac:mas",
     "dist:win": "npm run build && npm run pack:win",
     "dist:win:ci": "npm run build && npm run pack:win:ci",
     "publish:lin": "npm run build && npm run clean:dist && electron-builder --linux --x64 -p always",
diff --git a/resources/safari.entitlements b/resources/safari.entitlements
deleted file mode 100644
index 85c03d7b48..0000000000
--- a/resources/safari.entitlements
+++ /dev/null
@@ -1,14 +0,0 @@
-<?xml version="1.0" encoding="UTF-8"?>
-<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
-<plist version="1.0">
-<dict>
-	<key>com.apple.security.app-sandbox</key>
-	<true/>
-	<key>com.apple.security.files.user-selected.read-write</key>
-	<true/>
-	<key>com.apple.security.network.client</key>
-	<true/>
-	<key>com.apple.security.network.server</key>
-	<true/>
-</dict>
-</plist>
diff --git a/scripts/after-sign.js b/scripts/after-sign.js
index 1cee5b01c2..79b504c70e 100644
--- a/scripts/after-sign.js
+++ b/scripts/after-sign.js
@@ -1,6 +1,5 @@
 require('dotenv').config();
 const { notarize } = require('electron-notarize');
-const child = require('child_process');
 
 exports.default = run;
 
@@ -14,13 +13,6 @@ async function run(context) {
     const macBuild = context.electronPlatformName === 'darwin';
 
     if (macBuild) {
-        /*
-        console.log('### Sign App w/ Safari Extension');
-        const proc = child.spawn('gulp', ['signMac']);
-        stdOutProc(proc);
-        await new Promise((resolve) => proc.on('close', resolve));
-        */
-
         console.log('### Notarizing ' + appPath);
         return await notarize({
             appBundleId: 'com.bitwarden.desktop',
@@ -30,8 +22,3 @@ async function run(context) {
         });
     }
 }
-
-function stdOutProc(proc) {
-    proc.stdout.on('data', (data) => console.log(data.toString()));
-    proc.stderr.on('data', (data) => console.error(data.toString()));
-}