HI-VPN/hi-client
4
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

feat: 增加ios支付&ui修改

Browse Source
This commit is contained in:
speakeloudest 2025-12-09 05:51:32 -08:00
parent dc5a5fc78a
commit ca913eb38f
12 changed files with 463 additions and 365 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

63
ios/Podfile.lock Executable file → Normal file
View File

@ -16,9 +16,6 @@ PODS:
- flutter_udid (0.0.1):
- Flutter
- SAMKeychain
- in_app_purchase_storekit (0.0.1):
- Flutter
- FlutterMacOS
- OrderedSet (6.0.3)
- package_info_plus (0.4.5):
- Flutter
@ -31,6 +28,42 @@ PODS:
- SAMKeychain (1.5.3)
- share_plus (0.0.1):
- Flutter
- Stripe (23.27.6):
- StripeApplePay (= 23.27.6)
- StripeCore (= 23.27.6)
- StripePayments (= 23.27.6)
- StripePaymentsUI (= 23.27.6)
- StripeUICore (= 23.27.6)
- stripe_ios (0.0.1):
- Flutter
- Stripe (~> 23.27.0)
- StripeApplePay (~> 23.27.0)
- StripeFinancialConnections (~> 23.27.0)
- StripePayments (~> 23.27.0)
- StripePaymentSheet (~> 23.27.0)
- StripePaymentsUI (~> 23.27.0)
- StripeApplePay (23.27.6):
- StripeCore (= 23.27.6)
- StripeCore (23.27.6)
- StripeFinancialConnections (23.27.6):
- StripeCore (= 23.27.6)
- StripeUICore (= 23.27.6)
- StripePayments (23.27.6):
- StripeCore (= 23.27.6)
- StripePayments/Stripe3DS2 (= 23.27.6)
- StripePayments/Stripe3DS2 (23.27.6):
- StripeCore (= 23.27.6)
- StripePaymentSheet (23.27.6):
- StripeApplePay (= 23.27.6)
- StripeCore (= 23.27.6)
- StripePayments (= 23.27.6)
- StripePaymentsUI (= 23.27.6)
- StripePaymentsUI (23.27.6):
- StripeCore (= 23.27.6)
- StripePayments (= 23.27.6)
- StripeUICore (= 23.27.6)
- StripeUICore (23.27.6):
- StripeCore (= 23.27.6)
- url_launcher_ios (0.0.1):
- Flutter
- webview_flutter_wkwebview (0.0.1):
@ -44,11 +77,11 @@ DEPENDENCIES:
- Flutter (from `Flutter`)
- flutter_inappwebview_ios (from `.symlinks/plugins/flutter_inappwebview_ios/ios`)
- flutter_udid (from `.symlinks/plugins/flutter_udid/ios`)
- in_app_purchase_storekit (from `.symlinks/plugins/in_app_purchase_storekit/darwin`)
- package_info_plus (from `.symlinks/plugins/package_info_plus/ios`)
- path_provider_foundation (from `.symlinks/plugins/path_provider_foundation/darwin`)
- permission_handler_apple (from `.symlinks/plugins/permission_handler_apple/ios`)
- share_plus (from `.symlinks/plugins/share_plus/ios`)
- stripe_ios (from `.symlinks/plugins/stripe_ios/ios`)
- url_launcher_ios (from `.symlinks/plugins/url_launcher_ios/ios`)
- webview_flutter_wkwebview (from `.symlinks/plugins/webview_flutter_wkwebview/darwin`)
@ -58,6 +91,14 @@ SPEC REPOS:
- OrderedSet
- ReachabilitySwift
- SAMKeychain
- Stripe
- StripeApplePay
- StripeCore
- StripeFinancialConnections
- StripePayments
- StripePaymentSheet
- StripePaymentsUI
- StripeUICore
EXTERNAL SOURCES:
connectivity_plus:
@ -70,8 +111,6 @@ EXTERNAL SOURCES:
:path: ".symlinks/plugins/flutter_inappwebview_ios/ios"
flutter_udid:
:path: ".symlinks/plugins/flutter_udid/ios"
in_app_purchase_storekit:
:path: ".symlinks/plugins/in_app_purchase_storekit/darwin"
package_info_plus:
:path: ".symlinks/plugins/package_info_plus/ios"
path_provider_foundation:
@ -80,6 +119,8 @@ EXTERNAL SOURCES:
:path: ".symlinks/plugins/permission_handler_apple/ios"
share_plus:
:path: ".symlinks/plugins/share_plus/ios"
stripe_ios:
:path: ".symlinks/plugins/stripe_ios/ios"
url_launcher_ios:
:path: ".symlinks/plugins/url_launcher_ios/ios"
webview_flutter_wkwebview:
@ -92,7 +133,6 @@ SPEC CHECKSUMS:
Flutter: e0871f40cf51350855a761d2e70bf5af5b9b5de7
flutter_inappwebview_ios: 6f63631e2c62a7c350263b13fa5427aedefe81d4
flutter_udid: b2417673f287ee62817a1de3d1643f47b9f508ab
in_app_purchase_storekit: a1ce04056e23eecc666b086040239da7619cd783
OrderedSet: e539b66b644ff081c73a262d24ad552a69be3a94
package_info_plus: c0502532a26c7662a62a356cebe2692ec5fe4ec4
path_provider_foundation: 2b6b4c569c0fb62ec74538f866245ac84301af46
@ -100,6 +140,15 @@ SPEC CHECKSUMS:
ReachabilitySwift: 32793e867593cfc1177f5d16491e3a197d2fccda
SAMKeychain: 483e1c9f32984d50ca961e26818a534283b4cd5c
share_plus: c3fef564749587fc939ef86ffb283ceac0baf9f5
Stripe: 9fec845645e39f371e6898926d096fd9c2feb5a5
stripe_ios: 03c617acee72e48a2d055d096a4b0ed2afebb256
StripeApplePay: 5f017e8dfe259fafbab70137776189deef754bb2
StripeCore: 01ec57f0dddfe742054dc6a322f811426c25313d
StripeFinancialConnections: 56698cb6274bf89fb8c76b934f6156f368e97765
StripePayments: 6adf11faf1b7038e77aa97019410305c6adca79d
StripePaymentSheet: 3eaf870c4388e44b0cc37e4c69d00b6957fd8bd7
StripePaymentsUI: 59ccddeacad592b09fa67e8d641340820ddb4751
StripeUICore: 879bbf5889265db13f52fac8aad7a176ba62481f
url_launcher_ios: 5334b05cef931de560670eeae103fd3e431ac3fe
webview_flutter_wkwebview: a4af96a051138e28e29f60101d094683b9f82188

17
ios/Runner/AppDelegate.swift
View File

@ -1,7 +1,7 @@
import UIKit
import Flutter
import Libcore
import PassKit
@main
@objc class AppDelegate: FlutterAppDelegate {
@ -12,9 +12,22 @@ import Libcore
setupFileManager()
registerHandlers()
GeneratedPluginRegistrant.register(with: self)
// Apple Pay
debugApplePaySupport()
return super.application(application, didFinishLaunchingWithOptions: launchOptions)
}
func debugApplePaySupport() {
// 使 Apple Pay
let canPay = PKPaymentAuthorizationController.canMakePayments()
print("💳 Can make payments: \(canPay)")
// 使
let canPayWithNetworks = PKPaymentAuthorizationController.canMakePayments(
usingNetworks: [.visa, .masterCard, .amex]
)
print("💳 Can pay with Visa/Master/Amex: \(canPayWithNetworks)")
}
func setupFileManager() {
try? FileManager.default.createDirectory(at: FilePath.workingDirectory, withIntermediateDirectories: true)
FileManager.default.changeCurrentDirectoryPath(FilePath.sharedDirectory.path)

4
ios/Runner/Runner.entitlements
View File

@ -4,6 +4,10 @@
<dict>
<key>aps-environment</key>
<string>development</string>
<key>com.apple.developer.in-app-payments</key>
<array>
<string>merchant.com.taw.hifastvpn</string>
</array>
<key>com.apple.developer.networking.networkextension</key>
<array>
<string>packet-tunnel-provider</string>

4
ios/Runner/RunnerRelease.entitlements
View File

@ -4,6 +4,10 @@
<dict>
<key>aps-environment</key>
<string>development</string>
<key>com.apple.developer.in-app-payments</key>
<array>
<string>merchant.com.taw.hifastvpn</string>
</array>
<key>com.apple.developer.networking.networkextension</key>
<array>
<string>packet-tunnel-provider</string>

46
lib/app/modules/kr_purchase_membership/controllers/kr_purchase_membership_controller.dart
View File

@ -842,17 +842,47 @@ class KRPurchaseMembershipController extends GetxController {
print(' Stripe Client Secret: ${checkoutResponse.stripe?.clientSecret}');
print('💳 显示 Stripe 支付表单...');
print('═══════════════════════════════════════');
await Stripe.instance.initPaymentSheet(
paymentSheetParameters: SetupPaymentSheetParameters(
// Stripe SDK main() publishableKey
paymentIntentClientSecret: checkoutResponse.stripe?.clientSecret,
merchantDisplayName: 'Hi快VPN',
// customerId ephemeralKeySecret
final clientSecret = checkoutResponse.stripe?.clientSecret;
if (clientSecret == null || clientSecret.isEmpty) {
KRCommonUtil.kr_showToast('缺少支付凭证,请稍后重试');
return;
}
// iOS 使 Apple Pay
if (!Platform.isIOS) {
KRCommonUtil.kr_showToast('Apple Pay 仅在 iOS 可用');
return;
}
print('Platform: ${Platform.operatingSystem} ${Platform.operatingSystemVersion}');
print('Merchant identifier: ${Stripe.merchantIdentifier}');
// Platform PayApple Pay
final supported = await Stripe.instance.isPlatformPaySupported();
if (!supported) {
KRCommonUtil.kr_showToast('当前设备或 Wallet 不支持 Apple Pay请确认已添加可用卡');
return;
}
// 2.
final params = PlatformPayConfirmParams.applePay(
applePay: ApplePayParams(
merchantCountryCode: 'US',
currencyCode: 'USD',
cartItems: [
ApplePayCartSummaryItem.immediate(
label: 'Hi快VPN 服务',
amount: kr_getPlanPrice(
kr_plans[kr_selectedPlanIndex.value],
).toStringAsFixed(2),
),
],
),
);
// B.
await Stripe.instance.presentPaymentSheet();
// 🚀 3. Apple Pay
await Stripe.instance.confirmPlatformPayPaymentIntent(
clientSecret: clientSecret,
confirmParams: params,
);
// C.
print('✅ Stripe 支付成功!');

4
lib/main.dart
View File

@ -49,10 +49,12 @@ void main() async {
KRLogUtil.kr_init();
Stripe.publishableKey = 'pk_live_51SbuYxAawOMH8rEEkz6f4mnxAUjGC72eQ6qdm5tT6whC4hULkxxdbiPsB4gSCIMnNIGCsIgeASTXBakUcbOuUwQO00jSWjuufx';
Stripe.merchantIdentifier = 'merchant.com.taw.hifastvpn';
await Stripe.instance.applySettings();
// Hive
await KRSecureStorage().kr_initHive();
//
await KRThemeService().init();

7
macos/Podfile.lock
View File

@ -11,6 +11,9 @@ PODS:
- FlutterMacOS
- SAMKeychain
- FlutterMacOS (1.0.0)
- in_app_purchase_storekit (0.0.1):
- Flutter
- FlutterMacOS
- OrderedSet (6.0.3)
- package_info_plus (0.0.1):
- FlutterMacOS
@ -39,6 +42,7 @@ DEPENDENCIES:
- flutter_inappwebview_macos (from `Flutter/ephemeral/.symlinks/plugins/flutter_inappwebview_macos/macos`)
- flutter_udid (from `Flutter/ephemeral/.symlinks/plugins/flutter_udid/macos`)
- FlutterMacOS (from `Flutter/ephemeral`)
- in_app_purchase_storekit (from `Flutter/ephemeral/.symlinks/plugins/in_app_purchase_storekit/darwin`)
- package_info_plus (from `Flutter/ephemeral/.symlinks/plugins/package_info_plus/macos`)
- path_provider_foundation (from `Flutter/ephemeral/.symlinks/plugins/path_provider_foundation/darwin`)
- screen_retriever_macos (from `Flutter/ephemeral/.symlinks/plugins/screen_retriever_macos/macos`)
@ -65,6 +69,8 @@ EXTERNAL SOURCES:
:path: Flutter/ephemeral/.symlinks/plugins/flutter_udid/macos
FlutterMacOS:
:path: Flutter/ephemeral
in_app_purchase_storekit:
:path: Flutter/ephemeral/.symlinks/plugins/in_app_purchase_storekit/darwin
package_info_plus:
:path: Flutter/ephemeral/.symlinks/plugins/package_info_plus/macos
path_provider_foundation:
@ -88,6 +94,7 @@ SPEC CHECKSUMS:
flutter_inappwebview_macos: bdf207b8f4ebd58e86ae06cd96b147de99a67c9b
flutter_udid: 2e7b3da4b5fdfba86a396b97898f5fe8f4ec1a52
FlutterMacOS: 8f6f14fa908a6fb3fba0cd85dbd81ec4b251fb24
in_app_purchase_storekit: a1ce04056e23eecc666b086040239da7619cd783
OrderedSet: e539b66b644ff081c73a262d24ad552a69be3a94
package_info_plus: 12f1c5c2cfe8727ca46cbd0b26677728972d9a5b
path_provider_foundation: 2b6b4c569c0fb62ec74538f866245ac84301af46

111
macos/Runner.xcodeproj/project.pbxproj Executable file → Normal file
View File

@ -21,6 +21,7 @@
/* End PBXAggregateTarget section */
/* Begin PBXBuildFile section */
1B50E024F09C0847B322E7A5 /* Pods_Runner.framework in Frameworks */ = {isa = PBXBuildFile; fileRef = 89F6149C36E7AFE5A3ABB11E /* Pods_Runner.framework */; };
27D5969F2A92B6AB00E2BE2B /* libcore.dylib in Bundle Framework */ = {isa = PBXBuildFile; fileRef = 27D5969E2A92B6AB00E2BE2B /* libcore.dylib */; settings = {ATTRIBUTES = (CodeSignOnCopy, ); }; };
331C80D8294CF71000263BE5 /* RunnerTests.swift in Sources */ = {isa = PBXBuildFile; fileRef = 331C80D7294CF71000263BE5 /* RunnerTests.swift */; };
335BBD1B22A9A15E00E9071D /* GeneratedPluginRegistrant.swift in Sources */ = {isa = PBXBuildFile; fileRef = 335BBD1A22A9A15E00E9071D /* GeneratedPluginRegistrant.swift */; };
@ -28,8 +29,7 @@
33CC10F32044A3C60003C045 /* Assets.xcassets in Resources */ = {isa = PBXBuildFile; fileRef = 33CC10F22044A3C60003C045 /* Assets.xcassets */; };
33CC10F62044A3C60003C045 /* MainMenu.xib in Resources */ = {isa = PBXBuildFile; fileRef = 33CC10F42044A3C60003C045 /* MainMenu.xib */; };
33CC11132044BFA00003C045 /* MainFlutterWindow.swift in Sources */ = {isa = PBXBuildFile; fileRef = 33CC11122044BFA00003C045 /* MainFlutterWindow.swift */; };
C2CEC907B854CCA50E3CB29E /* Pods_RunnerTests.framework in Frameworks */ = {isa = PBXBuildFile; fileRef = 7774D5331C4F7054E7047DF2 /* Pods_RunnerTests.framework */; };
FEE8413B259D2FDED8BE933A /* Pods_Runner.framework in Frameworks */ = {isa = PBXBuildFile; fileRef = 1A1027315C9B3E3F83410A09 /* Pods_Runner.framework */; };
735847C11F818DB2659EAEBB /* Pods_RunnerTests.framework in Frameworks */ = {isa = PBXBuildFile; fileRef = CC0A1864A66B0EBDB3650093 /* Pods_RunnerTests.framework */; };
/* End PBXBuildFile section */
/* Begin PBXContainerItemProxy section */
@ -64,8 +64,7 @@
/* End PBXCopyFilesBuildPhase section */
/* Begin PBXFileReference section */
1A1027315C9B3E3F83410A09 /* Pods_Runner.framework */ = {isa = PBXFileReference; explicitFileType = wrapper.framework; includeInIndex = 0; path = Pods_Runner.framework; sourceTree = BUILT_PRODUCTS_DIR; };
1C05D6984C93FE0E5C9038D0 /* Pods-RunnerTests.release.xcconfig */ = {isa = PBXFileReference; includeInIndex = 1; lastKnownFileType = text.xcconfig; name = "Pods-RunnerTests.release.xcconfig"; path = "Target Support Files/Pods-RunnerTests/Pods-RunnerTests.release.xcconfig"; sourceTree = "<group>"; };
0E9F7018ADFB388D1A0119C2 /* Pods-Runner.profile.xcconfig */ = {isa = PBXFileReference; includeInIndex = 1; lastKnownFileType = text.xcconfig; name = "Pods-Runner.profile.xcconfig"; path = "Target Support Files/Pods-Runner/Pods-Runner.profile.xcconfig"; sourceTree = "<group>"; };
27D5969E2A92B6AB00E2BE2B /* libcore.dylib */ = {isa = PBXFileReference; lastKnownFileType = "compiled.mach-o.dylib"; name = libcore.dylib; path = ../libcore/bin/libcore.dylib; sourceTree = "<group>"; };
331C80D5294CF71000263BE5 /* RunnerTests.xctest */ = {isa = PBXFileReference; explicitFileType = wrapper.cfbundle; includeInIndex = 0; path = RunnerTests.xctest; sourceTree = BUILT_PRODUCTS_DIR; };
331C80D7294CF71000263BE5 /* RunnerTests.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = RunnerTests.swift; sourceTree = "<group>"; };
@ -83,14 +82,15 @@
33E51913231747F40026EE4D /* DebugProfile.entitlements */ = {isa = PBXFileReference; lastKnownFileType = text.plist.entitlements; path = DebugProfile.entitlements; sourceTree = "<group>"; };
33E51914231749380026EE4D /* Release.entitlements */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = text.plist.entitlements; path = Release.entitlements; sourceTree = "<group>"; };
33E5194F232828860026EE4D /* AppInfo.xcconfig */ = {isa = PBXFileReference; lastKnownFileType = text.xcconfig; path = AppInfo.xcconfig; sourceTree = "<group>"; };
3E235443DDCB73D48BD2341C /* Pods-Runner.debug.xcconfig */ = {isa = PBXFileReference; includeInIndex = 1; lastKnownFileType = text.xcconfig; name = "Pods-Runner.debug.xcconfig"; path = "Target Support Files/Pods-Runner/Pods-Runner.debug.xcconfig"; sourceTree = "<group>"; };
49CD96905E177C4420930499 /* Pods-Runner.profile.xcconfig */ = {isa = PBXFileReference; includeInIndex = 1; lastKnownFileType = text.xcconfig; name = "Pods-Runner.profile.xcconfig"; path = "Target Support Files/Pods-Runner/Pods-Runner.profile.xcconfig"; sourceTree = "<group>"; };
7774D5331C4F7054E7047DF2 /* Pods_RunnerTests.framework */ = {isa = PBXFileReference; explicitFileType = wrapper.framework; includeInIndex = 0; path = Pods_RunnerTests.framework; sourceTree = BUILT_PRODUCTS_DIR; };
5204411A9795E11DF5FEF8FA /* Pods-RunnerTests.profile.xcconfig */ = {isa = PBXFileReference; includeInIndex = 1; lastKnownFileType = text.xcconfig; name = "Pods-RunnerTests.profile.xcconfig"; path = "Target Support Files/Pods-RunnerTests/Pods-RunnerTests.profile.xcconfig"; sourceTree = "<group>"; };
7AFA3C8E1D35360C0083082E /* Release.xcconfig */ = {isa = PBXFileReference; lastKnownFileType = text.xcconfig; path = Release.xcconfig; sourceTree = "<group>"; };
7C0B4F177A93E89661E9B0CB /* Pods-RunnerTests.debug.xcconfig */ = {isa = PBXFileReference; includeInIndex = 1; lastKnownFileType = text.xcconfig; name = "Pods-RunnerTests.debug.xcconfig"; path = "Target Support Files/Pods-RunnerTests/Pods-RunnerTests.debug.xcconfig"; sourceTree = "<group>"; };
7C48389468CADEF5153B6C38 /* Pods-RunnerTests.release.xcconfig */ = {isa = PBXFileReference; includeInIndex = 1; lastKnownFileType = text.xcconfig; name = "Pods-RunnerTests.release.xcconfig"; path = "Target Support Files/Pods-RunnerTests/Pods-RunnerTests.release.xcconfig"; sourceTree = "<group>"; };
89F6149C36E7AFE5A3ABB11E /* Pods_Runner.framework */ = {isa = PBXFileReference; explicitFileType = wrapper.framework; includeInIndex = 0; path = Pods_Runner.framework; sourceTree = BUILT_PRODUCTS_DIR; };
9740EEB21CF90195004384FC /* Debug.xcconfig */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = text.xcconfig; path = Debug.xcconfig; sourceTree = "<group>"; };
D96FD811DCD14FAF8EC1F071 /* Pods-RunnerTests.profile.xcconfig */ = {isa = PBXFileReference; includeInIndex = 1; lastKnownFileType = text.xcconfig; name = "Pods-RunnerTests.profile.xcconfig"; path = "Target Support Files/Pods-RunnerTests/Pods-RunnerTests.profile.xcconfig"; sourceTree = "<group>"; };
DBFB795F5E72237D66B9D391 /* Pods-Runner.release.xcconfig */ = {isa = PBXFileReference; includeInIndex = 1; lastKnownFileType = text.xcconfig; name = "Pods-Runner.release.xcconfig"; path = "Target Support Files/Pods-Runner/Pods-Runner.release.xcconfig"; sourceTree = "<group>"; };
AD61A6C2536BCECF39E38B5A /* Pods-Runner.debug.xcconfig */ = {isa = PBXFileReference; includeInIndex = 1; lastKnownFileType = text.xcconfig; name = "Pods-Runner.debug.xcconfig"; path = "Target Support Files/Pods-Runner/Pods-Runner.debug.xcconfig"; sourceTree = "<group>"; };
CC0A1864A66B0EBDB3650093 /* Pods_RunnerTests.framework */ = {isa = PBXFileReference; explicitFileType = wrapper.framework; includeInIndex = 0; path = Pods_RunnerTests.framework; sourceTree = BUILT_PRODUCTS_DIR; };
CF623D4C3CE0EB191363F491 /* Pods-Runner.release.xcconfig */ = {isa = PBXFileReference; includeInIndex = 1; lastKnownFileType = text.xcconfig; name = "Pods-Runner.release.xcconfig"; path = "Target Support Files/Pods-Runner/Pods-Runner.release.xcconfig"; sourceTree = "<group>"; };
E21A6DACEC73D25BDC109FA6 /* Pods-RunnerTests.debug.xcconfig */ = {isa = PBXFileReference; includeInIndex = 1; lastKnownFileType = text.xcconfig; name = "Pods-RunnerTests.debug.xcconfig"; path = "Target Support Files/Pods-RunnerTests/Pods-RunnerTests.debug.xcconfig"; sourceTree = "<group>"; };
/* End PBXFileReference section */
/* Begin PBXFrameworksBuildPhase section */
@ -98,7 +98,7 @@
isa = PBXFrameworksBuildPhase;
buildActionMask = 2147483647;
files = (
C2CEC907B854CCA50E3CB29E /* Pods_RunnerTests.framework in Frameworks */,
735847C11F818DB2659EAEBB /* Pods_RunnerTests.framework in Frameworks */,
);
runOnlyForDeploymentPostprocessing = 0;
};
@ -106,7 +106,7 @@
isa = PBXFrameworksBuildPhase;
buildActionMask = 2147483647;
files = (
FEE8413B259D2FDED8BE933A /* Pods_Runner.framework in Frameworks */,
1B50E024F09C0847B322E7A5 /* Pods_Runner.framework in Frameworks */,
);
runOnlyForDeploymentPostprocessing = 0;
};
@ -116,12 +116,12 @@
0B357514C188DFB6739B421A /* Pods */ = {
isa = PBXGroup;
children = (
3E235443DDCB73D48BD2341C /* Pods-Runner.debug.xcconfig */,
DBFB795F5E72237D66B9D391 /* Pods-Runner.release.xcconfig */,
49CD96905E177C4420930499 /* Pods-Runner.profile.xcconfig */,
7C0B4F177A93E89661E9B0CB /* Pods-RunnerTests.debug.xcconfig */,
1C05D6984C93FE0E5C9038D0 /* Pods-RunnerTests.release.xcconfig */,
D96FD811DCD14FAF8EC1F071 /* Pods-RunnerTests.profile.xcconfig */,
AD61A6C2536BCECF39E38B5A /* Pods-Runner.debug.xcconfig */,
CF623D4C3CE0EB191363F491 /* Pods-Runner.release.xcconfig */,
0E9F7018ADFB388D1A0119C2 /* Pods-Runner.profile.xcconfig */,
E21A6DACEC73D25BDC109FA6 /* Pods-RunnerTests.debug.xcconfig */,
7C48389468CADEF5153B6C38 /* Pods-RunnerTests.release.xcconfig */,
5204411A9795E11DF5FEF8FA /* Pods-RunnerTests.profile.xcconfig */,
);
path = Pods;
sourceTree = "<group>";
@ -153,8 +153,8 @@
33CEB47122A05771004F2AC0 /* Flutter */,
331C80D6294CF71000263BE5 /* RunnerTests */,
33CC10EE2044A3C60003C045 /* Products */,
D73912EC22F37F3D000D13A0 /* Frameworks */,
0B357514C188DFB6739B421A /* Pods */,
E047C3A4031E4DE5BC5E27C2 /* Frameworks */,
);
sourceTree = "<group>";
};
@ -202,11 +202,11 @@
path = Runner;
sourceTree = "<group>";
};
D73912EC22F37F3D000D13A0 /* Frameworks */ = {
E047C3A4031E4DE5BC5E27C2 /* Frameworks */ = {
isa = PBXGroup;
children = (
1A1027315C9B3E3F83410A09 /* Pods_Runner.framework */,
7774D5331C4F7054E7047DF2 /* Pods_RunnerTests.framework */,
89F6149C36E7AFE5A3ABB11E /* Pods_Runner.framework */,
CC0A1864A66B0EBDB3650093 /* Pods_RunnerTests.framework */,
);
name = Frameworks;
sourceTree = "<group>";
@ -218,7 +218,7 @@
isa = PBXNativeTarget;
buildConfigurationList = 331C80DE294CF71000263BE5 /* Build configuration list for PBXNativeTarget "RunnerTests" */;
buildPhases = (
33C54E5BCA15F9B3C8DDCCD2 /* [CP] Check Pods Manifest.lock */,
4F52B9FF0CECBBDA5E76144D /* [CP] Check Pods Manifest.lock */,
331C80D1294CF70F00263BE5 /* Sources */,
331C80D2294CF70F00263BE5 /* Frameworks */,
331C80D3294CF70F00263BE5 /* Resources */,
@ -237,13 +237,13 @@
isa = PBXNativeTarget;
buildConfigurationList = 33CC10FB2044A3C60003C045 /* Build configuration list for PBXNativeTarget "Runner" */;
buildPhases = (
40CB9C5051F17943B75EF3A9 /* [CP] Check Pods Manifest.lock */,
7E02E54BFA9F182BD91FA4B4 /* [CP] Check Pods Manifest.lock */,
33CC10E92044A3C60003C045 /* Sources */,
33CC10EA2044A3C60003C045 /* Frameworks */,
33CC10EB2044A3C60003C045 /* Resources */,
33CC110E2044A8840003C045 /* Bundle Framework */,
3399D490228B24CF009A79C7 /* ShellScript */,
DDB714AFDEF721265C0C3AF7 /* [CP] Embed Pods Frameworks */,
B6717AA3293389E8D76FAF29 /* [CP] Embed Pods Frameworks */,
);
buildRules = (
);
@ -342,7 +342,27 @@
shellPath = /bin/sh;
shellScript = "echo \"$PRODUCT_NAME.app\" > \"$PROJECT_DIR\"/Flutter/ephemeral/.app_filename && \"$FLUTTER_ROOT\"/packages/flutter_tools/bin/macos_assemble.sh embed\n";
};
33C54E5BCA15F9B3C8DDCCD2 /* [CP] Check Pods Manifest.lock */ = {
33CC111E2044C6BF0003C045 /* ShellScript */ = {
isa = PBXShellScriptBuildPhase;
buildActionMask = 2147483647;
files = (
);
inputFileListPaths = (
Flutter/ephemeral/FlutterInputs.xcfilelist,
);
inputPaths = (
Flutter/ephemeral/tripwire,
);
outputFileListPaths = (
Flutter/ephemeral/FlutterOutputs.xcfilelist,
);
outputPaths = (
);
runOnlyForDeploymentPostprocessing = 0;
shellPath = /bin/sh;
shellScript = "\"$FLUTTER_ROOT\"/packages/flutter_tools/bin/macos_assemble.sh && touch Flutter/ephemeral/tripwire";
};
4F52B9FF0CECBBDA5E76144D /* [CP] Check Pods Manifest.lock */ = {
isa = PBXShellScriptBuildPhase;
buildActionMask = 2147483647;
files = (
@ -364,27 +384,7 @@
shellScript = "diff \"${PODS_PODFILE_DIR_PATH}/Podfile.lock\" \"${PODS_ROOT}/Manifest.lock\" > /dev/null\nif [ $? != 0 ] ; then\n # print error to STDERR\n echo \"error: The sandbox is not in sync with the Podfile.lock. Run 'pod install' or update your CocoaPods installation.\" >&2\n exit 1\nfi\n# This output is used by Xcode 'outputs' to avoid re-running this script phase.\necho \"SUCCESS\" > \"${SCRIPT_OUTPUT_FILE_0}\"\n";
showEnvVarsInLog = 0;
};
33CC111E2044C6BF0003C045 /* ShellScript */ = {
isa = PBXShellScriptBuildPhase;
buildActionMask = 2147483647;
files = (
);
inputFileListPaths = (
Flutter/ephemeral/FlutterInputs.xcfilelist,
);
inputPaths = (
Flutter/ephemeral/tripwire,
);
outputFileListPaths = (
Flutter/ephemeral/FlutterOutputs.xcfilelist,
);
outputPaths = (
);
runOnlyForDeploymentPostprocessing = 0;
shellPath = /bin/sh;
shellScript = "\"$FLUTTER_ROOT\"/packages/flutter_tools/bin/macos_assemble.sh && touch Flutter/ephemeral/tripwire";
};
40CB9C5051F17943B75EF3A9 /* [CP] Check Pods Manifest.lock */ = {
7E02E54BFA9F182BD91FA4B4 /* [CP] Check Pods Manifest.lock */ = {
isa = PBXShellScriptBuildPhase;
buildActionMask = 2147483647;
files = (
@ -406,7 +406,7 @@
shellScript = "diff \"${PODS_PODFILE_DIR_PATH}/Podfile.lock\" \"${PODS_ROOT}/Manifest.lock\" > /dev/null\nif [ $? != 0 ] ; then\n # print error to STDERR\n echo \"error: The sandbox is not in sync with the Podfile.lock. Run 'pod install' or update your CocoaPods installation.\" >&2\n exit 1\nfi\n# This output is used by Xcode 'outputs' to avoid re-running this script phase.\necho \"SUCCESS\" > \"${SCRIPT_OUTPUT_FILE_0}\"\n";
showEnvVarsInLog = 0;
};
DDB714AFDEF721265C0C3AF7 /* [CP] Embed Pods Frameworks */ = {
B6717AA3293389E8D76FAF29 /* [CP] Embed Pods Frameworks */ = {
isa = PBXShellScriptBuildPhase;
buildActionMask = 2147483647;
files = (
@ -474,7 +474,7 @@
/* Begin XCBuildConfiguration section */
331C80DB294CF71000263BE5 /* Debug */ = {
isa = XCBuildConfiguration;
baseConfigurationReference = 7C0B4F177A93E89661E9B0CB /* Pods-RunnerTests.debug.xcconfig */;
baseConfigurationReference = E21A6DACEC73D25BDC109FA6 /* Pods-RunnerTests.debug.xcconfig */;
buildSettings = {
BUNDLE_LOADER = "$(TEST_HOST)";
CURRENT_PROJECT_VERSION = 1;
@ -489,7 +489,7 @@
};
331C80DC294CF71000263BE5 /* Release */ = {
isa = XCBuildConfiguration;
baseConfigurationReference = 1C05D6984C93FE0E5C9038D0 /* Pods-RunnerTests.release.xcconfig */;
baseConfigurationReference = 7C48389468CADEF5153B6C38 /* Pods-RunnerTests.release.xcconfig */;
buildSettings = {
BUNDLE_LOADER = "$(TEST_HOST)";
CURRENT_PROJECT_VERSION = 1;
@ -504,7 +504,7 @@
};
331C80DD294CF71000263BE5 /* Profile */ = {
isa = XCBuildConfiguration;
baseConfigurationReference = D96FD811DCD14FAF8EC1F071 /* Pods-RunnerTests.profile.xcconfig */;
baseConfigurationReference = 5204411A9795E11DF5FEF8FA /* Pods-RunnerTests.profile.xcconfig */;
buildSettings = {
BUNDLE_LOADER = "$(TEST_HOST)";
CURRENT_PROJECT_VERSION = 1;
@ -571,7 +571,7 @@
CLANG_ENABLE_MODULES = YES;
CODE_SIGN_ENTITLEMENTS = Runner/DebugProfile.entitlements;
CODE_SIGN_IDENTITY = "Apple Development";
"CODE_SIGN_IDENTITY[sdk=macosx*]" = "Apple Distribution";
"CODE_SIGN_IDENTITY[sdk=macosx*]" = "Developer ID Application";
CODE_SIGN_STYLE = Manual;
COMBINE_HIDPI_IMAGES = YES;
DEVELOPMENT_TEAM = "";
@ -586,6 +586,7 @@
MACOSX_DEPLOYMENT_TARGET = 10.15;
PRODUCT_BUNDLE_IDENTIFIER = com.taw.hifastvpn.mac;
PROVISIONING_PROFILE_SPECIFIER = "";
"PROVISIONING_PROFILE_SPECIFIER[sdk=macosx*]" = "HiFastVPN-Mac-Pord";
SWIFT_VERSION = 5.0;
};
name = Profile;
@ -705,7 +706,7 @@
CLANG_ENABLE_MODULES = YES;
CODE_SIGN_ENTITLEMENTS = Runner/DebugProfile.entitlements;
CODE_SIGN_IDENTITY = "Apple Development";
"CODE_SIGN_IDENTITY[sdk=macosx*]" = "Apple Distribution";
"CODE_SIGN_IDENTITY[sdk=macosx*]" = "Developer ID Application";
CODE_SIGN_STYLE = Manual;
COMBINE_HIDPI_IMAGES = YES;
DEVELOPMENT_TEAM = "";
@ -720,6 +721,7 @@
MACOSX_DEPLOYMENT_TARGET = 10.15;
PRODUCT_BUNDLE_IDENTIFIER = com.taw.hifastvpn.mac;
PROVISIONING_PROFILE_SPECIFIER = "";
"PROVISIONING_PROFILE_SPECIFIER[sdk=macosx*]" = "HiFastVPN-Mac-Pord";
SWIFT_OPTIMIZATION_LEVEL = "-Onone";
SWIFT_VERSION = 5.0;
};
@ -733,7 +735,7 @@
CLANG_ENABLE_MODULES = YES;
CODE_SIGN_ENTITLEMENTS = Runner/Release.entitlements;
CODE_SIGN_IDENTITY = "Apple Development";
"CODE_SIGN_IDENTITY[sdk=macosx*]" = "Apple Distribution";
"CODE_SIGN_IDENTITY[sdk=macosx*]" = "Developer ID Application";
CODE_SIGN_STYLE = Manual;
COMBINE_HIDPI_IMAGES = YES;
DEVELOPMENT_TEAM = "";
@ -748,6 +750,7 @@
MACOSX_DEPLOYMENT_TARGET = 10.15;
PRODUCT_BUNDLE_IDENTIFIER = com.taw.hifastvpn.mac;
PROVISIONING_PROFILE_SPECIFIER = "";
"PROVISIONING_PROFILE_SPECIFIER[sdk=macosx*]" = "HiFastVPN-Mac-Pord";
SWIFT_VERSION = 5.0;
};
name = Release;

4
macos/Runner/DebugProfile.entitlements
View File

@ -2,8 +2,6 @@
<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
<plist version="1.0">
<dict>
<key>com.apple.developer.networking.networkextension</key>
<array/>
<key>com.apple.security.app-sandbox</key>
<false/>
<key>com.apple.security.application-groups</key>
@ -13,6 +11,6 @@
<key>com.apple.security.network.client</key>
<true/>
<key>com.apple.security.network.server</key>
<true/>
<true/>ß
</dict>
</plist>

64
macos/Runner/Info.plist
View File

@ -2,40 +2,78 @@
<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
<plist version="1.0">
<dict>
<!-- Bundle 标识符配置 -->
<key>CFBundleIdentifier</key>
<string>$(PRODUCT_BUNDLE_IDENTIFIER)</string>
<!-- 应用基本信息 -->
<key>CFBundleDevelopmentRegion</key>
<string>$(DEVELOPMENT_LANGUAGE)</string>
<key>CFBundleDisplayName</key>
<string>HiFastVPN</string>
<key>CFBundleName</key>
<string>HiFastVPN</string>
<key>CFBundleExecutable</key>
<string>$(EXECUTABLE_NAME)</string>
<key>CFBundleIconFile</key>
<string></string>
<key>CFBundleIdentifier</key>
<string>$(PRODUCT_BUNDLE_IDENTIFIER)</string>
<string>AppIcon</string>
<key>CFBundleInfoDictionaryVersion</key>
<string>6.0</string>
<key>CFBundleName</key>
<string>$(PRODUCT_NAME)</string>
<key>CFBundlePackageType</key>
<string>APPL</string>
<!-- 版本信息 -->
<key>CFBundleShortVersionString</key>
<string>$(FLUTTER_BUILD_NAME)</string>
<key>CFBundleVersion</key>
<string>$(FLUTTER_BUILD_NUMBER)</string>
<!-- 系统要求 -->
<key>LSMinimumSystemVersion</key>
<string>$(MACOSX_DEPLOYMENT_TARGET)</string>
<!-- 应用类型配置 -->
<key>NSPrincipalClass</key>
<string>NSApplication</string>
<key>NSMainNibFile</key>
<string>MainMenu</string>
<!-- 高分辨率支持 -->
<key>NSHighResolutionCapable</key>
<true/>
<!-- 支持 Apple Silicon -->
<key>LSArchitecturePriority</key>
<array>
<string>arm64</string>
<string>x86_64</string>
</array>
<!-- 网络配置 -->
<key>NSAppTransportSecurity</key>
<dict>
<key>NSAllowsArbitraryLoads</key>
<true/>
</dict>
<!-- 隐私权限声明 -->
<key>NSAppleEventsUsageDescription</key>
<string>需要访问系统事件以管理窗口</string>
<key>NSHumanReadableCopyright</key>
<string>$(PRODUCT_COPYRIGHT)</string>
<key>NSMainNibFile</key>
<string>MainMenu</string>
<key>NSPrincipalClass</key>
<string>NSApplication</string>
<string>HiFastVPN needs access to system events to manage windows and system proxy settings.</string>
<key>NSUserNotificationUsageDescription</key>
<string>需要发送通知以提醒用户</string>
<string>HiFastVPN needs permission to send notifications about VPN connection status.</string>
<key>NSSystemAdministrationUsageDescription</key>
<string>HiFastVPN needs administrator privileges to configure system proxy settings.</string>
<!-- 版权信息 -->
<key>NSHumanReadableCopyright</key>
<string>Copyright © 2024 HiFastVPN. All rights reserved.</string>
<!-- 应用分类 (Mac App Store) -->
<key>LSApplicationCategoryType</key>
<string>public.app-category.utilities</string>
<!-- 允许从任何来源打开 (开发阶段) -->
<key>LSUIElement</key>
<false/>
</dict>
</plist>

23
macos/Runner/Release.entitlements
View File

@ -2,17 +2,28 @@
<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
<plist version="1.0">
<dict>
<key>com.apple.developer.networking.networkextension</key>
<array/>
<!-- 禁用沙盒 (VPN/代理应用需要系统级网络访问) -->
<key>com.apple.security.app-sandbox</key>
<false/>
<key>com.apple.security.application-groups</key>
<array>
<string>$(TeamIdentifierPrefix)</string>
</array>
<!-- 网络权限 -->
<key>com.apple.security.network.client</key>
<true/>
<key>com.apple.security.network.server</key>
<true/>
<!-- Hardened Runtime 例外 (FFI/动态库加载必需) -->
<key>com.apple.security.cs.allow-unsigned-executable-memory</key>
<true/>
<key>com.apple.security.cs.disable-library-validation</key>
<true/>
<key>com.apple.security.cs.allow-dyld-environment-variables</key>
<true/>
<key>com.apple.security.cs.allow-jit</key>
<true/>
<!-- 文件访问 -->
<key>com.apple.security.files.user-selected.read-write</key>
<true/>
</dict>
</plist>

481
sign_and_notarize.sh
View File

@ -1,294 +1,233 @@
#!/bin/bash
# BearVPN macOS 签名、公证和打包脚本
# 作者: AI Assistant
# 日期: $(date)
set -e
# 配置变量
APP_NAME="BearVPN"
APP_VERSION="1.0.0"
DMG_NAME="${APP_NAME}-${APP_VERSION}-macOS-Signed"
APP_PATH="build/macos/Build/Products/Release/${APP_NAME}.app"
DMG_PATH="build/macos/Build/Products/Release/${DMG_NAME}.dmg"
# ╔═══════════════════════════════════════════════════════════════════════════╗
# ║ HiFastVPN macOS 签名和公证脚本 ║
# ║ ║
# ║ 使用方法: ║
# ║ 1. 修改下面的配置变量 ║
# ║ 2. chmod +x sign_and_notarize.sh ║
# ║ 3. ./sign_and_notarize.sh ║
# ╚═══════════════════════════════════════════════════════════════════════════╝
# 签名配置
DEVELOPER_ID="Developer ID Application: Civil Rights Corps (3UR892FAP3)"
TEAM_ID="3UR892FAP3"
APPLE_ID="kieran@newlifeephrata.us"
APPLE_PASSWORD="Asd112211@"
# ======================== 配置变量(请修改这里)========================
SIGNING_IDENTITY="Developer ID Application: TAW TRADERS SDN. BHD. (NJRRF427XB)"
APPLE_ID="speakeloudest@gmail.com"
APP_PASSWORD="lvry-umfn-pqgz-lnwk" # App-specific password
TEAM_ID="NJRRF427XB"
# 颜色输出
RED='\033[0;31m'
GREEN='\033[0;32m'
YELLOW='\033[1;33m'
BLUE='\033[0;34m'
NC='\033[0m' # No Color
# 路径配置
SCRIPT_DIR="$(cd "$(dirname "$0")" && pwd)"
PROJECT_DIR="$(dirname "$SCRIPT_DIR")"
APP_PATH="${PROJECT_DIR}/hi-client/build/macos/Build/Products/Release/HiFastVPN.app"
ENTITLEMENTS="${PROJECT_DIR}/hi-client/macos/Runner/Release.entitlements"
OUTPUT_DIR="${PROJECT_DIR}/dist"
# =====================================================================
# 日志函数
log_info() {
echo -e "${BLUE}[INFO]${NC} $1"
}
echo "╔═══════════════════════════════════════════════════════════════════╗"
echo "║ HiFastVPN macOS 签名和公证脚本 ║"
echo "╚═══════════════════════════════════════════════════════════════════╝"
echo ""
echo "📁 项目目录: ${PROJECT_DIR}"
echo "📦 应用路径: ${APP_PATH}"
echo "📄 Entitlements: ${ENTITLEMENTS}"
echo ""
log_success() {
echo -e "${GREEN}[SUCCESS]${NC} $1"
}
# 检查 .app 是否存在
if [ ! -d "${APP_PATH}" ]; then
echo "❌ 错误: ${APP_PATH} 不存在"
echo "请先运行: flutter build macos --release"
exit 1
fi
log_warning() {
echo -e "${YELLOW}[WARNING]${NC} $1"
}
# 检查 entitlements 是否存在
if [ ! -f "${ENTITLEMENTS}" ]; then
echo "❌ 错误: ${ENTITLEMENTS} 不存在"
exit 1
fi
log_error() {
echo -e "${RED}[ERROR]${NC} $1"
}
# 创建输出目录
mkdir -p "${OUTPUT_DIR}"
# 检查证书
check_certificates() {
log_info "检查开发者证书..."
# 检查证书是否存在
if ! security find-certificate -a -c "Civil Rights Corps" > /dev/null 2>&1; then
log_error "未找到 Developer ID Application 证书"
log_info "请确保已安装有效的开发者证书"
exit 1
# ======================== Step 1: 清理 ========================
echo ""
echo "🧹 Step 1: 清理多余文件..."
# 删除 .DS_Store
find "${APP_PATH}" -name ".DS_Store" -delete 2>/dev/null || true
find "${APP_PATH}" -name "*.bak" -delete 2>/dev/null || true
# 删除 Headers 目录和符号链接
find "${APP_PATH}/Contents/Frameworks" -type l -name "Headers" -delete 2>/dev/null || true
find "${APP_PATH}/Contents/Frameworks" -type d -name "Headers" -exec rm -rf {} + 2>/dev/null || true
# 删除 Modules 目录
find "${APP_PATH}/Contents/Frameworks" -type d -name "Modules" -exec rm -rf {} + 2>/dev/null || true
# 删除 PrivateHeaders
find "${APP_PATH}/Contents/Frameworks" -name "PrivateHeaders" -exec rm -rf {} + 2>/dev/null || true
echo " ✅ 清理完成"
# ======================== Step 2: 移除现有签名 ========================
echo ""
echo "🗑️ Step 2: 移除现有签名..."
# 移除所有签名(忽略错误)
find "${APP_PATH}" -name "*.dylib" -exec codesign --remove-signature {} \; 2>/dev/null || true
find "${APP_PATH}" -name "*.framework" -exec codesign --remove-signature {} \; 2>/dev/null || true
codesign --remove-signature "${APP_PATH}" 2>/dev/null || true
echo " ✅ 移除签名完成"
# ======================== Step 3: 签名 dylib 文件 ========================
echo ""
echo "🔐 Step 3: 签名 dylib 文件..."
find "${APP_PATH}" -name "*.dylib" -print0 | while IFS= read -r -d '' dylib; do
echo "$(basename "$dylib")"
codesign --force --sign "${SIGNING_IDENTITY}" \
--options runtime \
--timestamp \
"$dylib"
done
echo " ✅ dylib 签名完成"
# ======================== Step 4: 签名 Framework ========================
echo ""
echo "🔐 Step 4: 签名 Framework..."
# 签名所有 framework使用 --deep 确保内部资源被正确处理)
for fw in "${APP_PATH}"/Contents/Frameworks/*.framework; do
if [ -d "$fw" ]; then
fw_name=$(basename "$fw")
echo "${fw_name}"
# 使用 --deep 签名 framework这样会自动处理内部的资源
codesign --force --sign "${SIGNING_IDENTITY}" \
--options runtime \
--timestamp \
"$fw"
fi
log_success "找到 Developer ID Application 证书"
}
done
# 清理旧文件
cleanup() {
log_info "清理旧的构建文件..."
rm -rf build/macos/Build/Products/Release/*
log_success "清理完成"
}
echo " ✅ Framework 签名完成"
# 构建应用
build_app() {
log_info "开始构建 macOS 应用..."
flutter build macos --release
if [ ! -d "$APP_PATH" ]; then
log_error "应用构建失败"
exit 1
fi
log_success "应用构建完成"
}
# ======================== Step 5: 签名主应用 ========================
echo ""
echo "🔐 Step 5: 签名主应用..."
# 签名应用
sign_app() {
log_info "开始签名应用..."
# 签名应用
codesign --force --deep --sign "$DEVELOPER_ID" "$APP_PATH"
if [ $? -eq 0 ]; then
log_success "应用签名成功"
else
log_error "应用签名失败"
exit 1
fi
# 验证签名
log_info "验证应用签名..."
codesign --verify --verbose "$APP_PATH"
if [ $? -eq 0 ]; then
log_success "应用签名验证通过"
else
log_error "应用签名验证失败"
exit 1
fi
}
codesign --force --sign "${SIGNING_IDENTITY}" \
--options runtime \
--entitlements "${ENTITLEMENTS}" \
--timestamp \
"${APP_PATH}"
# 创建 DMG
create_dmg() {
log_info "开始创建 DMG 文件..."
# 使用 create-dmg 创建 DMG
create-dmg \
--volname "$APP_NAME" \
--volicon "macos/Runner/Assets.xcassets/AppIcon.appiconset/icon-256@2x.png" \
--window-pos 200 120 \
--window-size 600 400 \
--icon-size 100 \
--icon "$APP_NAME.app" 175 190 \
--hide-extension "$APP_NAME.app" \
--app-drop-link 425 190 \
--no-internet-enable \
"$DMG_PATH" \
"$APP_PATH"
if [ $? -eq 0 ]; then
log_success "DMG 文件创建成功: $DMG_PATH"
else
log_error "DMG 文件创建失败"
exit 1
fi
}
echo " ✅ 主应用签名完成"
# ======================== Step 6: 验证签名 ========================
echo ""
echo "✅ Step 6: 验证签名..."
if codesign --verify --deep --strict --verbose=2 "${APP_PATH}" 2>&1; then
echo " ✅ 签名验证通过!"
else
echo " ❌ 签名验证失败!"
echo ""
echo "详细错误信息:"
codesign --verify --deep --strict --verbose=4 "${APP_PATH}" 2>&1
exit 1
fi
# ======================== Step 7: 创建 ZIP ========================
echo ""
echo "📦 Step 7: 创建 ZIP..."
ZIP_PATH="${OUTPUT_DIR}/HiFastVPN.zip"
rm -f "${ZIP_PATH}"
ditto -c -k --keepParent "${APP_PATH}" "${ZIP_PATH}"
echo " ✅ ZIP 创建完成: ${ZIP_PATH}"
# ======================== Step 8: 公证 ========================
echo ""
echo "📤 Step 8: 提交公证..."
echo " (这可能需要几分钟时间...)"
xcrun notarytool submit "${ZIP_PATH}" \
--apple-id "${APPLE_ID}" \
--password "${APP_PASSWORD}" \
--team-id "${TEAM_ID}" \
--wait
echo " ✅ 公证完成"
# ======================== Step 9: Staple ========================
echo ""
echo "📎 Step 9: Staple..."
xcrun stapler staple "${APP_PATH}"
echo " ✅ Staple 完成"
# ======================== Step 10: 最终验证 ========================
echo ""
echo "🔍 Step 10: 最终验证..."
echo ""
echo "--- codesign --verify ---"
codesign --verify --deep --strict "${APP_PATH}" && echo "✅ codesign 验证通过"
echo ""
echo "--- xcrun stapler validate ---"
xcrun stapler validate "${APP_PATH}"
echo ""
echo "--- spctl -a -t execute ---"
spctl -a -t execute -vv "${APP_PATH}"
# ======================== Step 11: 创建 DMG ========================
echo ""
echo "💿 Step 11: 创建 DMG..."
DMG_PATH="${OUTPUT_DIR}/HiFastVPN.dmg"
rm -f "${DMG_PATH}"
# 使用 hdiutil 创建简单的 DMG
hdiutil create -volname "HiFastVPN" -srcfolder "${APP_PATH}" -ov -format UDZO "${DMG_PATH}"
# 签名 DMG
sign_dmg() {
log_info "开始签名 DMG 文件..."
# 签名 DMG
codesign --force --sign "$DEVELOPER_ID" "$DMG_PATH"
if [ $? -eq 0 ]; then
log_success "DMG 签名成功"
else
log_error "DMG 签名失败"
exit 1
fi
# 验证 DMG 签名
log_info "验证 DMG 签名..."
codesign --verify --verbose "$DMG_PATH"
if [ $? -eq 0 ]; then
log_success "DMG 签名验证通过"
else
log_error "DMG 签名验证失败"
exit 1
fi
}
# 公证应用
notarize_app() {
log_info "开始公证应用..."
# 创建 ZIP 文件用于公证
ZIP_PATH="build/macos/Build/Products/Release/${APP_NAME}-${APP_VERSION}.zip"
ditto -c -k --keepParent "$APP_PATH" "$ZIP_PATH"
log_info "上传应用进行公证..."
log_warning "请确保您已生成应用专用密码:"
log_warning "1. 访问 https://appleid.apple.com"
log_warning "2. 登录您的 Apple ID"
log_warning "3. 在'安全'部分生成应用专用密码"
log_warning "4. 使用该密码进行公证"
# 上传进行公证
xcrun notarytool submit "$ZIP_PATH" \
--apple-id "$APPLE_ID" \
--team-id "$TEAM_ID" \
--wait
if [ $? -eq 0 ]; then
log_success "应用公证成功"
# 装订公证票据
log_info "装订公证票据到应用..."
xcrun stapler staple "$APP_PATH"
if [ $? -eq 0 ]; then
log_success "公证票据装订成功"
else
log_warning "公证票据装订失败,但应用已公证"
fi
else
log_error "应用公证失败"
log_info "请检查 Apple ID 和应用专用密码是否正确"
exit 1
fi
# 清理 ZIP 文件
rm -f "$ZIP_PATH"
}
# echo " 签名 DMG..."
# codesign --force --sign "${SIGNING_IDENTITY}" --timestamp "${DMG_PATH}"
# 公证 DMG
notarize_dmg() {
log_info "开始公证 DMG..."
# 上传 DMG 进行公证
xcrun notarytool submit "$DMG_PATH" \
--apple-id "$APPLE_ID" \
--team-id "$TEAM_ID" \
--wait
if [ $? -eq 0 ]; then
log_success "DMG 公证成功"
# 装订公证票据
log_info "装订公证票据到 DMG..."
xcrun stapler staple "$DMG_PATH"
if [ $? -eq 0 ]; then
log_success "DMG 公证票据装订成功"
else
log_warning "DMG 公证票据装订失败,但 DMG 已公证"
fi
else
log_error "DMG 公证失败"
log_info "请检查 Apple ID 和应用专用密码是否正确"
exit 1
fi
}
echo " 公证 DMG..."
xcrun notarytool submit "${DMG_PATH}" \
--apple-id "${APPLE_ID}" \
--password "${APP_PASSWORD}" \
--team-id "${TEAM_ID}" \
--wait
# 验证最终结果
verify_final() {
log_info "验证最终结果..."
# 检查文件大小
APP_SIZE=$(du -h "$APP_PATH" | cut -f1)
DMG_SIZE=$(du -h "$DMG_PATH" | cut -f1)
log_info "应用大小: $APP_SIZE"
log_info "DMG 大小: $DMG_SIZE"
# 检查签名状态
log_info "应用签名状态:"
codesign -dv "$APP_PATH" 2>&1 | grep -E "(Authority|TeamIdentifier|BundleId)"
log_info "DMG 签名状态:"
codesign -dv "$DMG_PATH" 2>&1 | grep -E "(Authority|TeamIdentifier)"
# 检查公证状态
log_info "应用公证状态:"
xcrun stapler validate "$APP_PATH"
log_info "DMG 公证状态:"
xcrun stapler validate "$DMG_PATH"
}
# Staple DMG
echo " Staple DMG..."
xcrun stapler staple "${DMG_PATH}"
# 显示结果
show_result() {
log_success "=========================================="
log_success "签名、公证和打包完成!"
log_success "=========================================="
log_info "应用名称: $APP_NAME"
log_info "版本: $APP_VERSION"
log_info "签名应用: $APP_PATH"
log_info "签名 DMG: $DMG_PATH"
log_info "开发者: $DEVELOPER_ID"
log_success "=========================================="
log_info "现在可以安全地分发给用户"
log_info "用户安装时不会看到安全警告"
log_info "应用已通过 Apple 公证,可在任何 Mac 上运行"
log_success "=========================================="
}
echo " ✅ DMG 创建完成: ${DMG_PATH}"
# 主函数
main() {
log_info "开始 BearVPN macOS 签名、公证和打包流程..."
log_info "=========================================="
check_certificates
cleanup
build_app
sign_app
notarize_app
create_dmg
sign_dmg
notarize_dmg
verify_final
show_result
log_success "所有操作完成!"
}
# ======================== 完成 ========================
echo ""
echo "╔═══════════════════════════════════════════════════════════════════╗"
echo "║ 🎉 全部完成! ║"
echo "╚═══════════════════════════════════════════════════════════════════╝"
echo ""
echo "输出文件:"
echo " 📦 ${APP_PATH}"
echo " 📦 ${ZIP_PATH}"
echo " 💿 ${DMG_PATH}"
echo ""
echo "⚠️ 重要提示:"
echo " 发给用户的应该是 DMG 文件,不是 ZIP 或 .app"
echo " DMG 已经签名和公证,用户打开后不会被 Gatekeeper 拦截"
echo ""
# 运行主函数
main "$@"