the basics for now

Author: claration

Cargo.toml

@@ -10,7 +10,7 @@ members = [
 edition = "2024"
 version = "0.0.1"
 authors = ["khcrysalis <s03781614@icloud.com>"]
-license = "GPL-3.0-or-later"
+license = "MIT"
 repository = "https://github.com/khcrysalis/plumestore"
 
 [workspace.dependencies]

LICENSE

@@ -0,0 +1,20 @@
+Copyright 2025 Samara M
+
+Permission is hereby granted, free of charge, to any person obtaining a 
+copy of this software and associated documentation files (the 
+"Software"), to deal in the Software without restriction, including 
+without limitation the rights to use, copy, modify, merge, publish, 
+distribute, sublicense, and/or sell copies of the Software, and to 
+permit persons to whom the Software is furnished to do so, subject to 
+the following conditions:
+
+The above copyright notice and this permission notice shall be included 
+in all copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS 
+OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF 
+MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. 
+IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY 
+CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, 
+TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE 
+SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.

README.md

@@ -15,11 +15,11 @@ The project is seperated in multiple modules, all serve single or multiple uses
 | `apps/plumeimpactor` | GUI interface for the crates shown below, backend using wxWidgets (with a rust ffi wrapper, wxDragon)                         |
 | `apps/plumesign`     | CLI interface for the crates shown below, using `clap`.                                                                       |
 | `crates/grand_slam`  | Handles all api request used for communicating with Apple developer services, along with providing auth for Apple's grandslam |
-| `crates/ldid2`       | Wrapper for applecodesign-rs with additional features, specifically made to support iOS sideloading and app modifications     |
 
 ## Acknowledgements
 
-- [Samara](https://github.com/khcrysalis) - ME!
-- [apple-private-apis](https://github.com/SideStore/apple-private-apis) - Grandslam auth & Omnisette.
-- [apple-codesign-rs](https://github.com/indygreg/apple-platform-rs) - Open-source alternative to codesign.
-- [idevice](https://github.com/jkcoxson/idevice) - Used for communication with `installd`, specifically for sideloading the apps to your devices.
+- [SAMSAM](https://github.com/khcrysalis) – The maker.
+- [SideStore](https://github.com/SideStore/apple-private-apis) – Grandslam auth & Omnisette.
+- [Sideloader](https://github.com/Dadoum/Sideloader) – Apple Developer API references.
+- [idevice](https://github.com/jkcoxson/idevice) – Used for communication with `installd`, specifically for sideloading the apps to your devices.
+- [apple-codesign-rs](https://github.com/indygreg/apple-platform-rs) – Open-source alternative to codesign.

apps/plumeimpactor/src/frame.rs

@@ -1,9 +1,9 @@
 use std::cell::RefCell;
 use std::path::PathBuf;
 use std::rc::Rc;
-use std::{env, ptr, thread};
+use std::{env, fs, ptr, thread};
 
-use grand_slam::AnisetteConfiguration;
+use grand_slam::{AnisetteConfiguration, BundleType, MachO, MobileProvision};
 use grand_slam::auth::Account;
 use grand_slam::developer::DeveloperSession;
 use grand_slam::utils::PlistInfoTrait;
@@ -311,12 +311,9 @@ impl PlumeFrame {
                 let rt = Builder::new_current_thread().enable_all().build().unwrap();
 
                 let install_result = rt.block_on(async {
-                    let anisette_config = AnisetteConfiguration::default()
-                        .set_configuration_path(PathBuf::from(env::temp_dir()));
-
                     let session = DeveloperSession::with(account.clone());
 
-                    sender_clone.send(PlumeFrameMessage::InstallProgress(0, Some("Ensuring device is registered...".to_string()))).ok();
+                    sender_clone.send(PlumeFrameMessage::InstallProgress(10, Some("Ensuring current device is registered...".to_string()))).ok();
 
                     let mut usbmuxd = UsbmuxdConnection::default().await
                         .map_err(|e| format!("usbmuxd connect error: {e}"))?;
@@ -326,17 +323,151 @@ impl PlumeFrame {
                         .find(|d| d.device_id.to_string() == device_id)
                         .ok_or_else(|| format!("Device ID {device_id} not found"))?;
 
-                    let mut lockdown = LockdownClient::connect(
-                        &usbmuxd_device.to_provider(UsbmuxdAddr::default(), "plume_install")
-                    )
-                    .await
-                    .map_err(|e| format!("lockdown connect error: {e}"))?;
+                    let device = Device::new(usbmuxd_device).await;
+                    
+                    // TODO: Handle multiple teams properly
+                    let teams = session.qh_list_teams().await.map_err(|e| format!("Failed to list teams: {}", e))?;
+                    
+                    session.qh_ensure_device(
+                        &teams.teams.get(0)
+                            .ok_or("No teams available for the Apple ID account.")?
+                            .team_id,
+                        &device.name,
+                        &device.uuid,
+                    ).await.map_err(|e| format!("Failed to ensure device is registered: {}", e))?;
+                    
+                    let bundle = package.get_package_bundle()
+                        .map_err(|e| format!("Failed to get package bundle: {}", e))?;
+                    let bundles = bundle.collect_bundles_sorted()
+                        .map_err(|e| format!("Failed to collect bundles: {}", e))?;
+                    
+                    let team_id = &teams.teams.get(0)
+                        .ok_or("No teams available for the Apple ID account.")?
+                        .team_id;
+                    
+                    let bundle_identifier = bundle.get_bundle_identifier()
+                        .ok_or("Failed to get bundle identifier from package.")?;
+
+                    let new_id = new_identifier(&bundle_identifier, team_id);
+
+                    fn new_identifier(original: &str, team_id: &str) -> String {
+                        format!("{}.{}", original, team_id)
+                    }
+                    
+                    if let Some(old_identifier) = bundle.get_bundle_identifier() {
+                        for embedded_bundle in &bundles {
+                            embedded_bundle.set_matching_identifier(
+                                &old_identifier,
+                                &new_id,
+                            ).map_err(|e| format!("Failed to set matching identifier: {}", e))?;
+                        }
+                    }
+
+                    let mut provisionings: Vec<MobileProvision> = Vec::new();
 
+                    for bundle in &bundles {
+                        if 
+                            bundle._type != BundleType::AppExtension &&
+                            bundle._type != BundleType::App 
+                           {
+                            continue;
+                        }
+
+                        sender_clone.send(PlumeFrameMessage::InstallProgress(
+                            20,
+                            Some(format!("Registering {}...", bundle.get_name().unwrap_or_default()))
+                        )).ok();
+
+                        let bundle_executable_name = bundle.get_executable()
+                            .ok_or("Failed to get executable from bundle.")?;
+                        
+                        let bundle_executable_path = bundle.dir().join(&bundle_executable_name);
+                        
+                        let macho = MachO::new(&bundle_executable_path)
+                            .map_err(|e| format!("Failed to read Mach-O binary: {}", e))?;
+                        
+                        let macho_entitlements = macho.entitlements()
+                            .map_err(|e| format!("Failed to get entitlements from Mach-O binary: {}", e))?;
+                        
+                        let id = bundle.get_bundle_identifier()
+                            .ok_or("Failed to get bundle identifier from bundle.")?;
+                                                
+                        let app_groups: Vec<String> = macho_entitlements
+                            .as_ref()
+                            .and_then(|dict| dict.get("com.apple.security.application-groups"))
+                            .and_then(|val| val.as_array())
+                            .map(|arr| {
+                                arr.iter()
+                                    .filter_map(|v| v.as_string().map(|s| format!("{}.{}", s, team_id)))
+                                    .collect()
+                            })
+                            .unwrap_or_else(Vec::new);
+
+                        session.qh_ensure_app_id(team_id, &bundle.get_name().unwrap_or_default(), &id)
+                            .await
+                            .map_err(|e| format!("Failed to ensure app ID: {}", e))?;
+                        
+                        let capabilities = session.v1_list_capabilities(team_id).await
+                            .map_err(|e| format!("Failed to list capabilities: {}", e))?;
+                                                
+                        println!("Mach-O Entitlements: {:?}", &macho_entitlements);
+                        
+                        let mut capabilities_to_enable = Vec::new();
+                        
+                        if let Some(entitlements) = &macho_entitlements {
+                            for (ent_key, _) in entitlements {
+                                for cap in &capabilities.data {
+                                    if let Some(ent_list) = &cap.attributes.entitlements {
+                                        if ent_list.iter().any(|e| e.profile_key == *ent_key) {
+                                            capabilities_to_enable.push(cap.id.clone());
+                                        }
+                                    }
+                                }
+                            }
+                        }
+                        
+                        println!("Enabling capabilities: {:?}", &capabilities_to_enable);
+                        
+                        let app_id_id = session.qh_get_app_id(team_id, &id).await
+                            .map_err(|e| e.to_string())?
+                            .ok_or("Failed to get ensured app ID.")?;
+
+                        if !capabilities_to_enable.is_empty() {
+                            session.v1_update_app_id(team_id, &id, capabilities_to_enable)
+                                .await
+                                .map_err(|e| format!("Failed to enable capabilities: {}", e))?;
+                        }
+                        
+                        for group in &app_groups {
+                            let group_id = session.qh_ensure_app_group(team_id, group, group)
+                                .await
+                                .map_err(|e| format!("Failed to ensure app group: {}", e))?;
+
+                            println!("{:#?}", group_id);
+
+                            session.qh_assign_app_group(team_id, &app_id_id.app_id_id, &group_id.application_group)
+                                .await
+                                .map_err(|e| format!("Failed to add app group to app ID: {}", e))?;
+                        }
+
+                        let profiles = session.qh_get_profile(team_id, &app_id_id.app_id_id).await
+                            .map_err(|e| format!("Failed to list profiles: {}", e))?;
+
+                        let profile_data = profiles.provisioning_profile.encoded_profile;
+                        
+                        let mobile_provision = MobileProvision::load_from_bytes(profile_data.as_ref())
+                            .map_err(|e| format!("Failed to load mobile provision: {}", e))?;
+                        
+                        provisionings.push(mobile_provision);
+                    }
+                    
+                    sender_clone.send(PlumeFrameMessage::InstallProgress(30, Some("Downloading Certificates...".to_string()))).ok();
+                    
                     Ok::<_, String>(())
                 });
 
                 if let Err(e) = install_result {
-                    sender_clone.send(PlumeFrameMessage::InstallProgress(100, Some(format!("Install failed: {}", e)))).ok();
+                    sender_clone.send(PlumeFrameMessage::InstallProgress(99, Some(format!("{}", e)))).ok();
                     return;
                 }
             });

apps/plumeimpactor/src/handlers.rs

@@ -180,7 +180,12 @@ impl PlumeFrameMessageHandler {
                         "Waiting...",
                         100
                     )
-                    .show_estimated_time().show_remaining_time().smooth().build();
+                    .show_elapsed_time()
+                    .show_estimated_time()
+                    .show_remaining_time()
+                    .smooth()
+                    .build();
+                
                     self.installation_progress_dialog = Some(progress_dialog);
                 }
 

apps/plumeimpactor/src/pages/login.rs

@@ -140,10 +140,6 @@ impl AccountDialog {
         self.dialog.show_modal();
     }
 
-    pub fn hide(&self) {
-        self.dialog.end_modal(0);
-    }
-
     pub fn set_logout_handler(&self, on_logout: impl Fn() + 'static) {
         let dialog = self.dialog.clone();
         self.logout_button.on_click(move |_| {

apps/plumeimpactor/src/utils/device.rs

@@ -8,6 +8,17 @@ use crate::Error;
 
 pub const CONNECTION_LABEL: &str = "plume";
 
+macro_rules! get_dict_string {
+    ($dict:expr, $key:expr) => {
+        $dict
+            .as_dictionary()
+            .and_then(|dict| dict.get($key))
+            .and_then(|v| v.as_string())
+            .map(|s| s.to_string())
+            .unwrap_or_else(|| "".to_string())
+    };
+}
+
 #[derive(Debug, Clone)]
 pub struct Device {
     pub name: String,
@@ -17,13 +28,24 @@ pub struct Device {
 
 impl Device {
     pub async fn new(usbmuxd_device: UsbmuxdDevice) -> Self {
-        let name = get_name_from_usbmuxd_device(&usbmuxd_device).await.unwrap_or_default();
-        Device { 
-            name, 
+        let name = Self::get_name_from_usbmuxd_device(&usbmuxd_device)
+            .await
+            .unwrap_or_default();
+        
+        Device {
+            name,
             uuid: usbmuxd_device.udid.clone(),
             usbmuxd_device 
         }
     }
+    
+    async fn get_name_from_usbmuxd_device(
+        device: &UsbmuxdDevice,
+    ) -> Result<String, Error> {
+        let mut lockdown = LockdownClient::connect(&device.to_provider(UsbmuxdAddr::default(), CONNECTION_LABEL)).await?;
+        let values = lockdown.get_value(None, None).await?;
+        Ok(get_dict_string!(values, "DeviceName"))
+    }
 }
 
 impl fmt::Display for Device {
@@ -40,22 +62,3 @@ impl fmt::Display for Device {
         )
     }
 }
-
-macro_rules! get_dict_string {
-    ($dict:expr, $key:expr) => {
-        $dict
-            .as_dictionary()
-            .and_then(|dict| dict.get($key))
-            .and_then(|v| v.as_string())
-            .map(|s| s.to_string())
-            .unwrap_or_else(|| "".to_string())
-    };
-}
-
-async fn get_name_from_usbmuxd_device(
-    device: &UsbmuxdDevice,
-) -> Result<String, Error> {
-    let mut lockdown = LockdownClient::connect(&device.to_provider(UsbmuxdAddr::default(), CONNECTION_LABEL)).await?;
-    let values = lockdown.get_value(None, None).await?;
-    Ok(get_dict_string!(values, "DeviceName"))
-}

crates/grand_slam/Cargo.toml

@@ -3,7 +3,7 @@ name = "grand_slam"
 edition.workspace = true
 version.workspace = true
 authors.workspace = true
-license.workspace = true
+license = "MPL-2.0"
 repository.workspace = true
 
 [package.metadata.patch]

crates/grand_slam/src/developer/qh/app_groups.rs

@@ -32,8 +32,26 @@ impl DeveloperSession {
 
         Ok(response_data)
     }
+    
+    pub async fn qh_get_app_group(&self, team_id: &str, app_group_identifier: &str) -> Result<Option<ApplicationGroup>, Error> {
+        let response_data = self.qh_list_app_groups(team_id).await?;
+        
+        let app_group = response_data.application_group_list.into_iter()
+            .find(|group| group.identifier == app_group_identifier);
+        
+        Ok(app_group)
+    }
+    
+    pub async fn qh_ensure_app_group(&self, team_id: &str, name: &str, identifier: &str) -> Result<ApplicationGroup, Error> {
+        if let Some(app_group) = self.qh_get_app_group(team_id, identifier).await? {
+            Ok(app_group)
+        } else {
+            let response = self.qh_add_app_group(team_id, name, identifier).await?;
+            Ok(response.application_group)
+        }
+    }
 
-    pub async fn qh_assign_app_group(&self, team_id: &str, app_id_id: &str, app_group_id: &str) -> Result<AppGroupResponse, Error> {
+    pub async fn qh_assign_app_group(&self, team_id: &str, app_id_id: &str, app_group_id: &str) -> Result<ResponseMeta, Error> {
         let endpoint = developer_endpoint!("/QH65B2/ios/assignApplicationGroupToAppId.action");
 
         let mut body = Dictionary::new();
@@ -42,7 +60,7 @@ impl DeveloperSession {
         body.insert("applicationGroups".to_string(), Value::String(app_group_id.to_string()));
 
         let response = self.qh_send_request(&endpoint, Some(body)).await?;
-        let response_data: AppGroupResponse = plist::from_value(&Value::Dictionary(response))?;
+        let response_data: ResponseMeta = plist::from_value(&Value::Dictionary(response))?;
 
         Ok(response_data)
     }
@@ -70,9 +88,9 @@ pub struct AppGroupResponse {
 #[derive(Deserialize, Debug)]
 #[serde(rename_all = "camelCase")]
 pub struct ApplicationGroup {
-    pub application_group: String,
+    pub application_group: String, // this is the actual identifier
     pub name: String,
     pub status: String,
     prefix: String,
-    pub identifier: String,
+    pub identifier: String, // this is the group.identifier
 }