-
-
Notifications
You must be signed in to change notification settings - Fork 97
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Supporting iOS 18 Changes #205
Comments
|
I'm able and willing to test if you're publishing an alpha! |
@nickwelsh Okay great! I'll work on it, probably this weekend. Before having a stable release, I'll wait for them to publish the updated documentation. I think these are the new fields but some more could appear possibly. P.s. Did you leave a 🌟 on the project? 👀 |
Schema changes are available in this branch, so you can install the package in NPM from git and build it. I'll release a version in the next days if I have some time. If you can successfully test, can you provide me screenshots of the results? I'm very curious! |
I built a minimal version using the stable build to make sure things worked: Code
// index.ts
import pk from "passkit-generator"
import 'dotenv/config'
import fs from "fs"
const PKPass = pk.PKPass;
try {
const pass = await PKPass.from({
model: "./model.pass",
certificates: {
wwdr: process.env.WWDR,
signerCert: process.env.CERT,
signerKey: process.env.KEY,
signerKeyPassphrase: process.env.CHALLENGE
},
}, {
// keys to be added or overridden
serialNumber: "AAGH44625236dddaffbda"
});
const buffer = pass.getAsBuffer();
fs.writeFile('pass.pkpass', buffer, (err) => {
if (err) throw err;
console.log('Buffer saved to file');
});
} catch (err) {
console.error(err)
} {
"organizationName": "My Org",
"description": "My Event Description",
"teamIdentifier": "******",
"passTypeIdentifier": "******",
"backgroundColor": "rgb(248,252,252)",
"foregroundColor": "rgb(111,162,163)",
"labelColor": "rgb(0,52,68)",
"formatVersion": 1,
"eventTicket": {
"preferredStyleSchemes": [
"posterEventTicket",
"eventTicket"
]
},
"semantics": {
"eventType": "PKEventTypeLivePerformance",
"eventName": "South Bay Jazz Festival",
"eventStartDate": "2024-07-15T10:00:00-06:00",
"seats": [
{
"seatDescription": "Normal Seat",
"seatIdentifier": "112-12-16",
"seatNumber": "5",
"seatRow" : "3",
"seatSection": "100",
"venueEntranceGate": "3"
}
]
}
} Which, indeed, builds a pass that works, obviously using the old UI. Swapping out to the alpha you provided throws an error:
|
@nickwelsh Are you able to see which property failed to validate? |
Seems like it's the new // schemas/index.ts
// ...
eventTicket: PassFields.disallow("transitType").append(
Joi.object<PassProps["eventTicket"]>().keys({
/**
* New field coming in iOS 18
* `"eventTicket"` is the legacy style.
*
* If used, passkit will try to render following the old style
* first.
*
* Which means that `primaryFields`, `secondaryFields` and
* so on, are not necessary anymore for the new style,
* as semantics are preferred.
*/
preferredStyleSchemes: Joi.array().items(
Joi.string().allow("posterEventTicket", "eventTicket"),
),
}),
),
// ... |
@nickwelsh interesting. Maybe I should have used |
I tried replace with Although, I have concerns with |
@rayriffy Hey, thanks for testing! Two things:
Other than that, I still didn't provide a way to set manually the |
thanks, although it's not a blocker though. you can make an improvements to an interface later in future version. for now i will have to forcefully mark that pass.props.eventTicket!.preferredStyleSchemes = [...] also i have another suggestion, currently i help testing your library by manually clone a project because referencing package with |
I've committed
I never used It should clone and provide the content from the repository. There, you should have the source. Once you install the package from github, you can just change the directory to the dependency and use Let me know if it works. Getting back to the pass, so, are you able to generate with with the new format? |
unfortunately not at this moment, i tried with multiple relevant semantics fields and could not get it to work. lacking of documentation from apple is killing me, my best guess is maybe new event ticket format has not been added to the developer beta 1 yet. maybe someone else also have a success? i would like to know as well. |
Did you try to open it on a real iPhone? Could it be it is not available on the Simulator yet? BTW I think it is still early for the documentation to come out. It will get surely updated in the next months. |
nah doesn't work either, i will drop my Code{ "formatVersion": 1, "passTypeIdentifier": "", "teamIdentifier": "", "serialNumber": "ahsdg2", "organizationName": "Creatorsgarten", "description": "Creatorsgarten Event Ticket", "foregroundColor": "rgb(255, 255, 255)", "backgroundColor": "rgb(0, 0, 0)", "labelColor": "rgb(255, 255, 255)", "semantics": { "eventName": "The โง่ Hackathon ครั้งที่ 8 แห่งประเทศ Thailand", "eventType": "PKEventTypeLivePerformance", "eventStartDate": "2024-07-13T00:00+07:00", "eventEndDate": "2024-07-14T23:59+07:00", "relevantDates": [ { "startDate": "2024-07-13T08:00+07:00", "endDate": "2024-07-14T23:59+07:00" } ], "admissionLevel": "ElysiaJS" }, "relevantDate": "2024-07-13T01:00:00.000Z", "barcodes": [ { "format": "PKBarcodeFormatQR", "message": "QGZRQR", "altText": "QGZRQR", "messageEncoding": "iso-8859-1" } ], "eventTicket": { "headerFields": [ { "key": "date", "label": "DATE", "value": "13 Jul" } ], "primaryFields": [ { "key": "event", "label": "EVENT", "value": "The โง่ Hackathon ครั้งที่ 8 แห่งประเทศ Thailand" } ], "secondaryFields": [ { "key": "loc", "label": "LOCATION", "value": "คณะวิศวกรรมศาสตร์ จุฬาลงกรณ์มหาวิทยาลัย" } ], "auxiliaryFields": [], "backFields": [], "preferredStyleSchemes": [ "posterEventTicket", "eventTicket" ] } } |
@rayriffy Did you try to add the venue and seats fields in semantics, like Nick wrote above? For what I understood, they are required to render the new layout... "seats": [
{
"seatDescription": "Normal Seat",
"seatIdentifier": "112-12-16",
"seatNumber": "5",
"seatRow" : "3",
"seatSection": "100",
"venueEntranceGate": "3"
}
] Also, I can suggest you connecting to |
Let me add that someone was saying, in Apple Developers Forum, that the video was reporting the availability of some examples as downloadable resources, but it is not available under the video nor in the documentation, as opposed to the changes to Apple Pay. I wonder if the fact this isn't working and the absence of a resource are due to the same reason, which is the lack of update in the first beta... |
I used the |
@nickwelsh Okay interesting. Did you try with the changes of the last commit (432e380) or the previous one or both? You can tell NPM to clone a specific commit id. That's because I changed the schemas a little bit in the last commit. |
@nickwelsh fyi i did make an minor code change to reflect alex's new getter setter update from |
Ah, I only had the style set in the |
Ops! I forgot the possibility to import that field 😅 |
I proceeded adding unit tests for Let me know if you guys are able to generate and show a new layout event ticket. |
Hi everyone! @alexandercerutti great to see you again haha, just thought I’d pop into the repo and leave a message about the iOS 18 Wallet updates but I can see you’re already on it! Great to see :) @rayriffy mentioned the new event passes may not be on beta 1 - just wanted to confirm through a tweet I saw that they should be there (Apple’s WWDC invite pass updated on the beta), see: https://x.com/frederikriedel/status/1800253419304968439?s=46&t=mbu_2SzVSyE0jhQUv3QWWw Will definitely be updating my backend and giving these changes a go once I’m free in about a week or so. Fingers crossed someone manages to get one generated and working in the meantime, but thanks a lot Alex, Nick and rayriffy for all of your testing so far :) |
Hey @Saim-Khan1, glad you jumped on here! So according to the tweet, the update could be already available in the first beta. Perhaps only Venue data are required along with preferred schemas? |
I tried adding venue information |
@rayriffy I’m asking around to folks who went to WWDC if they can share theirs with us… keep experimenting in the meantime |
I was looking again at the differences between your attempt on Simulator and your attempt on real device. On the code you show for real device, I don't see the new |
Makes sense, so that'll probably be the way to go then in terms of generating them for the time being. Really appreciate your insight, it's definitely helped me get a better understanding of how the NFC side of things works for Wallet passes so thanks a lot for the discussion! Guess we may as well wait the 50 minutes or so left now until beta 2 (at least, they usually drop around then – 6pm UK time for me!) so hopefully see you then with some updated docs and resources :) |
I tried to download a pass from PassKit and that surprised me. There are things that I didn't know existed. The first that sees new things, will comment here I guess ahah |
https://developer.apple.com/documentation/walletpasses Still no update to the docs unfortunately 😢 |
@Saim-Khan1 yep... So I think now it is just a matter of trying to generate one with the NFC signature of PassKit. @nickwelsh @rayriffy @Saim-Khan1 do you guys have the chance to generate one? |
Hey, was just trying to give it a go now – slightly off topic from this thread but I keep getting
when trying to generate any pass, which is strange because everything was working perfectly a few months back when I was last working on the app, and I haven’t changed any certificates (and even reverted all changes to my backend after tinkering with the iOS 18 stuff) but still keep getting it. Have you seen this kind of thing before, and if so any idea what I should do? I did try grabbing another wwdr cert but that didn’t seem to do anything |
Yeah, that's OT. Check in the Generating Certificates wiki page. There's a paragraph with such a message |
Yep thank you, all sorted now. But, unfortunately it doesn't seem to let you generate NFC passes at all, unless I'm missing something? To even generate for testing purposes...
|
@Saim-Khan1 you got this from |
Yeah! |
Uh, that's interesting. Never tried to generate one, but apparently there's something else we didn't consider. I even ask myself if passkit-generator supports it... |
Yeah, really unfortunate. Had a quick browse around online and it does seem as though there isn't any way to get around it, even for testing purposes. May just have to try my luck applying for one, but I've also seen a bunch of people online say they applied and never heard back for weeks or even months! :( |
I was lucky to receive an answer back then, then... |
When did you apply for it? Was it recent |
Like 3 years ago. I just found the reply.
Yeah, I agree |
That's really interesting, I'm just curious how companies like passkit and passninja (another one I see people talking about online a fair bit) ended up getting the certificate then? It doesn't seem as though they have their own terminals…
Good luck if you do end up having a look into it! Keep us posted |
PassNinja is a terminals manufacturer, for sure (they sponsored Passkit-generator in the past).
I did a quick research and its probably possible, but you need to have at least one of the original certificate signer... Not sure tho. |
Ah nice! Fair enough then.
Suppose you're right. Plus according to their docs, it seems as though you need to have your own certificate anyway that you upload to the platform to be able to generate NFC passes on there.
Interesting... |
@Saim-Khan1 Okay so, I've been able to extract the certificates from the SMIME through this command: $ openssl pkcs7 -inform DER -print_certs -in signature This will always print both certificates ( First of all, extract the certificate (the dashes encapsulated part - dashes included - from the output of the command above) and put it in a file ( Then, print its content. $ openssl x509 -in cert.pem -text I've then checked online a bit of articles, among which figures out one from PassKit: https://help.passkit.com/en/articles/4430727-enabling-and-using-nfc-passes In this article, which has been updated recently, it says that among prerequisites, you need An Apple Developer account that has been approved to issue NFC Pass Type Identifier Certificates. So the catch stands in the certificate you just extracted... but where?
Now, I don't exactly know how can this be read, BUT by doing a quick search by those OIDS on Google, we can find this document: https://images.apple.com/certificateauthority/pdf/Apple_WWDR_CPS_v1.32.pdf Here, they are listed like this in the tables
As you can see, the first one is listed only under the Now,
Maybe we could try to add this Enhanced Pass Certificate OID and check if an NFC pass appears, by setting the NFC message and using a key, which could technically be obtained by the sample pass from PassKit or, apparently, generated (https://www.passninja.com/tutorials/apple-platform/how-to-create-apple-wallet-nfc-encryption-keys). Editing PassKit certificate would be the best way to verify if that's the actual key that determines if NFC is enabled or if there's something else. Other than what I wrote above, which will probably end up in a page of the Wiki, an easier approach could be what follows: IF we can change the PrivateKey ( According to this page:
So, IF we are able to change the modulus, we could be able to create a new certificate. This may be helpful: https://stackoverflow.com/questions/27568570/how-to-convert-raw-modulus-exponent-to-rsa-public-key-pem-format However, I don't think this is easy and could be done. I mean, I know nothing about crypto stuff, so I'm just reading online. That said, a certificate seems to be containing only the public key, which is generated when we create a CSR (Certificate Signing Request). That's easier than said, but could be two ways to achieve the same thing. I'll check if I can do come experiments with the knowledge above. |
Awesome!! This looks really promising. I will have a proper look through when I get back from work this evening, I'm definitely no expert in this kind of thing I'll be honest with you but would be happy to do some experimenting and some digging into what you've found. Fingers crossed we can get somewhere :) |
Hey! Just had a little look, really interesting findings. Can confirm by trying out those commands you gave that their certificate has the extra OID ( Just wanted to make sure we're on the same page – so our aim is to add this OID to our own certificates, and we want to try and do so by changing the PassKit certificate's
So I understand trying to change the modulus is one way, just wanted to clarify what you were suggesting was the other way? Sorry for all the questions! Just want to make sure I've understood what you were saying correctly so I can go and try and research those paths a bit more. |
Exactly, we can try that.
It's either changing their publicKey or bringing the OID to ours.
It's more a thought than an actual thing. I'm not sure any of these things can actually be done. I'm experimenting a bit with ASN.1 to understand if I can obtain the same certificate but getting the ASN.1 structure and converting it back to PEM. The other way, as I said above, would be to change the certificate issued by Apple after CSR and verify if it works. |
Ahh thanks for the clarification, I see what you mean now.
I'll try and give this a go and see if I get anywhere 🤞 |
"Tampering" the current certificate seems not a viable way to follow, as the digital signature in it will fail validation if a certificate is tampered. I'm not sure if we actually have any chance to proceed... Not even sure if passing an extension to PCKS7, when compiling the pass, would help... |
Right, no that's a fair point. And I wouldn't even know where to start with something like changing the modulus and things... |
Yeah, I found it too in the past, but yeah, we are not strictly interested in VAS |
I've tried programmatically adding x509 custom attributes to simulate PassKit certificate but still requires an enhanced certificate. Which means that the OID is not the only key component but there's something else. Comparing my certificate and PassKit's, it feels like the Enhanced certificate is signed in a completely different way I don't think there's anymore a way to obtain a certificate like this. :/ |
Ah I see. That is unfortunate, but huge props for trying! Guess Apple really have just locked it down, which isn't surprising of course but is a shame. Appreciate you giving that a go though. I still find it really bizarre that they haven't updated their docs or provided a sample pass, but I guess we'll have to see what happens |
@alexandercerutti We have the necessary entitlements and can contribute with testing on our end, if that are to any help. Can unfortunately not share certificates, but can at least verify that the functionality works :) |
@espenbye that would be great if you could! Of course, no certificates / |
@Saim-Khan1 BTW, I've asked them again for an entitlement. They sent me a few questions to answer to and, after having answered, the same day they rejected me for undisclosed reasons. Probably a real business behind providing such service is required, as the questions were including such things. @espenbye do you actively use |
iOS 18 have been announced a few days ago and, a few hours ago, the session including the upcoming changes to Apple Wallet have been published: https://developer.apple.com/videos/play/wwdc2024/10108/
Some new fields have been published to support the new UI for events.
That said, within september, a passkit-generator update will be published.
If anyone wants to attempt to generate the new passes with an iOS 18 Beta through
passkit-generator
, I kindly ask you to leave a comment here, so I'll know if I should publish an alpha version with some changes.This issue will be soon updated with a summary of the changes in the schemas.
The text was updated successfully, but these errors were encountered: