Hi Chathura. In Android , the link is invoked by the agent which downloads the app file , the agent takes care of the request.
In iOS , the link is sent via the MDM command , which is invoked by the iOS OS itself to download , which is not a direct link to the .app file but a manifest file . The request url can have the token along with the request, but it cannot add any headers programatically. On Mon, Apr 27, 2015 at 5:02 PM, Chathura Dilan <[email protected]> wrote: > Hi Shan, > > They are direct links but secure connections can be used. Some cases like > iOS AFAIK it is not possible to send tokens or security headers along with > the installation request because it is managed by iOS itself. IMO providing > a direct link will not be a major security issue, since part of the link is > encrypted. > > So only way to make them more secure will be, generating them as one time > download links. We need to do a proper research on this with real devices, > so this feature will be support from the next version of app manager if it > is possible. > > > On Mon, Apr 27, 2015 at 4:43 PM, Shanmugarajah Sinnathamby <[email protected]> > wrote: > >> Hi Dilan, >> >> The device will invoke the url to download the apk file , how do we >> achieve the security . >> Is there any kind of token ? or its its a direct link . >> >> Can we have something like parameters without exposing the direct link of >> the file. >> >> >> >> >> >> On Mon, Apr 27, 2015 at 4:22 PM, Chathura Dilan <[email protected]> >> wrote: >> >>> Here are the APIs from app manager to subscribe, unsubscribe application >>> to a given user or a role >>> >>> 1. api/v1/apps/mobile/subscribe/tenant/{tenantDomain}/user/{username} >>> 1. api/v1/apps/mobile/unsubscribe/tenant/{tenantDomain}/user/{username} >>> 1. api/v1/apps/mobile/subscribe/tenant/{tenantDomain}/role/{roleId} >>> 1. api/v1/apps/mobile/unsubscribe/tenant/{tenantDomain}/role/{roleId} >>> >>> You need to send the appId as a form parameter to above APIs >>> additionally and all APIs protected by Basic Auth as we have decided >>> earlier. >>> >>> APIs will return application details if it is successful as follows >>> >>> { >>> platform: "android" >>> iconImage: " >>> http://192.168.1.12:9763/publisher/api/mobileapp/getfile/uwvOc0yZD4lRuFc.png >>> <http://localhost:9763/publisher/api/mobileapp/getfile/uwvOc0yZD4lRuFc.png> >>> " >>> version: "1.5" >>> packageName: "com.antivirusforandroid" >>> identifier: "com.antivirusforandroid" >>> name: "Anti Virus" >>> location: "http:// >>> <http://localhost:9763/publisher/api/mobileapp/getfile/h88Zf6ZyaaGi801.apk> >>> 192.168.1.12 >>> <http://localhost:9763/publisher/api/mobileapp/getfile/uwvOc0yZD4lRuFc.png> >>> :9763/publisher/api/mobileapp/getfile/h88Zf6ZyaaGi801.apk" >>> id: "9a3f2a2c-1ebd-46b0-85e6-4c7da3b28ac9" >>> type: "enterprise" >>> } >>> >>> >>> Note: location details will be only sent with a subscription request. >>> >>> >>> >>> On Thu, Apr 23, 2015 at 6:17 PM, Inosh Perera <[email protected]> wrote: >>> >>>> Hi Dilan, >>>> >>>> As per the offline discussion we had, I need the input and response >>>> details for the endpoint exposed from App for, >>>> 1. App install/ uninstall request. >>>> >>>> Also since App manager does not include the second >>>> point described earlier, it is not necessary >>>> 2. When the device responds back with the status of the app >>>> install/uninstall status to MDM, the end point exposed from App manager to >>>> update the status of the operation. >>>> >>>> Regards, >>>> Inosh >>>> >>>> On Mon, Mar 16, 2015 at 12:10 PM, Chathura Dilan <[email protected]> >>>> wrote: >>>> >>>>> Hi Inosh, >>>>> >>>>> We need to have an internal discussion regarding finalize the app >>>>> uninstall/uninstall and update, because this should be finalized in MDM on >>>>> how to accept request. I have created a component[1] in AppM to call MDM >>>>> endpoints assuming there is one endpoint from MDM. We can customize it >>>>> according to the MDM requirements. >>>>> >>>>> [1] - >>>>> https://github.com/wso2/carbon-appmgt/blob/feature/mdmintegration/components/appmgt/org.wso2.carbon.appmgt.mobile/src/main/java/org/wso2/carbon/appmgt/mobile/wso2mdm/WSO2MDMOperations.java >>>>> >>>>> On Mon, Mar 16, 2015 at 8:49 AM, Inosh Perera <[email protected]> wrote: >>>>> >>>>>> Hi Dilan, >>>>>> Could you please tell the necessary inputs and the response from App >>>>>> manager, for >>>>>> 1. App install/ uninstall/ reinstall request. >>>>>> 2. When the device responds back with the status of the app >>>>>> install/uninstall/reinstall status to MDM, the end point exposed from App >>>>>> manager to update the status of the operation. >>>>>> >>>>>> Regards, >>>>>> Inosh >>>>>> >>>>>> On Fri, Mar 13, 2015 at 4:44 PM, Chathura Dilan <[email protected]> >>>>>> wrote: >>>>>> >>>>>>> Hi, >>>>>>> >>>>>>> To access devices from MDM, AppM needs an API from MDM to get list >>>>>>> of enabled devices for given username, platform and platform version >>>>>>> >>>>>>> Sample response from MDM as follows >>>>>>> >>>>>>> [ >>>>>>> { >>>>>>> "id": "12345", >>>>>>> "platform": "android", >>>>>>> "model": "Nexus", >>>>>>> "platform_version": "4", >>>>>>> "name": "My Device 1", >>>>>>> "image": "http://192.168.1.40:9763/device.png";, >>>>>>> "type": "tab" >>>>>>> }, >>>>>>> { >>>>>>> "id": "678", >>>>>>> "platform": "ios", >>>>>>> "model": "iPhone", >>>>>>> "platform_version": "8", >>>>>>> "name": "My iPhone", >>>>>>> "image": "http://192.168.1.40:9763/device2.png";, >>>>>>> "type": "phone" >>>>>>> } >>>>>>> ] >>>>>>> >>>>>>> >>>>>>> >>>>>>> >>>>>>> -- >>>>>>> Regards, >>>>>>> >>>>>>> Chatura Dilan Perera >>>>>>> *(Senior Software Engineer** - WSO2 Inc.**)* >>>>>>> www.dilan.me >>>>>>> >>>>>> >>>>>> >>>>>> >>>>>> -- >>>>>> Inosh Perera >>>>>> Software Engineer, WSO2 Inc. >>>>>> Tel: 0785293686 >>>>>> >>>>> >>>>> >>>>> >>>>> -- >>>>> Regards, >>>>> >>>>> Chatura Dilan Perera >>>>> *(Senior Software Engineer** - WSO2 Inc.**)* >>>>> www.dilan.me >>>>> >>>> >>>> >>>> >>>> -- >>>> Inosh Perera >>>> Software Engineer, WSO2 Inc. >>>> Tel: 0785293686 >>>> >>> >>> >>> >>> -- >>> Regards, >>> >>> Chatura Dilan Perera >>> *(Senior Software Engineer** - WSO2 Inc.**)* >>> www.dilan.me >>> >> >> >> >> -- >> *Shanmugarajah (Shan)* >> Director, Mobile Architecture, >> WSO2, Inc.; http://wso2.com >> Email: [email protected] >> Mobile : +94777748260 >> Blog: http://shanfour.blogspot.com >> > > > > -- > Regards, > > Chatura Dilan Perera > *(Senior Software Engineer** - WSO2 Inc.**)* > www.dilan.me > -- *Shanmugarajah (Shan)* Director, Mobile Architecture, WSO2, Inc.; http://wso2.com Email: [email protected] Mobile : +94777748260 Blog: http://shanfour.blogspot.com
_______________________________________________ Architecture mailing list [email protected] https://mail.wso2.org/cgi-bin/mailman/listinfo/architecture
![http://192.168.1.40:9763/device.png"](http://192.168.1.40:9763/device.png"){kind=link}
![http://192.168.1.40:9763/device2.png"](http://192.168.1.40:9763/device2.png"){kind=link}