Hi Shan, Thank you, We can generate a token per request which is expired after some time once the download link is accessed. What do you think?
On Mon, Apr 27, 2015 at 5:34 PM, Shanmugarajah Sinnathamby <[email protected]> wrote: > Hi Chathura. > > In Android , the link is invoked by the agent which downloads the app file > , the agent takes care of the request. > > In iOS , the link is sent via the MDM command , which is invoked by the > iOS OS itself to download , which is not a direct link to the .app file but > a manifest file . The request url can have the token along with the > request, but it cannot add any headers programatically. > > > > > > > On Mon, Apr 27, 2015 at 5:02 PM, Chathura Dilan <[email protected]> > wrote: > >> Hi Shan, >> >> They are direct links but secure connections can be used. Some cases like >> iOS AFAIK it is not possible to send tokens or security headers along with >> the installation request because it is managed by iOS itself. IMO providing >> a direct link will not be a major security issue, since part of the link is >> encrypted. >> >> So only way to make them more secure will be, generating them as one time >> download links. We need to do a proper research on this with real devices, >> so this feature will be support from the next version of app manager if it >> is possible. >> >> >> On Mon, Apr 27, 2015 at 4:43 PM, Shanmugarajah Sinnathamby <[email protected] >> > wrote: >> >>> Hi Dilan, >>> >>> The device will invoke the url to download the apk file , how do we >>> achieve the security . >>> Is there any kind of token ? or its its a direct link . >>> >>> Can we have something like parameters without exposing the direct link >>> of the file. >>> >>> >>> >>> >>> >>> On Mon, Apr 27, 2015 at 4:22 PM, Chathura Dilan <[email protected]> >>> wrote: >>> >>>> Here are the APIs from app manager to subscribe, unsubscribe >>>> application to a given user or a role >>>> >>>> 1. api/v1/apps/mobile/subscribe/tenant/{tenantDomain}/user/{username} >>>> 1. api/v1/apps/mobile/unsubscribe/tenant/{tenantDomain}/user/{username} >>>> 1. api/v1/apps/mobile/subscribe/tenant/{tenantDomain}/role/{roleId} >>>> 1. api/v1/apps/mobile/unsubscribe/tenant/{tenantDomain}/role/{roleId} >>>> >>>> You need to send the appId as a form parameter to above APIs >>>> additionally and all APIs protected by Basic Auth as we have decided >>>> earlier. >>>> >>>> APIs will return application details if it is successful as follows >>>> >>>> { >>>> platform: "android" >>>> iconImage: " >>>> http://192.168.1.12:9763/publisher/api/mobileapp/getfile/uwvOc0yZD4lRuFc.png >>>> <http://localhost:9763/publisher/api/mobileapp/getfile/uwvOc0yZD4lRuFc.png> >>>> " >>>> version: "1.5" >>>> packageName: "com.antivirusforandroid" >>>> identifier: "com.antivirusforandroid" >>>> name: "Anti Virus" >>>> location: "http:// >>>> <http://localhost:9763/publisher/api/mobileapp/getfile/h88Zf6ZyaaGi801.apk> >>>> 192.168.1.12 >>>> <http://localhost:9763/publisher/api/mobileapp/getfile/uwvOc0yZD4lRuFc.png> >>>> :9763/publisher/api/mobileapp/getfile/h88Zf6ZyaaGi801.apk" >>>> id: "9a3f2a2c-1ebd-46b0-85e6-4c7da3b28ac9" >>>> type: "enterprise" >>>> } >>>> >>>> >>>> Note: location details will be only sent with a subscription request. >>>> >>>> >>>> >>>> On Thu, Apr 23, 2015 at 6:17 PM, Inosh Perera <[email protected]> wrote: >>>> >>>>> Hi Dilan, >>>>> >>>>> As per the offline discussion we had, I need the input and response >>>>> details for the endpoint exposed from App for, >>>>> 1. App install/ uninstall request. >>>>> >>>>> Also since App manager does not include the second >>>>> point described earlier, it is not necessary >>>>> 2. When the device responds back with the status of the app >>>>> install/uninstall status to MDM, the end point exposed from App manager to >>>>> update the status of the operation. >>>>> >>>>> Regards, >>>>> Inosh >>>>> >>>>> On Mon, Mar 16, 2015 at 12:10 PM, Chathura Dilan <[email protected]> >>>>> wrote: >>>>> >>>>>> Hi Inosh, >>>>>> >>>>>> We need to have an internal discussion regarding finalize the app >>>>>> uninstall/uninstall and update, because this should be finalized in MDM >>>>>> on >>>>>> how to accept request. I have created a component[1] in AppM to call MDM >>>>>> endpoints assuming there is one endpoint from MDM. We can customize it >>>>>> according to the MDM requirements. >>>>>> >>>>>> [1] - >>>>>> https://github.com/wso2/carbon-appmgt/blob/feature/mdmintegration/components/appmgt/org.wso2.carbon.appmgt.mobile/src/main/java/org/wso2/carbon/appmgt/mobile/wso2mdm/WSO2MDMOperations.java >>>>>> >>>>>> On Mon, Mar 16, 2015 at 8:49 AM, Inosh Perera <[email protected]> >>>>>> wrote: >>>>>> >>>>>>> Hi Dilan, >>>>>>> Could you please tell the necessary inputs and the response from App >>>>>>> manager, for >>>>>>> 1. App install/ uninstall/ reinstall request. >>>>>>> 2. When the device responds back with the status of the app >>>>>>> install/uninstall/reinstall status to MDM, the end point exposed from >>>>>>> App >>>>>>> manager to update the status of the operation. >>>>>>> >>>>>>> Regards, >>>>>>> Inosh >>>>>>> >>>>>>> On Fri, Mar 13, 2015 at 4:44 PM, Chathura Dilan <[email protected]> >>>>>>> wrote: >>>>>>> >>>>>>>> Hi, >>>>>>>> >>>>>>>> To access devices from MDM, AppM needs an API from MDM to get list >>>>>>>> of enabled devices for given username, platform and platform version >>>>>>>> >>>>>>>> Sample response from MDM as follows >>>>>>>> >>>>>>>> [ >>>>>>>> { >>>>>>>> "id": "12345", >>>>>>>> "platform": "android", >>>>>>>> "model": "Nexus", >>>>>>>> "platform_version": "4", >>>>>>>> "name": "My Device 1", >>>>>>>> "image": "http://192.168.1.40:9763/device.png";, >>>>>>>> "type": "tab" >>>>>>>> }, >>>>>>>> { >>>>>>>> "id": "678", >>>>>>>> "platform": "ios", >>>>>>>> "model": "iPhone", >>>>>>>> "platform_version": "8", >>>>>>>> "name": "My iPhone", >>>>>>>> "image": "http://192.168.1.40:9763/device2.png";, >>>>>>>> "type": "phone" >>>>>>>> } >>>>>>>> ] >>>>>>>> >>>>>>>> >>>>>>>> >>>>>>>> >>>>>>>> -- >>>>>>>> Regards, >>>>>>>> >>>>>>>> Chatura Dilan Perera >>>>>>>> *(Senior Software Engineer** - WSO2 Inc.**)* >>>>>>>> www.dilan.me >>>>>>>> >>>>>>> >>>>>>> >>>>>>> >>>>>>> -- >>>>>>> Inosh Perera >>>>>>> Software Engineer, WSO2 Inc. >>>>>>> Tel: 0785293686 >>>>>>> >>>>>> >>>>>> >>>>>> >>>>>> -- >>>>>> Regards, >>>>>> >>>>>> Chatura Dilan Perera >>>>>> *(Senior Software Engineer** - WSO2 Inc.**)* >>>>>> www.dilan.me >>>>>> >>>>> >>>>> >>>>> >>>>> -- >>>>> Inosh Perera >>>>> Software Engineer, WSO2 Inc. >>>>> Tel: 0785293686 >>>>> >>>> >>>> >>>> >>>> -- >>>> Regards, >>>> >>>> Chatura Dilan Perera >>>> *(Senior Software Engineer** - WSO2 Inc.**)* >>>> www.dilan.me >>>> >>> >>> >>> >>> -- >>> *Shanmugarajah (Shan)* >>> Director, Mobile Architecture, >>> WSO2, Inc.; http://wso2.com >>> Email: [email protected] >>> Mobile : +94777748260 >>> Blog: http://shanfour.blogspot.com >>> >> >> >> >> -- >> Regards, >> >> Chatura Dilan Perera >> *(Senior Software Engineer** - WSO2 Inc.**)* >> www.dilan.me >> > > > > -- > *Shanmugarajah (Shan)* > Director, Mobile Architecture, > WSO2, Inc.; http://wso2.com > Email: [email protected] > Mobile : +94777748260 > Blog: http://shanfour.blogspot.com > -- Regards, Chatura Dilan Perera *(Senior Software Engineer** - WSO2 Inc.**)* www.dilan.me
_______________________________________________ Architecture mailing list [email protected] https://mail.wso2.org/cgi-bin/mailman/listinfo/architecture
![http://192.168.1.40:9763/device.png"](http://192.168.1.40:9763/device.png"){kind=link}
![http://192.168.1.40:9763/device2.png"](http://192.168.1.40:9763/device2.png"){kind=link}