Hi Shan,
They are direct links but secure connections can be used. Some cases like
iOS AFAIK it is not possible to send tokens or security headers along with
the installation request because it is managed by iOS itself. IMO providing
a direct link will not be a major security issue, since part of the link is
encrypted.
So only way to make them more secure will be, generating them as one time
download links. We need to do a proper research on this with real devices,
so this feature will be support from the next version of app manager if it
is possible.
On Mon, Apr 27, 2015 at 4:43 PM, Shanmugarajah Sinnathamby <s...@wso2.com>
wrote:
> Hi Dilan,
>
> The device will invoke the url to download the apk file , how do we
> achieve the security .
> Is there any kind of token ? or its its a direct link .
>
> Can we have something like parameters without exposing the direct link of
> the file.
>
>
>
>
>
> On Mon, Apr 27, 2015 at 4:22 PM, Chathura Dilan <chathu...@wso2.com>
> wrote:
>
>> Here are the APIs from app manager to subscribe, unsubscribe application
>> to a given user or a role
>>
>> 1. api/v1/apps/mobile/subscribe/tenant/{tenantDomain}/user/{username}
>> 1. api/v1/apps/mobile/unsubscribe/tenant/{tenantDomain}/user/{username}
>> 1. api/v1/apps/mobile/subscribe/tenant/{tenantDomain}/role/{roleId}
>> 1. api/v1/apps/mobile/unsubscribe/tenant/{tenantDomain}/role/{roleId}
>>
>> You need to send the appId as a form parameter to above APIs additionally
>> and all APIs protected by Basic Auth as we have decided earlier.
>>
>> APIs will return application details if it is successful as follows
>>
>> {
>> platform: "android"
>> iconImage: "
>> http://192.168.1.12:9763/publisher/api/mobileapp/getfile/uwvOc0yZD4lRuFc.png
>> <http://localhost:9763/publisher/api/mobileapp/getfile/uwvOc0yZD4lRuFc.png>
>> "
>> version: "1.5"
>> packageName: "com.antivirusforandroid"
>> identifier: "com.antivirusforandroid"
>> name: "Anti Virus"
>> location: "http://
>> <http://localhost:9763/publisher/api/mobileapp/getfile/h88Zf6ZyaaGi801.apk>
>> 192.168.1.12
>> <http://localhost:9763/publisher/api/mobileapp/getfile/uwvOc0yZD4lRuFc.png>
>> :9763/publisher/api/mobileapp/getfile/h88Zf6ZyaaGi801.apk"
>> id: "9a3f2a2c-1ebd-46b0-85e6-4c7da3b28ac9"
>> type: "enterprise"
>> }
>>
>>
>> Note: location details will be only sent with a subscription request.
>>
>>
>>
>> On Thu, Apr 23, 2015 at 6:17 PM, Inosh Perera <ino...@wso2.com> wrote:
>>
>>> Hi Dilan,
>>>
>>> As per the offline discussion we had, I need the input and response
>>> details for the endpoint exposed from App for,
>>> 1. App install/ uninstall request.
>>>
>>> Also since App manager does not include the second
>>> point described earlier, it is not necessary
>>> 2. When the device responds back with the status of the app
>>> install/uninstall status to MDM, the end point exposed from App manager to
>>> update the status of the operation.
>>>
>>> Regards,
>>> Inosh
>>>
>>> On Mon, Mar 16, 2015 at 12:10 PM, Chathura Dilan <chathu...@wso2.com>
>>> wrote:
>>>
>>>> Hi Inosh,
>>>>
>>>> We need to have an internal discussion regarding finalize the app
>>>> uninstall/uninstall and update, because this should be finalized in MDM on
>>>> how to accept request. I have created a component[1] in AppM to call MDM
>>>> endpoints assuming there is one endpoint from MDM. We can customize it
>>>> according to the MDM requirements.
>>>>
>>>> [1] -
>>>> https://github.com/wso2/carbon-appmgt/blob/feature/mdmintegration/components/appmgt/org.wso2.carbon.appmgt.mobile/src/main/java/org/wso2/carbon/appmgt/mobile/wso2mdm/WSO2MDMOperations.java
>>>>
>>>> On Mon, Mar 16, 2015 at 8:49 AM, Inosh Perera <ino...@wso2.com> wrote:
>>>>
>>>>> Hi Dilan,
>>>>> Could you please tell the necessary inputs and the response from App
>>>>> manager, for
>>>>> 1. App install/ uninstall/ reinstall request.
>>>>> 2. When the device responds back with the status of the app
>>>>> install/uninstall/reinstall status to MDM, the end point exposed from App
>>>>> manager to update the status of the operation.
>>>>>
>>>>> Regards,
>>>>> Inosh
>>>>>
>>>>> On Fri, Mar 13, 2015 at 4:44 PM, Chathura Dilan <chathu...@wso2.com>
>>>>> wrote:
>>>>>
>>>>>> Hi,
>>>>>>
>>>>>> To access devices from MDM, AppM needs an API from MDM to get list of
>>>>>> enabled devices for given username, platform and platform version
>>>>>>
>>>>>> Sample response from MDM as follows
>>>>>>
>>>>>> [
>>>>>> {
>>>>>> "id": "12345",
>>>>>> "platform": "android",
>>>>>> "model": "Nexus",
>>>>>> "platform_version": "4",
>>>>>> "name": "My Device 1",
>>>>>> "image": "http://192.168.1.40:9763/device.png";,
>>>>>> "type": "tab"
>>>>>> },
>>>>>> {
>>>>>> "id": "678",
>>>>>> "platform": "ios",
>>>>>> "model": "iPhone",
>>>>>> "platform_version": "8",
>>>>>> "name": "My iPhone",
>>>>>> "image": "http://192.168.1.40:9763/device2.png";,
>>>>>> "type": "phone"
>>>>>> }
>>>>>> ]
>>>>>>
>>>>>>
>>>>>>
>>>>>>
>>>>>> --
>>>>>> Regards,
>>>>>>
>>>>>> Chatura Dilan Perera
>>>>>> *(Senior Software Engineer** - WSO2 Inc.**)*
>>>>>> www.dilan.me
>>>>>>
>>>>>
>>>>>
>>>>>
>>>>> --
>>>>> Inosh Perera
>>>>> Software Engineer, WSO2 Inc.
>>>>> Tel: 0785293686
>>>>>
>>>>
>>>>
>>>>
>>>> --
>>>> Regards,
>>>>
>>>> Chatura Dilan Perera
>>>> *(Senior Software Engineer** - WSO2 Inc.**)*
>>>> www.dilan.me
>>>>
>>>
>>>
>>>
>>> --
>>> Inosh Perera
>>> Software Engineer, WSO2 Inc.
>>> Tel: 0785293686
>>>
>>
>>
>>
>> --
>> Regards,
>>
>> Chatura Dilan Perera
>> *(Senior Software Engineer** - WSO2 Inc.**)*
>> www.dilan.me
>>
>
>
>
> --
> *Shanmugarajah (Shan)*
> Director, Mobile Architecture,
> WSO2, Inc.; http://wso2.com
> Email: s...@wso2.com
> Mobile : +94777748260
> Blog: http://shanfour.blogspot.com
>
--
Regards,
Chatura Dilan Perera
*(Senior Software Engineer** - WSO2 Inc.**)*
www.dilan.me
_______________________________________________
Architecture mailing list
Architecture@wso2.org
https://mail.wso2.org/cgi-bin/mailman/listinfo/architecture
![http://192.168.1.40:9763/device.png"](http://192.168.1.40:9763/device.png"){kind=link}
![http://192.168.1.40:9763/device2.png"](http://192.168.1.40:9763/device2.png"){kind=link}