As part of our Mobile Device Management feature, we offer private appstore to our customers. Administrators can upload an ipa file to our server, and we will allow the managed devices to install those enterprise apps directly.
When the administrators upload the ipa, we want to do some validation, and reject immediately if the ipa does not meet the requirements. Specifically:
I have the following questions:
embedded.mobileprovision
in the ipa, but appstore builds don't have the file. Is it sufficient to check for the existence of that file to determine whether the uploaded ipa is an enterprise ipa, or is there a more accurate way to identify a non-enterprise ipa?ExpirationDate
in embedded.mobileprovision
, I could just check the value of that to determine the expiration date?Thanks in advance.
The code below accomplishes the task desired.
Boolean foundMobileProvision = false;
Pattern mobileProvisionPattern = Pattern.compile("embedded\\.mobileprovision$");
while ((entry = zipStream.getNextEntry()) != null) {
Matcher mobileProvisionMatcher = mobileProvisionPattern.matcher(entryName);
if (!entry.isDirectory()) {
if (mobileProvisionMatcher.find()) {
foundMobileProvision = true;
CMSSignedDataParser parser = new CMSSignedDataParser(new BcDigestCalculatorProvider(), zipStream);
InputStream plistContentStream = parser.getSignedContent().getContentStream();
Map<String, Object> mobileProvisionAttributes = PlistParser.parsePlistToMap(plistContentStream);
plistContentStream.close();
validateEnterpriseProvision(mobileProvisionAttributes);
}
}
}
zipStream.close();
if (!foundMobileProvision) {
throw new InvalidEnterpriseProvisionException("Uploaded app must have a valid enterprise provisioning profile");
}
private void validateEnterpriseProvision(Map<String, Object> mobileProvisionAttributes) {
Boolean provisionAllDevices = (Boolean) mobileProvisionAttributes.get(IOS_MOBILE_PROVISION_ALL_DEVICES);
if (provisionAllDevices == null || !provisionAllDevices) {
throw new InvalidEnterpriseProvisionException("Uploaded app must have a valid enterprise provisioning profile");
}
Date expirationDate = (Date) mobileProvisionAttributes.get(IOS_MOBILE_PROVISION_EXPIRATION_DATE);
if (new Date().after(expirationDate)) {
throw new EnterpriseProvisionExpiredException("Profile expired");
}
}