Documentation
¶
Overview ¶
Package mdm contains structures and helpers related to the Apple MDM protocol.
Index ¶
- Constants
- Variables
- func DecodeCheckin(rawMessage []byte) (message interface{}, err error)
- type Authenticate
- type BootstrapToken
- type CheckOut
- type Command
- type CommandResults
- type DeclarativeManagement
- type EnrollID
- type EnrollType
- type Enrollment
- type ErrorChain
- type GetBootstrapToken
- type MessageType
- type ParseError
- type Push
- type Request
- type ResolvedEnrollment
- type SetBootstrapToken
- type TokenUpdate
- type UserAuthenticate
Constants ¶
const ( Device = 1 + iota User UserEnrollmentDevice UserEnrollment )
Shared iPad users have a static UserID that they connect to MDM with. In this case the MDM spec says to fallback to the UserShortName which should contain the managed AppleID.
Variables ¶
var ( ErrInvalidCommandResult = errors.New("invalid command result") ErrInvalidCommand = errors.New("invalid command") )
var ErrUnrecognizedMessageType = errors.New("unrecognized MessageType")
Functions ¶
func DecodeCheckin ¶
DecodeCheckin unmarshals rawMessage into a specific check-in struct in message.
Types ¶
type Authenticate ¶
type Authenticate struct {
Enrollment
MessageType
Topic string
Raw []byte `plist:"-"` // Original Authenticate XML plist
// Fields that may be present but are not strictly required for the
// operation of the MDM protocol. Nice-to-haves.
SerialNumber string
}
Authenticate is a representation of an "Authenticate" check-in message type. See https://developer.apple.com/documentation/devicemanagement/authenticaterequest
type BootstrapToken ¶
type BootstrapToken struct {
BootstrapToken b64Data
}
func (*BootstrapToken) SetTokenString ¶
func (t *BootstrapToken) SetTokenString(token string) error
SetTokenString decodes the base64-encoded bootstrap token into t
type CheckOut ¶
type CheckOut struct {
Enrollment
MessageType
Raw []byte `plist:"-"` // Original CheckOut XML plist
}
CheckOut is a representation of a "CheckOut" check-in message type. See https://developer.apple.com/documentation/devicemanagement/checkoutrequest
type Command ¶
type Command struct {
CommandUUID string
Command struct {
RequestType string
}
Raw []byte `plist:"-"` // Original command XML plist
}
Command represents a generic MDM command without command-specific fields.
func DecodeCommand ¶
DecodeCommand unmarshals rawCommand into command
type CommandResults ¶
type CommandResults struct {
Enrollment
CommandUUID string
Status string
ErrorChain []ErrorChain
RequestType string
Raw []byte `plist:"-"` // Original command result XML plist
}
CommandResults represents a 'command and report results' request. See https://developer.apple.com/documentation/devicemanagement/implementing_device_management/sending_mdm_commands_to_a_device
func DecodeCommandResults ¶
func DecodeCommandResults(rawResults []byte) (results *CommandResults, err error)
DecodeCheckin unmarshals rawMessage into results
type DeclarativeManagement ¶ added in v0.3.0
type DeclarativeManagement struct {
Enrollment
MessageType
Data []byte
Endpoint string
Raw []byte `plist:"-"` // Original XML plist
}
DeclarativeManagement is a representation of a "DeclarativeManagement" check-in message type. See https://developer.apple.com/documentation/devicemanagement/declarativemanagementrequest
type EnrollID ¶
type EnrollID struct {
Type EnrollType
ID string
ParentID string
}
EnrollID contains the custom enrollment IDs derived from enrollment data. It's populated by services. Usually this is the main/core service so that middleware or storage layers that use the Request are able to use the custom IDs.
Be aware that the identifiers here are what are used for MDM client identification all around: database primary keys, logging, certificate associations, etc. Their format can be changed but it must be consistent across the lifetime of any enrolled device.
type EnrollType ¶
type EnrollType uint
EnrollType identifies the type of enrollment.
func (EnrollType) String ¶
func (et EnrollType) String() string
func (EnrollType) Valid ¶
func (et EnrollType) Valid() bool
Valid tests the validity of the enrollment type
type Enrollment ¶
type Enrollment struct {
UDID string `plist:",omitempty"`
UserID string `plist:",omitempty"`
UserShortName string `plist:",omitempty"`
UserLongName string `plist:",omitempty"`
EnrollmentID string `plist:",omitempty"`
EnrollmentUserID string `plist:",omitempty"`
}
Enrollment represents the various enrollment-related data sent with requests.
func (*Enrollment) Resolved ¶
func (e *Enrollment) Resolved() (r *ResolvedEnrollment)
Resolved assembles a ResolvedEnrollment from an Enrollment
type ErrorChain ¶
type ErrorChain struct {
ErrorCode int
ErrorDomain string
LocalizedDescription string
USEnglishDescription string
}
ErrorChain represents errors that occured on the client executing an MDM command.
type GetBootstrapToken ¶
type GetBootstrapToken struct {
Enrollment
MessageType
Raw []byte `plist:"-"` // Original XML plist
}
GetBootstrapToken is a representation of a "GetBootstrapToken" check-in message type. See https://developer.apple.com/documentation/devicemanagement/getbootstraptokenrequest
type MessageType ¶
type MessageType struct {
MessageType string
}
MessageType represents the MessageType of a check-in message
type ParseError ¶ added in v0.4.0
ParseError represents a failure to parse an MDM structure (usually Apple Plist)
func (*ParseError) Error ¶ added in v0.4.0
func (e *ParseError) Error() string
Error formats the ParseError as a string
func (*ParseError) Unwrap ¶ added in v0.4.0
func (e *ParseError) Unwrap() error
Unwrap returns the underlying error of the ParseError
type Push ¶
Push contains data needed to send an APNs push to MDM enrollments.
func (*Push) SetTokenString ¶
SetTokenString decodes the hex-encoded token into p
type Request ¶
type Request struct {
*EnrollID
Certificate *x509.Certificate
Context context.Context
Params map[string]string
}
Request represents an MDM client request.
type ResolvedEnrollment ¶
type ResolvedEnrollment struct {
Type EnrollType
DeviceChannelID string
UserChannelID string
IsUserChannel bool
}
ResolvedEnrollment is a sort of collapsed form of Enrollment.
func (*ResolvedEnrollment) Validate ¶
func (resolved *ResolvedEnrollment) Validate() error
type SetBootstrapToken ¶
type SetBootstrapToken struct {
Enrollment
MessageType
BootstrapToken
Raw []byte `plist:"-"` // Original XML plist
}
SetBootstrapToken is a representation of a "SetBootstrapToken" check-in message type. See https://developer.apple.com/documentation/devicemanagement/setbootstraptokenrequest
type TokenUpdate ¶
type TokenUpdate struct {
Enrollment
MessageType
Push
UnlockToken []byte `plist:",omitempty"`
Raw []byte `plist:"-"` // Original TokenUpdate XML plist
}
TokenUpdate is a representation of a "TokenUpdate" check-in message type. See https://developer.apple.com/documentation/devicemanagement/token_update
type UserAuthenticate ¶
type UserAuthenticate struct {
Enrollment
MessageType
DigestResponse string `plist:",omitempty"`
Raw []byte `plist:"-"` // Original XML plist
}
UserAuthenticate is a representation of a "UserAuthenticate" check-in message type. https://developer.apple.com/documentation/devicemanagement/userauthenticaterequest
Source Files