Adding DEP auto enroll and configure ability

In order to remotely push and configure iOS agent, Apple's managed app configurations needs to be implemented. This provides the ability to listen to remote configurations and auto enroll the agent. https://developer.apple.com/library/content/samplecode/sc2279/Introduction/Intro.html

Fixed - wso2/product-iots#1738

iOSMDMAgent.xcodeproj/project.pbxproj

@@ -25,6 +25,7 @@
 		14BD723C1A83479900D43DE5 /* LaunchScreen.xib in Resources */ = {isa = PBXBuildFile; fileRef = 14BD723A1A83479900D43DE5 /* LaunchScreen.xib */; };
 		14BD72481A83479900D43DE5 /* iOSMDMAgentTests.m in Sources */ = {isa = PBXBuildFile; fileRef = 14BD72471A83479900D43DE5 /* iOSMDMAgentTests.m */; };
 		14BD72541A834E2200D43DE5 /* LoginViewController.m in Sources */ = {isa = PBXBuildFile; fileRef = 14BD72531A834E2200D43DE5 /* LoginViewController.m */; };
+		E80C7E3C2040137100215441 /* ManagedAppConfig.plist in Resources */ = {isa = PBXBuildFile; fileRef = E80C7E3B2040137100215441 /* ManagedAppConfig.plist */; };
 /* End PBXBuildFile section */
 
 /* Begin PBXContainerItemProxy section */
@@ -69,6 +70,7 @@
 		14BD72521A834E2200D43DE5 /* LoginViewController.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; path = LoginViewController.h; sourceTree = "<group>"; };
 		14BD72531A834E2200D43DE5 /* LoginViewController.m */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.objc; path = LoginViewController.m; sourceTree = "<group>"; };
 		40735CED1D9BC4CA00AAB802 /* iOSMDMAgent.entitlements */ = {isa = PBXFileReference; lastKnownFileType = text.plist.entitlements; path = iOSMDMAgent.entitlements; sourceTree = "<group>"; };
+		E80C7E3B2040137100215441 /* ManagedAppConfig.plist */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = text.plist.xml; name = ManagedAppConfig.plist; path = ManagedAppConfig.plist; sourceTree = "<group>"; };
 /* End PBXFileReference section */
 
 /* Begin PBXFrameworksBuildPhase section */
@@ -142,6 +144,7 @@
 		14BD722A1A83479800D43DE5 /* iOSMDMAgent */ = {
 			isa = PBXGroup;
 			children = (
+				E80C7E3B2040137100215441 /* ManagedAppConfig.plist */,
 				40735CED1D9BC4CA00AAB802 /* iOSMDMAgent.entitlements */,
 				142143931A96009B006C34B6 /* SDK */,
 				14BD722F1A83479900D43DE5 /* AppDelegate.h */,
@@ -298,6 +301,7 @@
 			files = (
 				14BD72371A83479900D43DE5 /* Main.storyboard in Resources */,
 				14AE5F5E1AC03509005144D3 /* Endpoints.plist in Resources */,
+				E80C7E3C2040137100215441 /* ManagedAppConfig.plist in Resources */,
 				144CAA821AC2B96D006AB191 /* sound.caf in Resources */,
 				14BD723C1A83479900D43DE5 /* LaunchScreen.xib in Resources */,
 				14BD72391A83479900D43DE5 /* Images.xcassets in Resources */,

iOSMDMAgent/AppDelegate.m

@@ -46,6 +46,46 @@ - (BOOL)application:(UIApplication *)application didFinishLaunchingWithOptions:(
         [URLUtils saveServerURL:serverURL];
         [URLUtils saveEnrollmentURL:enrollURL];
     }
+
+    // Remote configs for the App are pushed by the EMM server and are written to a config space
+    // with the key com.apple.configuration.managed.
+    static NSString const *managedConfigurations = @"com.apple.configuration.managed";
+    NSDictionary *serverConfig = [[NSUserDefaults standardUserDefaults] dictionaryForKey:managedConfigurations];
+    Boolean depEnabled = [[serverConfig objectForKey:@"depEnabled"] boolValue];
+    if (depEnabled && ![[MDMUtils getEnrollStatus] isEqualToString:ENROLLED]) {
+        NSLog(@"DEP enabled device.");
+        NSString *accessToken = serverConfig[@"accessToken"];
+        NSString *refreshToken = serverConfig[@"refreshToken"];
+        NSString *clientId = serverConfig[@"clientId"];
+        NSString *clientSecret = serverConfig[@"clientSecret"];
+        NSString *remoteEnrollmentURL = serverConfig[@"enrollmentURL"];
+        NSString *remoteServerURL = serverConfig[@"serverURL"];
+        NSString *UDID = serverConfig[@"UDID"];
+        NSString *joinCredentials = [NSString stringWithFormat:@"%@:%@", clientId, clientSecret];
+        NSData *credentialsData = [joinCredentials dataUsingEncoding:NSUTF8StringEncoding];
+        NSString *base64EncodedClientCredentials = [credentialsData base64EncodedStringWithOptions:0];
+        [MDMUtils savePreferance:CLIENT_CREDENTIALS value:base64EncodedClientCredentials];
+        [MDMUtils savePreferance:ACCESS_TOKEN value:accessToken];
+        [MDMUtils savePreferance:REFRESH_TOKEN value:refreshToken];
+        NSString *enrollURL = [URLUtils getEnrollmentURLFromPlist];
+        [MDMUtils saveDeviceUDID:UDID];
+        NSString *serverURL = [URLUtils getServerURLFromPlist];
+        if(enrollURL && ![@"" isEqualToString:enrollURL] && serverURL && ![@"" isEqualToString:serverURL]) {
+            NSLog(@"Agent contains embedded values.");
+            [URLUtils saveServerURL:serverURL];
+            [URLUtils saveEnrollmentURL:enrollURL];
+        }else {
+            NSLog(@"Agent is using remote configs.");
+            NSString *remoteServerURLHTTPS = [NSString stringWithFormat:@"https://%@", remoteServerURL];
+            NSString *remoteEnrollmentURLHTTPS = [NSString stringWithFormat:@"https://%@", remoteEnrollmentURL];
+            [URLUtils saveServerURL:remoteServerURLHTTPS];
+            [URLUtils saveEnrollmentURL:remoteEnrollmentURLHTTPS];
+        }
+        NSLog(@"DEP config initiated.");
+        [self registerForPushToken];
+        [MDMUtils setEnrollStatus:ENROLLED];
+        [self showLoginViewController];
+    }
 
     return YES;
 }

iOSMDMAgent/ConnectionUtils.m

@@ -23,7 +23,7 @@ - (void)sendPushTokenToServer:(NSString *)udid pushToken:(NSString *)token {
 
     NSURL *url = [NSURL URLWithString:endpoint];
     NSMutableURLRequest *request = [NSMutableURLRequest requestWithURL:url cachePolicy:NSURLRequestUseProtocolCachePolicy timeoutInterval:HTTP_REQUEST_TIME];
-
+    NSLog(@"sendPushTokenToServer:url: %@", url);
     NSMutableDictionary *paramDictionary = [[NSMutableDictionary alloc] init];
     [paramDictionary setValue:token forKey:TOKEN];
 
@@ -55,6 +55,7 @@ - (void)sendPushTokenToServer:(NSString *)udid pushToken:(NSString *)token {
 - (void)enforceEffectivePolicy:(NSString *)deviceId {
 
     NSString *endpoint = [NSString stringWithFormat:[URLUtils getEffectivePolicyURL], deviceId];
+    NSLog(@"enforceEffectivePolicy:endpoint: %@", endpoint);
 
     NSURL *url = [NSURL URLWithString:endpoint];
     NSMutableURLRequest *request = [NSMutableURLRequest requestWithURL:url cachePolicy:NSURLRequestUseProtocolCachePolicy timeoutInterval:HTTP_REQUEST_TIME];

iOSMDMAgent/ManagedAppConfig.plist

@@ -0,0 +1,22 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
+<plist version="1.0">
+<dict>
+	<key>enrollmentURL</key>
+	<string></string>
+	<key>serverURL</key>
+	<string></string>
+	<key>UDID</key>
+	<string></string>
+	<key>clientSecret</key>
+	<string></string>
+	<key>clientId</key>
+	<string></string>
+	<key>accessToken</key>
+	<string></string>
+	<key>refreshToken</key>
+	<string></string>
+	<key>depEnabled</key>
+	<false/>
+</dict>
+</plist>