阿里云物联网平台一型一密获取:DeviceSecret 示例

作者:俏巴

概述


一型一密安全认证方式下,同一产品下所有设备可以烧录相同固件(即烧录ProductKey和ProductSecret)。设备发送激活请求时,物联网平台进行身份确认,认证通过,下发该设备对应的DeviceSecret。本文主要演示如何使用JAVA SDK动态获取DeviceSecret。


操作步骤


1、在阿里云物联网平台控制台,创建产品。
阿里云物联网平台一型一密获取:DeviceSecret 示例


2、在已创建产品的产品详情页面,开启动态注册开关。
阿里云物联网平台一型一密获取:DeviceSecret 示例


3、在该产品下,添加设备。添加成功的设备状态为未激活。因设备激活时会校验DeviceName,建议您采用可以直接从设备中读取到的ID,如设备的MAC地址、IMEI或SN号等,作为DeviceName使用。
阿里云物联网平台一型一密获取:DeviceSecret 示例
4、程序调用


4.1 pom.xml


    <span class="xml"><span class="hljs-tag"><<span class="hljs-name">repository</span>></span>
        <span class="hljs-tag"><<span class="hljs-name">id</span>></span>alimaven<span class="hljs-tag"></<span class="hljs-name">id</span>></span>
        <span class="hljs-tag"><<span class="hljs-name">name</span>></span>aliyun maven<span class="hljs-tag"></<span class="hljs-name">name</span>></span>
        <span class="hljs-tag"><<span class="hljs-name">url</span>></span>http://maven.aliyun.com/nexus/content/groups/public/<span class="hljs-tag"></<span class="hljs-name">url</span>></span>
    <span class="hljs-tag"></<span class="hljs-name">repository</span>></span></span>
<<span class="hljs-regexp">/repositories>

<dependencies>
    <dependency>
        <groupId>com.aliyun.alink.linksdk</g</span>roupId>
        <span class="xml"><span class="hljs-tag"><<span class="hljs-name">artifactId</span>></span>iot-linkkit-java<span class="hljs-tag"></<span class="hljs-name">artifactId</span>></span></span>
        <version><span class="hljs-number">1.2</span><span class="hljs-number">.0</span><span class="hljs-number">.1</span><<span class="hljs-regexp">/version>
        <scope>compile</</span>scope>
    <span class="xml"><span class="hljs-tag"></<span class="hljs-name">dependency</span>></span></span>
    <dependency>
        <span class="xml"><span class="hljs-tag"><<span class="hljs-name">groupId</span>></span>com.google.code.gson<span class="hljs-tag"></<span class="hljs-name">groupId</span>></span></span>
        <artifactId>gson<<span class="hljs-regexp">/artifactId>
        <version>2.8.1</</span>version>
        <span class="xml"><span class="hljs-tag"><<span class="hljs-name">scope</span>></span>compile<span class="hljs-tag"></<span class="hljs-name">scope</span>></span></span>
    <<span class="hljs-regexp">/dependency>
    <dependency>
        <groupId>com.alibaba</g</span>roupId>
        <span class="xml"><span class="hljs-tag"><<span class="hljs-name">artifactId</span>></span>fastjson<span class="hljs-tag"></<span class="hljs-name">artifactId</span>></span></span>
        <version><span class="hljs-number">1.2</span><span class="hljs-number">.40</span><<span class="hljs-regexp">/version>
        <scope>compile</</span>scope>
    <span class="xml"><span class="hljs-tag"></<span class="hljs-name">dependency</span>></span></span>
<<span class="hljs-regexp">/dependencies>
<build>
    <finalName>iot-java-sdk</</span>finalName>
    <span class="xml"><span class="hljs-tag"><<span class="hljs-name">plugins</span>></span>
        <span class="hljs-tag"><<span class="hljs-name">plugin</span>></span>
            <span class="hljs-tag"><<span class="hljs-name">groupId</span>></span>org.apache.maven.plugins<span class="hljs-tag"></<span class="hljs-name">groupId</span>></span>
            <span class="hljs-tag"><<span class="hljs-name">artifactId</span>></span>maven-compiler-plugin<span class="hljs-tag"></<span class="hljs-name">artifactId</span>></span>
            <span class="hljs-tag"><<span class="hljs-name">configuration</span>></span>
                <span class="hljs-tag"><<span class="hljs-name">source</span>></span>1.8<span class="hljs-tag"></<span class="hljs-name">source</span>></span>
                <span class="hljs-tag"><<span class="hljs-name">target</span>></span>1.8<span class="hljs-tag"></<span class="hljs-name">target</span>></span>
                <span class="hljs-tag"><<span class="hljs-name">encoding</span>></span>UTF-8<span class="hljs-tag"></<span class="hljs-name">encoding</span>></span>
            <span class="hljs-tag"></<span class="hljs-name">configuration</span>></span>
        <span class="hljs-tag"></<span class="hljs-name">plugin</span>></span>
    <span class="hljs-tag"></<span class="hljs-name">plugins</span>></span></span>
<<span class="hljs-regexp">/build></span></code></pre>

4.2 Code Sample


import com.aliyun.alink.apiclient.CommonRequest;
import com.aliyun.alink.apiclient.CommonResponse;
import com.aliyun.alink.apiclient.IoTCallback;
import com.aliyun.alink.apiclient.utils.StringUtils;
import com.aliyun.alink.dm.api.DeviceInfo;
import com.aliyun.alink.dm.api.IoTApiClientConfig;
import com.aliyun.alink.dm.model.ResponseModel;
import com.aliyun.alink.linkkit.api.IoTMqttClientConfig;
import com.aliyun.alink.linkkit.api.LinkKit;
import com.aliyun.alink.linkkit.api.LinkKitInitParams;
import com.aliyun.alink.linksdk.tools.ALog;
import com.google.gson.Gson;
import com.google.gson.reflect.TypeToken;
import java.util.Map;

// 动态获取设备Secret
public class GetDeviceSecret {

private <span class="hljs-keyword">static</span> final <span class="hljs-built_in">String</span> TAG = <span class="hljs-string">"GetDeviceSecret"</span>;

public <span class="hljs-keyword">static</span> <span class="hljs-keyword">void</span> main(<span class="hljs-built_in">String</span>[] args) {

    DeviceInfo deviceInfo = <span class="hljs-keyword">new</span> DeviceInfo();
    deviceInfo.productKey = <span class="hljs-string">"********"</span>;
    deviceInfo.deviceName = <span class="hljs-string">"********"</span>;
    deviceInfo.productSecret = <span class="hljs-string">"********"</span>;

    LinkKitInitParams params = <span class="hljs-keyword">new</span> LinkKitInitParams();
    IoTMqttClientConfig config = <span class="hljs-keyword">new</span> IoTMqttClientConfig();
    config.productKey = deviceInfo.productKey;
    config.deviceName = deviceInfo.deviceName;
    params.mqttClientConfig = config;
    params.connectConfig = <span class="hljs-keyword">new</span> IoTApiClientConfig();
    params.deviceInfo = deviceInfo;

    final CommonRequest request = <span class="hljs-keyword">new</span> CommonRequest();
    request.setPath(<span class="hljs-string">"/auth/register/device"</span>);
    LinkKit.getInstance().deviceRegister(params, request, <span class="hljs-keyword">new</span> IoTCallback() {
        public <span class="hljs-keyword">void</span> onFailure(CommonRequest commonRequest, Exception e) {
            ALog.e(TAG, <span class="hljs-string">"动态注册失败 "</span> + e);
        }

        public <span class="hljs-keyword">void</span> onResponse(CommonRequest commonRequest, CommonResponse commonResponse) {
            <span class="hljs-keyword">if</span> (commonResponse == <span class="hljs-literal">null</span> || StringUtils.isEmptyString(commonResponse.getData())) {
                ALog.e(TAG, <span class="hljs-string">"动态注册失败 response=null"</span>);
                <span class="hljs-keyword">return</span>;
            }
            <span class="hljs-keyword">try</span> {
                ResponseModel<<span class="hljs-built_in">Map</span><<span class="hljs-built_in">String</span>, <span class="hljs-built_in">String</span>>> response = <span class="hljs-keyword">new</span> Gson().fromJson(commonResponse.getData(), <span class="hljs-keyword">new</span> TypeToken<ResponseModel<<span class="hljs-built_in">Map</span><<span class="hljs-built_in">String</span>, <span class="hljs-built_in">String</span>>>>() {
                }.getType());
                <span class="hljs-keyword">if</span> (response != <span class="hljs-literal">null</span> && <span class="hljs-string">"200"</span>.equals(response.code)) {
                    ALog.d(TAG, <span class="hljs-string">"register success "</span> + (commonResponse == <span class="hljs-literal">null</span> ? <span class="hljs-string">""</span> : commonResponse.getData()));
                    <span class="hljs-comment">/**  获取 deviceSecret, 存储到本地,然后执行初始化建联
                     * 这个流程只能走一次,获取到 secret 之后,下次启动需要读取本地存储的三元组,
                     * 直接执行初始化建联,不可以再走动态初始化
                     */</span>
                    <span class="hljs-built_in">String</span> deviceSecret = response.data.get(<span class="hljs-string">"deviceSecret"</span>);
                    System.out.println(<span class="hljs-string">"deviceSecret: "</span> + deviceSecret);
                }
            } <span class="hljs-keyword">catch</span> (Exception e) {
                ALog.d(TAG, e.getMessage());
            }
            ALog.d(TAG, <span class="hljs-string">"register fail "</span> + commonResponse.getData());
        }
    });
}

}


4.3 运行结果


阿里云物联网平台一型一密获取:DeviceSecret 示例


5、注意事项



5.1 未激活的设备,使用ProductKey、DeviceName,可以反复注册获取DeviceSecret,每次获取的DeviceSecret都不同。已激活的设备,DeviceSecret唯一。若需要重新激活该设备,请首先在物联网平台上删除设备,重新注册,使用新的ProductKey、DeviceName获取DeviceSecret。


5.2 采用一型一密方式认证,设备烧录相同固件,存在产品证书泄露风险。您可以在产品详情页面,手动关闭动态注册开关,拒绝新设备的认证请求。


5.3 若设备发出激活请求时,系统校验发现该开关未开启,将拒绝新设备的动态激活请求。已激活设备不受影响。



参考链接


一型一密


云端Java SDK使用说明

上一篇:ElasticSearch笔记


下一篇:MySQL慢查询日志(二)