作者:俏巴
概述
一型一密安全认证方式下,同一产品下所有设备可以烧录相同固件(即烧录ProductKey和ProductSecret)。设备发送激活请求时,物联网平台进行身份确认,认证通过,下发该设备对应的DeviceSecret。本文主要演示如何使用JAVA SDK动态获取DeviceSecret。
操作步骤
1、在阿里云物联网平台控制台,创建产品。
2、在已创建产品的产品详情页面,开启动态注册开关。
3、在该产品下,添加设备。添加成功的设备状态为未激活。因设备激活时会校验DeviceName,建议您采用可以直接从设备中读取到的ID,如设备的MAC地址、IMEI或SN号等,作为DeviceName使用。
4、程序调用
4.1 pom.xml
<span class="xml"><span class="hljs-tag"><<span class="hljs-name">repository</span>></span>
<span class="hljs-tag"><<span class="hljs-name">id</span>></span>alimaven<span class="hljs-tag"></<span class="hljs-name">id</span>></span>
<span class="hljs-tag"><<span class="hljs-name">name</span>></span>aliyun maven<span class="hljs-tag"></<span class="hljs-name">name</span>></span>
<span class="hljs-tag"><<span class="hljs-name">url</span>></span>http://maven.aliyun.com/nexus/content/groups/public/<span class="hljs-tag"></<span class="hljs-name">url</span>></span>
<span class="hljs-tag"></<span class="hljs-name">repository</span>></span></span>
<<span class="hljs-regexp">/repositories>
<dependencies>
<dependency>
<groupId>com.aliyun.alink.linksdk</g</span>roupId>
<span class="xml"><span class="hljs-tag"><<span class="hljs-name">artifactId</span>></span>iot-linkkit-java<span class="hljs-tag"></<span class="hljs-name">artifactId</span>></span></span>
<version><span class="hljs-number">1.2</span><span class="hljs-number">.0</span><span class="hljs-number">.1</span><<span class="hljs-regexp">/version>
<scope>compile</</span>scope>
<span class="xml"><span class="hljs-tag"></<span class="hljs-name">dependency</span>></span></span>
<dependency>
<span class="xml"><span class="hljs-tag"><<span class="hljs-name">groupId</span>></span>com.google.code.gson<span class="hljs-tag"></<span class="hljs-name">groupId</span>></span></span>
<artifactId>gson<<span class="hljs-regexp">/artifactId>
<version>2.8.1</</span>version>
<span class="xml"><span class="hljs-tag"><<span class="hljs-name">scope</span>></span>compile<span class="hljs-tag"></<span class="hljs-name">scope</span>></span></span>
<<span class="hljs-regexp">/dependency>
<dependency>
<groupId>com.alibaba</g</span>roupId>
<span class="xml"><span class="hljs-tag"><<span class="hljs-name">artifactId</span>></span>fastjson<span class="hljs-tag"></<span class="hljs-name">artifactId</span>></span></span>
<version><span class="hljs-number">1.2</span><span class="hljs-number">.40</span><<span class="hljs-regexp">/version>
<scope>compile</</span>scope>
<span class="xml"><span class="hljs-tag"></<span class="hljs-name">dependency</span>></span></span>
<<span class="hljs-regexp">/dependencies>
<build>
<finalName>iot-java-sdk</</span>finalName>
<span class="xml"><span class="hljs-tag"><<span class="hljs-name">plugins</span>></span>
<span class="hljs-tag"><<span class="hljs-name">plugin</span>></span>
<span class="hljs-tag"><<span class="hljs-name">groupId</span>></span>org.apache.maven.plugins<span class="hljs-tag"></<span class="hljs-name">groupId</span>></span>
<span class="hljs-tag"><<span class="hljs-name">artifactId</span>></span>maven-compiler-plugin<span class="hljs-tag"></<span class="hljs-name">artifactId</span>></span>
<span class="hljs-tag"><<span class="hljs-name">configuration</span>></span>
<span class="hljs-tag"><<span class="hljs-name">source</span>></span>1.8<span class="hljs-tag"></<span class="hljs-name">source</span>></span>
<span class="hljs-tag"><<span class="hljs-name">target</span>></span>1.8<span class="hljs-tag"></<span class="hljs-name">target</span>></span>
<span class="hljs-tag"><<span class="hljs-name">encoding</span>></span>UTF-8<span class="hljs-tag"></<span class="hljs-name">encoding</span>></span>
<span class="hljs-tag"></<span class="hljs-name">configuration</span>></span>
<span class="hljs-tag"></<span class="hljs-name">plugin</span>></span>
<span class="hljs-tag"></<span class="hljs-name">plugins</span>></span></span>
<<span class="hljs-regexp">/build></span></code></pre>
4.2 Code Sample
import com.aliyun.alink.apiclient.CommonRequest;
import com.aliyun.alink.apiclient.CommonResponse;
import com.aliyun.alink.apiclient.IoTCallback;
import com.aliyun.alink.apiclient.utils.StringUtils;
import com.aliyun.alink.dm.api.DeviceInfo;
import com.aliyun.alink.dm.api.IoTApiClientConfig;
import com.aliyun.alink.dm.model.ResponseModel;
import com.aliyun.alink.linkkit.api.IoTMqttClientConfig;
import com.aliyun.alink.linkkit.api.LinkKit;
import com.aliyun.alink.linkkit.api.LinkKitInitParams;
import com.aliyun.alink.linksdk.tools.ALog;
import com.google.gson.Gson;
import com.google.gson.reflect.TypeToken;
import java.util.Map;
// 动态获取设备Secret
public class GetDeviceSecret {
private <span class="hljs-keyword">static</span> final <span class="hljs-built_in">String</span> TAG = <span class="hljs-string">"GetDeviceSecret"</span>;
public <span class="hljs-keyword">static</span> <span class="hljs-keyword">void</span> main(<span class="hljs-built_in">String</span>[] args) {
DeviceInfo deviceInfo = <span class="hljs-keyword">new</span> DeviceInfo();
deviceInfo.productKey = <span class="hljs-string">"********"</span>;
deviceInfo.deviceName = <span class="hljs-string">"********"</span>;
deviceInfo.productSecret = <span class="hljs-string">"********"</span>;
LinkKitInitParams params = <span class="hljs-keyword">new</span> LinkKitInitParams();
IoTMqttClientConfig config = <span class="hljs-keyword">new</span> IoTMqttClientConfig();
config.productKey = deviceInfo.productKey;
config.deviceName = deviceInfo.deviceName;
params.mqttClientConfig = config;
params.connectConfig = <span class="hljs-keyword">new</span> IoTApiClientConfig();
params.deviceInfo = deviceInfo;
final CommonRequest request = <span class="hljs-keyword">new</span> CommonRequest();
request.setPath(<span class="hljs-string">"/auth/register/device"</span>);
LinkKit.getInstance().deviceRegister(params, request, <span class="hljs-keyword">new</span> IoTCallback() {
public <span class="hljs-keyword">void</span> onFailure(CommonRequest commonRequest, Exception e) {
ALog.e(TAG, <span class="hljs-string">"动态注册失败 "</span> + e);
}
public <span class="hljs-keyword">void</span> onResponse(CommonRequest commonRequest, CommonResponse commonResponse) {
<span class="hljs-keyword">if</span> (commonResponse == <span class="hljs-literal">null</span> || StringUtils.isEmptyString(commonResponse.getData())) {
ALog.e(TAG, <span class="hljs-string">"动态注册失败 response=null"</span>);
<span class="hljs-keyword">return</span>;
}
<span class="hljs-keyword">try</span> {
ResponseModel<<span class="hljs-built_in">Map</span><<span class="hljs-built_in">String</span>, <span class="hljs-built_in">String</span>>> response = <span class="hljs-keyword">new</span> Gson().fromJson(commonResponse.getData(), <span class="hljs-keyword">new</span> TypeToken<ResponseModel<<span class="hljs-built_in">Map</span><<span class="hljs-built_in">String</span>, <span class="hljs-built_in">String</span>>>>() {
}.getType());
<span class="hljs-keyword">if</span> (response != <span class="hljs-literal">null</span> && <span class="hljs-string">"200"</span>.equals(response.code)) {
ALog.d(TAG, <span class="hljs-string">"register success "</span> + (commonResponse == <span class="hljs-literal">null</span> ? <span class="hljs-string">""</span> : commonResponse.getData()));
<span class="hljs-comment">/** 获取 deviceSecret, 存储到本地,然后执行初始化建联
* 这个流程只能走一次,获取到 secret 之后,下次启动需要读取本地存储的三元组,
* 直接执行初始化建联,不可以再走动态初始化
*/</span>
<span class="hljs-built_in">String</span> deviceSecret = response.data.get(<span class="hljs-string">"deviceSecret"</span>);
System.out.println(<span class="hljs-string">"deviceSecret: "</span> + deviceSecret);
}
} <span class="hljs-keyword">catch</span> (Exception e) {
ALog.d(TAG, e.getMessage());
}
ALog.d(TAG, <span class="hljs-string">"register fail "</span> + commonResponse.getData());
}
});
}
}
4.3 运行结果
5、注意事项
5.1 未激活的设备,使用ProductKey、DeviceName,可以反复注册获取DeviceSecret,每次获取的DeviceSecret都不同。已激活的设备,DeviceSecret唯一。若需要重新激活该设备,请首先在物联网平台上删除设备,重新注册,使用新的ProductKey、DeviceName获取DeviceSecret。
5.2 采用一型一密方式认证,设备烧录相同固件,存在产品证书泄露风险。您可以在产品详情页面,手动关闭动态注册开关,拒绝新设备的认证请求。
5.3 若设备发出激活请求时,系统校验发现该开关未开启,将拒绝新设备的动态激活请求。已激活设备不受影响。
参考链接