更新时间:2024-02-28 GMT+08:00
分享

重置设备密钥

功能介绍

应用服务器可调用此接口重置设备密钥,携带指定密钥时平台将设备密钥重置为指定的密钥,不携带密钥时平台将自动生成一个新的随机密钥返回。

调用方法

请参见如何调用API

URI

POST /v5/iot/{project_id}/devices/{device_id}/action

表1 路径参数

参数

是否必选

参数类型

描述

project_id

String

参数说明:项目ID。获取方法请参见 获取项目ID

device_id

String

参数说明:设备ID,用于唯一标识一个设备。在注册设备时直接指定,或者由物联网平台分配获得。 取值范围:长度不超过128,只允许字母、数字、下划线(_)、连接符(-)的组合。

表2 Query参数

参数

是否必选

参数类型

描述

action_id

String

参数说明:对设备执行的操作。 取值范围

  • resetSecret: 重置密钥。注意:NB设备密钥由于协议特殊性,只支持十六进制密钥接入。

请求参数

表3 请求Header参数

参数

是否必选

参数类型

描述

X-Auth-Token

String

参数说明:用户Token。通过调用IAM服务 获取IAM用户Token接口获取,接口返回的响应消息头中“X-Subject-Token”就是需要获取的用户Token。简要的获取方法样例请参见 Token认证

Instance-Id

String

参数说明:实例ID。物理多租下各实例的唯一标识,建议携带该参数,在使用专业版时必须携带该参数。您可以在IoTDA管理控制台界面,选择左侧导航栏“总览”页签查看当前实例的ID,具体获取方式请参考查看实例详情

表4 请求Body参数

参数

是否必选

参数类型

描述

secret

String

参数说明:设备密钥,设置该字段时平台将设备密钥重置为指定值,若不设置则由平台自动生成。 取值范围:长度不低于8不超过32,只允许字母、数字、下划线(_)、连接符(-)的组合。

最小长度:8

最大长度:32

force_disconnect

Boolean

参数说明:是否强制断开设备的连接,当前仅限长连接。默认值false。

缺省值:false

secret_type

String

参数说明:重置设备秘钥的的类型。 取值范围

  • PRIMARY:重置主秘钥。设备秘钥鉴权优先使用的密钥,当设备接入物联网平台时,平台将优先使用主密钥进行校验。

  • SECONDARY:重置辅秘钥。设备的备用密钥,当主密钥校验不通过时,会启用辅密钥校验,辅密钥与主密钥有相同的效力;辅密钥对coap协议接入的设备不生效。

缺省值:PRIMARY

响应参数

状态码: 200

表5 响应Body参数

参数

参数类型

描述

device_id

String

设备ID,用于唯一标识一个设备。在注册设备时直接指定,或者由物联网平台分配获得。由物联网平台分配时,生成规则为"product_id" + "_" + "node_id"拼接而成。

最大长度:256

secret

String

设备密钥。

最小长度:8

最大长度:32

secret_type

String

参数说明:重置设备秘钥的的类型。 取值范围

  • PRIMARY:重置主秘钥。设备秘钥鉴权优先使用的密钥,当设备接入物联网平台时,平台将优先使用主密钥进行校验。

  • SECONDARY:重置辅秘钥。设备的备用密钥,当主密钥校验不通过时,会启用辅密钥校验,辅密钥与主密钥有相同的效力;辅密钥对coap协议接入的设备不生效。

缺省值:PRIMARY

请求示例

重置指定设备的秘钥,新秘钥为3b93****dc3c,不强制设备重新建链。

POST https://{endpoint}/v5/iot/{project_id}/devices/{device_id}/action?action_id=resetSecret

{
  "secret" : "3b93****dc3c",
  "force_disconnect" : false
}

响应示例

状态码: 200

OK

{
  "device_id" : "d4922d8a-6c8e-4396-852c-164aefa6638f",
  "secret" : "3b93****dc3c"
}

SDK代码示例

SDK代码示例如下。

Java

重置指定设备的秘钥,新秘钥为3b93****dc3c,不强制设备重新建链。

 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
package com.huaweicloud.sdk.test;

import com.huaweicloud.sdk.core.auth.ICredential;
import com.huaweicloud.sdk.core.auth.AbstractCredentials;
import com.huaweicloud.sdk.core.auth.BasicCredentials;
import com.huaweicloud.sdk.core.exception.ConnectionException;
import com.huaweicloud.sdk.core.exception.RequestTimeoutException;
import com.huaweicloud.sdk.core.exception.ServiceResponseException;
import com.huaweicloud.sdk.iotda.v5.region.IoTDARegion;
import com.huaweicloud.sdk.iotda.v5.*;
import com.huaweicloud.sdk.iotda.v5.model.*;


public class ResetDeviceSecretSolution {

    public static void main(String[] args) {
        // The AK and SK used for authentication are hard-coded or stored in plaintext, which has great security risks. It is recommended that the AK and SK be stored in ciphertext in configuration files or environment variables and decrypted during use to ensure security.
        // In this example, AK and SK are stored in environment variables for authentication. Before running this example, set environment variables CLOUD_SDK_AK and CLOUD_SDK_SK in the local environment
        String ak = System.getenv("CLOUD_SDK_AK");
        String sk = System.getenv("CLOUD_SDK_SK");

        ICredential auth = new BasicCredentials()
                .withDerivedPredicate(AbstractCredentials.DEFAULT_DERIVED_PREDICATE) // Used in derivative ak/sk authentication scenarios
                .withAk(ak)
                .withSk(sk);

        IoTDAClient client = IoTDAClient.newBuilder()
                .withCredential(auth)
                .withRegion(IoTDARegion.valueOf("<YOUR REGION>"))
                .build();
        ResetDeviceSecretRequest request = new ResetDeviceSecretRequest();
        request.withActionId("<action_id>");
        ResetDeviceSecret body = new ResetDeviceSecret();
        body.withForceDisconnect(false);
        body.withSecret("3b93****dc3c");
        request.withBody(body);
        try {
            ResetDeviceSecretResponse response = client.resetDeviceSecret(request);
            System.out.println(response.toString());
        } catch (ConnectionException e) {
            e.printStackTrace();
        } catch (RequestTimeoutException e) {
            e.printStackTrace();
        } catch (ServiceResponseException e) {
            e.printStackTrace();
            System.out.println(e.getHttpStatusCode());
            System.out.println(e.getRequestId());
            System.out.println(e.getErrorCode());
            System.out.println(e.getErrorMsg());
        }
    }
}

Python

重置指定设备的秘钥,新秘钥为3b93****dc3c,不强制设备重新建链。

 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
# coding: utf-8

from huaweicloudsdkcore.auth.credentials import BasicCredentials
from huaweicloudsdkcore.auth.credentials import DerivedCredentials
from huaweicloudsdkiotda.v5.region.iotda_region import IoTDARegion
from huaweicloudsdkcore.exceptions import exceptions
from huaweicloudsdkiotda.v5 import *

if __name__ == "__main__":
    # The AK and SK used for authentication are hard-coded or stored in plaintext, which has great security risks. It is recommended that the AK and SK be stored in ciphertext in configuration files or environment variables and decrypted during use to ensure security.
    # In this example, AK and SK are stored in environment variables for authentication. Before running this example, set environment variables CLOUD_SDK_AK and CLOUD_SDK_SK in the local environment
    ak = __import__('os').getenv("CLOUD_SDK_AK")
    sk = __import__('os').getenv("CLOUD_SDK_SK")

    credentials = BasicCredentials(ak, sk) \
            .with_derived_predicate(DerivedCredentials.get_default_derived_predicate()) \

    client = IoTDAClient.new_builder() \
        .with_credentials(credentials) \
        .with_region(IoTDARegion.value_of("<YOUR REGION>")) \
        .build()

    try:
        request = ResetDeviceSecretRequest()
        request.action_id = "<action_id>"
        request.body = ResetDeviceSecret(
            force_disconnect=False,
            secret="3b93****dc3c"
        )
        response = client.reset_device_secret(request)
        print(response)
    except exceptions.ClientRequestException as e:
        print(e.status_code)
        print(e.request_id)
        print(e.error_code)
        print(e.error_msg)

Go

重置指定设备的秘钥,新秘钥为3b93****dc3c,不强制设备重新建链。

 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
package main

import (
	"fmt"
	"github.com/huaweicloud/huaweicloud-sdk-go-v3/core/auth/basic"
    iotda "github.com/huaweicloud/huaweicloud-sdk-go-v3/services/iotda/v5"
	"github.com/huaweicloud/huaweicloud-sdk-go-v3/services/iotda/v5/model"
    region "github.com/huaweicloud/huaweicloud-sdk-go-v3/services/iotda/v5/region"
    core_auth "github.com/huaweicloud/huaweicloud-sdk-go-v3/core/auth"
)

func main() {
    // The AK and SK used for authentication are hard-coded or stored in plaintext, which has great security risks. It is recommended that the AK and SK be stored in ciphertext in configuration files or environment variables and decrypted during use to ensure security.
    // In this example, AK and SK are stored in environment variables for authentication. Before running this example, set environment variables CLOUD_SDK_AK and CLOUD_SDK_SK in the local environment
    ak := os.Getenv("CLOUD_SDK_AK")
    sk := os.Getenv("CLOUD_SDK_SK")

    auth := basic.NewCredentialsBuilder().
        WithAk(ak).
        WithSk(sk).
        WithDerivedPredicate(core_auth.GetDefaultDerivedPredicate()). // Used in derivative ak/sk authentication scenarios
        Build()

    client := iotda.NewIoTDAClient(
        iotda.IoTDAClientBuilder().
            WithRegion(region.ValueOf("<YOUR REGION>")).
            WithCredential(auth).
            Build())

    request := &model.ResetDeviceSecretRequest{}
	request.ActionId = "<action_id>"
	forceDisconnectResetDeviceSecret:= false
	secretResetDeviceSecret:= "3b93****dc3c"
	request.Body = &model.ResetDeviceSecret{
		ForceDisconnect: &forceDisconnectResetDeviceSecret,
		Secret: &secretResetDeviceSecret,
	}
	response, err := client.ResetDeviceSecret(request)
	if err == nil {
        fmt.Printf("%+v\n", response)
    } else {
        fmt.Println(err)
    }
}

更多

更多编程语言的SDK代码示例,请参见API Explorer的代码示例页签,可生成自动对应的SDK代码示例。

状态码

状态码

描述

200

OK

403

Forbidden

404

Not Found

500

Internal Server Error

错误码

请参见错误码

分享:

    相关文档

    相关产品