由于阿里云物联网套件关于设备认证的文档不够详细,笔者差不多摸索了几天才连接上MQTT。下面是使用Python模拟设备接入阿里云的MQTT。
阿里云物联网套件提供两种接入方式:
MQTT客户端域名直连(资源受限设备推荐)先HTTPS发送授权后再连接MQTT(一些特殊增值服务,比如设备级别的引流)本文主要介绍第一种接入方式,TCP直连,并提供Python代码示例。
1、mqttClientId
mqttClientId = "<ClientId>"+"|securemode=3,signmethod=hmacsha1,timestamp=132323232|"2、mqttUsername
使用&拼接<DeviceName>和<ProductKey>。
mqttUsername = "<DeviceName>&<ProductKey>"3、mqttPassword
把以下参数按字典键名排序,再把键名都拼接起来(没有分隔符)生成content,然后以DeviceSecret为盐,对content进行hma_sha1加密,最后二进制转为十六进制字符串表示。
clientIddeviceNameproductKeytimestamp mqttPassword = hmac_sha1(DeviceSecret, content).toHexString();假设
clientId = 12345deviceName = deviceproductKey = pktimestamp = 789signmethod = hmacsha1content拼接结果:clientId12345deviceNamedeviceproductKeypktimestamp789
注意:不用拼接signmethod参数。
对content以DeviceSecret为盐进行hmacsha1加签后,再转为十六进制字符串,最后结果:FAFD82A3D602B37FB0FA8B7892F24A477F851A14
注意:不需要base64。
最后总结一下生成的参数:
mqttHost = pk.iot-as-mqtt.cn-shanghai.aliyuncs.com mqttPort = 1883mqttClientId = 12345|securemode=3,signmethod=hmacsha1,timestamp=789| mqttUsername = device&pk mqttPassword = FAFD82A3D602B37FB0FA8B7892F24A477F851A14填写自己的ProductKey、ClientId、DeviceName、DeviceSecret。
# coding=utf-8 # !/usr/bin/python3 import datetime import time import hmac import hashlib import math TEST = 0 ProductKey = "" ClientId = "12345" # 自定义clientId DeviceName = "" DeviceSecret = "" # signmethod signmethod = "hmacsha1" # signmethod = "hmacmd5" # 当前时间毫秒值 us = math.modf(time.time())[0] ms = int(round(us * 1000)) timestamp = str(ms) data = "".join(("clientId", ClientId, "deviceName", DeviceName, "productKey", ProductKey, "timestamp", timestamp )) # print(round((time.time() * 1000))) print("data:", data) if "hmacsha1" == signmethod: ret = hmac.new(bytes(DeviceSecret, encoding="utf-8"), bytes(data, encoding="utf-8"), hashlib.sha1).hexdigest() elif "hmacmd5" == signmethod: ret = hmac.new(bytes(DeviceSecret, encoding="utf-8"), bytes(data, encoding="utf-8"), hashlib.md5).hexdigest() else: raise ValueError sign = ret print("sign:", sign) # ====================================================== strBroker = ProductKey + ".iot-as-mqtt.cn-shanghai.aliyuncs.com" port = 1883 client_id = "".join((ClientId, "|securemode=3", ",signmethod=", signmethod, ",timestamp=", timestamp, "|")) username = "".join((DeviceName, "&", ProductKey)) password = sign print("="*30) print("client_id:", client_id) print("username:", username) print("password:", password) print("="*30) def secret_test(): DeviceSecret = "secret" data = "clientId12345deviceNamedeviceproductKeypktimestamp789" ret = hmac.new(bytes(DeviceSecret, encoding="utf-8"), bytes(data, encoding="utf-8"), hashlib.sha1).hexdigest() print("test:", ret) # ====================================================== # MQTT Initialize.-------------------------------------- try: import paho.mqtt.client as mqtt except ImportError: print("MQTT client not find. Please install as follow:") print("git clone http://git.eclipse.org/gitroot/paho/org.eclipse.paho.mqtt.python.git") print("cd org.eclipse.paho.mqtt.python") print("sudo python setup.py install") # ====================================================== def on_connect(mqttc, obj, rc): print("OnConnetc, rc: " + str(rc)) mqttc.subscribe("test", 0) def on_publish(mqttc, obj, mid): print("OnPublish, mid: " + str(mid)) def on_subscribe(mqttc, obj, mid, granted_qos): print("Subscribed: " + str(mid) + " " + str(granted_qos)) def on_log(mqttc, obj, level, string): print("Log:" + string) def on_message(mqttc, obj, msg): curtime = datetime.datetime.now() strcurtime = curtime.strftime("%Y-%m-%d %H:%M:%S") print(strcurtime + ": " + msg.topic + " " + str(msg.qos) + " " + str(msg.payload)) on_exec(str(msg.payload)) def on_exec(strcmd): print("Exec:", strcmd) strExec = strcmd # ===================================================== if __name__ == '__main__': if TEST: secret_test() exit(0) mqttc = mqtt.Client(client_id) mqttc.username_pw_set(username, password) mqttc.on_message = on_message mqttc.on_connect = on_connect mqttc.on_publish = on_publish mqttc.on_subscribe = on_subscribe mqttc.on_log = on_log mqttc.connect(strBroker, port, 120) mqttc.loop_forever()终于知道之前为什么总是连接不上了!!!之前文档对password加密的字段是多了「signmethodhmacsha1」字符串!
