![cover](https://img-blog.csdnimg.cn/40a207354920475780dbc0bb757eb02f.png)
AWS iot core 架构物联网项目
最近架构了一个海外的智能机器人物联网APP项目,使用的是亚马逊的iot core实现数据交互。
最近架构了一个海外的智能机器人物联网APP项目,使用的是亚马逊的iot core实现数据交互。这里给大家写一些使用的思路,因为中间细节很多,文章写起来很费劲。给大家一些比较有用的链接。
AWS Iot官方中文文档
AWS Cognito身份池中文文档
亚马逊AWS官方博客智能家居物联网平台之-设备状态管理
架构思路
参考上面写的官方博客做数据权限控制和交互。具体实现大概如下:首先APP用户登录同时,APP服务端向亚马逊Cognito身份池获取对应身份信息返回给APP端,参数如下:
APP端使用对应的安卓和IOS的sdk使用参数链接到亚马逊IOT。每一个identityId对应一个APP账户,每个identityId都可以绑定一个iot core的策略,使用该策略进行权限控制,可以控制到该用户下的所有设备,不允许跨账号设备进行对应的topic数据交互。
iot core我们使用的物品的影子,来完成对应的数据存储及变更数据推送,影子的具体功能是在,设备的影子里面存储一份物品的所有属性,如下图:
其中state属性内的参数是,我们服务端或者APP端发送的指令或者期望值。metadata属性是,设备端上报的设备上的所有属性,设备端某个属性变更的时候推送改属性数据。设备影子的出现,解耦了服务端与设备的数据耦合性,APP和服务端不需要关心设备是否在线,只需要下发指令到影子内,影子会在设备在线时下发最新版本的指令,中间指令丢弃。设备上报的变更数据影子也会推送给服务端/APP端。点击进入物品影子的使用文档
一般都知道,一般服务端的压力相对来说是很大的,整个架构思路,解放了APP服务端压力。APP端也可以实时获取到设备的业务数据。
iot core相关服务端代码
亚马逊的各种sdk写法太多了,就java现在也有两个版本,各位注意一下自己的版本。给大家一个亚马逊maven查找的地址自行查找对应的服务sdk。
<!-- AWS iot server sdk -->
<dependency>
<groupId>software.amazon.awssdk</groupId>
<artifactId>iot</artifactId>
<version>2.17.230</version>
</dependency>
<!-- AWS iot device sdk -->
<dependency>
<groupId>com.amazonaws</groupId>
<artifactId>aws-iot-device-sdk-java</artifactId>
<version>1.3.10</version>
</dependency>
<dependency>
<groupId>software.amazon.awssdk</groupId>
<artifactId>cognitoidentity</artifactId>
<version>2.17.230</version>
</dependency>
这里给大家一些现成代码:
import lombok.extern.slf4j.Slf4j;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.context.annotation.Bean;
import org.springframework.stereotype.Component;
import org.springframework.util.CollectionUtils;
import software.amazon.awssdk.auth.credentials.AwsCredentialsProviderChain;
import software.amazon.awssdk.auth.credentials.ProfileCredentialsProvider;
import software.amazon.awssdk.profiles.ProfileFile;
import software.amazon.awssdk.profiles.ProfileProperty;
import software.amazon.awssdk.regions.Region;
import software.amazon.awssdk.services.iot.IotClient;
import software.amazon.awssdk.services.iot.model.*;
import software.amazon.awssdk.utils.StringInputStream;
import java.util.ArrayList;
import java.util.Objects;
/**
* @Description: AWS iot 服务端工具类
*/
@Slf4j
@Component
public class AwsIotServerClientComponent {
private AwsIotServerClientComponent(){
}
@Autowired
private AwsIotAccountConfig iotAccountConfig;
private IotClient iotClient;
/**
* 初始化 iot 客户端
*
* @return
*/
@Bean(value = "iotServerClient")
public IotClient iotClient() {
StringBuilder cfgBuilder = new StringBuilder("[default]\n");
cfgBuilder.append(ProfileProperty.AWS_ACCESS_KEY_ID).append(" = ").append(iotAccountConfig.getAccessKeyId())
.append("\n").append(ProfileProperty.AWS_SECRET_ACCESS_KEY).append(" = ").append(iotAccountConfig.getSecretAccessKey()).append("\n");
ProfileFile profileFile = ProfileFile.builder()
.content(new StringInputStream(cfgBuilder.toString()))
.type(ProfileFile.Type.CONFIGURATION).build();
AwsCredentialsProviderChain awsCredentialsProviderChain = AwsCredentialsProviderChain.of(
ProfileCredentialsProvider.builder().profileFile(profileFile).build());
if (Objects.isNull(iotClient)) {
synchronized (AwsIotServerClientComponent.class) {
if (Objects.isNull(iotClient)) {
iotClient = IotClient.builder()
.credentialsProvider(awsCredentialsProviderChain)
.region(Region.of(iotAccountConfig.getRegions()))
.build();
}
}
}
return iotClient;
}
/**
* 创建物品类型
*
* @param thingType 物品类型
*/
public boolean createThingType(String thingType,ArrayList<String> searchableAttributes) {
ThingTypeProperties build = ThingTypeProperties.builder().searchableAttributes(searchableAttributes).build();
CreateThingTypeRequest request = CreateThingTypeRequest.builder().thingTypeProperties(build)
.thingTypeName(thingType).build();
CreateThingTypeResponse response = iotClient.createThingType(request);
return response.sdkHttpResponse().isSuccessful();
}
/**
* 创建物品
*
* @param thingName 物品名称
* @param thingType 物品类型
* @return
*/
public boolean createThing(String thingName, String thingType) {
CreateThingRequest request = CreateThingRequest.builder()
.thingName(thingName)
.thingTypeName(thingType).build();
CreateThingResponse response = iotClient.createThing(request);
return response.sdkHttpResponse().isSuccessful();
}
/**
* 删除物品
*
* @param thingName 物品名称
* @return
*/
public boolean deleteThing(String thingName) {
DeleteThingRequest request = DeleteThingRequest.builder()
.thingName(thingName).build();
DeleteThingResponse deleteThingResponse = iotClient.deleteThing(request);
return deleteThingResponse.sdkHttpResponse().isSuccessful();
}
/**
* 创建证书
*
* @return
*/
public CertificateVo createCert() {
CreateKeysAndCertificateRequest request = CreateKeysAndCertificateRequest.builder().setAsActive(true).build();
CreateKeysAndCertificateResponse response = iotClient.createKeysAndCertificate(request);
if (response.sdkHttpResponse().isSuccessful()) {
CertificateVo certVo = new CertificateVo();
certVo.setCertificateArn(response.certificateArn());
certVo.setCertificateId(response.certificateId());
certVo.setCertificatePem(response.certificatePem());
certVo.setPublicKey(response.keyPair().publicKey());
certVo.setPrivateKey(response.keyPair().privateKey());
return certVo;
}
return null;
}
/**
* 删除证书
*
* @return
*/
public boolean deleteCert(String certificateId) {
DeleteCaCertificateRequest request = DeleteCaCertificateRequest.builder().certificateId(certificateId).build();
DeleteCaCertificateResponse deleteCaCertificateResponse = iotClient.deleteCACertificate(request);
return deleteCaCertificateResponse.sdkHttpResponse().isSuccessful();
}
/**
* 绑定物品与证书
*
* @param certArn 证书资源唯一标识
* @param thingId 物品 ID
* @return
*/
public boolean bindThingAndCert(String certArn, String thingId) {
AttachThingPrincipalRequest request = AttachThingPrincipalRequest.builder()
.thingName(thingId)
.principal(certArn).build();
AttachThingPrincipalResponse response = iotClient.attachThingPrincipal(request);
return response.sdkHttpResponse().isSuccessful();
}
/**
* 创建策略
*
* @param policyName 策略名称
* @param policyContent 策略内容(json 格式)
* @return
*/
public boolean createPolicy(String policyName, String policyContent) {
CreatePolicyRequest request = CreatePolicyRequest.builder()
.policyName(policyName)
.policyDocument(policyContent).build();
CreatePolicyResponse response = iotClient.createPolicy(request);
return response.sdkHttpResponse().isSuccessful();
}
/**
* 创建策略
*
* @param policyName 策略名称
* @return
*/
public boolean deletePolicy(String policyName) {
DeletePolicyRequest request = DeletePolicyRequest.builder()
.policyName(policyName).build();
DeletePolicyResponse deletePolicyResponse = iotClient.deletePolicy(request);
return deletePolicyResponse.sdkHttpResponse().isSuccessful();
}
/**
* 绑定证书与策略
*
* @param certArn
* @param policyName
* @return
*/
public boolean bindCertAndPolicy(String certArn, String policyName) {
AttachPolicyRequest request = AttachPolicyRequest.builder()
.policyName(policyName)
.target(certArn)
.build();
AttachPolicyResponse response = iotClient.attachPolicy(request);
return response.sdkHttpResponse().isSuccessful();
}
/**
* 更新策略
*
* @param policyName
* @param policyContent
* @return
*/
public boolean updatePolicy(String policyName, String policyContent) {
// 查询策略的所有版本
ListPolicyVersionsRequest listPolicyVersionsRequest = ListPolicyVersionsRequest.builder()
.policyName(policyName).build();
ListPolicyVersionsResponse listPolicyVersionsResponse = iotClient.listPolicyVersions(listPolicyVersionsRequest);
if (!listPolicyVersionsResponse.sdkHttpResponse().isSuccessful()) {
log.warn("删除策略失败,查询策略列表出错");
return false;
}
if (CollectionUtils.isEmpty(listPolicyVersionsResponse.policyVersions())) {
log.warn("删除策略失败,策略列表为空");
return false;
}
// 删除非活跃版本
listPolicyVersionsResponse.policyVersions().forEach(version -> {
if (!version.isDefaultVersion()) {
DeletePolicyVersionRequest deletePolicyVersionRequest = DeletePolicyVersionRequest.builder()
.policyName(policyName)
.policyVersionId(version.versionId()).build();
iotClient.deletePolicyVersion(deletePolicyVersionRequest);
}
});
// 创建策略版本并设置为活跃状态
CreatePolicyVersionRequest request = CreatePolicyVersionRequest.builder()
.policyName(policyName)
.policyDocument(policyContent)
.setAsDefault(true).build();
CreatePolicyVersionResponse response = iotClient.createPolicyVersion(request);
return response.sdkHttpResponse().isSuccessful();
}
/**
* 获取策略
*
* @param policyName 策略名称
* @return
*/
public GetPolicyResponse getPolicy(String policyName) {
GetPolicyRequest request = GetPolicyRequest.builder().policyName(policyName).build();
GetPolicyResponse getPolicyResponse = iotClient.getPolicy(request);
return getPolicyResponse;
}
}
import com.aiper.app.component.iot.listener.SwimmingCleanDataListener;
import com.aiper.app.component.iot.listener.SwimmingInfoListener;
import com.aiper.app.component.iot.listener.SwimmingStatusListener;
import com.amazonaws.services.iot.client.AWSIotException;
import com.amazonaws.services.iot.client.AWSIotMqttClient;
import com.amazonaws.services.iot.client.AWSIotQos;
import com.amazonaws.services.iot.client.auth.Credentials;
import com.amazonaws.services.iot.client.auth.StaticCredentialsProvider;
import lombok.extern.slf4j.Slf4j;
import org.springframework.boot.ApplicationArguments;
import org.springframework.boot.ApplicationRunner;
import org.springframework.context.annotation.Bean;
import org.springframework.stereotype.Component;
import javax.annotation.Resource;
/**
* @Description: AWS iot 设备端 MQTT 操作工具类
*/
@Slf4j
@Component
public class AwsIotDeviceClientComponent implements ApplicationRunner {
public AwsIotDeviceClientComponent(){
}
private AWSIotMqttClient mqttClient;
@Resource
private AwsIotAccountConfig iotAccountConfig;
@Resource
private Listener listener;
@Override
public void run(ApplicationArguments args) throws Exception {
mqttClient.connect();
log.info("aws mqtt server 客户端连接成功");
// 主题订阅
mqttClient.subscribe(listener, true);
}
@Bean(name = "awsIotMqttClient")
public AWSIotMqttClient awsIotMqttClient() {
log.info("创建 awsIotMqttClient bean");
Credentials credentials = new Credentials(iotAccountConfig.getAccessKeyId(),
iotAccountConfig.getSecretAccessKey());
StaticCredentialsProvider credentialsProvider = new StaticCredentialsProvider(credentials);
mqttClient = new AWSIotMqttClient(iotAccountConfig.getClientEndpoint(),
"javaClient_"+ System.currentTimeMillis()
, credentialsProvider, iotAccountConfig.getRegions());
return mqttClient;
}
/**
* 消息推送
* @param topic
* @param data
* @throws AWSIotException
*/
public void pushMessage(String topic, byte[] data) throws AWSIotException {
log.info("server topic={},>>> {}", topic, new String(data));
mqttClient.publish(new IotPublisher(topic, AWSIotQos.QOS1, data));
}
}
import com.amazonaws.services.iot.client.AWSIotMessage;
import com.amazonaws.services.iot.client.AWSIotQos;
import com.amazonaws.services.iot.client.AWSIotTopic;
import lombok.extern.slf4j.Slf4j;
import org.springframework.stereotype.Component;
/**
* @Description: 信息监听
*/
@Slf4j
@Component
public class Listener extends AWSIotTopic {
private final static String TOPIC = "topic/test";
public SwimmingInfoListener() {
super(TOPIC, AWSIotQos.QOS1);
}
@Override
public void onMessage(AWSIotMessage message) {
//业务代码
}
Cognito相关服务端代码
import com.aiper.app.component.iot.AwsIotAccountConfig;
import lombok.extern.slf4j.Slf4j;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.context.annotation.Bean;
import org.springframework.stereotype.Component;
import software.amazon.awssdk.auth.credentials.AwsCredentialsProviderChain;
import software.amazon.awssdk.auth.credentials.ProfileCredentialsProvider;
import software.amazon.awssdk.profiles.ProfileFile;
import software.amazon.awssdk.profiles.ProfileProperty;
import software.amazon.awssdk.regions.Region;
import software.amazon.awssdk.services.cognitoidentity.CognitoIdentityClient;
import software.amazon.awssdk.services.cognitoidentity.model.GetOpenIdTokenForDeveloperIdentityRequest;
import software.amazon.awssdk.services.cognitoidentity.model.GetOpenIdTokenForDeveloperIdentityResponse;
import software.amazon.awssdk.utils.StringInputStream;
import java.util.HashMap;
import java.util.Map;
import java.util.Objects;
@Slf4j
@Component
public class AwsCognitoIdentityClientComponent {
public AwsCognitoIdentityClientComponent() {
}
@Autowired
private AwsIotAccountConfig iotAccountConfig;
@Autowired
private AwsCognitoIdentityPoolConfig cognitoIdentityPoolConfig;
private CognitoIdentityClient cognitoIdentityClient;
/**
*
* 初始化 cognitoIdentity 客户端
* @return
*/
@Bean(value = "cognitoIdentityClient")
public CognitoIdentityClient cognitoIdentityClient() {
StringBuilder cfgBuilder = new StringBuilder("[default]\n");
cfgBuilder.append(ProfileProperty.AWS_ACCESS_KEY_ID).append(" = ").append(iotAccountConfig.getAccessKeyId())
.append("\n").append(ProfileProperty.AWS_SECRET_ACCESS_KEY).append(" = ").append(iotAccountConfig.getSecretAccessKey()).append("\n");
ProfileFile profileFile = ProfileFile.builder()
.content(new StringInputStream(cfgBuilder.toString()))
.type(ProfileFile.Type.CONFIGURATION).build();
AwsCredentialsProviderChain awsCredentialsProviderChain = AwsCredentialsProviderChain.of(
ProfileCredentialsProvider.builder().profileFile(profileFile).build());
if (Objects.isNull(cognitoIdentityClient)) {
synchronized (AwsCognitoIdentityClientComponent.class) {
if (Objects.isNull(cognitoIdentityClient)) {
cognitoIdentityClient = CognitoIdentityClient.builder()
.credentialsProvider(awsCredentialsProviderChain)
.region(Region.of(iotAccountConfig.getRegions()))
.build();
}
}
}
return cognitoIdentityClient;
}
public GetOpenIdTokenForDeveloperIdentityResponse getOpenIdTokenForDeveloperIdentity(String serialNumber) {
Map<String, String> logins = new HashMap<String, String>();
logins.put(cognitoIdentityPoolConfig.getDeveloperProviderName(), "业务定义");
GetOpenIdTokenForDeveloperIdentityRequest request = GetOpenIdTokenForDeveloperIdentityRequest.builder()
.identityPoolId(cognitoIdentityPoolConfig.getIdentityPoolId())
.tokenDuration(cognitoIdentityPoolConfig.getTokenDuration())
.logins(logins)
.build();
return cognitoIdentityClient.getOpenIdTokenForDeveloperIdentity(request);
}
}
这一次暂时写到这里,其中还有很多在亚马逊平台添加权限的具体操作,文字描述难以描述,如有需要请留言,我看到会尽快回复。
转载请注明出处。
更多推荐
所有评论(0)