全部产品
云市场

服务端API手册

更新时间:2019-04-24 20:14:53

一、服务端认证接口

接口名称

verify

访问地址

需要POP SDK支持,endpoint domain: id2.cn-shanghai.aliyuncs.com

功能描述

ID² 运行时认证接口


请求参数

名称类型是否必须描述
apiVersioinStringapi版本号,当前取值1.1.2
id2StringID²标识
authCodeString设备端生成的认证码,具体获取方式请参考设备端API对接指南
extraString与认证码关联的辅助认证数据
productKeyString产品标识,从ID²控制台的产品列表中获取

返回值

  1. 成功:
  2. {
  3. "code":200,
  4. "requestId":"F6AFB45A-0FD1-405E-AD2A-C50E34C429E5",
  5. "success": true,
  6. "data": true
  7. }
  8. 失败:
  9. {
  10. "code":33,
  11. "requestId":"F6AFB45A-0FD1-405E-AD2A-C50E34C429E5",
  12. "success": false
  13. }

错误码

参见服务端错误码


示例

示例Java code如下,相关的库代码请联系合作项目的阿里云IoT接口人

  1. package com.aliyun.id2.demo;
  2. import com.aliyuncs.DefaultAcsClient;
  3. import com.aliyuncs.IAcsClient;
  4. import com.aliyuncs.exceptions.ClientException;
  5. import com.aliyuncs.exceptions.ServerException;
  6. import com.aliyuncs.http.X509TrustAll;
  7. import com.aliyuncs.id2.model.v20170707.VerifyRequest;
  8. import com.aliyuncs.id2.model.v20170707.VerifyResponse;
  9. import com.aliyuncs.profile.DefaultProfile;
  10. import com.aliyuncs.profile.IClientProfile;
  11. public class VerifyDemo {
  12. private static String ACCESS_KEY = ""; // your access key
  13. private static String ACCESS_SECRET = ""; // your access secret
  14. public static void main(String[] args) throws ClientException {
  15. try {
  16. IClientProfile profile = DefaultProfile.getProfile("cn-shanghai", ACCESS_KEY, ACCESS_SECRET);
  17. DefaultProfile.addEndpoint("cn-shanghai", "cn-shanghai", "ID2", "id2.cn-shanghai.aliyuncs.com");
  18. IAcsClient client = new DefaultAcsClient(profile);
  19. X509TrustAll.ignoreSSLCertificate();
  20. String id2 = "00AAABBB11122281FE15B400";
  21. String authCode = "3~0~1245DC626946A9E5~1499753003564~Pfyt01tFpOFfI9HkHYjvqikoZpdch44U22ckmpvuwL1QfppOOIIGboFmfyhnrX73hGvQ5BKzX1Acie+8MHoKZ64Y8tWMFMtbm3tmEqUzfSnYvGAEu/+YcytuZTKydh9ijJLUVeRgKUeS29q1zj9LOTyGBXOxdesb9n9oQ225+3M=";
  22. String extra = "digest1234";
  23. VerifyRequest req = new VerifyRequest();
  24. req.setId2(id2);
  25. req.setAuthCode(authCode);
  26. req.setExtra(extra);
  27. req.setApiVersion("1.1.2");
  28. req.setProductKey("xxxxxxxxxxx");
  29. VerifyResponse response = client.getAcsResponse(req);
  30. System.out.println("requestId:" + response.getRequestId());
  31. if (response.getSuccess()) {
  32. System.out.println("success, data:" + response.getData());
  33. } else {
  34. System.out.println("not success, code:" + response.getCode());
  35. }
  36. } catch (ServerException e) {
  37. e.printStackTrace();
  38. } catch (ClientException e) {
  39. e.printStackTrace();
  40. }
  41. }
  42. }

二、服务端认证并加密接口

接口名称

verifyAndEncrypt

访问地址

需要POP SDK支持,endpoint domain: id2.cn-shanghai.aliyuncs.com

功能描述

ID² 运行时认证并加密接口


请求参数

名称类型是否必须描述
apiVersioinStringapi版本号,当前取值1.1.2
id2StringID²标识
authCodeString设备端生成的认证码,具体获取方式请参考设备端接口描述
extraString与认证码关联的辅助认证数据
dataString待加密的数据
productKeyString产品标识,从ID²控制台的产品列表中获取

返回值

  1. 成功:
  2. {
  3. "code":200,
  4. "requestId":"F6AFB45A-0FD1-405E-AD2A-C50E34C429E5",
  5. "success": true,
  6. "data": "MIGfM****DAQAB"
  7. }
  8. 失败:
  9. {
  10. "code":33,
  11. "requestId":"F6AFB45A-0FD1-405E-AD2A-C50E34C429E5",
  12. "success": false
  13. }

错误码

参见服务端错误码


示例

示例Java code如下,相关的库代码请联系合作项目的阿里云IoT接口人

  1. package com.aliyun.id2.demo;
  2. import com.aliyuncs.DefaultAcsClient;
  3. import com.aliyuncs.IAcsClient;
  4. import com.aliyuncs.exceptions.ClientException;
  5. import com.aliyuncs.exceptions.ServerException;
  6. import com.aliyuncs.http.X509TrustAll;
  7. import com.aliyuncs.id2.model.v20170707.VerifyAndEncryptRequest;
  8. import com.aliyuncs.id2.model.v20170707.VerifyAndEncryptResponse;
  9. import com.aliyuncs.profile.DefaultProfile;
  10. import com.aliyuncs.profile.IClientProfile;
  11. public class VerifyAndEncryptDemo {
  12. private static String ACCESS_KEY = ""; // your access key
  13. private static String ACCESS_SECRET = ""; // your access secret
  14. public static void main(String[] args) throws ClientException {
  15. try {
  16. IClientProfile profile = DefaultProfile.getProfile("cn-shanghai", ACCESS_KEY, ACCESS_SECRET);
  17. DefaultProfile.addEndpoint("cn-shanghai", "cn-shanghai", "ID2", "id2.cn-shanghai.aliyuncs.com");
  18. IAcsClient client = new DefaultAcsClient(profile);
  19. X509TrustAll.ignoreSSLCertificate();
  20. String id2 = "00AAABBB11122281FE15B400";
  21. String authCode = "3~0~1245DC626946A9E5~1499753003564~Pfyt01tFpOFfI9HkHYjvqikoZpdch44U22ckmpvuwL1QfppOOIIGboFmfyhnrX73hGvQ5BKzX1Acie+8MHoKZ64Y8tWMFMtbm3tmEqUzfSnYvGAEu/+YcytuZTKydh9ijJLUVeRgKUeS29q1zj9LOTyGBXOxdesb9n9oQ225+3M=";
  22. String extra = "digest1234";
  23. VerifyAndEncryptRequest req = new VerifyAndEncryptRequest();
  24. req.setId2(id2);
  25. req.setAuthCode(authCode);
  26. req.setExtra(extra);
  27. req.setApiVersion("1.1.2");
  28. req.setData("1234");
  29. req.setProductKey("xxxxxxxxxxx");
  30. VerifyAndEncryptResponse response = client.getAcsResponse(req);
  31. System.out.println("requestId:" + response.getRequestId());
  32. if (response.getSuccess()) {
  33. System.out.println("success, data:" + response.getData());
  34. } else {
  35. System.out.println("not success, code:" + response.getCode());
  36. }
  37. } catch (ServerException e) {
  38. e.printStackTrace();
  39. } catch (ClientException e) {
  40. e.printStackTrace();
  41. }
  42. }
  43. }

三、获取服务端随机数接口

接口名称

getServerRandom

访问地址

需要POP SDK支持,endpoint domain: id2.cn-shanghai.aliyuncs.com

功能描述

获取服务端随机数/挑战字


请求参数

名称类型是否必须描述
apiVersioinStringapi版本号,当前取值1.1.2
id2StringID²标识

返回值

  1. 成功:
  2. {
  3. "code" : 200,
  4. "requestId":"F6AFB45A-0FD1-405E-AD2A-C50E34C429E5",
  5. "success": true,
  6. "data": "6F5DDB5F21C28F06484A4695FAB915AA"
  7. }
  8. 失败:
  9. {
  10. "code":18,
  11. "requestId":"F6AFB45A-0FD1-405E-AD2A-C50E34C429E5",
  12. "success": false
  13. }

错误码

参见服务端错误码


示例

示例Java code如下,相关的库代码请联系合作项目的阿里云IoT接口人

  1. package com.aliyun.id2.demo;
  2. import com.aliyuncs.DefaultAcsClient;
  3. import com.aliyuncs.IAcsClient;
  4. import com.aliyuncs.exceptions.ClientException;
  5. import com.aliyuncs.exceptions.ServerException;
  6. import com.aliyuncs.http.X509TrustAll;
  7. import com.aliyuncs.id2.model.v20170707.GetServerRandomRequest;
  8. import com.aliyuncs.id2.model.v20170707.GetServerRandomResponse;
  9. import com.aliyuncs.profile.DefaultProfile;
  10. import com.aliyuncs.profile.IClientProfile;
  11. public class GetServerRandomDemo {
  12. private static String ACCESS_KEY = ""; // your access key
  13. private static String ACCESS_SECRET = ""; // your access secret
  14. public static void main(String[] args) throws ClientException {
  15. try {
  16. IClientProfile profile = DefaultProfile.getProfile("cn-shanghai", ACCESS_KEY, ACCESS_SECRET);
  17. DefaultProfile.addEndpoint("cn-shanghai", "cn-shanghai", "ID2", "id2.cn-shanghai.aliyuncs.com");
  18. IAcsClient client = new DefaultAcsClient(profile);
  19. X509TrustAll.ignoreSSLCertificate();
  20. String id2 = "00AAABBB11122281FE15B400";
  21. GetServerRandomRequest req = new GetServerRandomRequest();
  22. req.setId2(id2);
  23. req.setApiVersion("1.1.2");
  24. GetServerRandomResponse response = client.getAcsResponse(req);
  25. System.out.println("requestId:" + response.getRequestId());
  26. if (response.getSuccess()) {
  27. System.out.println("success, data:" + response.getData());
  28. } else {
  29. System.out.println("not success, code:" + response.getCode());
  30. }
  31. } catch (ServerException e) {
  32. e.printStackTrace();
  33. } catch (ClientException e) {
  34. e.printStackTrace();
  35. }
  36. }
  37. }

四、获取服务端认证码接口

接口名称

getServerAuthCodeAndEncryptData

访问地址

需要POP SDK支持,endpoint domain: id2.cn-shanghai.aliyuncs.com

功能描述

验证设备认证码有效性,获取服务端认证码,并加密数据


请求参数

名称类型是否必须描述
id2StringID²标识
deviceAuthCodeString设备端生成的认证码,服务端通过其验证设备合法性
deviceExtraString与设备认证码关联的辅助认证数据
dataString待加密的数据
deviceChallengeString设备挑战字,用于生成服务端认证码
serverExtraString与服务端认证码关联的辅助认证数据
apiVersionStringapi版本号,当前取值1.1.2
productKeyString产品标识,从ID²控制台的产品列表中获取

返回值

  1. 成功:
  2. {
  3. "code": 200,
  4. "data": {
  5. "serverAuthCode": "10~2~3DDFA7A45590CF12~QaB/DeZhx4KpBahW***gAZ5Q==",
  6. "encryptData": "3s+wT***x4="
  7. },
  8. "success": true,
  9. "requestId":"F6AFB45A-0FD1-405E-AD2A-C50E34C429E5"
  10. }
  11. 失败:
  12. {
  13. "code": 34,
  14. "data": null,
  15. "success": false,
  16. "requestId":"F6AFB45A-0FD1-405E-AD2A-C50E34C429E5"
  17. }

错误码

参见服务端错误码


示例

示例Java code如下,相关的库代码请联系合作项目的阿里云IoT接口人

  1. try {
  2. String dataToEncrypt = "this is a String to encrypt!";
  3. String serverExtra = "1234abcfe";
  4. GetServerAuthCodeAndEncryptDataRequest req = new GetServerAuthCodeAndEncryptDataRequest();
  5. req.setId2(id2);
  6. req.setDeviceAuthCode(authCode);
  7. if (extra != null) {
  8. req.setDeviceExtra(extra); //no extra
  9. }
  10. req.setApiVersion("1.1.2");
  11. req.setData(dataToEncrypt);
  12. req.setDeviceChallenge("ABCD12348");
  13. req.setServerExtra(serverExtra);
  14. req.setProductKey("xxxxxxxxxxx");
  15. GetServerAuthCodeAndEncryptDataResponse response = client.getAcsResponse(req);
  16. if (response.getSuccess() && response.getCode() == 200) {
  17. byte[] decryptedArray = id2utils.getKeyService(cryptType).decrypt(Base64.decodeBase64(id2s[index].getPrivateKey()), Base64.decodeBase64(response.getData().getEncryptData()));
  18. String decryptedString = new String(decryptedArray);
  19. //using id2utils.getKeyService(cryptType).decrypt to decrypt and verify encrypted data
  20. //using tfsVerifyServer to verify server authcode
  21. return dataToEncrypt.equals(decryptedString) && tfsVerifyServer(index, response.getData().getServerAuthCode(), serverExtra);
  22. }
  23. } catch (ServerException e) {
  24. e.printStackTrace();
  25. } catch (ClientException e) {
  26. e.printStackTrace();
  27. }

五、ID²空发接口

接口名称

otpGetId2

访问地址

需要POP SDK支持,endpoint domain: id2.cn-shanghai.aliyuncs.com

功能描述

ID²及其密钥的空发


请求参数

名称类型是否必须描述
apiVersioinStringapi版本号,当前取值1.1.2
deviceAuthCodeString设备认证码,基于空发token和设备端SDK生成,具体生成方式请参考设备端接口描述

返回值

  1. 成功:
  2. {
  3. "code": 200,
  4. "data": {
  5. "provisionData": "ATAww……nNfro=", //空发数据,设备从中解析出ID²和密钥
  6. "remaining": 100 //空发授权余量
  7. },
  8. "success": true,
  9. "requestId": "F6AFB45A-0FD1-405E-AD2A-C50E34C429E5"
  10. }
  11. 失败:
  12. {
  13. "code": 34,
  14. "data": null,
  15. "requestId": "F6AFB45A-0FD1-405E-AD2A-C50E34C429E5",
  16. "success": false
  17. }

错误码

参见服务端错误码


示例

示例Java code如下,相关的库代码请联系合作项目的阿里云IoT接口人

  1. try {
  2. OtpGetId2Request req = new OtpGetId2Request();
  3. req.setApiVersion("1.1.2");
  4. req.setDeviceAuthCode(deviceAuthCode);
  5. OtpGetId2Response response = client.getAcsResponse(req);
  6. Integer code = response.getCode();
  7. if (response.getSuccess()) {
  8. OtpGetId2Response.Data returnData = response.getData();
  9. System.out.println("success, provData:" + returnData.getProvisionData() + "remaining:" + returnData.getRemaining());
  10. } else {
  11. System.out.println("fail, code:" + response.getCode());
  12. }
  13. } catch (ServerException e) {
  14. e.printStackTrace();
  15. } catch (ClientException e) {
  16. e.printStackTrace();
  17. }