【代码评审】IoT：MQTT 连接参数

2025-02-22 18:21:18 +08:00 · 2025-02-22 18:21:18 +08:00 · fa40ae1dbd
parent 8043ce612f
commit fa40ae1dbd
6 changed files with 15 additions and 6 deletions
--- a/yudao-module-iot/yudao-module-iot-api/src/main/java/cn/iocoder/yudao/module/iot/api/device/IotDeviceUpstreamApi.java
+++ b/yudao-module-iot/yudao-module-iot-api/src/main/java/cn/iocoder/yudao/module/iot/api/device/IotDeviceUpstreamApi.java
@ -71,6 +71,7 @@ public interface IotDeviceUpstreamApi {
    @PostMapping(PREFIX + "/add-topology")
    CommonResult<Boolean> addDeviceTopology(@Valid @RequestBody IotDeviceTopologyAddReqDTO addReqDTO);
    // TODO @芋艿：考虑 http 认证
    /**
     * 认证 Emqx 连接
     *
--- a/yudao-module-iot/yudao-module-iot-api/src/main/java/cn/iocoder/yudao/module/iot/api/device/dto/control/upstream/IotDeviceEmqxAuthReqDTO.java
+++ b/yudao-module-iot/yudao-module-iot-api/src/main/java/cn/iocoder/yudao/module/iot/api/device/dto/control/upstream/IotDeviceEmqxAuthReqDTO.java
@ -3,6 +3,7 @@ package cn.iocoder.yudao.module.iot.api.device.dto.control.upstream;
 import jakarta.validation.constraints.NotEmpty;
 import lombok.Data;
 // TODO @芋艿：要不要继承 IotDeviceUpstreamAbstractReqDTO
 /**
 * IoT 认证 Emqx 连接 Request DTO
 *
--- a/yudao-module-iot/yudao-module-iot-biz/src/main/java/cn/iocoder/yudao/module/iot/controller/admin/device/IotDeviceController.java
+++ b/yudao-module-iot/yudao-module-iot-biz/src/main/java/cn/iocoder/yudao/module/iot/controller/admin/device/IotDeviceController.java
@ -177,6 +177,7 @@ public class IotDeviceController {
        return success(true);
    }
    // TODO @haohao：是不是默认详情接口，不返回 secret，然后这个接口，用于统一返回。然后接口名可以更通用一点。
    @GetMapping("/mqtt-connection-params")
    @Operation(summary = "获取 MQTT 连接参数")
    @PreAuthorize("@ss.hasPermission('iot:device:mqtt-connection-params')")
--- a/yudao-module-iot/yudao-module-iot-biz/src/main/java/cn/iocoder/yudao/module/iot/service/device/IotDeviceServiceImpl.java
+++ b/yudao-module-iot/yudao-module-iot-biz/src/main/java/cn/iocoder/yudao/module/iot/service/device/IotDeviceServiceImpl.java
@ -123,9 +123,7 @@ public class IotDeviceServiceImpl implements IotDeviceService {
    private void initDevice(IotDeviceDO device, IotProductDO product) {
        device.setProductId(product.getId()).setProductKey(product.getProductKey())
                .setDeviceType(product.getDeviceType());
-        // 生成并设置必要的字段
+        // 生成密钥
        // TODO @芋艿：各种 mqtt 是不是可以简化！
        // clientId、username、password 根据规则实时生成
        device.setDeviceSecret(generateDeviceSecret());
        // 设置设备状态为未激活
        device.setState(IotDeviceStateEnum.INACTIVE.getState());
--- a/yudao-module-iot/yudao-module-iot-biz/src/main/java/cn/iocoder/yudao/module/iot/service/device/control/IotDeviceUpstreamServiceImpl.java
+++ b/yudao-module-iot/yudao-module-iot-biz/src/main/java/cn/iocoder/yudao/module/iot/service/device/control/IotDeviceUpstreamServiceImpl.java
@ -280,6 +280,7 @@ public class IotDeviceUpstreamServiceImpl implements IotDeviceUpstreamService {
        sendDeviceMessage(message, device);
    }
    // TODO @haohao：建议返回 boolean；
    @Override
    public Boolean authenticateEmqxConnection(IotDeviceEmqxAuthReqDTO authReqDTO) {
        log.info("[authenticateEmqxConnection][认证 Emqx 连接: {}]", authReqDTO);
@ -303,6 +304,7 @@ public class IotDeviceUpstreamServiceImpl implements IotDeviceUpstreamService {
        String deviceSecret = device.getDeviceSecret();
        String clientId = authReqDTO.getClientId();
        MqttSignResult sign = MqttSignUtils.calculate(productKey, deviceName, deviceSecret, clientId);
        // TODO @haohao：notEquals，尽量不走取反逻辑哈
        if (!StrUtil.equals(sign.getPassword(), authReqDTO.getPassword())) {
            log.error("[authenticateEmqxConnection][认证失败，密码不正确]");
            return Boolean.FALSE;
--- a/yudao-module-iot/yudao-module-iot-biz/src/main/java/cn/iocoder/yudao/module/iot/util/MqttSignUtils.java
+++ b/yudao-module-iot/yudao-module-iot-biz/src/main/java/cn/iocoder/yudao/module/iot/util/MqttSignUtils.java
@ -8,12 +8,15 @@ import java.nio.charset.StandardCharsets;
 /**
 * MQTT 签名工具类
- * 提供静态方法来计算 MQTT 连接参数。
+ *
 * 提供静态方法来计算 MQTT 连接参数
 */
 public class MqttSignUtils {
    private static final String SIGN_METHOD = "hmacsha256";
    // TODO @haohao：calculate 方法，可以融合么？
    /**
     * 计算 MQTT 连接参数
     *
@ -25,11 +28,11 @@ public class MqttSignUtils {
    public static MqttSignResult calculate(String productKey, String deviceName, String deviceSecret) {
        String clientId = productKey + "." + deviceName;
        String username = deviceName + "&" + productKey;
        // 生成 password
        // TODO @haohao：signContent 和 signContentBuilder 风格保持统一的实现哈
        String signContent = String.format("clientId%sdeviceName%sdeviceSecret%sproductKey%s",
                clientId, deviceName, deviceSecret, productKey);
        String password = sign(signContent, deviceSecret);
        return new MqttSignResult(clientId, username, password);
    }
@ -54,6 +57,7 @@ public class MqttSignUtils {
        return new MqttSignResult(clientId, username, password);
    }
    // TODO @haohao：hutool 貌似有工具类可以用哈。
    private static String sign(String content, String key) {
        try {
            Mac mac = Mac.getInstance(SIGN_METHOD);
@ -81,7 +85,9 @@ public class MqttSignUtils {
     * MQTT 签名结果类
     */
    @Getter
    // TODO @haohao：可以用 lombok 哈
    public static class MqttSignResult {
        private final String clientId;
        private final String username;
        private final String password;