更新！

OneCardIotClient/src/main/java/com/zhongshu/iot/client/model/mqtt/GateWayBindDeviceParam.java

@@ -11,6 +11,7 @@ import java.util.List;
  */
 @Data
 public class GateWayBindDeviceParam {
+
     @Schema(description = "网关ID")
     private String gateWayId;
 
@@ -28,4 +29,13 @@ public class GateWayBindDeviceParam {
 
     @Schema(description = "网关连接账号", hidden = true)
     private String userName;
+
+    @Schema(description = "ak")
+    private String ak;
+
+    @Schema(description = "签名")
+    private String sign;
+
+    @Schema(description = "时间，格式：yyyyMMddHHmmss")
+    private String time;
 }

OneCardIotClient/src/main/java/com/zhongshu/iot/client/model/mqtt/GateWayInfoAddParam.java

@@ -1,7 +1,7 @@
 package com.zhongshu.iot.client.model.mqtt;
 
-import com.zhongshu.iot.client.model.baseParam.SuperParam;
 import com.github.microservice.models.type.OnLineState;
+import com.zhongshu.iot.client.model.baseParam.SuperParam;
 import io.swagger.v3.oas.annotations.media.Schema;
 import lombok.AllArgsConstructor;
 import lombok.Data;
@@ -15,6 +15,7 @@ import lombok.NoArgsConstructor;
 @AllArgsConstructor
 @NoArgsConstructor
 public class GateWayInfoAddParam extends SuperParam {
+
     @Schema(description = "网关ID")
     private String gateWayId;
 
@@ -28,5 +29,14 @@ public class GateWayInfoAddParam extends SuperParam {
     private String ip;
 
     @Schema(description = "设备在线状态", hidden = true)
-    OnLineState state = OnLineState.OffLine;
+    private OnLineState state = OnLineState.OffLine;
+
+    @Schema(description = "ak")
+    private String ak;
+
+    @Schema(description = "签名")
+    private String sign;
+
+    @Schema(description = "时间，格式：yyyyMMddHHmmss")
+    private String time;
 }

OneCardIotServer/src/main/java/com/zhongshu/iot/server/core/controller/free/GateWayFreeController.java

@@ -1,11 +1,12 @@
 package com.zhongshu.iot.server.core.controller.free;
 
+import com.github.microservice.net.ResultContent;
 import com.zhongshu.iot.client.model.mqtt.GateWayBindDeviceParam;
 import com.zhongshu.iot.client.model.mqtt.GateWayInfoAddParam;
 import com.zhongshu.iot.client.model.mqtt.MqttInfoReturnModel;
+import com.zhongshu.iot.server.core.service.base.AkSignService;
 import com.zhongshu.iot.server.core.service.mqtt.DeviceInfoService;
 import com.zhongshu.iot.server.core.service.mqtt.GateWayInfoService;
-import com.github.microservice.net.ResultContent;
 import io.swagger.v3.oas.annotations.Operation;
 import io.swagger.v3.oas.annotations.tags.Tag;
 import lombok.extern.slf4j.Slf4j;
@@ -36,10 +37,17 @@ public class GateWayFreeController {
     @Autowired
     DeviceInfoService deviceInfoService;
 
+    @Autowired
+    private AkSignService akSignService;
+
     @Operation(summary = "注册网关")
     @RequestMapping(value = "registerGateWay", method = {RequestMethod.POST})
     public ResultContent<MqttInfoReturnModel> registerGateWay(@RequestBody GateWayInfoAddParam param) {
         Assert.hasText(param.getGateWayId(), "网关ID不能为空");
+        ResultContent resultContent = akSignService.verifyAk(param.getAk(), param.getTime(), param.getSign());
+        if (resultContent.isFailed()) {
+            return resultContent;
+        }
         log.info("-----------------------注册网关---------------------- {}", param);
         return gateWayInfoService.registerGateWay(param);
     }
@@ -48,6 +56,10 @@ public class GateWayFreeController {
     @RequestMapping(value = "gateWayBindDevice", method = {RequestMethod.POST})
     public ResultContent gateWayBindDevice(@RequestBody GateWayBindDeviceParam param) {
         Assert.hasText(param.getGateWayId(), "网关ID不能为空");
+        ResultContent resultContent = akSignService.verifyAk(param.getAk(), param.getTime(), param.getSign());
+        if (resultContent.isFailed()) {
+            return resultContent;
+        }
         log.info("-------------------------网关绑定设备------------------------: {}", param);
         return gateWayInfoService.gateWayBindDevice(param);
     }

OneCardIotServer/src/main/java/com/zhongshu/iot/server/core/dao/docker/AkSkConfigTimeDao.java → OneCardIotServer/src/main/java/com/zhongshu/iot/server/core/dao/docker/AkSkConfigDao.java

@@ -6,7 +6,7 @@ import com.zhongshu.iot.server.core.domain.docker.AkSkConfig;
  * @author TRX
  * @date 2024/3/21
  */
-public interface AkSkConfigTimeDao extends org.springframework.data.mongodb.repository.MongoRepository<AkSkConfig, String> {
+public interface AkSkConfigDao extends org.springframework.data.mongodb.repository.MongoRepository<AkSkConfig, String> {
 
     AkSkConfig findTopByAk(String ak);
 

OneCardIotServer/src/main/java/com/zhongshu/iot/server/core/domain/docker/AkSkConfig.java

@@ -1,6 +1,8 @@
 package com.zhongshu.iot.server.core.domain.docker;
 
+import com.zhongshu.iot.client.type.DataState;
 import com.zhongshu.iot.server.core.domain.base.SuperEntity;
+import io.swagger.v3.oas.annotations.media.Schema;
 import lombok.AllArgsConstructor;
 import lombok.Data;
 import lombok.NoArgsConstructor;
@@ -17,6 +19,11 @@ import org.springframework.data.mongodb.core.mapping.Document;
 @NoArgsConstructor
 @AllArgsConstructor
 public class AkSkConfig extends SuperEntity {
+
     private String ak;
+
     private String sk;
+
+    @Schema(description = "是否可用")
+    private DataState state = DataState.Enable;
 }

OneCardIotServer/src/main/java/com/zhongshu/iot/server/core/service/base/AkSignService.java

@@ -0,0 +1,67 @@
+package com.zhongshu.iot.server.core.service.base;
+
+import com.github.microservice.net.ResultContent;
+import com.zhongshu.iot.client.type.DataState;
+import com.zhongshu.iot.server.core.dao.docker.AkSkConfigDao;
+import com.zhongshu.iot.server.core.domain.docker.AkSkConfig;
+import com.zhongshu.iot.server.core.util.SecurityUtil;
+import lombok.extern.slf4j.Slf4j;
+import org.apache.commons.lang3.ObjectUtils;
+import org.apache.commons.lang3.StringUtils;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.stereotype.Service;
+
+/**
+ * ak、sk验证
+ *
+ * @author TRX
+ * @date 2024/12/24
+ */
+@Slf4j
+@Service
+public class AkSignService {
+
+    @Autowired
+    private AkSkConfigDao akSkConfigDao;
+
+    /**
+     * 验证
+     *
+     * @param ak
+     * @param time
+     * @param sign
+     * @return
+     */
+    public ResultContent verifyAk(String ak, String time, String sign) {
+        if (StringUtils.isNotEmpty(ak)) {
+            AkSkConfig akSkConfig = akSkConfigDao.findTopByAk(ak);
+            if (ObjectUtils.isEmpty(akSkConfig)) {
+                return ResultContent.buildFail("ak不存在");
+            }
+            if (akSkConfig.getState() != DataState.Enable) {
+                return ResultContent.buildFail("秘钥不可用");
+            }
+            String sk = akSkConfig.getSk();
+            if (StringUtils.isNotEmpty(sk)) {
+                String input = String.format("%s%s%s", ak, time, sk);
+                String _sign = SecurityUtil.getMD5Str(input).toLowerCase();
+                if (!_sign.equals(sign)) {
+                    return ResultContent.buildFail("签名验证错误");
+                }
+            }
+        }
+        return ResultContent.buildSuccess();
+    }
+
+    /**
+     * 产生一套ak、sk
+     *
+     * @return
+     */
+    public ResultContent createAkSk() {
+        AkSkConfig akSkConfig = new AkSkConfig();
+
+        akSkConfigDao.save(akSkConfig);
+        return ResultContent.buildSuccess();
+    }
+}

OneCardIotServer/src/main/java/com/zhongshu/iot/server/core/service/docker/DockerMetaService.java

@@ -3,7 +3,7 @@ package com.zhongshu.iot.server.core.service.docker;
 import cn.hutool.json.JSONArray;
 import cn.hutool.json.JSONObject;
 import com.zhongshu.iot.client.model.docker.*;
-import com.zhongshu.iot.server.core.dao.docker.AkSkConfigTimeDao;
+import com.zhongshu.iot.server.core.dao.docker.AkSkConfigDao;
 import com.zhongshu.iot.server.core.dao.docker.DockerMetaDao;
 import com.zhongshu.iot.server.core.dao.docker.DockerMetaLastTimeDao;
 import com.zhongshu.iot.server.core.dataConfig.ResultMessage;
@@ -44,10 +44,10 @@ public class DockerMetaService extends SuperService {
     private DockerMetaLastTimeDao dockerMetaLastTimeDao;
 
     @Autowired
-    HttpServletRequest request;
+    private HttpServletRequest request;
 
     @Autowired
-    private AkSkConfigTimeDao akSkConfigTimeDao;
+    private AkSkConfigDao akSkConfigTimeDao;
 
     /**
      * 添加docker元数据