WO2021012236A1

WO2021012236A1 - Resource publishing method and device

Info

Publication number: WO2021012236A1
Application number: PCT/CN2019/097581
Authority: WO
Inventors: 张军
Original assignee: Oppo广东移动通信有限公司
Priority date: 2019-07-24
Filing date: 2019-07-24
Publication date: 2021-01-28
Also published as: CN113439427B; CN113439427A

Abstract

Disclosed are a resource publishing method and device. The method comprises: a cloud limited device establishing a connection with a cloud proxy device; and the cloud limited device carrying out the transmission of information with the cloud proxy device on the basis of the connection, wherein the information is used for the cloud proxy device to issue a resource to a cloud device.

Description

Method and equipment for publishing resources

Technical field

This application relates to the field of Internet of Things communication technology, in particular to a method and equipment for publishing resources.

Background technique

The Open Connectivity Foundation (OCF, Open Connectivity Foundation) is an emerging IoT application layer technology standard organization. OCF develops a Restful service framework for interconnection among IoT devices. The OCF deployment architecture can include OCF equipment and OCF cloud equipment; OCF cloud equipment accepts OCF equipment to release resources. In this case, the OCF device that releases resources to the OCF cloud device needs to have the ability to connect to the cloud. The OCF device and the OCF cloud device establish and maintain a secure transport layer protocol (TLS, Transport Layer Security) long connection to achieve resource release and remote Communication.

However, for OCF devices that do not have access to OCF cloud devices, because they cannot connect to OCF cloud devices, they cannot publish resources. There is no effective solution to this problem.

Summary of the invention

The embodiments of the present application provide a resource release method and device.

In the first aspect, the resource release method provided by the embodiment of the present application includes: a cloud-constrained device establishes a connection with a cloud proxy device; the cloud-constrained device transmits information with the cloud proxy device based on the connection, The information is used by the cloud proxy device to release resources to the cloud device.

In the second aspect, the resource release method provided by the embodiment of the present application includes: a cloud proxy device establishes a connection with a cloud restricted device; the cloud proxy device transmits information with the cloud restricted device based on the connection, based on The information publishes the resources of the cloud restricted device to the cloud device.

In the third aspect, the resource publishing method provided by the embodiment of the present application includes: a cloud device obtains resources published by a cloud proxy device; the resource is obtained by the cloud proxy device based on a connection with a cloud-restricted device The resource of the cloud-restricted device; the cloud device publishes the resource.

In a fourth aspect, in the cloud-restricted device provided by an embodiment of the present application, the device includes: a first connection establishment unit and a first transmission unit; wherein,

The first connection establishing unit is configured to establish a connection with a cloud proxy device;

The first transmission unit is configured to transmit information with the cloud proxy device based on the connection, and the information is used by the cloud proxy device to release resources to the cloud device.

In the fifth aspect, in the cloud proxy device provided by the embodiment of the present application, the cloud proxy device includes: a second connection establishment unit, a second transmission unit, and a third transmission unit; wherein,

The second connection establishment unit is configured to establish a connection with a cloud restricted device;

The second transmission unit is configured to transmit information with the cloud restricted device based on the connection;

The third transmission unit is configured to release the resources of the cloud-restricted device to the cloud device based on the information transmitted by the second transmission unit.

In the sixth aspect, in the cloud device provided by the embodiment of the present application, the cloud device includes a fourth transmission unit and a publishing unit; wherein,

The fourth transmission unit is configured to obtain resources issued by the cloud proxy device; the resources are resources of the cloud restricted device obtained by the cloud proxy device based on the connection with the cloud restricted device;

The publishing unit is configured to publish the resource.

In the seventh aspect, the device provided by the embodiment of the present application includes a processor and a memory. The memory is used to store a computer program, and the processor is used to call and run the computer program stored in the memory to execute the resource release method of the first aspect, the second aspect, or the third aspect.

The chip provided in the embodiment of the present application is used to implement the above-mentioned terminal resource release method.

Specifically, the chip includes: a processor, configured to call and run a computer program from the memory, so that the device installed with the chip executes the resource release method of the first aspect, the second aspect, or the third aspect.

The computer-readable storage medium provided by the embodiment of the present application is used to store a computer program that enables a computer to execute the resource release method of the first aspect, the second aspect, or the third aspect.

The computer program product provided by the embodiments of the present application includes computer program instructions that cause a computer to execute the resource release method of the first aspect, the second aspect, or the third aspect.

The computer program provided by the embodiment of the present application, when it runs on a computer, causes the computer to execute the resource release method of the first aspect, the second aspect, or the third aspect.

Through the above technical solution, the connection between the cloud proxy device and the cloud restricted device is established, so that the cloud restricted device that cannot interact with the cloud device publishes resources through the cloud proxy device, which solves the problem that the cloud restricted device cannot publish resources to the cloud device .

Description of the drawings

The drawings described here are used to provide a further understanding of the application and constitute a part of the application. The exemplary embodiments and descriptions of the application are used to explain the application and do not constitute an improper limitation of the application. In the attached picture:

FIG. 1a and FIG. 1b are both schematic diagrams of an OCF system architecture provided by an embodiment of the present application;

FIG. 2 is a schematic flowchart of a resource publishing method provided by an embodiment of the present application;

FIG. 3 is a schematic flowchart 1 of a specific example of a resource publishing method provided by an embodiment of the present application;

FIG. 4 is a second schematic flowchart of a specific example of a resource publishing method provided by an embodiment of the present application;

FIG. 5 is a third schematic flowchart of a specific example of a resource publishing method provided by an embodiment of the present application;

FIG. 6 is a schematic diagram of a structural composition of a cloud restricted device provided by an embodiment of the present application;

FIG. 7 is a schematic diagram of a structural composition of a cloud proxy device provided by an embodiment of the present application;

FIG. 8 is a schematic diagram 1 of the structural composition of a cloud device provided by an embodiment of the present application;

FIG. 9 is a second schematic diagram of the structural composition of a cloud device provided by an embodiment of the present application;

FIG. 10 is a third schematic diagram of the structural composition of a cloud device provided by an embodiment of the present application;

FIG. 11 is a fourth schematic diagram of the structural composition of a cloud device provided by an embodiment of the present application;

Figure 12 is a schematic structural diagram of a device provided by an embodiment of the present application;

FIG. 13 is a schematic structural diagram of a chip of an embodiment of the present application.

Detailed ways

The technical solutions in the embodiments of the present application will be described below in conjunction with the drawings in the embodiments of the present application. Obviously, the described embodiments are a part of the embodiments of the present application, not all of the embodiments. Based on the embodiments in this application, all other embodiments obtained by those of ordinary skill in the art without creative work shall fall within the protection scope of this application.

The technical solutions of the embodiments of this application can be applied to the OCF system. OCF develops a Restful service framework for interconnection and intercommunication between IoT devices. In the OCF Restful service framework, resources can be used to express the functional services of IoT devices and IoT devices And information such as status data; wherein, the status data may be environmental status data obtained by an Internet of Things device. Figures 1a and 1b are schematic diagrams of an OCF system architecture provided by an embodiment of the present application; as shown in Figure 1a, the entity providing resources can be called an OCF server (hereinafter referred to as a server), and an entity accessing resources It can be called an OCF client (hereinafter referred to as a client). For example, the control terminal that obtains indoor environment status data can be the client, and the sensor device that monitors the indoor environment status data can be the server. The business interaction between the client and the server is through the creation, reading, updating, deleting or notification of resources These resource operation methods are implemented.

The interaction between the client and the server can be referred to as shown in Figure 1a. The client 11 sends a request to the server 12, and the request is used to operate the resources on the server 12; the server 12 executes the corresponding request The resource operation is performed, and a response is returned to the client 11, and the response carries the expression of the resource.

As an implementation manner, the client sends an update (POST) resource request to the server to perform operations on the resources on the server. The object of the update resource request operation may be, for example, a uniform resource identifier (URI, Uniform Resource Identifier). ). For example, if there is an environment temperature resource on the server, the resource URI can be "/environmentTemperature". The server returns an update resource response to the client, and the update resource response carries an expression of the resource.

Among them, the expression of the resource may include at least one of the following: resource URI, resource type, resource interface, and functional attributes of the resource. The specific definition is as follows:

Resource URI: Use "href" in the resource description to indicate the address of the server resource. The value of "href" is the specific resource URI; the client accesses the server resource through the resource URI;

Resource type: "rt" is used in the resource description to indicate the type of resource. For example, the resource type "rt" is "oic.r.temperature", which indicates the temperature resource type;

Resource interface: "if" is used in the resource description to indicate the view of resources and the response to resource support. For example, the resource interface "if" is "oic.if.a", which means the controller interface;

Resource attribute: Describe the attribute information of the resource in the resource description. For example, the attribute information of the resource is "targetTemperature", which represents the target temperature attribute of the temperature resource, and the attribute information of the resource is "currentTemperature", which represents the current temperature attribute of the temperature resource. For another example, the attribute information of the resource is "temperatureRange", which represents the temperature range attribute of the temperature resource.

OCF defines the resource discovery resource "/oic/res" that all OCF devices must support. It is used for the discovery of OCF devices and resources. The resource discovery resource provides the function of device resource discovery. The URI of the resource discovery resource is fixed as "/oic/ res".

In order to express the association relationship between resources, OCF defines resource links (resource Links). The server can provide its own resources in the form of resource links, so that the client can discover the resources of the server.

Among them, the content of the resource link is as follows:

The content of the resource link includes:

■ anchor: is the context URI, representing the URI of the owner resource that contains the resource link;

■ href: target URI, that is, the URI of the target resource referenced in the resource link;

■rt: indicates the resource type identifier of the target resource;

■if: indicates the interface supported by the target resource;

■eps: indicates the endpoint that can access the target resource;

Since the OCF standard protocol uses the CoAP protocol to carry OCF messages in the transport layer, each server needs to have an endpoint, and each OCF device must be associated with at least one endpoint to send and receive OCF messages. The client can access the target resource of the server through the endpoint. The "eps" array is used in the resource link parameters to represent the endpoint of the target resource, and the specific endpoint is represented by "ep", that is, the target resource can be accessed through the address of the "ep" value in the "eps" parameter. For example, in the aforementioned resource link example, the client can access the target indicated by the "href" parameter through the endpoint "coaps://[2001:db8:b::c2e5]:22222" indicated by the "ep" value in the "eps" parameter Resource "/myLightSwitch".

When the OCF device and the control terminal are not in the same local network, as shown in Figure 1b, the OCF device and the control terminal can communicate through the OCF cloud device. Wherein, the OCF device may specifically be the server in FIG. 1a, the server may be, for example, a sensor capable of collecting environmental data, and the control terminal may specifically be the client in FIG. 1a, and the client may be a mobile phone, for example. , Computers and other electronic equipment; the electronic equipment can be installed with a specific application (APP), and the resource can be accessed through the specific application.

Among them, OCF cloud devices can include:

Cloud interface: Responsible for the access management of OCF equipment and the message routing of OCF equipment remote communication;

Authorization server: Responsible for the registration of OCF devices, and verify the access token of OCF devices;

Resource catalog: Responsible for providing resource publishing and query services. The OCF device publishes resource links to the resource catalog. The resource catalog publishes the resource links published by the OCF device. The OCF client can obtain the resource information of the target device by searching the resource catalog.

In order to support resource release and resource discovery, OCF cloud devices need to implement resource catalog resources. The URI of the resource catalog resource is "/oic/rd", and the resource type is "oic.wk.rd". The publishing device (that is, the OCF device that publishes the resource link) publishes resources to the "/oic/rd" of the OCF cloud device. The published content is the resource link of the OCF device. After the resource catalog service of the OCF cloud device accepts the resource publishing request, it will OCF The resource link of the device is published under the "/oic/res" resource of the OCF cloud device. The client can discover the resources of other OCF devices by querying the OCF cloud device. The resource directory represents the publishing device and provides the resource information of the OCF device. After the client discovers the resource information of the OCF device, it requests interaction with the corresponding OCF device through the OCF cloud device .

In the embodiments of the present application, various communication systems can be used to interact between the OCF cloud device and the OCF device, and between the OCF device and the configurator. The communication system is, for example, Global System of Mobile communication (GSM) system, Code Division Multiple Access (CDMA) system, Wideband Code Division Multiple Access (WCDMA) system, general Packet Radio Service (General Packet Radio Service, GPRS), Long Term Evolution (LTE) system, LTE Frequency Division Duplex (FDD) system, LTE Time Division Duplex (TDD), General Mobile communication system (Universal Mobile Telecommunication System, UMTS), Worldwide Interoperability for Microwave Access (WiMAX) communication system, Wireless Local Area Networks (WLAN), Internet of Things System (IoT) ) Or 5G system, etc. Among them, the 5G system or 5G network may also be referred to as a New Radio (NR) system or NR network.

In the embodiments of the present application, when the OCF device and the OCF cloud device cannot be connected, the OCF device is called a cloud restricted device.

It should be understood that the terms "system" and "network" in this article are often used interchangeably in this article. The term "and/or" in this article is only an association relationship describing associated objects, which means that there can be three relationships, for example, A and/or B, which can mean: A alone exists, A and B exist at the same time, exist alone B these three situations. In addition, the character "/" in this text generally indicates that the associated objects before and after are in an "or" relationship.

The technical solutions of the embodiments of the present application are mainly applied to IoT systems. Of course, the technical solutions of the embodiments of the present application are not limited to IoT systems, and can also be applied to other types of communication systems.

The embodiment of the present application provides a resource release method. Fig. 2 is a schematic flowchart of a resource release method provided by an embodiment of the present application; as shown in Fig. 2, the method includes:

Step 201: The cloud restricted device establishes a connection with the cloud proxy device;

Step 202: The cloud-constrained device transmits information with the cloud proxy device based on the connection, and the information is used by the cloud proxy device to release resources to the cloud device;

Step 203: The cloud restricted device releases the resources of the cloud restricted device to the cloud device based on the information;

Step 204: The cloud device obtains the resource issued by the cloud proxy device, and publishes the resource; the resource is the resource of the cloud restricted device obtained by the cloud proxy device based on the connection with the cloud restricted device.

In step 201 of this embodiment, establishing the connection between the cloud restricted device and the cloud proxy device includes: the cloud restricted device obtains information of the cloud proxy device, and establishes a connection with the cloud proxy device based on the information. Correspondingly, establishing a connection between the cloud proxy device and the cloud restricted device includes: the cloud proxy device sends the cloud proxy device information to the cloud restricted device, and the cloud proxy device information is used for the cloud recipient Only the device establishes a connection with the cloud proxy device.

Obtaining the cloud proxy device information in this embodiment may include the following methods:

As an implementation manner, obtaining the cloud proxy device information by the cloud restricted device includes: the cloud restricted device receiving configuration information sent by a configurator, and the configuration information includes the cloud proxy device information.

It can be understood that although the cloud restricted device cannot establish a connection with the cloud device, it can interact with the configurator. Wherein, the cloud-constrained device may interact with the configurator through, for example, a local area network or short-distance communication, to obtain the configuration information sent by the configurator. Wherein, the local area network is, for example, wireless fidelity (Wi-Fi); the short distance communication is, for example, Bluetooth communication, Near Field Communication (NFC), and so on.

As another implementation manner, obtaining the cloud proxy device information by the cloud restricted device includes: the cloud restricted device sends a discovery request message by broadcast or multicast; the discovery request message includes cloud proxy resources Type; the cloud restricted device receives a discovery response message; the discovery response message includes the cloud proxy device information. Correspondingly, the sending of the cloud proxy device information to the cloud restricted device by the cloud proxy device includes: the cloud proxy device receiving a discovery request message sent by the cloud restricted device in a broadcast or multicast manner The discovery request message includes the cloud proxy resource type; the cloud proxy device sends a discovery response message to the cloud restricted device; the discovery response message includes the cloud proxy device information.

It can be understood that although the cloud-limited device cannot establish a connection with the cloud device, it can interact with the cloud proxy device. Wherein, the cloud-constrained device can exchange information with the cloud proxy device through, for example, a local area network or short-distance communication, and the cloud-constrained device can send discovery request messages through unicast, broadcast, or multicast; in the same local area network The cloud proxy device within or within the preset distance range can receive the discovery request message, determine the cloud proxy resource type in the discovery request message, and send a discovery response message to the cloud restricted device . Wherein, the local area network is for example Wi-Fi; the short-distance communication is for example Bluetooth communication and so on.

Wherein, the information of the cloud proxy device includes at least one of the following: a cloud proxy resource identifier of the cloud proxy device, and endpoint information of the cloud proxy resource.

In an optional embodiment of the present application, that the cloud restricted device transmits information to the cloud proxy device based on the connection includes: the cloud restricted device instructs the cloud proxy device to send information to the cloud proxy device based on the connection Cloud devices publish resources. Correspondingly, the cloud proxy device transmits information to the cloud restricted device based on the connection, and releases resources to the cloud device based on the information, including: the cloud proxy device obtains the cloud restricted device based on the connection Based on the instructions, release resources to the cloud device.

In this embodiment, the cloud-restricted device instructing the cloud proxy device to release resources to the cloud device based on the connection includes: the cloud-restricted device sends a first resource publishing request message to the cloud proxy device, and A resource release request message is used to instruct the cloud proxy device to release resources to the cloud device. Correspondingly, the cloud proxy device obtains an instruction from the cloud restricted device based on the connection, and releases resources to the cloud device based on the instruction, including: the cloud proxy device receives the cloud restricted device based on the connection The first resource publishing request message sent, the first resource publishing request message is used to instruct the cloud proxy device to publish resources to the cloud device; the cloud proxy device sends a second resource publishing request message to the cloud device; the second resource The resource requested by the publishing request message is a resource catalog resource; the second resource publishing request message includes at least one of the following: the identifier of the cloud restricted device, the second resource link of the cloud restricted device; The endpoint of the resource in the second resource link of the restricted device is the endpoint of the cloud proxy device; the cloud proxy device obtains the first resource release response message sent by the cloud device, and sends the second resource release response message to the cloud restricted device. The resource publishes a response message. Correspondingly, the cloud restricted device receives the second resource release response message sent by the cloud proxy device.

For a cloud device, the cloud device receiving the resource released by the cloud proxy device includes: the cloud device receives a second resource release request message sent by the cloud proxy device; the resource requested by the second resource release request message Is a resource catalog resource; sending a first resource release response message to the cloud proxy device.

In this embodiment, the resource requested by the first resource release request message includes the following manners:

As an implementation manner, the resource requested by the first resource publishing request message is a cloud proxy resource; the first resource publishing request message includes at least one of the following: a proxy publishing resource indication, an identifier of the cloud restricted device, The first resource link of the cloud restricted device; the endpoint of the resource in the first resource link of the cloud restricted device is the endpoint of the cloud restricted device. Wherein, the proxy publishing resource indication is used to instruct the cloud proxy device to publish proxy resources for the cloud restricted device; the identifier of the cloud restricted device indicates the target cloud restricted device that needs to be proxied by the cloud proxy device to publish resources; The first resource link of the cloud restricted device indicates the resource that needs to be published to the cloud device.

As another implementation manner, the resource requested by the first resource release request message is a resource catalog resource; the first resource release request message includes at least one of the following: the identifier of the cloud restricted device, the cloud receiver The first resource link of the restricted device; the endpoint of the resource in the first resource link of the cloud restricted device is the endpoint of the cloud restricted device.

Wherein, optionally, the first resource release request message may further include at least one of the following: the effective time of the released resource and an indication of the cloud-restricted device; the second resource release request message may also include at least one of the following One: The effective time of publishing resources, the instructions of cloud-constrained devices. Wherein, the indication of the cloud restricted device indicates that the device publishing the resource is a cloud restricted device.

Wherein, optionally, the target identifier in the second resource link of the cloud restricted device includes the identifier of the target resource and the identifier of the cloud restricted device.

In this embodiment, the cloud device publishing the resource includes: the cloud device adding the second resource link to the resource catalog; wherein the endpoint of the published resource is the endpoint of the cloud device.

As an optional implementation manner, adding the second resource link to the resource catalog by the cloud device includes: in the case that the second resource release request message includes an indication of the cloud restricted device, or, In the case that the target identifier in the second resource link of the cloud restricted device includes the identifier of the target resource and the identifier of the cloud restricted device, the published identifier of the target resource is the same as the target in the second resource link The identifiers of the resources are the same.

In an optional embodiment of the present application, before the cloud restricted device sends the first resource release request message to the cloud proxy device, the method further includes: the cloud restricted device sends the cloud proxy device to the cloud proxy device. The device sends a first cloud registration request message; the cloud restricted device receives a second cloud registration response message sent by the cloud proxy device; the second cloud registration response message includes at least one of the following: the user ID, the The access token of the cloud restricted device, the valid duration of the access token, and the update token of the cloud restricted device. Correspondingly, before the cloud proxy device receives the first resource release request message sent by the cloud restricted device based on the connection, the method further includes: the cloud proxy device receives the first resource release request message sent by the cloud restricted device A cloud registration request message, sending a second cloud registration request message to the cloud device; the cloud proxy device receives a first cloud registration response message sent by the cloud device; the first cloud registration response message includes at least one of the following One: the user identification, the access token of the cloud restricted device, the validity period of the access token, the update token of the cloud restricted device; the cloud proxy device sends the cloud restricted device Send a second cloud registration response message; the second cloud registration response message includes at least one of the following: the user identifier, the access token of the cloud-restricted device, the effective duration of the access token, the cloud Renewal token for restricted device. Correspondingly, the cloud restricted device receives a second cloud registration response message sent by the cloud proxy device.

For a cloud device, before the cloud device obtains the resources released by the cloud proxy device, the method further includes: the cloud device receives a second cloud registration request message sent by the cloud proxy device; The cloud restricted device allocates an access token, and associates the cloud restricted device with a user ID; the cloud device sends a first cloud registration response message to the cloud proxy device; the first cloud registration response message includes the following At least one of: the user identification, the access token of the cloud restricted device, the valid duration of the access token, and the update token of the cloud restricted device.

In this embodiment, the resources requested by the first cloud registration request message and the second cloud registration request message include the following methods:

As an implementation manner, the resource requested by the first cloud registration request message is a cloud proxy resource; the first cloud registration request message includes at least one of the following: proxy cloud registration instruction, identification of the cloud restricted device, The security credential information of the cloud restricted device; the resource requested by the second cloud registration request message is an account resource; the second cloud registration request message includes at least one of the following: the identity of the cloud restricted device, The security credential information and user identification of the cloud restricted device. Wherein, the proxy cloud registration instruction is used to instruct the cloud proxy device to perform proxy cloud registration for the cloud restricted device; the identifier of the cloud restricted device indicates the target cloud restricted device that needs to be registered by the cloud proxy device proxy; the cloud The security credential information of the restricted device is used for the cloud device to perform security authentication on the registered cloud restricted device.

As another implementation manner, the resource requested by the first cloud registration request message is an account resource; the first cloud registration request message includes at least one of the following: the identifier of the cloud restricted device, and the access token . Wherein, the access token is the access token of the cloud restricted device obtained by the configurator from the cloud device before the connection between the cloud restricted device and the cloud proxy device is established. The resource requested by the second cloud registration request message is an account resource; the second cloud registration request message includes at least one of the following: the identifier of the cloud restricted device and the access token. In this embodiment, the method further includes: the cloud restricted device obtains an access token sent by the configurator. The resource requested by the second cloud registration request message is an account resource; the second cloud registration request message includes at least one of the following: the identifier of the cloud restricted device and the access token.

In an optional embodiment of the present application, before the cloud restricted device sends the first resource release request message to the cloud proxy device, the method further includes: the cloud restricted device sends the cloud proxy device to the cloud proxy device. The device sends a first cloud login request message; the cloud restricted device receives a second cloud login response message sent by the cloud proxy device; the second cloud login response message includes the valid time of the access token. Correspondingly, before the cloud proxy device receives the first resource release request message sent by the cloud restricted device based on the connection, the method further includes: the cloud proxy device receives the first resource release request message sent by the cloud restricted device A cloud login request message, sending a second cloud login request message to the cloud device; the cloud proxy device receives a first cloud login response message sent by the cloud device; the first cloud login response message includes an access token The cloud proxy device sends a second cloud login response message to the cloud restricted device; the second cloud login response message includes the effective time of the access token. Correspondingly, the cloud restricted device receives a second cloud login response message sent by the cloud proxy device.

For a cloud device, before the cloud device obtains the resources issued by the cloud proxy device, the method further includes: the cloud device receives a second cloud login request message sent by the cloud proxy device; The cloud proxy device sends a first cloud login response message; the first cloud login response message includes the valid time of the access token.

In this embodiment, the resources requested by the first cloud login request message and the second cloud login request message include the following methods:

As an implementation manner, the resource requested by the first cloud login request message is a cloud proxy resource; the first cloud login request message includes at least one of the following: proxy cloud login instruction, identification of the cloud restricted device, The access token of the cloud restricted device. The resource requested by the second cloud login request message is a session resource; the second cloud login request message includes at least one of the following: a cloud login instruction, an identifier of the cloud restricted device, and access to the cloud restricted device Token, user ID. Wherein, the proxy cloud login instruction is used to instruct the cloud proxy device to perform proxy cloud login as a cloud restricted device. The cloud login instruction is for cloud-limited devices to perform cloud login.

As another implementation manner, the resource requested by the first cloud login request message is a session resource; the first cloud login request message includes at least one of the following: a cloud login instruction, an identifier of the cloud restricted device, and The access token and user identification of the cloud restricted device. The resource requested by the second cloud login request message is a session resource; the second cloud login request message includes at least one of the following: a cloud login instruction, an identifier of the cloud restricted device, and access to the cloud restricted device Token, user ID. Wherein, the cloud login instruction is cloud login by a cloud restricted device.

In an optional embodiment of the present application, the method further includes: the cloud restricted device sends a first update token request message to the cloud proxy device; the cloud restricted device receives the cloud proxy A second update token response message sent by the device; the second update token response message includes at least one of the following: a new access token, an update token, and the validity time of the new access token. Correspondingly, the method further includes: the cloud proxy device receives a first update token request message sent by the cloud restricted device, and sends a second update token request message to the cloud device; the cloud proxy device Receive a first update token response message sent by the cloud device; the first update token response message includes at least one of the following: a new access token, an update token, and the validity time of the new access token The cloud proxy device sends a second update token response message to the cloud restricted device; the second update token response message includes at least one of the following: a new access token, an update token, the new The effective time of the access token. Correspondingly, the cloud restricted device receives the second update token response message sent by the cloud proxy device.

For a cloud device, the cloud device receives a second update token request message sent by the cloud proxy device; the cloud device updates a new access token, and sends a first update token response to the cloud proxy device Message; the first update token response message includes at least one of the following: a new access token, an update token, and the validity time of the new access token.

In this embodiment, the resources requested by the first update token request message and the second update token request message include the following manners:

As an implementation manner, the resource requested by the first update token request message is a cloud proxy resource; the first update token request message includes at least one of the following: proxy update token indication, the cloud restricted device ID, update token, user ID. The resource requested by the second update token request message is an update token resource; the second update token request message includes at least one of the following: an identifier of the cloud restricted device, an update token, and a user identifier.

As another implementation manner, the resource requested by the first update token request message is an update token resource; the first update token request message includes at least one of the following: the identification of the cloud restricted device, the update Token, user ID. The resource requested by the second update token request message is an update token resource; the second update token request message includes at least one of the following: an identifier of the cloud restricted device, an update token, and a user identifier.

In an optional embodiment of the present application, before the cloud restricted device sends the first resource release request message to the cloud proxy device, the method further includes: the cloud restricted device sends the cloud proxy device to the cloud proxy device. The device sends a first device binding request message; the resource requested by the first device binding request message is a cloud proxy resource; the cloud restricted device receives a second device binding response message sent by the cloud proxy device. Correspondingly, before the cloud proxy device receives the first resource release request message sent by the cloud restricted device based on the connection, the method further includes: the cloud proxy device receives the first resource release request message sent by the cloud restricted device A device binding request message; the resource requested by the first device binding request message is a cloud proxy resource; the cloud proxy device sends a second device binding request message to the cloud device; the second device binding The resource requested by the request message is a binding resource; the cloud proxy device receives the first device binding response message sent by the cloud device; the first device binding response message includes a user identifier; the cloud proxy device sends the The cloud restricted device sends a second device binding response message; the second device binding response message includes a user identifier. Correspondingly, the cloud restricted device receives the second device binding response message sent by the cloud proxy device.

For a cloud device, the cloud device receives a second device binding request message sent by the cloud proxy device; the resource requested by the second device binding request message is a binding resource; the second device is bound The request message includes at least one of the following: the identity of the cloud-restricted device, the security credential, and the security identity of the cloud-restricted device; the cloud device associates the cloud-restricted device with a user identity, and reports to the cloud The device sends a first device binding response message; the first device binding response message includes a user identifier.

In an optional embodiment, the method further includes: the cloud device associating the cloud restricted device with the access token of the cloud proxy device.

Wherein, the first device binding request message includes at least one of the following: a proxy device binding instruction, an identifier of the cloud restricted device, and a security credential of the cloud restricted device; and the second device binding response The message includes the user identification.

The resource release method of the embodiment of the present application will be described in detail below with reference to specific examples. In the following examples of this application, the endpoint of the cloud restricted device can be expressed as: "coaps://[fe80::2]:2222"; the identifier of the cloud restricted device can be expressed as: "88b7c7f0-4b51-4e0a- 9faa-cfb439fd7f49"; the endpoint of the cloud proxy device can be expressed as: "coaps://[fe80::3]:3333"; the endpoint of the cloud device can be expressed as: "coaps+tcp://[2001:db8:a ::123]:3333".

Example one

Fig. 3 is a schematic flowchart 1 of a specific example of a resource publishing method provided by an embodiment of the present application; as shown in Fig. 3, the method includes:

Step 301: The cloud proxy device establishes a connection with the cloud device, and the cloud device establishes an association between the cloud proxy device and the user identity.

Here, during the process of connecting the cloud proxy device to the cloud device or after the cloud device is connected, the cloud device has been associated with the cloud proxy device and the user identity. Wherein, the user ID may be an ID assigned to the user by the system after the user completes user registration through the client (or configurator). The user ID can be bound to the user account. For example, the user can register through the client APP, and the user ID assigned by the system can be obtained after the registration is completed.

Step 302: The cloud restricted device obtains the information of the cloud proxy device.

Among them, there are two ways for cloud restricted devices to obtain cloud proxy device information:

Method 1: The configurator directly configures the cloud proxy device information for the cloud restricted device, including:

Step 3021a: The configurator sends configuration information to the cloud restricted device, where the configuration information includes cloud proxy device information.

As an implementation manner, the configurator may configure cloud proxy device information for the cloud restricted device by updating configuration resources. For example, the cloud proxy device configuration resource on the cloud restricted device is expressed as "oic.r.proxyconf". Wherein, the configuration information may include the cloud proxy resource URI and endpoint information of the cloud proxy device. For example, the cloud proxy resource URI is "/oic/cloudproxy", and the endpoint of the cloud proxy resource is "coaps://[fe80::2" ]:3333".

Step 3022a: The cloud restricted device sends a response message to the configurator, where the response message is used to confirm that the cloud proxy device information is successfully configured.

Method 2: Cloud restricted devices actively discover cloud proxy devices, including:

Step 3021b: The cloud restricted device sends a cloud proxy device discovery request, and the cloud proxy device discovery request includes the cloud proxy resource type.

Wherein, the cloud-restricted device may send a cloud proxy device discovery request through broadcast or multicast. Among them, the proxy resource type of the cloud proxy resource can be "oic.r.cloudproxy".

Step 3022b: The cloud proxy device receives the cloud proxy device discovery request, and sends a cloud proxy device discovery response to the cloud restricted device.

Wherein, the cloud proxy device discovery response may include at least one of the following: the proxy resource type of the cloud proxy device, the cloud proxy resource URI, and the endpoint information of the cloud proxy resource. For example, the proxy resource type of the returned cloud proxy device is "oic.r.cloudproxy", the cloud proxy resource URI is "/oic/cloudproxy", and the endpoint of the cloud proxy resource is "coaps://[fe80::2]: 3333".

Step 303: The cloud restricted device and the cloud proxy device establish a secure connection.

Among them, the cloud restricted device establishes a secure connection with the cloud proxy device based on the obtained information of the cloud proxy device.

Step 304: The cloud restricted device sends a first cloud registration request message to the cloud proxy device, and the resource URI requested by the first cloud registration request message is the cloud proxy resource URI. For example, the cloud proxy resource URI is "/oic/cloudproxy".

The first cloud registration request message may include at least one of the following: a proxy cloud registration instruction, an identifier of a cloud restricted device, and a security credential of the cloud restricted device. Wherein, the proxy cloud registration instruction is used to instruct the cloud proxy device to perform proxy cloud registration for the cloud restricted device; the identifier of the cloud restricted device indicates the target cloud restricted device that needs to be registered by the cloud proxy device proxy, the cloud The security certificate of the restricted device is used for the cloud device to perform security authentication on the registered cloud restricted device.

Step 305: The cloud proxy device sends a second cloud registration request message to the cloud device, and the resource URI requested by the second cloud registration request message is the account resource URI.

Among them, the account resource URI is "/oic/sec/account". The second cloud registration request message may include at least one of the following: the identity of the cloud restricted device, the security credential of the cloud restricted device, and the user identity.

Step 306: The cloud device accepts the cloud registration request corresponding to the second cloud registration request message, allocates an access token to the cloud restricted device, and associates the identity of the cloud restricted device with the user identity.

Through this step, the cloud restricted device and the cloud proxy device are both associated with the user identification.

It should be noted that in step 301, when the cloud proxy device is connected to the cloud device, the cloud device allocates an access token to the cloud proxy device, and the allocated access token information may include access token, update token, and access Information such as the expiration time of the token. Here, the access token information allocated by the cloud device to the cloud restricted device may be the same as the access token information allocated to the cloud proxy device, or it may be access token information different from the access token information allocated to the cloud proxy device.

Step 307: The cloud device sends a first cloud registration response message to the cloud proxy device; the first cloud registration response message may include at least one of the following: user identification, access token of the cloud restricted device, and expiration of the access token Time, the update token of the cloud restricted device.

Step 308: The cloud proxy device sends a second cloud registration response message to the cloud restricted device; the second cloud registration response message includes at least one of the following: user identification, access token of the cloud restricted device, and access token Expiration time, update token of cloud restricted device.

Step 309: The cloud restricted device sends a first cloud login request message to the cloud proxy device, and the resource URI requested by the first cloud login request message is the cloud proxy resource URI. For example, the cloud proxy resource URI is "/oic/cloudproxy".

Here, the first cloud login request message may include at least one of the following: a proxy cloud login instruction, an identifier of the cloud restricted device, and an access token of the cloud restricted device. Wherein, the proxy cloud login instruction is used to instruct the cloud proxy device to perform proxy cloud login for the cloud restricted device; the identifier of the cloud restricted device indicates the target cloud restricted device that needs to be proxy login by the cloud proxy device; the cloud The access token of the restricted device is used for the cloud device to perform security authentication on the logged-in cloud restricted device.

Step 310: The cloud proxy device sends a second cloud login request message to the cloud device, and the resource URI requested by the second cloud login request message is a session resource URI; for example, the session resource URI is "/oic/sec/session" .

Here, the second cloud login request message includes at least one of the following: an identification of the cloud restricted device, an access token of the cloud restricted device, a user identification, and a cloud login instruction. The cloud login instruction is for cloud-limited devices to perform cloud login.

Step 311: The cloud device accepts the second cloud login request message and responds to device login. The cloud device sends a first cloud login response message to the cloud proxy device; the first cloud login response message includes the access of the cloud restricted device The remaining expiration time of the token.

Step 312: The cloud proxy device sends a second cloud login response message to the cloud restricted device, where the second cloud login response message includes the remaining expiration time of the cloud restricted device access token.

It should be noted that step 309-step 312 are optional steps, that is, the device login process is optional. The purpose of device login is to confirm that the device maintains a session with the cloud device for subsequent communication. When the cloud proxy device is logged in, it means that the session between the cloud proxy device and the cloud device is in a state of being maintained, and the cloud restricted device’s message Routing can reuse the conversation between the cloud proxy device and the cloud device, so the cloud restricted device does not need to log in to the cloud.

Step 313: The cloud restricted device sends a first resource publishing request message to the cloud proxy device. The resource URI requested by the first resource publishing request message is the cloud proxy resource URI; for example, the cloud proxy resource URI is "/oic/cloudproxy" .

Here, the first resource publishing request message includes at least one of the following: an agent publishing resource indication, an identifier of a cloud-restricted device, and a resource link of the cloud-restricted device; wherein, the endpoint of the resource in the resource link is the Endpoints of restricted devices in the cloud. Wherein, the proxy publishing resource indication is used to instruct the cloud proxy device to publish proxy resources for the cloud restricted device; the identifier of the cloud restricted device indicates the target cloud restricted device that needs to be proxied by the cloud proxy device to publish resources; The resource link of the cloud restricted device indicates the resource that needs to be published to the cloud device.

In an optional embodiment of the present application, the first resource publishing request message may also include the effective time of publishing the resource, that is, the maximum survival time of the resource link published to the resource catalog of the cloud device. Before the period, the cloud device does not receive the resource release request updated by the cloud restricted device, and the resource catalog of the cloud device no longer saves the published resource link.

In an optional embodiment of the present application, the first resource release request message may also include an indication of a cloud restricted device, and the indication of the cloud restricted device is used to indicate that the device that releases the resource is cloud restricted. equipment.

For example, the content of a cloud restricted device requesting proxy resource publishing is as follows, where the bold font indicates the resource link of the cloud restricted device; the endpoint information in the resource link is the endpoint information of the cloud restricted device itself:

Among them, "di" is the device identifier of the cloud restricted device, "ttl" is the published resource link lifetime (that is, the effective time of the resource link), "dt" is the cloud restricted device indication, and "proxyaction" is the proxy publishing resource Instructions, "links" are resource links for restricted devices in the cloud.

Step 314 The cloud proxy device sends a second resource publishing request message to the cloud device. The resource URI requested by the second resource publishing request message is a resource catalog resource URI; for example, the resource catalog resource URI is "/oic/rd".

Here, the second resource release request message includes at least one of the following: the identifier of the cloud restricted device, and the resource link of the cloud restricted device; wherein, the endpoint of the resource in the resource link is the endpoint of the cloud proxy device; The target URI in the resource link includes the identifier of the cloud restricted device.

In an optional embodiment of the present application, the second resource release request message may also include an indication of a cloud-restricted device, and the indication of the cloud-restricted device is used to indicate that the device providing the resource link is a cloud-receiving device. Limited equipment.

In this embodiment, the cloud proxy device maintains the association between the endpoint information in the cloud restricted device resource release and the endpoint information in the resource link issued by the cloud proxy device proxy. That is, for the cloud restricted device resources published to the cloud proxy device, the endpoint of the cloud restricted device resource published by the cloud proxy device to the cloud device proxy is the endpoint of the cloud proxy device itself, not the endpoint of the cloud restricted device.

When the same type of cloud restricted devices publish resources, the "href" parameter in the resource link provided by them may be the same. For example, the "href" parameter of all lights may be "/myLightSwitch". In order to ensure that all resource publishing requests received by the cloud proxy device have a unique resource URI for each published resource, the cloud proxy device is issued in "href "The parameter value is preceded by the device ID of the cloud-restricted device.

For example, the content requested by the cloud proxy device for resource publishing is as follows, the endpoint "eps" in the resource link is the endpoint information of the cloud proxy device, and the "href" parameter of the target URI in the resource link includes the cloud restricted device identifier:

Among them, "di" is the device ID of the cloud restricted device, "ttl" is the published resource link lifetime (ie the effective time of the resource link), "dt" is the cloud restricted device indication, and "links" is the cloud restricted The resource link of the device. The "href" parameter of the target URI in the resource link includes the identification of the cloud restricted device "88b7c7f0-4b51-4e0a-9faa-cfb439fd7f49" (the "di" parameter value), "eps" is the cloud The endpoint information of the proxy device is "coaps://[fe80::3]:3333".

Step 315: The cloud device accepts the resource publication request corresponding to the second resource publication request message, and adds the resource link of the cloud restricted device to the resource catalog; for example, the resource link of the cloud restricted device is added to "/oic/res" Resources.

Here, the cloud device maintains the association between the endpoint information in the device resource publication and the endpoint information in the resource link published in the cloud resource catalog. That is, for the resources published to the cloud device, the endpoint of the resource published by the cloud device is the endpoint of the cloud device itself, not the endpoint of the cloud proxy device. In addition, the "href" parameter value of the target URI in the resource link of the cloud restricted device published by the resource catalog of the cloud device is the same as the "href" parameter value in the resource release request corresponding to the cloud restricted device.

The cloud device can add the cloud-restricted device identification “di” parameter value based on the “href” parameter value in the resource release request to determine that it is not necessary to add the cloud device identification to the “href” parameter value, that is, the OCF cloud resource directory The target URI "href" parameter value in the resource link of the announced cloud restricted device is the same as the parameter value of the "href" parameter value in the device resource release request.

In an optional embodiment of the present application, if the second resource release request message includes an indication of a cloud-restricted device, the cloud device may determine the second The resource link in the resource release request message belongs to the cloud-restricted device, so it is determined that there is no need to add the cloud device identifier to the "href" parameter value in the published resource link, that is, the cloud-restricted cloud device published in the resource catalog of the cloud device The "href" parameter value of the target URI in the resource link of the device is the same as the "href" parameter value in the resource release request corresponding to the cloud restricted device.

For example, the resource link of the cloud restricted device added under the resource directory of the cloud device (the resource directory URI is "/oic/res") is as follows, the endpoint "eps" in the resource link is the endpoint information of the cloud proxy device, and the resource link is The "href" parameter value of the target URI is the same as the "href" parameter value in the resource link in the resource release of the cloud proxy device:

Step 316: The cloud device sends a first resource release response message to the cloud proxy device, where the first resource release response message is used to confirm that the resource is successfully released.

Step 317: The cloud proxy device sends a second resource release response message to the cloud restricted device, and the second resource release response message confirms that the resource of the cloud restricted device is successfully released.

Step 318: When the access token of the cloud restricted device expires or before the expiration, the cloud restricted device sends a first update token request message to the cloud proxy device; for example, the cloud restricted device sends the cloud proxy The cloud proxy resource "/oic/cloudproxy" of the device sends the first update token request message.

Here, the first update token request message includes at least one of the following: proxy update token indication, cloud restricted device identification, update token, and user identification. Wherein, the proxy update token indication is used to instruct the cloud proxy device to perform proxy access token update for the cloud restricted device; the identifier of the cloud restricted device indicates that the cloud proxy device needs to proxy the target cloud proxy device to update the token. Device; the update token is a credential used to update the access token of the cloud restricted device; the user ID is the target user associated with the cloud restricted device.

Step 319: The cloud proxy device sends a second update token request message to the cloud device; the second update token request message requests an update token resource; the token resource URI is "/oic/sec/tokenrefresh". Wherein, the second update token request message includes at least one of the following: the identity of the cloud-restricted device, the update token, and the user identity.

Step 320: The cloud device updates the access token for the cloud restricted device; the cloud device sends a first update token response message to the cloud proxy device, and the first update token response message includes at least one of the following: said The new access token, the update token, and the validity time of the new access token of the cloud restricted device.

Step 321: The cloud proxy device sends a second update token response message to the cloud restricted device, where the second update token response message includes at least one of the following: a new access token of the cloud restricted device, an update token , The expiration time of the new access token.

Example two

FIG. 4 is a schematic diagram 2 of a specific example of the resource release method provided by an embodiment of the present application; as shown in FIG. 4, the method includes:

Step 401: The cloud proxy device establishes a connection with the cloud device, and the cloud device establishes an association between the cloud proxy device and the user identity.

Step 402: The cloud restricted device obtains the information of the cloud proxy device.

Step 4021a: The configurator sends configuration information to the cloud restricted device, where the configuration information includes cloud proxy device information.

As an implementation manner, the configurator can configure cloud proxy device information for the cloud restricted device by updating configuration resources. For example, the cloud proxy device configuration resource on the cloud restricted device is expressed as "oic.r.proxyconf". Wherein, the configuration information may include the cloud proxy resource URI and endpoint information of the cloud proxy device. For example, the cloud proxy resource URI is "/oic/cloudproxy", and the endpoint of the cloud proxy resource is "coaps://[fe80::2" ]:3333".

Step 4022a: The cloud restricted device sends a response message to the configurator to confirm that the cloud proxy device information is successfully configured.

Step 4021b: The cloud restricted device sends a cloud proxy device discovery request, and the cloud proxy device discovery request includes the cloud proxy resource type.

Step 4022b: The cloud proxy device receives the cloud proxy device discovery request, and sends a cloud proxy device discovery response to the cloud restricted device.

Wherein, the cloud proxy device discovery response may include at least one of the following: cloud proxy resource type of the cloud proxy device, cloud proxy resource URI, and endpoint information of the cloud proxy resource. For example, the proxy resource type of the returned cloud proxy device is "oic.r.cloudproxy", the cloud proxy resource URI is "/oic/cloudproxy", and the endpoint of the cloud proxy resource is "coaps://[fe80::2]: 3333".

Step 403: The cloud restricted device and the cloud proxy device establish a secure connection.

Step 404: The cloud restricted device sends a first device binding request message to the cloud proxy device. The resource URI requested by the first device binding request message is the cloud proxy resource URI; for example, the cloud proxy resource URI is "/oic/ cloudproxy".

Here, the first device binding request message includes at least one of the following: a proxy device binding instruction, an identifier of the cloud restricted device, and a security credential of the cloud restricted device. Wherein, the proxy device binding instruction is used to instruct the cloud proxy device to perform proxy binding of the device and the user for the cloud restricted device; the cloud restricted device identifier indicates the target cloud restricted that needs to be bound by the cloud proxy device proxy Device; the security credential of the cloud restricted device is used for the cloud device to perform security authentication on the cloud restricted device that requests binding.

Step 405: The cloud proxy device sends a second device binding request message to the cloud device, and the resource URI requested by the second device binding request message is the binding resource URI; for example, the binding resource URI is "/oic/bind" . The second device binding request message includes at least one of the following: the identity of the cloud restricted device, the security credential of the cloud restricted device, and the user identity.

Step 406: The cloud device accepts the device binding request corresponding to the second device binding request message, and associates the cloud restricted device with the user ID.

Through this step, the cloud restricted device and the cloud proxy device are associated with the user identification.

In an optional embodiment of the present application, the cloud device may also associate the identity of the cloud restricted device with the access token of the cloud proxy device.

Step 407: The cloud device sends a first device binding response message to the cloud proxy device, where the first device binding response message includes the user identification.

Step 408: The cloud proxy device sends a second device binding response message to the cloud restricted device, and the second device binding response message includes the user identifier.

Step 409: The cloud restricted device sends a first resource publishing request message to the cloud proxy device, and the resource URI requested by the first resource publishing request message is the cloud proxy resource URI; for example, the cloud proxy resource URI is "/oic/cloudproxy" .

Step 410: The cloud proxy device sends a second resource publishing request message to the cloud device, and the resource URI requested by the second resource publishing request message is a resource catalog resource URI; for example, the resource catalog resource URI is "/oic/rd" .

Step 411: The cloud device accepts the second resource release request message, and adds the resource link of the cloud restricted device to the resource directory; for example, the resource link of the cloud restricted device is added to the /oic/res resource.

Here, the cloud device maintains the association between the endpoint information in the device resource publication and the endpoint information in the resource link published in the cloud resource catalog. That is, for the resources published to the cloud device, the endpoint of the resource published by the cloud device is the endpoint of the cloud device itself, not the endpoint of the cloud proxy device. In addition, the "href" parameter value of the target URI in the resource link of the cloud restricted device published by the resource catalog of the cloud device is the same as the parameter value of the "href" parameter value in the resource release request corresponding to the cloud restricted device.

In an optional embodiment of the present application, if the second resource release request message includes an indication of a cloud-restricted device, the cloud device may determine the second The resource link in the resource release request message belongs to the cloud-restricted device, so it is determined that there is no need to add the cloud device identifier to the "href" parameter value in the published resource link, that is, the cloud-restricted device published by the resource catalog of the cloud device The "href" parameter value of the target URI in the resource link of is the same as the parameter value of the "href" parameter value in the resource release request corresponding to the cloud restricted device.

Step 412: The cloud device sends a first resource release response message to the cloud proxy device, where the first resource release response message is used to confirm that the resource is successfully released.

Step 413: The cloud proxy device sends a second resource release response message to the cloud restricted device, and the second resource release response message confirms that the resource of the cloud restricted device is successfully released.

In this embodiment, the detailed description of step 409 to step 413 may refer to the detailed description of step 313 to step 317 in the foregoing example, which will not be repeated here.

In this example, optionally, after step 413, step 318 to step 321 in the foregoing embodiment may be included, which will not be repeated here.

Example three

FIG. 5 is the third schematic flowchart of a specific example of a resource publishing method provided by an embodiment of the present application; as shown in FIG. 5, the method includes:

Step 500: The cloud proxy device establishes a connection with the cloud device, and the cloud device establishes an association between the cloud proxy device and the user identity.

Step 501: The configurator obtains the access token of the cloud restricted device from the cloud device.

As an implementation manner, the configurator may send a token acquisition request message to the cloud device, where the token acquisition request message includes the identification of the cloud restricted device; the configurator obtains the token sent by the cloud device An acquisition response message; the token acquisition response message includes the access token of the cloud restricted device.

Step 502: The configurator sends the access token to the cloud restricted device. The configurator can send the access token to the cloud restricted device by updating the cloud configuration resource of the cloud restricted device (the resource type of the cloud configuration resource is "oic.r.coapcloudconf").

Optionally, as an implementation manner, the configurator can also configure cloud access URIs and cloud identifiers for cloud configuration resources of cloud-limited devices, that is, the attributes of cloud configuration resources can include: access token, cloud access URI, and Cloud logo. As another implementation manner, the configurator does not need to configure the cloud access URI and the cloud identifier for the cloud configuration resources of the cloud restricted device, because the cloud proxy device already has cloud access information.

Step 503: The cloud restricted device obtains the information of the cloud proxy device. As an implementation manner, the cloud proxy device discovery request includes a cloud proxy resource type.

Step 504: The cloud proxy device receives the cloud proxy device discovery request, and sends a cloud proxy device discovery response to the cloud restricted device.

Wherein, the cloud proxy device discovery response may include at least one of the following: the type of the proxy resource of the cloud proxy device, and the endpoint information of the cloud proxy resource. For example, the proxy resource type of the returned cloud proxy device is "oic.d.cloudproxy", and the endpoint of the cloud proxy resource is "coaps://[fe80::2]:3333".

Step 505: The cloud restricted device and the cloud proxy device establish a secure connection.

Step 506: The cloud restricted device sends a first cloud registration request message to the cloud proxy device, and the resource URI requested by the first cloud registration request message is the account resource URI. For example, the account resource URI is "/oic/sec/account".

Here, the first cloud registration request message includes at least one of the following: an identifier of the cloud restricted device and an access token of the cloud restricted device. Wherein, the cloud-restricted device identifier indicates a target cloud-restricted device that needs to be registered to the cloud device; the access token of the cloud-restricted device is used for the cloud device to perform security authentication on the registered cloud-restricted device.

Step 507: The cloud proxy device sends a second cloud registration request message to the cloud device. The resource URI requested by the second cloud registration request message is an account resource; for example, the account resource URI is "/oic/sec/account". Wherein, the second cloud registration request message includes at least one of the following: an identifier of the cloud restricted device, and an access token of the cloud restricted device.

Step 508: The cloud device accepts the registration request of the second cloud registration request message, allocates the access token, update token, and expiration time of the access token to the cloud restricted device, and associates the identity of the cloud restricted device with the user Logo. The cloud device sends the first cloud registration response message to the cloud proxy device.

Through this step, the cloud restricted device and the cloud proxy device are both associated with the user identity.

Wherein, the first cloud registration response message includes at least one of the following: a user identification, an access token of a cloud restricted device, a valid time of the access token, and an update token of the cloud restricted device.

Step 509: The cloud proxy device sends a second cloud registration response message to the cloud restricted device, and the second cloud registration response message includes at least one of the following: a user ID, an access token of the cloud restricted device, and an access token Expiration time, update token of cloud restricted device.

Step 510: The cloud restricted device sends a first cloud login request message to the cloud proxy device, and the resource URI requested by the first cloud login request message is the session resource URI. For example, the session resource URI is "/oic/sec/session".

Wherein, the first cloud login request message may include at least one of the following: an identification of the cloud restricted device, an access token of the cloud restricted device, a user identification, and a cloud login instruction. Wherein, the identifier of the cloud restricted device indicates the target cloud restricted device that needs to log in to the cloud device; the access token of the cloud restricted device is used by the cloud device to perform security authentication on the logged in cloud restricted device; The user ID is the user ID associated with the cloud restricted device; the cloud login instruction is used to instruct cloud login.

Step 511: The cloud proxy device sends a second cloud login request message to the cloud device, and the resource URI requested by the second cloud login request message is the session resource URI. For example, the session resource URI is "/oic/sec/session".

Wherein, the second cloud login request message may include at least one of the following: the identifier of the cloud restricted device, the access token of the cloud restricted device, the user identifier, and the cloud login instruction.

Step 512: The cloud device accepts the login request corresponding to the second cloud login request message, and responds to device login. The cloud device sends a first cloud login response message to the cloud proxy device; the first cloud login response message includes cloud restriction The validity time of the device's access token.

Step 513: The cloud proxy device sends a second cloud login response message to the cloud restricted device, where the second cloud login response message includes the remaining expiration time of the access token of the cloud restricted device.

It should be noted that step 510 to step 513 are optional steps, that is, the device login process is optional. The purpose of device login is to confirm that the device maintains a session with the cloud device for subsequent communication. When the cloud proxy device is logged in, it means that the session between the cloud proxy device and the cloud device is in a state of being maintained, and the cloud restricted device’s message Routing can reuse the conversation between the cloud proxy device and the cloud device, so the cloud restricted device does not need to log in to the cloud.

Step 514: The cloud restricted device sends a first resource publishing request message to the cloud proxy device. The resource URI requested by the first resource publishing request message is a resource catalog resource, for example, the resource catalog resource URI is "/oic/rd".

Here, the first resource release request message includes at least one of the following: the identifier of the cloud restricted device, and the resource link of the cloud restricted device. Wherein, the endpoint of the resource in the resource link is the endpoint of the cloud restricted device. The identifier of the cloud restricted device indicates the target cloud restricted device that needs to publish resources; the resource link of the cloud restricted device indicates the resource that needs to be published to the cloud device.

In an optional embodiment of the present application, the first resource publishing request message may also include the effective time of publishing the resource, that is, the maximum survival time of the resource link published to the resource catalog of the cloud device. Before the period, the cloud device does not receive the resource publishing request updated by the cloud restricted device, and the resource catalog of the cloud device no longer saves the published resource link.

Among them, "di" is the device ID of the cloud restricted device, "ttl" is the published resource link lifetime (ie the effective time of the resource link), "dt" is the cloud restricted device indication, and "links" is the cloud restricted The resource link of the device. The "eps" in the resource link is the endpoint information of the cloud restricted device itself "coaps://[fe80::b1d6]:22222".

Step 515: The cloud proxy device sends a second resource publishing request message to the cloud device. The resource URI requested by the second resource publishing request message is a resource catalog resource URI; for example, the resource catalog resource URI is "/oic/rd" .

Here, the second resource release request message includes at least one of the following: the identifier of the cloud restricted device, and the resource link of the cloud restricted device. Wherein, the endpoint of the resource in the resource link is the endpoint of the cloud proxy device; the target URI in the resource link includes the identifier of the cloud-restricted device.

Among them, "di" is the device ID of the cloud restricted device, "ttl" is the published resource link lifetime (ie the effective time of the resource link), "dt" is the cloud restricted device indication, and "links" is the cloud restricted The resource link of the device. The "href" parameter of the target URI in the resource link includes the identification of the cloud-restricted device "88b7c7f0-4b51-4e0a-9faa-cfb439fd7f49" (the "di" parameter value), and "eps" is the cloud The endpoint information of the proxy device is "coaps://[fe80::3]:3333".

Step 516: The cloud device accepts the resource publication request corresponding to the second resource publication request message, and adds the resource link of the cloud restricted device to the resource catalog; for example, the resource link of the cloud restricted device is added to "/oic/res" Resources.

In an optional embodiment of the present application, if the second resource release request message includes an indication of a cloud-restricted device, the cloud device may determine the second The resource link in the resource release request message belongs to the cloud-restricted device, so it is determined that there is no need to add the cloud device identifier to the "href" parameter value in the published resource link, that is, the cloud-restricted device published by the resource catalog of the cloud device The "href" parameter value of the target URI in the resource link of is the same as the "href" parameter value in the resource release request corresponding to the cloud restricted device.

Step 517: The cloud device sends a first resource release response message to the cloud proxy device, where the first resource release response message is used to confirm that the resource is successfully released.

Step 518: The cloud proxy device sends a second resource release response message to the cloud restricted device, and the second resource release response message confirms that the resource of the cloud restricted device is successfully released.

Step 519: When or before the access token of the cloud restricted device expires, the cloud restricted device sends a first update token request message to the cloud proxy device; the first update token request message Request to update the token resource, the token resource URI is "/oic/sec/tokenrefresh".

Here, the first update token request message includes at least one of the following: the identity of the cloud-restricted device, the update token, and the user identity. Wherein, the identifier of the cloud restricted device represents the target cloud restricted device that needs to update the token; the update token is a credential for the cloud restricted device to update the access token; the user identifier represents the cloud restricted device The target user associated with the device.

Step 520: The cloud proxy device sends a second update token request message to the cloud device; the second update token request message requests an update token resource, and the token resource URI is "/oic/sec/tokenrefresh". Wherein, the second update token request message includes at least one of the following: cloud restricted device identification, update token, and user identification.

Step 521: The cloud device updates the access token for the cloud restricted device; after the access token is updated successfully, the cloud device sends a first update token response message to the cloud proxy device. Wherein, the first update token response message includes at least one of the following: a new access token of the cloud restricted device, an update token, and the validity time of the new access token.

Step 522: The cloud proxy device sends a second update token response message to the cloud restricted device, where the second update token response message includes at least one of the following: a new access token of the cloud restricted device, an update token, and State the validity time of the new access token.

Establishing connections with cloud-constrained devices through cloud proxy devices allows cloud-constrained devices that cannot interact with cloud devices to publish resources through the cloud proxy device, which solves the problem that cloud-constrained devices cannot publish resources to cloud devices.

The embodiment of the present application also provides a cloud restricted device. FIG. 6 is a schematic diagram of a structural composition of a cloud-restricted device provided by an embodiment of the present application; as shown in FIG. 6, the device includes: a first connection establishment unit 31 and a first transmission unit 32; wherein,

The first connection establishing unit 31 is configured to establish a connection with a cloud proxy device;

The first transmission unit 32 is configured to transmit information with the cloud proxy device based on the connection, and the information is used by the cloud proxy device to release resources to the cloud device.

In an optional embodiment of the present application, the first connection establishing unit 31 is configured to obtain information of the cloud proxy device, and establish a connection with the cloud proxy device based on the information.

As an implementation manner, the first connection establishment unit 31 is configured to receive configuration information sent by a configurator, and the configuration information includes information of a cloud proxy device.

As another implementation manner, the first connection establishment unit 31 is configured to send a discovery request message by broadcast or multicast; the discovery request message includes the cloud proxy resource type; receives a discovery response message; the discovery The response message includes the information of the cloud proxy device.

In an optional embodiment of the present application, the first transmission unit 32 is configured to instruct the cloud proxy device to release resources to the cloud device based on the connection.

In this embodiment, the first transmission unit 32 is configured to send a first resource publishing request message to the cloud proxy device, and the first resource publishing request message is used to instruct the cloud proxy device to publish resources to the cloud device.

As an implementation manner, the resource requested by the first resource publishing request message is a cloud proxy resource; the first resource publishing request message includes at least one of the following: a proxy publishing resource indication, an identifier of the cloud restricted device, The first resource link of the cloud restricted device; the endpoint of the resource in the first resource link of the cloud restricted device is the endpoint of the cloud restricted device.

Optionally, the first resource release request message further includes at least one of the following: the effective time of the released resource, and an indication of the cloud restricted device.

In an optional embodiment of the present application, the first transmission unit 32 is further configured to receive a second resource release response message sent by the cloud proxy device. The second resource release response message is used to confirm the success of resource release.

In an optional embodiment of the present application, the first transmission unit 32 is further configured to send a first cloud registration request to the cloud proxy device before sending the first resource release request message to the cloud proxy device Message; receiving a second cloud registration response message sent by the cloud proxy device; the second cloud registration response message includes at least one of the following: the user identifier, the access token of the cloud restricted device, the access The valid duration of the token, and the update token of the cloud restricted device.

In this embodiment, the resource requested by the first cloud registration request message includes the following methods:

As an implementation manner, the resource requested by the first cloud registration request message is a cloud proxy resource; the first cloud registration request message includes at least one of the following: proxy cloud registration instruction, identification of the cloud restricted device, Security credential information of the cloud restricted device.

As another implementation manner, the resource requested by the first cloud registration request message is an account resource; the first cloud registration request message includes at least one of the following: the identifier of the cloud restricted device, and the access token .

In an optional embodiment of the present application, the first transmission unit 32 is further configured to obtain an access token sent by the configurator.

In an optional embodiment of the present application, the first transmission unit 32 is further configured to send a first cloud login request to the cloud proxy device before sending the first resource release request message to the cloud proxy device Message; receiving a second cloud login response message sent by the cloud proxy device; the second cloud login response message includes the valid time of the access token.

In this embodiment, the resource requested by the first cloud login request message includes the following methods:

As an implementation manner, the resource requested by the first cloud login request message is a cloud proxy resource; the first cloud login request message includes at least one of the following: proxy cloud login instruction, identification of the cloud restricted device, The access token of the cloud restricted device.

As another implementation manner, the resource requested by the first cloud login request message is a session resource; the first cloud login request message includes at least one of the following: a cloud login instruction, an identifier of the cloud restricted device, and The access token and user identification of the cloud restricted device.

In an optional embodiment of the present application, the first transmission unit 32 is further configured to send a first update token request message to the cloud proxy device; receive a second update command sent by the cloud proxy device Card response message; the second update token response message includes at least one of the following: a new access token, an update token, and the validity time of the new access token.

In this embodiment, the resource requested by the first update token request message includes the following manners:

As an implementation manner, the resource requested by the first update token request message is a cloud proxy resource; the first update token request message includes at least one of the following: proxy update token indication, the cloud restricted device ID, update token, user ID.

As another implementation manner, the resource requested by the first update token request message is an update token resource; the first update token request message includes at least one of the following: the identification of the cloud restricted device, the update Token, user ID.

In an optional embodiment of the present application, the first transmission unit 32 is further configured to send the first device binding to the cloud proxy device before sending the first resource release request message to the cloud proxy device Request message; the resource requested by the first device binding request message is a cloud proxy resource; receiving a second device binding response message sent by the cloud proxy device.

Wherein, the first device binding request message includes at least one of the following: a proxy device binding instruction, an identifier of the cloud restricted device, and a security credential of the cloud restricted device;

The second device binding response message includes a user identification.

In the embodiment of the present application, the first connection establishment unit 31 in the cloud-constrained device can be implemented by the central processing unit (CPU, Central Processing Unit), digital signal processor (DSP, Digital Signal Processor) in the device in actual applications. Signal Processor), Microcontroller Unit (MCU) or Programmable Gate Array (FPGA, Field-Programmable Gate Array); the first transmission unit 32 in the device can be implemented by the communication module ( Including: basic communication suite, operating system, communication module, standardized interface and protocol, etc.) and implementation of transceiver antenna.

It should be noted that when the device provided in the above embodiment performs resource release, only the division of the above program modules is used as an example. In actual applications, the above processing can be allocated by different program modules as needed, that is, the device The internal structure is divided into different program modules to complete all or part of the processing described above. In addition, the device provided in the foregoing embodiment and the resource release method embodiment belong to the same concept, and the specific implementation process is detailed in the method embodiment, which will not be repeated here.

The embodiment of the present application also provides a cloud proxy device. FIG. 7 is a schematic structural composition diagram of a cloud proxy device provided by an embodiment of the present application; as shown in FIG. 7, the cloud proxy device includes: a second connection establishment unit 41, a second transmission unit 42, and a third transmission unit 43 ;among them,

The second connection establishment unit 41 is configured to establish a connection with a cloud-restricted device;

The second transmission unit 42 is configured to transmit information with the cloud restricted device based on the connection;

The third transmission unit 43 is configured to publish the resources of the cloud-restricted device to the cloud device based on the information transmitted by the second transmission unit 42.

The second connection establishment unit 41 is configured to send information of the cloud proxy device to the cloud restricted device, and the information of the cloud proxy device is used for the cloud restricted device established on the cloud proxy device. connection.

In an optional embodiment of the present application, the second connection establishment unit 41 is configured to receive a discovery request message sent by the cloud-restricted device through broadcast or multicast; in the discovery request message Including the cloud proxy resource type; sending a discovery response message to the cloud restricted device; the discovery response message including the cloud proxy device information.

In an optional embodiment of the present application, the second transmission unit 42 is configured to obtain an indication of the cloud restricted device based on the connection;

The third transmission unit 43 is configured to release resources to the cloud device based on the instruction obtained by the second transmission unit 42.

In this embodiment, the second transmission unit 42 is configured to receive a first resource release request message sent by the cloud restricted device based on the connection, and the first resource release request message is used to instruct the cloud proxy device to send Cloud device release resources;

The third transmission unit 43 is configured to send a second resource publishing request message to the cloud device; the resource requested by the second resource publishing request message is a resource catalog resource; the second resource publishing request message includes at least one of the following : The identifier of the cloud restricted device, the second resource link of the cloud restricted device; the endpoint of the resource in the second resource link of the cloud restricted device is the endpoint of the cloud proxy device; and it is also configured to Obtaining the first resource release response message sent by the cloud device;

The second transmission unit 42 is further configured to send a second resource release response message to the cloud restricted device.

Optionally, the first resource release request message further includes at least one of the following: the effective time of the released resource and an indication of the cloud-restricted device; the second resource release request message further includes at least one of the following: release resource The effective time of the cloud, the instructions of the cloud restricted device.

In an optional embodiment of the present application, the target identifier in the second resource link of the cloud restricted device includes the identifier of the target resource and the identifier of the cloud restricted device.

In an optional embodiment of the present application, the second transmission unit 42 is further configured to receive the cloud restricted device before receiving the first resource release request message sent by the cloud restricted device based on the connection. The first cloud registration request message sent by the device;

The third transmission unit 43 is further configured to send a second cloud registration request message to the cloud device; receive a first cloud registration response message sent by the cloud device; the first cloud registration response message includes at least one of the following One: the user identification, the access token of the cloud restricted device, the valid duration of the access token, and the update token of the cloud restricted device;

The second transmission unit 42 is further configured to send a second cloud registration response message to the cloud restricted device; the second cloud registration response message includes at least one of the following: the user identification, the cloud restricted The access token of the device, the valid duration of the access token, and the update token of the cloud restricted device.

As an implementation manner, the resource requested by the first cloud registration request message is a cloud proxy resource; the first cloud registration request message includes at least one of the following: proxy cloud registration instruction, identification of the cloud restricted device, Security credential information of the cloud restricted device;

The resource requested by the second cloud registration request message is an account resource; the second cloud registration request message includes at least one of the following: the identifier of the cloud restricted device, the security credential information of the cloud restricted device, and the user Logo.

As another implementation manner, the resource requested by the first cloud registration request message is an account resource; the first cloud registration request message includes at least one of the following: the identifier of the cloud restricted device, and the access token ；

The resource requested by the second cloud registration request message is an account resource; the second cloud registration request message includes at least one of the following: the identifier of the cloud restricted device and the access token.

Wherein, the access token is an access token obtained by the configurator from the cloud device for the cloud restricted device before the connection between the cloud restricted device and the cloud proxy device is established.

In an optional embodiment of the present application, the second transmission unit 42 is further configured to receive the cloud restricted device before receiving the first resource release request message sent by the cloud restricted device based on the connection. The first cloud login request message sent by the device;

The third transmission unit 43 is further configured to send a second cloud login request message to the cloud device; receive a first cloud login response message sent by the cloud device; the first cloud login response message includes an access token Effective time

The second transmission unit 42 is further configured to send a second cloud login response message to the cloud restricted device; the second cloud login response message includes the valid time of the access token.

As an implementation manner, the resource requested by the first cloud login request message is a cloud proxy resource; the first cloud login request message includes at least one of the following: proxy cloud login instruction, identification of the cloud restricted device, The access token of the cloud restricted device;

The resource requested by the second cloud login request message is a session resource; the second cloud login request message includes at least one of the following: a cloud login instruction, an identifier of the cloud restricted device, and access to the cloud restricted device Token, user ID.

As another implementation manner, the resource requested by the first cloud login request message is a session resource; the first cloud login request message includes at least one of the following: a cloud login instruction, an identifier of the cloud restricted device, and The access token and user ID of the cloud restricted device;

In an optional embodiment of the present application, the second transmission unit 42 is further configured to receive a first update token request message sent by the cloud restricted device;

The third transmission unit 43 is further configured to send a second update token request message to the cloud device; receive a first update token response message sent by the cloud device; the first update token response message includes At least one of the following: a new access token, an update token, and the validity time of the new access token;

The second transmission unit 42 is further configured to send a second update token response message to the cloud restricted device; the second update token response message includes at least one of the following: a new access token, an update command The valid time of the new access token.

As an implementation manner, the resource requested by the first update token request message is a cloud proxy resource; the first update token request message includes at least one of the following: proxy update token indication, the cloud restricted device ID, update token, user ID;

The resource requested by the second update token request message is an update token resource; the second update token request message includes at least one of the following: an identifier of the cloud restricted device, an update token, and a user identifier.

As another implementation manner, the resource requested by the first update token request message is an update token resource; the first update token request message includes at least one of the following: the identification of the cloud restricted device, the update Token, user ID;

In an optional embodiment of the present application, the second transmission unit 42 is further configured to receive the cloud restricted device before receiving the first resource release request message sent by the cloud restricted device based on the connection. A first device binding request message sent by a device; the resource requested by the first device binding request message is a cloud proxy resource;

The third transmission unit 43 is further configured to send a second device binding request message to the cloud device; the resource requested by the second device binding request message is a binding resource; and receive the first device sent by the cloud device A device binding response message; the first device binding response message includes a user identification;

The second transmission unit 42 is further configured to send a second device binding response message to the cloud restricted device; the second device binding response message includes a user identifier.

The second device binding request message includes at least one of the following: an identifier of the cloud restricted device, a security credential of the cloud restricted device, and a security identifier.

In the embodiment of the present application, the second connection establishment unit 41 in the cloud-restricted device can be implemented by the CPU, DSP, MCU, or FPGA in the device in actual applications; the second transmission unit 42 in the device The third transmission unit 43 and the third transmission unit 43 can be implemented by a communication module (including: a basic communication kit, an operating system, a communication module, a standardized interface and a protocol, etc.) and a transceiver antenna in practical applications.

It should be noted that when the device provided in the above embodiment performs resource release, only the division of the above program modules is used as an example. In actual applications, the above processing can be allocated by different program modules as needed, that is, the device The internal structure is divided into different program modules to complete all or part of the processing described above. In addition, the device provided in the foregoing embodiment and the resource release method embodiment belong to the same concept, and the specific implementation process is detailed in the method embodiment, and will not be repeated here.

The embodiment of the present invention also provides a cloud device. FIG. 8 is a schematic diagram 1 of the structural composition of a cloud device provided by an embodiment of the present application; as shown in FIG. 8, the cloud device includes a fourth transmission unit 51 and a publishing unit 52; wherein,

The fourth transmission unit 51 is configured to obtain resources issued by a cloud proxy device; the resources are resources of the cloud restricted device obtained by the cloud proxy device based on the connection with the cloud restricted device;

The publishing unit 52 is configured to publish the resource.

In an optional embodiment of the present application, the fourth transmission unit 51 is configured to receive a second resource release request message sent by the cloud proxy device; the resource requested by the second resource release request message is a resource Directory resource; the second resource release request message includes at least one of the following: the identifier of the cloud restricted device, the second resource link of the cloud restricted device; the second resource link of the cloud restricted device The endpoint of the resource is the endpoint of the cloud proxy device.

Optionally, the second resource release request message further includes at least one of the following: the effective time of the released resource, and an indication of the cloud restricted device.

Optionally, the target identifier in the second resource link of the cloud restricted device includes the identifier of the target resource and the identifier of the cloud restricted device.

In an optional embodiment of the present application, the publishing unit 52 is configured to add the second resource link to the resource catalog; wherein the endpoint of the published resource is the endpoint of the cloud device.

In an optional embodiment of the present application, the publishing unit 52 is further configured to include an indication of a cloud-restricted device in the second resource publishing request message, or to be restricted in the cloud In the case that the target identifier in the second resource link of the device includes the identifier of the target resource and the identifier of the cloud restricted device, the published identifier of the target resource is the same as the identifier of the target resource in the second resource link.

In an optional embodiment of the present application, the fourth transmission unit 51 is further configured to send a first resource release response message to the cloud proxy device.

In an optional embodiment of the present application, as shown in FIG. 9, the device further includes a registration unit 53;

The fourth transmission unit 51 is further configured to receive a second cloud registration request message sent by the cloud proxy device before obtaining the resources issued by the cloud proxy device;

The registration unit 53 is configured to allocate an access token to the cloud restricted device, and associate the cloud restricted device with a user ID;

The fourth transmission unit 51 is further configured to send a first cloud registration response message to the cloud proxy device; the first cloud registration response message includes at least one of the following: the user identification, the cloud restricted device The access token of the access token, the valid duration of the access token, and the update token of the cloud restricted device.

In this embodiment, the resource requested by the second cloud registration request message is an account resource; the second cloud registration request message includes at least one of the following: an identifier of the cloud restricted device, Security credential information, user ID;

Alternatively, the resource requested by the second cloud registration request message is an account resource; the second cloud registration request message includes at least one of the following: the identifier of the cloud restricted device and the access token. Wherein, the access token is an access token obtained by the configurator from the cloud device for the cloud restricted device before the connection between the cloud restricted device and the cloud proxy device is established.

In an optional embodiment of the present application, the fourth transmission unit 51 is further configured to receive a second cloud login request message sent by the cloud proxy device before obtaining the resources issued by the cloud proxy device; The cloud proxy device sends a first cloud login response message; the first cloud login response message includes the valid time of the access token.

In this embodiment, the resource requested by the second cloud login request message is a session resource; the second cloud login request message includes at least one of the following: a cloud login instruction, an identifier of the cloud restricted device, and the cloud Access token and user ID of the restricted device.

In an optional embodiment of the present application, as shown in FIG. 10, the device further includes an update unit 54;

The fourth transmission unit 51 is further configured to receive a second update token request message sent by the cloud proxy device;

The update unit 54 is configured to update a new access token;

The fourth transmission unit 51 is further configured to send a first update token response message to the cloud proxy device; the first update token response message includes at least one of the following: a new access token, an update token , The valid time of the new access token.

In this embodiment, the resource requested by the second update token request message is an update token resource; the second update token request message includes at least one of the following: the identifier of the cloud restricted device, the update token , User ID.

In an optional embodiment of the present application, as shown in FIG. 11, the device further includes a binding unit 55;

The fourth transmission unit 51 is further configured to receive a second device binding request message sent by the cloud proxy device before obtaining the resources issued by the cloud proxy device; the resource requested by the second device binding request message is binding The second device binding request message includes at least one of the following: the identity of the cloud restricted device, the security credential, and the security identity of the cloud restricted device;

The binding unit 55 is configured to associate the cloud restricted device with a user identity;

The fourth transmission unit 51 is further configured to send a first device binding response message to the cloud proxy device; the first device binding response message includes a user identifier.

Optionally, the binding unit 55 is further configured to associate the access token of the cloud restricted device and the cloud proxy device.

In the embodiment of the present application, the registration unit 53, the update unit 54, the publishing unit 52, and the binding unit 55 in the cloud device can be implemented by the CPU, DSP, MCU or FPGA in the device in practical applications; The fourth transmission unit 51 in the device can be implemented by a communication module (including: a basic communication kit, an operating system, a communication module, a standardized interface and a protocol, etc.) and a transceiver antenna in practical applications.

FIG. 12 is a schematic structural diagram of a device provided by an embodiment of the present application. The device may be a cloud-restricted device, a cloud proxy device, or a cloud device. As shown in FIG. 12, the device 600 includes a processor 610. The processor 610 can call and run a computer program from the memory to implement the method.

Optionally, as shown in FIG. 12, the device may further include a memory 620. The processor 610 may call and run a computer program from the memory 620 to implement the method in the embodiment of the present application.

The memory 620 may be a separate device independent of the processor 610, or may be integrated in the processor 610.

Optionally, as shown in FIG. 12, the device may further include a transceiver 630, and the processor 610 may control the transceiver 630 to communicate with other devices. Specifically, it may send information or data to other devices, or receive other devices. Information or data.

The transceiver 630 may include a transmitter and a receiver. The transceiver 630 may further include an antenna, and the number of antennas may be one or more.

Optionally, the device may specifically be a cloud-restricted device in an embodiment of this application, and the device may implement the corresponding process implemented by the cloud-restricted device in each method of the embodiment of this application. For brevity, details are not repeated here .

Optionally, the device may specifically be a cloud proxy device of an embodiment of the present application, and the device may implement the corresponding process implemented by the cloud proxy device in each method of the embodiment of the present application. For brevity, details are not repeated here.

Optionally, the device may specifically be a cloud device in an embodiment of the present application, and the device may implement the corresponding process implemented by the cloud device in each method of the embodiment of the present application. For brevity, details are not repeated here.

FIG. 13 is a schematic structural diagram of a chip of an embodiment of the present application. The chip 700 shown in FIG. 13 includes a processor 710, and the processor 710 can call and run a computer program from the memory to implement the method in the embodiment of the present application.

Optionally, as shown in FIG. 13, the chip 700 may further include a memory 720. Wherein, the processor 710 may call and run a computer program from the memory 720 to implement the method in the embodiment of the present application.

The memory 720 may be a separate device independent of the processor 710, or may be integrated in the processor 710.

Optionally, the chip 700 may further include an input interface 730. The processor 710 may control the input interface 730 to communicate with other devices or chips, and specifically, may obtain information or data sent by other devices or chips.

Optionally, the chip 700 may further include an output interface 740. The processor 710 can control the output interface 740 to communicate with other devices or chips, and specifically, can output information or data to other devices or chips.

Optionally, the chip can be applied to the cloud-restricted device in the embodiment of the present application, and the chip can implement the corresponding process implemented by the cloud-restricted device in each method of the embodiment of the present application. For the sake of brevity, it will not be omitted here. Repeat.

Optionally, the chip can be applied to the cloud proxy device in the embodiments of the present application, and the chip can implement the corresponding processes implemented by the cloud proxy device in the various methods of the embodiments of the present application. For brevity, details are not repeated here.

Optionally, the chip can be applied to the cloud device in the embodiment of the present application, and the chip can implement the corresponding process implemented by the cloud device in each method of the embodiment of the present application. For the sake of brevity, details are not repeated here.

It should be understood that the chip mentioned in the embodiment of the present application may also be referred to as a system-level chip, a system-on-chip, a system-on-chip, or a system-on-chip, etc.

It should be understood that the processor of the embodiment of the present application may be an integrated circuit chip with signal processing capability. In the implementation process, the steps of the foregoing method embodiments can be completed by hardware integrated logic circuits in the processor or instructions in the form of software. The aforementioned processor may be a general-purpose processor, a digital signal processor (Digital Signal Processor, DSP), an application specific integrated circuit (ASIC), a ready-made programmable gate array (Field Programmable Gate Array, FPGA) or other Programming logic devices, discrete gates or transistor logic devices, discrete hardware components. The methods, steps, and logical block diagrams disclosed in the embodiments of the present application can be implemented or executed. The general-purpose processor may be a microprocessor or the processor may also be any conventional processor or the like. The steps of the method disclosed in the embodiments of the present application may be directly embodied as being executed and completed by a hardware decoding processor, or executed and completed by a combination of hardware and software modules in the decoding processor. The software module can be located in a mature storage medium in the field such as random access memory, flash memory, read-only memory, programmable read-only memory, or electrically erasable programmable memory, registers. The storage medium is located in the memory, and the processor reads the information in the memory and completes the steps of the above method in combination with its hardware.

It can be understood that the memory in the embodiment of the present application may be a volatile memory or a non-volatile memory, or may include both volatile and non-volatile memory. Among them, the non-volatile memory can be read-only memory (Read-Only Memory, ROM), programmable read-only memory (Programmable ROM, PROM), erasable programmable read-only memory (Erasable PROM, EPROM), and electrically available Erase programmable read-only memory (Electrically EPROM, EEPROM) or flash memory. The volatile memory may be a random access memory (Random Access Memory, RAM), which is used as an external cache. By way of exemplary but not restrictive description, many forms of RAM are available, such as static random access memory (Static RAM, SRAM), dynamic random access memory (Dynamic RAM, DRAM), synchronous dynamic random access memory (Synchronous DRAM, SDRAM), double data rate synchronous dynamic random access memory (Double Data Rate SDRAM, DDR SDRAM), enhanced synchronous dynamic random access memory (Enhanced SDRAM, ESDRAM), synchronous connection dynamic random access memory (Synchlink DRAM, SLDRAM) ) And Direct Rambus RAM (DR RAM). It should be noted that the memories of the systems and methods described herein are intended to include, but are not limited to, these and any other suitable types of memories.

It should be understood that the foregoing memory is illustrative but not restrictive. For example, the memory in the embodiment of the present application may also be static random access memory (Static RAM, SRAM), dynamic random access memory (Dynamic RAM, DRAM), Synchronous dynamic random access memory (Synchronous DRAM, SDRAM), double data rate synchronous dynamic random access memory (Double Data Rate SDRAM, DDR SDRAM), enhanced synchronous dynamic random access memory (Enhanced SDRAM, ESDRAM), synchronous connection Dynamic random access memory (Synch Link DRAM, SLDRAM) and direct memory bus random access memory (Direct Rambus RAM, DR RAM), etc. That is to say, the memory in the embodiment of the present application is intended to include but not limited to these and any other suitable types of memory.

The embodiment of the present application also provides a computer-readable storage medium for storing computer programs. Optionally, the computer-readable storage medium may be applied to the cloud-constrained device in the embodiment of the present application, and the computer program enables the computer to execute the corresponding process implemented by the cloud-constrained device in each method of the embodiment of the present application, for It's concise, so I won't repeat it here.

Optionally, the computer-readable storage medium can be applied to the cloud proxy device in the embodiment of the present application, and the computer program causes the computer to execute the corresponding process implemented by the cloud proxy device in each method of the embodiment of the present application. For the sake of brevity, I will not repeat them here.

Optionally, the computer-readable storage medium may be applied to the cloud device in the embodiment of the present application, and the computer program enables the computer to execute the corresponding process implemented by the cloud device in each method of the embodiment of the present application. For brevity, here is No longer.

The embodiments of the present application also provide a computer program product, including computer program instructions. Optionally, the computer program product can be applied to the cloud-restricted device in the embodiment of this application, and the computer program instructions cause the computer to execute the corresponding process implemented by the cloud-restricted device in each method of the embodiment of this application. For the sake of brevity, I will not repeat them here.

Optionally, the computer program product can be applied to the cloud proxy device in the embodiment of this application, and the computer program instructions cause the computer to execute the corresponding process implemented by the cloud proxy device in each method of the embodiment of this application. For brevity, here No longer.

Optionally, the computer program product can be applied to the cloud device in the embodiment of the present application, and the computer program instructions cause the computer to execute the corresponding process implemented by the cloud device in each method of the embodiment of the present application. For the sake of brevity, it will not be omitted here. Repeat.

The embodiment of the present application also provides a computer program. Optionally, the computer program can be applied to the cloud-restricted device in the embodiment of the present application, and the computer program enables the computer to execute the corresponding process implemented by the cloud-restricted device in each method as in the embodiment of the present application. For brevity, This will not be repeated here.

The embodiment of the present application also provides a computer program. Optionally, the computer program can be applied to the cloud proxy device in the embodiment of the present application. The computer program enables the computer to execute the corresponding process implemented by the cloud proxy device in each method as in the embodiment of the present application. For the sake of brevity, it is not here. Repeat it again.

The embodiment of the present application also provides a computer program. Optionally, the computer program can be applied to the cloud device in the embodiment of the present application. The computer program enables the computer to execute the corresponding process implemented by the cloud device in each method of the embodiment of the present application. For brevity, details are not repeated here .

A person of ordinary skill in the art may be aware that the units and algorithm steps of the examples described in combination with the embodiments disclosed herein can be implemented by electronic hardware or a combination of computer software and electronic hardware. Whether these functions are executed by hardware or software depends on the specific application and design constraint conditions of the technical solution. Professionals and technicians can use different methods for each specific application to implement the described functions, but such implementation should not be considered beyond the scope of this application.

Those skilled in the art can clearly understand that, for the convenience and conciseness of description, the specific working process of the above-described system, device, and unit can refer to the corresponding process in the foregoing method embodiment, which will not be repeated here.

In the several embodiments provided in this application, it should be understood that the disclosed device and method may be implemented in other ways. For example, the device embodiments described above are only illustrative. For example, the division of the units is only a logical function division, and there may be other divisions in actual implementation, for example, multiple units or components can be combined or It can be integrated into another system, or some features can be ignored or not implemented. In addition, the displayed or discussed mutual coupling or direct coupling or communication connection may be indirect coupling or communication connection through some interfaces, devices or units, and may be in electrical, mechanical or other forms.

The units described as separate components may or may not be physically separated, and the components displayed as units may or may not be physical units, that is, they may be located in one place, or they may be distributed on multiple network units. Some or all of the units may be selected according to actual needs to achieve the objectives of the solutions of the embodiments.

In addition, the functional units in each embodiment of the present application may be integrated into one processing unit, or each unit may exist alone physically, or two or more units may be integrated into one unit.

If the function is implemented in the form of a software functional unit and sold or used as an independent product, it can be stored in a computer readable storage medium. Based on this understanding, the technical solution of this application essentially or the part that contributes to the existing technology or the part of the technical solution can be embodied in the form of a software product, and the computer software product is stored in a storage medium, including Several instructions are used to make a computer device (which may be a personal computer, a server, or a network device, etc.) execute all or part of the steps of the method described in each embodiment of the present application. The aforementioned storage media include: U disk, mobile hard disk, read-only memory (Read-Only Memory, ROM), random access memory (Random Access Memory, RAM), magnetic disk or optical disk and other media that can store program code .

The above are only specific implementations of this application, but the protection scope of this application is not limited to this. Any person skilled in the art can easily think of changes or substitutions within the technical scope disclosed in this application. Should be covered within the scope of protection of this application. Therefore, the protection scope of this application shall be subject to the protection scope of the claims.

Claims

A method for publishing resources, the method includes:

Cloud restricted devices establish connections with cloud proxy devices;

The cloud restricted device transmits information to the cloud proxy device based on the connection, and the information is used by the cloud proxy device to release resources to the cloud device.
The method according to claim 1, wherein the establishment of the connection between the cloud restricted device and the cloud proxy device comprises:

The cloud restricted device obtains information of the cloud proxy device, and establishes a connection with the cloud proxy device based on the information.
The method according to claim 2, wherein the obtaining of the cloud proxy device information by the cloud restricted device comprises:

The cloud-constrained device receives configuration information sent by the configurator, and the configuration information includes information of the cloud proxy device.
The method according to claim 2, wherein the obtaining of the cloud proxy device information by the cloud restricted device comprises:

The cloud-constrained device sends a discovery request message through broadcast or multicast; the discovery request message includes the cloud proxy resource type;

The cloud restricted device receives a discovery response message; the discovery response message includes the information of the cloud proxy device.
The method according to any one of claims 2 to 4, wherein the information of the cloud proxy device includes at least one of the following: a cloud proxy resource identifier of the cloud proxy device, and endpoint information of the cloud proxy resource.
The method according to claim 1, wherein the transmission of information between the cloud-restricted device and the cloud proxy device based on the connection comprises:

The cloud-constrained device instructs the cloud proxy device to release resources to the cloud device based on the connection.
The method according to claim 6, wherein the cloud-restricted device instructing the cloud proxy device to release resources to the cloud device based on the connection comprises:

The cloud-constrained device sends a first resource publication request message to the cloud proxy device, and the first resource publication request message is used to instruct the cloud proxy device to publish resources to the cloud device.
The method according to claim 7, wherein the resource requested by the first resource release request message is a cloud proxy resource;

The first resource release request message includes at least one of the following: an agent release resource indication, an identifier of the cloud restricted device, and a first resource link of the cloud restricted device;

The endpoint of the resource in the first resource link of the cloud restricted device is the endpoint of the cloud restricted device.
The method according to claim 8, wherein the first resource release request message further includes at least one of the following: effective time of the released resource, and an indication of a cloud-restricted device.
The method according to any one of claims 7 to 9, wherein the method further comprises:

The cloud restricted device receives a second resource release response message sent by the cloud proxy device.
The method according to any one of claims 7 to 10, wherein before the cloud restricted device sends the first resource release request message to the cloud proxy device, the method further comprises:

Sending, by the cloud restricted device, a first cloud registration request message to the cloud proxy device;

The cloud restricted device receives a second cloud registration response message sent by the cloud proxy device; the second cloud registration response message includes at least one of the following: the user ID, and the access token of the cloud restricted device , The valid duration of the access token, and the update token of the cloud restricted device.
The method according to claim 11, wherein the resource requested by the first cloud registration request message is a cloud proxy resource;

The first cloud registration request message includes at least one of the following: a proxy cloud registration instruction, an identifier of the cloud restricted device, and security credential information of the cloud restricted device.
The method according to any one of claims 7 to 12, wherein before the cloud restricted device sends the first resource release request message to the cloud proxy device, the method further comprises:

Sending, by the cloud restricted device, a first cloud login request message to the cloud proxy device;

The cloud restricted device receives a second cloud login response message sent by the cloud proxy device; the second cloud login response message includes the valid time of the access token.
The method according to claim 13, wherein the resource requested by the first cloud login request message is a cloud proxy resource;

The first cloud login request message includes at least one of the following: a proxy cloud login instruction, an identifier of the cloud restricted device, and an access token of the cloud restricted device.
The method according to any one of claims 1 to 14, wherein the method further comprises:

Sending, by the cloud restricted device, a first update token request message to the cloud proxy device;

The cloud restricted device receives a second update token response message sent by the cloud proxy device; the second update token response message includes at least one of the following: a new access token, an update token, and the new The effective time of the access token.
The method according to claim 15, wherein the resource requested by the first update token request message is a cloud proxy resource;

The first update token request message includes at least one of the following: a proxy update token indication, an identification of the cloud restricted device, an update token, and a user identification.
The method according to any one of claims 1 to 10, wherein before the cloud restricted device sends the first resource release request message to the cloud proxy device, the method further comprises:

The cloud restricted device sends a first device binding request message to the cloud proxy device; the resource requested by the first device binding request message is a cloud proxy resource;

The cloud restricted device receives a second device binding response message sent by the cloud proxy device.
The method according to claim 17, wherein the first device binding request message includes at least one of the following: a proxy device binding instruction, an identifier of the cloud restricted device, and a security credential of the cloud restricted device ；

The second device binding response message includes a user identification.
The method according to claim 7, wherein the resource requested by the first resource release request message is a resource directory resource;

The first resource release request message includes at least one of the following: an identifier of the cloud restricted device, and a first resource link of the cloud restricted device;

The endpoint of the resource in the first resource link of the cloud restricted device is the endpoint of the cloud restricted device.
The method according to claim 19, wherein the first resource release request message further includes at least one of the following: effective time of the released resource, and an indication of a cloud-restricted device.
The method according to claim 11, wherein the method further comprises:

The cloud restricted device obtains the access token sent by the configurator.
The method according to claim 21, wherein the resource requested by the first cloud registration request message is an account resource;

The first cloud registration request message includes at least one of the following: the identifier of the cloud restricted device, and the access token.
The method according to claim 13, wherein the resource requested by the first cloud login request message is a session resource;

The first cloud login request message includes at least one of the following: a cloud login instruction, an identifier of the cloud restricted device, an access token of the cloud restricted device, and a user identifier.
The method according to claim 15, wherein the resource requested by the first update token request message is an update token resource;

The first update token request message includes at least one of the following: an identifier of the cloud restricted device, an update token, and a user identifier.
A method for publishing resources, the method includes:

The cloud proxy device establishes a connection with the cloud restricted device;

The cloud proxy device transmits information to the cloud-restricted device based on the connection, and publishes the resources of the cloud-restricted device to the cloud device based on the information.
The method according to claim 25, wherein the establishing a connection between the cloud proxy device and the cloud restricted device comprises:

The cloud proxy device sends the cloud proxy device information to the cloud restricted device, and the cloud proxy device information is used for the cloud restricted device to establish a connection with the cloud proxy device.
The method according to claim 26, wherein the sending of the cloud proxy device information to the cloud restricted device by the cloud proxy device comprises:

The cloud proxy device receives a discovery request message sent by the cloud restricted device in a broadcast or multicast manner; the discovery request message includes the cloud proxy resource type;

The cloud proxy device sends a discovery response message to the cloud restricted device; the discovery response message includes information of the cloud proxy device.
The method according to claim 26 or 27, wherein the information of the cloud proxy device includes at least one of the following: a cloud proxy resource identifier of the cloud proxy device, and endpoint information of the cloud proxy resource.
The method according to claim 25, wherein the cloud proxy device transmits information to the cloud restricted device based on the connection, and releases resources to the cloud device based on the information, comprising:

The cloud proxy device obtains an instruction from the cloud restricted device based on the connection, and releases resources to the cloud device based on the instruction.
The method according to claim 29, wherein the cloud proxy device obtains an instruction from the cloud-restricted device based on the connection, and publishing resources to the cloud device based on the instruction includes:

The cloud proxy device receives, based on the connection, a first resource release request message sent by the cloud restricted device, where the first resource release request message is used to instruct the cloud proxy device to release resources to the cloud device;

The cloud proxy device sends a second resource release request message to the cloud device; the resource requested by the second resource release request message is a resource catalog resource; the second resource release request message includes at least one of the following: The identifier of the restricted device, the second resource link of the cloud restricted device; the endpoint of the resource in the second resource link of the cloud restricted device is the endpoint of the cloud proxy device;

The cloud proxy device obtains the first resource release response message sent by the cloud device, and sends a second resource release response message to the cloud restricted device.
The method according to claim 30, wherein the resource requested by the first resource release request message is a cloud proxy resource; the first resource release request message includes at least one of the following: a proxy release resource indication, and the cloud receiver The identifier of the restricted device and the first resource link of the cloud restricted device; the endpoint of the resource in the first resource link of the cloud restricted device is the endpoint of the cloud restricted device.
The method according to claim 31, wherein the first resource release request message further comprises at least one of the following: the effective time of the released resource and an indication of a cloud-restricted device;

The second resource release request message also includes at least one of the following: the effective time of the released resource, and an indication of the cloud restricted device.
The method according to any one of claims 30 to 32, wherein the target identifier in the second resource link of the cloud restricted device includes the identifier of the target resource and the identifier of the cloud restricted device.
The method according to any one of claims 30 to 33, wherein before the cloud proxy device receives the first resource release request message sent by the cloud restricted device based on the connection, the method further comprises:

Receiving, by the cloud proxy device, a first cloud registration request message sent by the cloud restricted device, and sending a second cloud registration request message to the cloud device;

The cloud proxy device receives a first cloud registration response message sent by the cloud device; the first cloud registration response message includes at least one of the following: the user identifier, the access token of the cloud restricted device, and The valid duration of the access token, and the update token of the cloud restricted device;

The cloud proxy device sends a second cloud registration response message to the cloud restricted device; the second cloud registration response message includes at least one of the following: the user ID, the access token of the cloud restricted device, The valid duration of the access token and the update token of the cloud restricted device.
The method according to claim 34, wherein the resource requested by the first cloud registration request message is a cloud proxy resource; the first cloud registration request message includes at least one of the following: proxy cloud registration instruction, the cloud acceptor The identification of the restricted device and the security credential information of the cloud restricted device;

The resource requested by the second cloud registration request message is an account resource; the second cloud registration request message includes at least one of the following: the identifier of the cloud restricted device, the security credential information of the cloud restricted device, and the user Logo.
The method according to any one of claims 30 to 35, wherein before the cloud proxy device receives the first resource release request message sent by the cloud restricted device based on the connection, the method further comprises:

The cloud proxy device receives a first cloud login request message sent by the cloud restricted device, and sends a second cloud login request message to the cloud device;

The cloud proxy device receives a first cloud login response message sent by the cloud device; the first cloud login response message includes the valid time of the access token;

The cloud proxy device sends a second cloud login response message to the cloud restricted device; the second cloud login response message includes the valid time of the access token.
The method according to claim 36, wherein the resource requested by the first cloud login request message is a cloud proxy resource; the first cloud login request message includes at least one of the following: proxy cloud login instruction, the cloud acceptor The identification of the restricted device and the access token of the cloud restricted device;

The resource requested by the second cloud login request message is a session resource; the second cloud login request message includes at least one of the following: a cloud login instruction, an identifier of the cloud restricted device, and access to the cloud restricted device Token, user ID.
The method according to any one of claims 25 to 37, wherein the method further comprises:

Receiving, by the cloud proxy device, a first update token request message sent by the cloud restricted device, and send a second update token request message to the cloud device;

The cloud proxy device receives a first update token response message sent by the cloud device; the first update token response message includes at least one of the following: a new access token, an update token, and the new access The valid time of the token;

The cloud proxy device sends a second update token response message to the cloud restricted device; the second update token response message includes at least one of the following: a new access token, an update token, and the new The valid time of the access token.
The method according to claim 38, wherein the resource requested by the first update token request message is a cloud proxy resource;

The first update token request message includes at least one of the following: proxy update token indication, identification of the cloud restricted device, update token, and user identification;

The resource requested by the second update token request message is an update token resource; the second update token request message includes at least one of the following: an identifier of the cloud restricted device, an update token, and a user identifier.
The method according to any one of claims 25 to 33, wherein before the cloud proxy device receives the first resource release request message sent by the cloud restricted device based on the connection, the method further comprises:

The cloud proxy device receives a first device binding request message sent by the cloud restricted device; the resource requested by the first device binding request message is a cloud proxy resource;

The cloud proxy device sends a second device binding request message to the cloud device; the resource requested by the second device binding request message is a binding resource;

The cloud proxy device receives a first device binding response message sent by the cloud device; the first device binding response message includes a user identifier;

The cloud proxy device sends a second device binding response message to the cloud restricted device; the second device binding response message includes a user identifier.
The method according to claim 40, wherein the first device binding request message includes at least one of the following: a proxy device binding instruction, an identifier of the cloud restricted device, and a security credential of the cloud restricted device ；

The second device binding request message includes at least one of the following: an identifier of the cloud restricted device, a security credential of the cloud restricted device, and a security identifier.
The method according to claim 30, wherein the resource requested by the first resource release request message is a resource catalog resource; the first resource release request message includes at least one of the following: an identifier of the cloud restricted device, The first resource link of the cloud restricted device; the endpoint of the resource in the first resource link of the cloud restricted device is the endpoint of the cloud restricted device.
The method according to claim 42, wherein the first resource release request message further comprises at least one of the following: effective time of the released resource, and an indication of a cloud-restricted device.
The method according to claim 34, wherein the resource requested by the first cloud registration request message is an account resource; the first cloud registration request message includes at least one of the following: an identifier of the cloud restricted device, a The access token;

The resource requested by the second cloud registration request message is an account resource; the second cloud registration request message includes at least one of the following: the identifier of the cloud restricted device and the access token.
The method according to claim 36, wherein the resource requested by the first cloud login request message is a session resource; the first cloud login request message includes at least one of the following: a cloud login instruction, the cloud restricted device , The access token of the cloud restricted device, and the user identity;

The resource requested by the second cloud login request message is a session resource; the second cloud login request message includes at least one of the following: a cloud login instruction, an identifier of the cloud restricted device, and access to the cloud restricted device Token, user ID.
The method according to claim 38, wherein the resource requested by the first update token request message is an update token resource;

The first update token request message includes at least one of the following: an identifier of the cloud restricted device, an update token, and a user identifier;

The resource requested by the second update token request message is an update token resource; the second update token request message includes at least one of the following: an identifier of the cloud restricted device, an update token, and a user identifier.
A method for publishing resources, the method includes:

The cloud device obtains the resource issued by the cloud proxy device; the resource is the resource of the cloud restricted device obtained by the cloud proxy device based on the connection with the cloud restricted device;

The cloud device publishes the resource.
The method of claim 47, wherein the cloud device receiving resources issued by the cloud proxy device comprises:

The cloud device receives a second resource release request message sent by the cloud proxy device; the resource requested by the second resource release request message is a resource catalog resource; the second resource release request message includes at least one of the following: The identifier of the cloud restricted device and the second resource link of the cloud restricted device; the endpoint of the resource in the second resource link of the cloud restricted device is the endpoint of the cloud proxy device.
The method according to claim 48, wherein the second resource release request message further includes at least one of the following: effective time of the released resource, and an indication of a cloud-restricted device.
The method according to claim 48 or 49, wherein the target identifier in the second resource link of the cloud restricted device includes the identifier of the target resource and the identifier of the cloud restricted device.
The method according to any one of claims 47 to 50, wherein the cloud device publishing the resource includes:

The cloud device adds the second resource link to the resource catalog; wherein, the endpoint of the published resource is the endpoint of the cloud device.
The method of claim 51, wherein the cloud device adding the second resource link to the resource catalog comprises:

In the case that the second resource release request message includes an indication of the cloud-restricted device, or the target identifier in the second resource link of the cloud-restricted device includes the identifier of the target resource and the cloud-restricted device In the case of the identifier of the device, the published identifier of the target resource is the same as the identifier of the target resource in the second resource link.
The method according to any one of claims 47 to 52, wherein the method further comprises:

The cloud device sends a first resource release response message to the cloud proxy device.
The method according to any one of claims 47 to 53, wherein before the cloud device obtains the resources issued by the cloud proxy device, the method further comprises:

Receiving, by the cloud device, a second cloud registration request message sent by the cloud proxy device;

The cloud device allocates an access token to the cloud restricted device, and associates the cloud restricted device with a user ID;

The cloud device sends a first cloud registration response message to the cloud proxy device; the first cloud registration response message includes at least one of the following: the user identifier, the access token of the cloud restricted device, and the The valid duration of the access token, and the update token of the cloud restricted device.
The method according to claim 54, wherein the resource requested by the second cloud registration request message is an account resource; the second cloud registration request message includes at least one of the following: an identifier of the cloud restricted device, a The security credential information and user identification of the cloud restricted device;

Alternatively, the resource requested by the second cloud registration request message is an account resource; the second cloud registration request message includes at least one of the following: the identifier of the cloud restricted device and the access token.
The method according to any one of claims 47 to 55, wherein before the cloud device obtains the resources released by the cloud proxy device, the method further comprises:

Receiving, by the cloud device, a second cloud login request message sent by the cloud proxy device;

The cloud device sends a first cloud login response message to the cloud proxy device; the first cloud login response message includes the valid time of the access token.
The method according to claim 56, wherein the resource requested by the second cloud login request message is a session resource; the second cloud login request message includes at least one of the following: a cloud login instruction, the cloud restricted device , The access token of the cloud restricted device, and the user identity.
The method according to any one of claims 47 to 57, wherein the method further comprises:

Receiving, by the cloud device, a second update token request message sent by the cloud proxy device;

The cloud device updates a new access token, and sends a first update token response message to the cloud proxy device; the first update token response message includes at least one of the following: new access token, update token , The valid time of the new access token.
The method according to claim 58, wherein the resource requested by the second update token request message is an update token resource;

The second update token request message includes at least one of the following: an identifier of the cloud restricted device, an update token, and a user identifier.
The method according to any one of claims 47 to 53, wherein before the cloud device obtains the resources issued by the cloud proxy device, the method further comprises:

The cloud device receives a second device binding request message sent by the cloud proxy device; the resource requested by the second device binding request message is a binding resource; the second device binding request message includes at least one of the following One: the identifier of the cloud-restricted device, the security credential, and the security identifier of the cloud-restricted device;

The cloud device associates the cloud restricted device with the user identifier, and sends a first device binding response message to the cloud proxy device; the first device binding response message includes the user identifier.
The method according to claim 60, wherein the method further comprises: the cloud device associating an access token of the cloud restricted device and the cloud proxy device.
A cloud-restricted device, the device comprising: a first connection establishment unit and a first transmission unit; wherein,

The first connection establishing unit is configured to establish a connection with a cloud proxy device;

The first transmission unit is configured to transmit information with the cloud proxy device based on the connection, and the information is used by the cloud proxy device to release resources to the cloud device.
The device according to claim 62, wherein the first connection establishment unit is configured to obtain information of the cloud proxy device, and establish a connection with the cloud proxy device based on the information.
The device according to claim 63, wherein the first connection establishment unit is configured to receive configuration information sent by the configurator, and the configuration information includes information of the cloud proxy device.
The device according to claim 63, wherein the first connection establishment unit is configured to send a discovery request message in a broadcast or multicast manner; the discovery request message includes a cloud proxy resource type; and the discovery response message is received; The discovery response message includes the information of the cloud proxy device.
The device according to any one of claims 63 to 65, wherein the information of the cloud proxy device includes at least one of the following: a cloud proxy resource identifier of the cloud proxy device, and endpoint information of the cloud proxy resource.
The device according to claim 62, wherein the first transmission unit is configured to instruct the cloud proxy device to release resources to the cloud device based on the connection.
The device according to claim 67, wherein the first transmission unit is configured to send a first resource publishing request message to the cloud proxy device, and the first resource publishing request message is used to instruct the cloud proxy device to send a request to the cloud The device publishes resources.
The device according to claim 68, wherein the resource requested by the first resource release request message is a cloud proxy resource;

The first resource release request message includes at least one of the following: an agent release resource indication, an identifier of the cloud restricted device, and a first resource link of the cloud restricted device;

The endpoint of the resource in the first resource link of the cloud restricted device is the endpoint of the cloud restricted device.
The device according to claim 69, wherein the first resource release request message further includes at least one of the following: effective time of the released resource, and an indication of a cloud-restricted device.
The device according to any one of claims 68 to 70, wherein the first transmission unit is further configured to receive a second resource release response message sent by the cloud proxy device.
The device according to any one of claims 68 to 71, wherein the first transmission unit is further configured to send a first resource release request message to the cloud proxy device before sending a first resource release request message to the cloud proxy device. Cloud registration request message; receiving a second cloud registration response message sent by the cloud proxy device; the second cloud registration response message includes at least one of the following: the user ID, the access token of the cloud restricted device, The valid duration of the access token and the update token of the cloud restricted device.
The device according to claim 72, wherein the resource requested by the first cloud registration request message is a cloud proxy resource;

The first cloud registration request message includes at least one of the following: a proxy cloud registration instruction, an identifier of the cloud restricted device, and security credential information of the cloud restricted device.
The device according to any one of claims 68 to 73, wherein the first transmission unit is further configured to send a first resource release request message to the cloud proxy device before sending a first resource release request message to the cloud proxy device. Cloud login request message; receiving a second cloud login response message sent by the cloud proxy device; the second cloud login response message includes the valid time of the access token.
The device according to claim 74, wherein the resource requested by the first cloud login request message is a cloud proxy resource;

The first cloud login request message includes at least one of the following: a proxy cloud login instruction, an identifier of the cloud restricted device, and an access token of the cloud restricted device.
The device according to any one of claims 62 to 75, wherein the first transmission unit is further configured to send a first update token request message to the cloud proxy device; receive the first update token request message sent by the cloud proxy device 2. An update token response message; the second update token response message includes at least one of the following: a new access token, an update token, and the validity time of the new access token.
The device according to claim 76, wherein the resource requested by the first update token request message is a cloud proxy resource; the first update token request message includes at least one of the following: proxy update token indication, The identification, update token, and user identification of the cloud restricted device.
The device according to any one of claims 62 to 71, wherein the first transmission unit is further configured to send a first resource release request message to the cloud proxy device before sending a first resource release request message to the cloud proxy device. A device binding request message; the resource requested by the first device binding request message is a cloud proxy resource; and a second device binding response message sent by the cloud proxy device is received.
The device according to claim 78, wherein the first device binding request message comprises at least one of the following: a proxy device binding instruction, an identifier of the cloud restricted device, and a security credential of the cloud restricted device ；

The second device binding response message includes a user identification.
The device according to claim 68, wherein the resource requested by the first resource release request message is a resource directory resource;

The first resource release request message includes at least one of the following: an identifier of the cloud restricted device, and a first resource link of the cloud restricted device;

The endpoint of the resource in the first resource link of the cloud restricted device is the endpoint of the cloud restricted device.
The device according to claim 80, wherein the first resource release request message further comprises at least one of the following: effective time of the released resource and an indication of a cloud-restricted device.
The device according to claim 72, wherein the first transmission unit is further configured to obtain the access token sent by the configurator.
The device according to claim 82, wherein the resource requested by the first cloud registration request message is an account resource;

The first cloud registration request message includes at least one of the following: the identifier of the cloud restricted device, and the access token.
The device according to claim 74, wherein the resource requested by the first cloud login request message is a session resource;

The first cloud login request message includes at least one of the following: a cloud login instruction, an identifier of the cloud restricted device, an access token of the cloud restricted device, and a user identifier.
The device according to claim 76, wherein the resource requested by the first update token request message is an update token resource; the first update token request message includes at least one of the following: the cloud restricted device ID, update token, user ID.
A cloud proxy device includes: a second connection establishment unit, a second transmission unit, and a third transmission unit; wherein,

The second connection establishment unit is configured to establish a connection with a cloud restricted device;

The second transmission unit is configured to transmit information with the cloud restricted device based on the connection;

The third transmission unit is configured to release the resources of the cloud-restricted device to the cloud device based on the information transmitted by the second transmission unit.
The device according to claim 86, wherein the second connection establishment unit is configured to send information of the cloud proxy device to the cloud restricted device, and the information of the cloud proxy device is used for the cloud receiving device. Only the device establishes a connection with the cloud proxy device.
The device according to claim 87, wherein the second connection establishment unit is configured to receive a discovery request message sent by the cloud restricted device in a broadcast or multicast manner; the discovery request message includes a cloud proxy Resource type; sending a discovery response message to the cloud restricted device; the discovery response message includes information of the cloud proxy device.
The device according to claim 87 or 88, wherein the information of the cloud proxy device includes at least one of the following: a cloud proxy resource identifier of the cloud proxy device, and endpoint information of the cloud proxy resource.
The device according to claim 86, wherein the second transmission unit is configured to obtain an indication of the cloud restricted device based on the connection;

The third transmission unit is configured to release resources to the cloud device based on the instruction obtained by the second transmission unit.
The device according to claim 90, wherein the second transmission unit is configured to receive a first resource release request message sent by the cloud-limited device based on the connection, and the first resource release request message is used to indicate The cloud proxy device releases resources to the cloud device;

The third transmission unit is configured to send a second resource publishing request message to a cloud device; the resource requested by the second resource publishing request message is a resource catalog resource; the second resource publishing request message includes at least one of the following: The identifier of the cloud restricted device, the second resource link of the cloud restricted device; the endpoint of the resource in the second resource link of the cloud restricted device is the endpoint of the cloud proxy device; and it is also configured to obtain The first resource release response message sent by the cloud device;

The second transmission unit is further configured to send a second resource release response message to the cloud restricted device.
The device according to claim 91, wherein the resource requested by the first resource publishing request message is a cloud proxy resource; the first resource publishing request message includes at least one of the following: a proxy publishing resource indication, the cloud receiving The identifier of the restricted device and the first resource link of the cloud restricted device; the endpoint of the resource in the first resource link of the cloud restricted device is the endpoint of the cloud restricted device.
The device according to claim 92, wherein the first resource release request message further comprises at least one of the following: the effective time of the released resource and an indication of the cloud-restricted device;

The second resource release request message also includes at least one of the following: the effective time of the released resource, and an indication of the cloud restricted device.
The device according to any one of claims 91 to 93, wherein the target identifier in the second resource link of the cloud restricted device includes the identifier of the target resource and the identifier of the cloud restricted device.
The device according to any one of claims 91 to 94, wherein the second transmission unit is further configured to receive the first resource release request message sent by the cloud restricted device based on the connection The first cloud registration request message sent by the cloud restricted device;

The third transmission unit is further configured to send a second cloud registration request message to the cloud device; receive a first cloud registration response message sent by the cloud device; the first cloud registration response message includes at least one of the following : The user identification, the access token of the cloud restricted device, the valid duration of the access token, and the update token of the cloud restricted device;

The second transmission unit is further configured to send a second cloud registration response message to the cloud restricted device; the second cloud registration response message includes at least one of the following: the user identifier, the cloud restricted device The access token of the access token, the valid duration of the access token, and the update token of the cloud restricted device.
The device according to claim 95, wherein the resource requested by the first cloud registration request message is a cloud proxy resource; the first cloud registration request message includes at least one of the following: a proxy cloud registration instruction, the cloud acceptor The identification of the restricted device and the security credential information of the cloud restricted device;

The resource requested by the second cloud registration request message is an account resource; the second cloud registration request message includes at least one of the following: the identifier of the cloud restricted device, the security credential information of the cloud restricted device, and the user Logo.
The device according to any one of claims 91 to 96, wherein the second transmission unit is further configured to receive the first resource release request message sent by the cloud restricted device based on the connection The first cloud login request message sent by the cloud restricted device;

The third transmission unit is further configured to send a second cloud login request message to the cloud device; receive a first cloud login response message sent by the cloud device; the first cloud login response message includes an access token Effective time;

The second transmission unit is further configured to send a second cloud login response message to the cloud restricted device; the second cloud login response message includes the valid time of the access token.
The device according to claim 97, wherein the resource requested by the first cloud login request message is a cloud proxy resource; the first cloud login request message includes at least one of the following: proxy cloud login instruction, the cloud acceptor The identification of the restricted device and the access token of the cloud restricted device;

The resource requested by the second cloud login request message is a session resource; the second cloud login request message includes at least one of the following: a cloud login instruction, an identifier of the cloud restricted device, and access to the cloud restricted device Token, user ID.
The device according to any one of claims 86 to 98, wherein the second transmission unit is further configured to receive a first update token request message sent by the cloud restricted device;

The third transmission unit is further configured to send a second update token request message to the cloud device; receive a first update token response message sent by the cloud device; the first update token response message includes the following At least one of: a new access token, an update token, and the validity time of the new access token;

The second transmission unit is further configured to send a second update token response message to the cloud restricted device; the second update token response message includes at least one of the following: a new access token, an update token , The valid time of the new access token.
The device according to claim 99, wherein the resource requested by the first update token request message is a cloud proxy resource; the first update token request message includes at least one of the following: proxy update token indication, The identification, update token, and user identification of the cloud restricted device;

The resource requested by the second update token request message is an update token resource; the second update token request message includes at least one of the following: an identifier of the cloud restricted device, an update token, and a user identifier.
The device according to any one of claims 86 to 94, wherein the second transmission unit is further configured to receive the first resource release request message sent by the cloud restricted device based on the connection A first device binding request message sent by a cloud restricted device; the resource requested by the first device binding request message is a cloud proxy resource;

The third transmission unit is further configured to send a second device binding request message to the cloud device; the resource requested by the second device binding request message is a binding resource; and receive the first device binding request message sent by the cloud device. A device binding response message; the first device binding response message includes a user identification;

The second transmission unit is further configured to send a second device binding response message to the cloud restricted device; the second device binding response message includes a user identifier.
The device according to claim 101, wherein the first device binding request message comprises at least one of the following: a proxy device binding instruction, an identifier of the cloud restricted device, and a security credential of the cloud restricted device ；

The second device binding request message includes at least one of the following: an identifier of the cloud restricted device, a security credential of the cloud restricted device, and a security identifier.
The device according to claim 91, wherein the resource requested by the first resource release request message is a resource catalog resource; and the first resource release request message includes at least one of the following: an identifier of the cloud restricted device, The first resource link of the cloud restricted device; the endpoint of the resource in the first resource link of the cloud restricted device is the endpoint of the cloud restricted device.
The device according to claim 103, wherein the first resource release request message further comprises at least one of the following: effective time of the released resource, and an indication of a cloud-restricted device.
The device according to claim 95, wherein the resource requested by the first cloud registration request message is an account resource; the first cloud registration request message includes at least one of the following: an identifier of the cloud restricted device, a The access token;

The resource requested by the second cloud registration request message is an account resource; the second cloud registration request message includes at least one of the following: the identifier of the cloud restricted device and the access token.
The device according to claim 97, wherein the resource requested by the first cloud login request message is a session resource; the first cloud login request message includes at least one of the following: a cloud login instruction, the cloud restricted device , The access token of the cloud restricted device, and the user identity;

The resource requested by the second cloud login request message is a session resource; the second cloud login request message includes at least one of the following: a cloud login instruction, an identifier of the cloud restricted device, and access to the cloud restricted device Token, user ID.
The device according to claim 99, wherein the resource requested by the first update token request message is an update token resource; the first update token request message includes at least one of the following: the cloud restricted device ID, update token, user ID;

The resource requested by the second update token request message is an update token resource; the second update token request message includes at least one of the following: an identifier of the cloud restricted device, an update token, and a user identifier.
A cloud device includes a fourth transmission unit and a publishing unit; wherein,

The fourth transmission unit is configured to obtain resources issued by the cloud proxy device; the resources are resources of the cloud restricted device obtained by the cloud proxy device based on the connection with the cloud restricted device;

The publishing unit is configured to publish the resource.
The device according to claim 108, wherein the fourth transmission unit is configured to receive a second resource publication request message sent by the cloud proxy device; the resource requested by the second resource publication request message is a resource directory resource The second resource release request message includes at least one of the following: the identifier of the cloud restricted device, the second resource link of the cloud restricted device; the resource in the second resource link of the cloud restricted device The endpoint of is the endpoint of the cloud proxy device.
The device according to claim 109, wherein the second resource release request message further includes at least one of the following: the effective time of the released resource and an indication of the cloud-restricted device.
The device according to claim 109 or 110, wherein the target identifier in the second resource link of the cloud restricted device includes the identifier of the target resource and the identifier of the cloud restricted device.
The device according to any one of claims 108 to 111, wherein the publishing unit is configured to add the second resource link to the resource catalog; wherein the endpoint of the published resource is the endpoint of the cloud device .
The device according to claim 112, wherein the publishing unit is further configured to, when the second resource publishing request message includes an indication of a cloud-restricted device, or, when the cloud-restricted device is In the case that the target identifier in the second resource link includes the identifier of the target resource and the identifier of the cloud restricted device, the published identifier of the target resource is the same as the identifier of the target resource in the second resource link.
The device according to any one of claims 108 to 113, wherein the fourth transmission unit is further configured to send a first resource release response message to the cloud proxy device.
The device according to any one of claims 108 to 114, wherein the device further comprises a registration unit;

The fourth transmission unit is further configured to receive a second cloud registration request message sent by the cloud proxy device before obtaining the resources issued by the cloud proxy device;

The registration unit is configured to allocate an access token to the cloud restricted device, and associate the cloud restricted device with a user identity;

The fourth transmission unit is further configured to send a first cloud registration response message to the cloud proxy device; the first cloud registration response message includes at least one of the following: the user identification, the cloud-restricted device The access token, the valid duration of the access token, and the update token of the cloud restricted device.
The device according to claim 115, wherein the resource requested by the second cloud registration request message is an account resource; the second cloud registration request message includes at least one of the following: an identifier of the cloud restricted device, a The security credential information and user identification of the cloud restricted device;

Alternatively, the resource requested by the second cloud registration request message is an account resource; the second cloud registration request message includes at least one of the following: the identifier of the cloud restricted device and the access token.
The device according to any one of claims 108 to 116, wherein the fourth transmission unit is further configured to receive a second cloud login request message sent by the cloud proxy device before obtaining the resources issued by the cloud proxy device; Send a first cloud login response message to the cloud proxy device; the first cloud login response message includes the valid time of the access token.
The device according to claim 117, wherein the resource requested by the second cloud login request message is a session resource; the second cloud login request message includes at least one of the following: a cloud login instruction, the cloud restricted device , The access token of the cloud restricted device, and the user identity.
The device according to any one of claims 108 to 118, wherein the device further comprises an update unit;

The fourth transmission unit is further configured to receive a second update token request message sent by the cloud proxy device;

The update unit is configured to update a new access token;

The fourth transmission unit is further configured to send a first update token response message to the cloud proxy device; the first update token response message includes at least one of the following: a new access token, an update token, The valid time of the new access token.
The device according to claim 119, wherein the resource requested by the second update token request message is an update token resource; the second update token request message includes at least one of the following: the cloud restricted device ID, update token, user ID.
The device according to any one of claims 108 to 114, wherein the device further comprises a binding unit;

The fourth transmission unit is further configured to receive a second device binding request message sent by the cloud proxy device before obtaining the resources issued by the cloud proxy device; the resource requested by the second device binding request message is binding Resource; the second device binding request message includes at least one of the following: the identifier of the cloud restricted device, the security credential, and the security identifier of the cloud restricted device;

The binding unit is configured to associate the cloud restricted device with a user identity;

The fourth transmission unit is further configured to send a first device binding response message to the cloud proxy device; the first device binding response message includes a user identifier.
The device according to claim 121, wherein the binding unit is further configured to associate an access token of the cloud restricted device and the cloud proxy device.
A device comprising: a processor and a memory, the memory is used to store a computer program, the processor is used to call and run the computer program stored in the memory, and execute the computer program according to any one of claims 1 to 24 Method; or, execute the method according to any one of claims 25 to 46; or, execute the method according to any one of claims 47 to 61.
A chip comprising: a processor, configured to call and run a computer program from a memory, so that the device installed with the chip executes the method according to any one of claims 1 to 24; or, makes the installation The chip-based device executes the method according to any one of claims 25 to 46; the chip-mounted device executes the method according to any one of claims 47-61.
A computer-readable storage medium for storing a computer program that enables the computer to execute the method according to any one of claims 1 to 24; or, the computer program causes the computer to execute the method according to claims 25 to The method according to any one of 46; or, the computer program causes a computer to execute the method according to any one of claims 47 to 61.
A computer program product comprising computer program instructions that cause a computer to execute the method according to any one of claims 1 to 24; or, to cause the computer to execute any one of claims 25 to 46 Or, make a computer execute the method according to any one of claims 47 to 61.
A computer program that causes a computer to execute the method according to any one of claims 1 to 24; or, the computer program causes a computer to execute the method according to any one of claims 25 to 46 Or, the computer program causes the computer to execute the method according to any one of claims 47 to 61.