To get some progress, I want to quickly document how node-wot currently supports security mechanisms based on TD metadata.
When starting a runtime, commission it with its credentials:
this.addCredentials(this.config.credentials);
When initializing the client-implementation for a new ConsumedThing, configure it with the TD security metadata:
client.setSecurity(this.td.security);
Inside client implementation create a request that applies the available credentials to the required the security mechanism defined in the metadata (actually node-wot only does this once, not for every request):
if (security.authorization === "Basic") {
// configure for Basic Auth
} else if (security.authorization==="Bearer") {
// configure with Bearer token, maybe contact auth server to get one if not available
} else if (security.authorization==="Proxy") {
// configure request to go through a proxy
}
To get some progress, I want to quickly document how node-wot currently supports security mechanisms based on TD metadata.
When starting a runtime, commission it with its credentials:
When initializing the client-implementation for a new ConsumedThing, configure it with the TD security metadata:
Inside client implementation create a request that applies the available credentials to the required the security mechanism defined in the metadata (actually node-wot only does this once, not for every request):
TD security examples. Note that an identifier is needed for the Thing described. I used
@id
with a URN. I loosely based that on https://tools.ietf.org/html/draft-arkko-core-dev-urn-05:Runtime configuration example. Note that the key in the credentials object ties it to the Thing's
@id
:P.S.: While checking the actual code now, I noticed a gap that might have been caused by merging with the Prague branch. Will work on that...