mmccool
commented
9 months ago I think this needs to move to the TD repo, but labelled with "Security" so the security TF will review it.
Open relu91 opened 2 years ago
mmccool
commented
9 months ago I think this needs to move to the TD repo, but labelled with "Security" so the security TF will review it.
We are trying to map Tuya devices in node wot (https://github.com/eclipse/thingweb.node-wot/pull/735), but we struggled to fit their authentication mechanism inside the set of Thing Description
SecuritySchemes. For the time being, we are opting for a workaround: defining a custom security scheme. However, I would like to understand if the tuya signature algorithm actually fits inside of the BearerSecurityScheme.Reading the docs it seems that they are using a custom
alg(HMAC-SHA256) plus a customformat(nojwsor anything else). Do you think is it feasible to describe that algorithm using the regular BearerSecurityScheme but with specific values ofalgandformat?