We are trying to map Tuya devices in node wot (https://github.com/eclipse/thingweb.node-wot/pull/735), but we struggled to fit their authentication mechanism inside the set of Thing Description SecuritySchemes. For the time being, we are opting for a workaround: defining a custom security scheme. However, I would like to understand if the tuya signature algorithm actually fits inside of the BearerSecurityScheme.
Reading the docs it seems that they are using a custom alg (HMAC-SHA256) plus a custom format (no jws or anything else). Do you think is it feasible to describe that algorithm using the regular BearerSecurityScheme but with specific values of alg and format ?
We are trying to map Tuya devices in node wot (https://github.com/eclipse/thingweb.node-wot/pull/735), but we struggled to fit their authentication mechanism inside the set of Thing Description
SecuritySchemes
. For the time being, we are opting for a workaround: defining a custom security scheme. However, I would like to understand if the tuya signature algorithm actually fits inside of the BearerSecurityScheme.Reading the docs it seems that they are using a custom
alg
(HMAC-SHA256) plus a customformat
(nojws
or anything else). Do you think is it feasible to describe that algorithm using the regular BearerSecurityScheme but with specific values ofalg
andformat
?