-
Notifications
You must be signed in to change notification settings - Fork 63
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Initial/Common Connection Container Proposal #2040
Conversation
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
small, editorial
I like the general direction this is going in. I was curious how this would work for WebSockets, so as an exercise I tried to re-write the example Thing Description from my Web Thing Protocol WebSocket Sub-protocol strawman proposal. This is what I came up with: {
"@context": [
"https://www.w3.org/2022/wot/td/v2.0"
],
"id": "https://myweblamp.io",
"title": "My Lamp",
"connections": {
"websocket": {
"href": "wss://myweblamp.io",
"subprotocol": "webthingprotocol",
"security": "oauth2",
"reusable": true
}
},
"connection": "websocket",
"securityDefinitions": {
"oauth2": {
"scheme": "oauth2",
"flow": "code",
"authorization": "https://myweblamp.io/oauth/authorize",
"token": "https://myweblamp.io/oauth/token",
"name": "jwt",
"in": "query"
}
},
"security": "oauth2",
"properties": {
"on": {
"type": "boolean",
"title": "On/Off",
"description": "Whether the lamp is turned on",
"forms": [
{
"op": [
"readproperty",
"writeproperty",
"observeproperty",
"unobserveproperty"
]
}
]
},
"level": {
"type": "integer",
"title": "Brightness",
"description": "The level of light from 0-100",
"unit": "percent",
"minimum": 0,
"maximum": 100,
"forms": [
{
"op": [
"readproperty",
"writeproperty",
"observeproperty",
"unobserveproperty"
]
}
]
}
},
"actions": {
"fade": {
"title": "Fade",
"description": "Fade the lamp to a given level",
"input": {
"type": "object",
"properties": {
"level": {
"type": "integer",
"minimum": 0,
"maximum": 100,
"unit": "percent"
},
"duration": {
"type": "integer",
"minimum": 0,
"unit": "milliseconds"
}
}
},
"forms": [
{
"op": [
"invokeaction",
"queryaction",
"cancelaction"
]
}
]
}
},
"events": {
"overheated": {
"title": "Overheated",
"data": {
"type": "number",
"unit": "degree celsius"
},
"description": "The lamp has exceeded its safe operating temperature",
"forms": [
{
"op": [
"subscribeevent",
"unsubscribeevent"
]
}
]
}
},
"forms": [
{
"op": [
"readallproperties",
"readmultipleproperties",
"writeallproperties",
"writemultipleproperties",
"observeallproperties",
"unobserveallproperties",
"queryallactions",
"subscribeallevents",
"unsubscribeallevents"
]
}
]
} Have I understood Ege's proposal correctly? If so feel free to use this example (or tweak it). A couple of observations:
* In fact you might argue that URIs are the fundamental concept that makes the web the web and that linkability is super important. |
Co-authored-by: Ted Thibodeau Jr <tthibodeau@openlinksw.com>
It isn't as clear as it were back in time :)
My proposal is to split the two concerns:
This way you may say |
Just a side-comment: |
@lu-zero wrote:
Of course all protocols exist somewhere in a protocol stack but in the context of the World Wide Web, and the Web of Things, protocols are identified by URI schemes. URI schemes are (supposed to be) centrally registered with IANA to avoid name conflicts. Anything defined on top of that layer can be considered a "sub-protocol", which is a formally defined concept in WebSockets (which also has a central IANA registry) but is also less formally used by WoT binding templates for other protocols and "should be understood together with the protocol indicated in href of the forms (or the base)". A fundamental part of the Web of Things architecture is that protocol bindings are created using hypermedia controls, which rely on URIs. If we start to split protocol identifiers out of URIs into a separate mechanism then it's a step towards making an already large problem space even larger, by opening the door to protocols which don't have a URI scheme and are not included in the IANA registry. This is a step towards facilitating bindings for directly describing non-web and non-Internet protocols like Zigbee and Z-Wave which have so far been considered out of scope of the Web of Things. I feel strongly that the working group should not go in that direction, because the scope of the Web of Things already feels unreasonably large (especially with people pushing the boundaries by inventing informal URI schemes for protocols which don't natively define one). At least anything which goes in this direction should not be called the Web of Things.
That's fine, but protocol bindings should use URIs and the scheme part of a URI (together with an optional subprotocol) unambiguously identifies the protocol being used.
In order to avoid ambiguity this would surely require the WoT Working Group to maintain its own protocol registry, in parallel to the one defined by IANA, which seems like a bad idea to me. |
I'd rather spare 3 letters and potentially have a place different from the Form to hold the protocol and connection configuration details.
If I want to describe a Thing that uses mTLS and implements only http/3 I need a place to store that information. We already have the Having per-scheme defaults is a possible the situation in which you have multiple protocols and each of them have different security schemes that may apply. Alternatively we can leverage the stackable defaults approach and also remove the security-related defaults since they would be redundant.
No disagreement on this, but you have situations in which you need and have to put additional details. But if we want to have more structure, and I'd argue the first step is to unify
The current consensus is that in order to have a binding in our registry, the uri schemes it uses have to be registered with IANA. |
This will be discussed in today's meeting. I observe that there is a discussion on the relationship between the definitions of protocol, href, URI scheme, subprotocol. For the first phase of the discussion, I would avoid going in that direction. Those can be defined under that reusable container with keywords we are free to define later on. |
Call of today:
|
Call of 10th of October:
|
|
|
} | ||
"title": "test", | ||
"security": "no_sec", // is this needed with the connection containing the security term? | ||
"connection":"basichttp1", |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
It would be nice if it was possible to provide inline connection metadata in the connection
member in the case that there is only one connection, instead of the verbosity of separately defining connectionDefinitions
and connection
. This would be the same as the proposal to allow inline security definitions in 2.0.
"op":"writeproperty" | ||
}, | ||
"basichttp2" : { | ||
"connection":"basichttp1", // |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Oh man, I don't look forward to trying to parse connection definitions which reference each other. Is this completely necessary? It's obviously a trade-off between verbosity in the Thing Description and parser complexity (and human readability), but you can't currently do this with securityDefinitions
.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I want to have stackable defaults for forms and a container for the protocol specific terms. if there is consensus to conflate the two so be it, but...
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I think this can be added later on based on the needs of the TD designers. This only makes sense if there are two defaults defined, e.g. DELETE for reading and POST for writing to a property and you have a many properties in the TD.
|
||
```js | ||
{ | ||
"commonDefinitions":{ // Name to be decided |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
"definitions"?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Also makes sense. I will present it :)
|
||
Open questions: | ||
|
||
- Can we move the security machinery to connection? |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
This item hadn't been discussed yet, it boils down to either
- remove
security
and related terms and useForm
as container for what we have in the securityDefinitions. (less tidy IMHO) - rename
security
toconnection
andsecurityDefinitions
toconnectionDefinitions
and use it to contain the connection setup terms.
"connectionDefinitions": { "no_sec+http3": {
"scheme": "nosec",
"htv:version": "3",
"transport": "quick",
"tls:cyphers": "...
}
}
"formDefinitions": {
"my_read_only_http3_properties": {
"op": "readproperty",
"connection": "no_sec+http3",
"htv:methodName": "...
}
}
The reason why is that security
is just a specialized kind of connection setup covering from trasport (tls) to application (oauth).
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
- MQTT broker related information (uri, mqtt version etc,) goes in the first container in this case.
- The second container is purely setting the defaults for forms. Can be renamed to
formDefinitions
- Discussion: Should the keys of
connectionDefinitions
be limited to allowed/known uri schemes? - Discussion: Are links influenced by these?
I will prepare a final example with the proposal from Luca of splitting the connection (security and other stuff) and defaults for forms. There will be also a simple markdown table with types etc. This can be used in the plugfest for testing and getting real-world experience. |
As agreed in the TD call yesterday, we agreed to close this PR without merging. It will be referred to in a new PR to save the history. |
First just moving the existing points from HackMD. The comments that were given in yesterday's call were: