As discussed in today's call, we are missing a validation step for TDs regarding the ability to implement a particular security scheme. Currently, this check is hidden behind the 7th step of the expose algorithm:
Set up the WoT Interactions based on introspecting |td| as explained in [WOT-TD] and [WOT-PROTOCOL-BINDINGS]. Make a request to the underlying platform to initialize the Protocol Bindings and then start serving external requests for WoT Interactions (read, write and observe Properties, invoke Actions and manage Event subscriptions), based on the Protocol Bindings.
I think we can make this more explicit and add a separate step where we fail to expose if the underlying platform does not support one or more protocol schemes defined in exposing TD. Another possibility is that we fail only if none of the provided protocol schemes are supported. Or, according to the latest changes in the TD spec (here), we have to compute a boolean expression to know the set of security schemes required by the TD and fail if one of them is not supported.
A final possibility, introduced by @danielpeintner (please correct me if I am wrong), is to treat the whole TD passed as an argument to the ExposedThing constructor as a suggestion and ignore fields and properties that cannot be satisfied. This is what node-wot is doing for forms. (See also my comment #238 (comment))
Related to: #238.
As discussed in today's call, we are missing a validation step for TDs regarding the ability to implement a particular security scheme. Currently, this check is hidden behind the 7th step of the expose algorithm:
I think we can make this more explicit and add a separate step where we fail to expose if the underlying platform does not support one or more protocol schemes defined in exposing TD. Another possibility is that we fail only if none of the provided protocol schemes are supported. Or, according to the latest changes in the TD spec (here), we have to compute a boolean expression to know the set of security schemes required by the TD and fail if one of them is not supported.
A final possibility, introduced by @danielpeintner (please correct me if I am wrong), is to treat the whole TD passed as an argument to the ExposedThing constructor as a suggestion and ignore fields and properties that cannot be satisfied. This is what node-wot is doing for
forms. (See also my comment #238 (comment))Related to: #238.