In thing-description.ts there is a todo for ComboSecurityScheme
|
// TODO ComboSecurityScheme |
It occur that ComboSecurityScheme is required to create OPCUA Security Scheme
An OPCUA Secure connection has two levels:
- a SecureChannel (encryption mode)
- a Authentication ( userName password or x509 certificate)
Therefore it make sense to define a secure OPCUA this way:
const thing = {
securityDefinitions: {
"c:sign-encrypt_basic256Sha256": <OPCUAChannelSecurityScheme>{
scheme: "opcua-channel-security",
messageMode: "sign_encrypt",
policy: "Basic256Sha256", // deprecated
},
"a:username-password": <OPCUACUserNameAuthenticationScheme>{
scheme: "opcua-authentication",
userName: "joe",
password: "password_for_joe",
},
"a:x509-certificate": <OPCUACertificateAuthenticationScheme>{
scheme: "opcua-authentication",
tokenType: "certificate",
certificate: "....",
privateKey: "....",
},
"sd1": {
scheme: "combo",
allOf: ["c:sign-encrypt_basic256Sha256", "a:x509-certificate"],
},
"sd2": {
scheme: "combo",
allOf: ["c:sign-encrypt_basic256Sha256", "a:xusername-password""],
},
}
};see #1401 and PR #1415
In thing-description.ts there is a todo for ComboSecurityScheme
node-wot/packages/core/src/thing-description.ts
Line 138 in 8cd451b
It occur that ComboSecurityScheme is required to create OPCUA Security Scheme
An OPCUA Secure connection has two levels:
Therefore it make sense to define a secure OPCUA this way:
see #1401 and PR #1415