The Web of Things (WoT) provides layered interoperability between Things by using the WoT Interfaces.
This specification describes a programming interface representing the WoT Interface that allows scripts run on a Thing to discover and consume (retrieve) other Things and to expose Things characterized by WoT Interactions, i.e. Properties, Actions and Events.
Scripting is an optional "convenience" building block in WoT and it is typically used in gateways that are able to run a WoT Runtime and script management, providing a convenient way to extend WoT support to new types of endpoints and implement WoT applications like Thing Directory.
Implementers need to be aware that this specification is considered unstable. Vendors interested in implementing this specification before it eventually reaches the Candidate Recommendation phase should subscribe to the [repository](https://github.com/w3c/wot-scripting-api) and take part in the discussions.
Please contribute to this draft using the GitHub Issue feature of the WoT Scripting API repository. For feedback on security and privacy considerations, please use the WoT Security and Privacy Issues.
The overall WoT concepts are described in the [WoT Architecture](https://w3c.github.io/wot-architecture/) document. The Web of Things is made of entities (Things) that can describe their capabilities in a machine-interpretable format, the Thing Description (TD) and expose these capabilities through the WoT Interface. Support for scripting is optional for WoT devices.
By consuming a TD, a client Thing creates a runtime resource model that allows accessing the Properties, Actions and Events exposed by the server Thing.
Exposing a Thing requires defining a Thing Description (TD) and instantiating a software stack needed to serve requests for accessing the exposed Properties, Actions and Events. This specification describes how to expose and consume Things by a script.
Typically scripts are meant to be used on devices able to provide resources (with a WoT interface) for managing (installing, updating, running) scripts, such as bridges or gateways that expose and control simpler devices as WoT Things.
This specification does not make assumptions on how the WoT Runtime handles and runs scripts, including single or multiple tenancy, script deployment and lifecycle management. The API already supports the generic mechanisms that make it possible to implement script management, for instance by exposing a manager Thing whose Actions (action handlers) implement script lifecycle management operations.
For an introduction on how scripts could be used in Web of Things, check the [Primer](https://w3c.github.io/wot-scripting-api/primer) document. For some background on API design decisions check the [Rationale](https://w3c.github.io/wot-scripting-api/rationale) document.
The following scripting use cases are supported in this specification:
The WoT object is the API entry point and it is exposed by an implementation of the WoT Runtime. The WoT object does not expose properties, only methods for discovering, consuming and exposing a Thing.
Browser implementations SHOULD use a namespace object such as `wot`, and [Node.js](https://nodejs.org/en/)-like runtimes MAY provide the API object through the [`require()`](https://nodejs.org/api/modules.html) or [`import`](http://www.ecma-international.org/ecma-262/6.0/#sec-imports) mechanism.
// [SecureContext]
// [NamespaceObject]
interface WoT {
Observable<ThingDescription> discover(optional ThingFilter filter);
Promise<ThingDescription> fetch(USVString url);
ConsumedThing consume(ThingDescription td);
ExposedThing produce(ThingModel model);
};
typedef USVString ThingDescription;
typedef (ThingTemplate or ThingDescription or ConsumedThing) ThingModel;
The fetch() method could be merged into discover(), i.e. discover({ url: tdURL }) is equivalent to former fetch(tdURL). Alternatively, both could be replaced by `fetch(optional (ThingFilter or USVString) locator)`, where `locator` can be a URL (for direct fetch) or a `ThingFilter` (for discovery).
The algorithms for the WoT methods will be specified later, including error handling and security considerations.
A `ThingTemplate` is a dictionary that provides Thing related semantic metadata.
typedef (object or USVString or sequence<USVString>) JsonLdDefinition;
interface ThingTemplate {
getter JsonLdDefinition (USVString name);
setter void (USVString name, JsonLdDefinition value);
};
The JsonLdDefinition type can be either a JSON object, a string representing an IRI, or an array of strings.
The ThingTemplate dictionary initializes a Thing:
USVString.
USVString.
USVString.
USVString.
DOMString.
"gms:COVParams" (with namespace definition), or "iotschema:unit" etc.
Support for configuration and security metadata will be added later.
Representation of the Thing Description, standardized in the [Wot Things Description](https://w3c.github.io/wot-thing-description/) specification.
In this version of the API, Thing Descriptions are represented as an opaque `USVString` representing a serialized TD.
Accepts an url argument of type `USVString` and returns a Promise that resolves with a ThingDescription.
Accepts an td argument of type ThingDescription and returns a ConsumedThing object instantiated based on that description.
Accepts a model argument of type ThingTemplate and returns an ExposedThing object, locally created based on the provided initialization parameters. An ExposedThing can be created in the following ways:
Starts the discovery process that will provide ThingDescriptions that match the optional argument ThingFilter. When the argument is not provided, uses all supported discovery methods.
Returns an [Observable](https://github.com/tc39/proposal-observable) object that can be subscribed to and unsubscribed from.
typedef DOMString DiscoveryMethod;
DiscoveryMethod represents the discovery type to be used:
The ThingFilter dictionary that represents the constraints for discovering Things as key-value pairs.
dictionary ThingFilter {
DiscoveryMethod method = "any";
USVString url;
USVString query;
sequence<Dictionary> constraints;
};
The method property represents the discovery type that should be used in the discovery process. The possible values are defined by the DiscoveryMethod enumeration that can be extended by string values defined by solutions (with no guarantee of interoperability).
The DiscoveryMethod enumeration can be extended by the Thing Description with values that are not specified here. This extensibility of DiscoveryMethod by proprietary or private methods is a working assumption until consensus is formed and may be removed later.
The url property represents additional information for the discovery method, such as the URL of the target entity serving the discovery request, such as a Thing Directory (if method is "directory") or a Thing (otherwise).
The query property represents a query string accepted by the implementation, for instance a SPARQL or JSON query.
The constraints property represents additional information for the discovery method in the form of a list of sets of property-value pairs (dictionaries). The list elements (dictionaries) are in OR relationship, and within a constraint dictionary the key-value pairs are in AND relationship. Implementations SHOULD make the following mapping from the constraint dictionaries to ThingTemplate: for each property-value pair in a constraint dictionary,
Queries and constraints are experimental features. Implementations are not required to support them.
let discoveryFilter = {
method: "directory",
url: "http://directory.wotservice.org"
};
let subscription = wot.discover(discoveryFilter).subscribe(
td => {
console.log("Found Thing " + td.name);
// fetch the TD and create a ConsumedThing
let thing = wot.consume(td);
},
error => { console.log("Discovery finished because an error: " + error.message); },
() => { console.log("Discovery finished successfully");}
);
setTimeout( () => {
subscription.unsubscribe();
console.log("Discovery timeout");
},
5000);
Note that canceling a discovery (through `unsubscribe()`) may not be successful in all cases, for instance when discovery is based on open ended broadcast requests. However, once `unsubscribe()` has been called, implementations MUST suppress further event handling ( i.e. further discoveries and errors) on the Observable. Also, a discovery error may not mean the end of the discovery process. However, in order to respect Observable semantics (error always terminates processing), implementations MUST close or suppress further event handling on the Observable.
let subscription = wot.discover({ method: "local" }).subscribe(
td => { console.log("Found local Thing " + td.name); },
error => { console.log("Discovery error: " + error.message); },
() => { console.log("Discovery finished successfully");}
);
let subscription = wot.discover({ method: "local" }).subscribe({
td => { console.log("Found local Thing " + td.name); },
error: err => { console.log("Discovery error: " + err.message); },
complete: () => { console.log("Discovery finished successfully");}
});
let subscription = wot.discover({
method: "ble",
constraints: [{ protocol: "BLE-4.2" }]
}).subscribe(
td => { console.log("Found nearby Thing " + td.name); },
error => { console.log("Discovery error: " + error.message); },
() => { console.log("Discovery finished successfully");}
);
let subscription = wot.discover({
method: "other",
constraints: [{ solution: "XYZ123", key: "..."}]
}).subscribe(
td => { console.log("Found Thing " + td.name); },
error => { console.log("Discovery error: " + error.message); },
() => { console.log("Discovery finished successfully");}
);
The ConsumedThing interface is a client API for sending requests to servers in order to retrieve or update Properties, invoke Actions, and observe Properties and Events.
interface ConsumedThing: ThingTemplate {
readonly attribute maplike<DOMString, ThingProperty> properties;
readonly attribute maplike<DOMString, ThingAction> actions;
readonly attribute maplike<DOMString, ThingEvent> events;
sequence<WebLink> links();
};
ConsumedThing implements Observable; // for TD changes
[NoInterfaceObject]
interface Interaction: ThingTemplate { // abstract class
sequence<Form> forms();
};
interface ThingProperty: Interaction {
readonly attribute DataSchema schema;
readonly attribute boolean writable;
readonly attribute boolean observable;
Promise get();
Promise set(any value);
Observable observe(); // may allow options later
};
interface ThingAction: Interaction {
readonly attribute DataSchema inputSchema;
readonly attribute DataSchema outputSchema;
Promise run(any parameters);
};
interface ThingEvent: Interaction {
readonly attribute DataSchema schema;
readonly attribute any data;
};
ThingEvent implements Observable;
typedef JSON DataSchema;
dictionary WebLink {
required USVString href;
USVString mediaType;
DOMString rel;
DOMString anchor;
};
dictionary Form {
required USVString href;
USVString mediaType;
DOMString rel;
DOMString security; // TBD
};
ConsumedThing represents a local proxy object of the remote Thing.
Below a ConsumedThing interface example is given.
try {
let td = await wot.discover({ url: "http://mmyservice.org/mySensor"});
let thing = wot.consume(td);
console.log("Thing " + thing.name + " has been consumed.");
let subscription = thing.onPropertyChange("temperature")
.subscribe(function(value) {
console.log("Temperature + " has changed to " + value);
});
thing.actions["startMeasurement"].run({ units: "Celsius" })
.then(() => { console.log("Temperature measurement started."); })
.catch(e => {
console.log("Error starting measurement.");
subscription.unsubscribe();
})
} catch(error) {
console.log("Error during fetch or consume: " + error.message);
};
The ExposedThing interface is the server API that allows defining request handlers, properties, Actions, and Events to a Thing. It also implements the ConsumedThing interface. An ExposedThing is created by the produce() method.
It is under consideration to use a constructor for ExposedThing instead of a factory method.
ExposedThing implements ConsumedThing;
interface ExposedThing {
// define how to expose and run the Thing
Promise<void> expose();
Promise<void> destroy();
Promise<void> register(optional USVString directory);
Promise<void> unregister(optional USVString directory);
Promise<void> emitEvent(DOMString eventName, any payload);
// define Thing Description modifiers
ExposedThing addProperty(ThingPropertyInit property);
ExposedThing removeProperty(DOMString name);
ExposedThing addAction(ThingActionInit action);
ExposedThing removeAction(DOMString name);
ExposedThing addEvent(ThingEventInit event);
ExposedThing removeEvent(DOMString name);
// define request handlers
ExposedThing setPropertyReadHandler(DOMString name, PropertyReadHandler readHandler);
ExposedThing setPropertyWriteHandler(DOMString name, PropertyWriteHandler writeHandler);
ExposedThing setActionHandler(DOMString name, ActionHandler action);
};
callback PropertyReadHandler = Promise<any>();
callback PropertyWriteHandler = Promise<void>(any value);
callback ActionHandler = Promise<any>(any parameters);
Start serving external requests for the Thing.
Generates the Thing Description given the properties, Actions and Event defined for this object. If a directory argument is given, make a request to register the Thing Description with the given WoT repository by invoking its register Action.
If a directory argument is given, make a request to unregister the Thing Description with the given WoT repository by invoking its unregister Action.
Stop serving external requests for the Thing and destroy the object. Note that eventual unregistering should be done before invoking this method.
Emits an the event initialized with the event name specified by the eventName argument and data specified by the payload argument.
typedef USVString DataSchema;
The DataSchema type represents a data type specified in the Thing Description in a serialized form.
DataSchema is under development, currently it can denote any type supported by the Thing Description and the WoT Runtime.
Adds a Property defined by the argument and updates the Thing Description. Throws on error. Returns a reference to the same object for supporting chaining.
dictionary ThingPropertyInit: ThingTemplate {
required DataSchema schema;
any value;
boolean writable = false;
boolean observable = false;
};
Represents the Thing Property description.
name attribute represents the name of the Property.
false.
false.
Removes the Property specified by the name argument and updates the Thing Description. Throws on error. Returns a reference to the same object for supporting chaining.
Adds an Action to the Thing object as defined by the action argument of type ThingAction and updates the Thing Description. Throws on error. Returns a reference to the same object for supporting chaining.
dictionary ThingActionInit: ThingTemplate {
DataSchema inputSchema;
DataSchema outputSchema;
};
The ThingAction dictionary describes the arguments and the return value.
name attribute provides the Action name.
Removes the Action specified by the name argument and updates the Thing Description. Throws on error. Returns a reference to the same object for supporting chaining.
Adds an event to the Thing object as defined by the event argument of type ThingEvent and updates the Thing Description. Throws on error. Returns a reference to the same object for supporting chaining.
dictionary ThingEventInit: ThingTemplate {
required DOMString name;
DataSchema schema;
};
name attribute represents the event name.
Removes the event specified by the name argument and updates the Thing Description. Returns a reference to the same object for supporting chaining.
A function that returns a Promise and resolves it with the value of the Property matching the name argument to the setPropertyReadHandler function, or rejects with an error if the property is not found or the value cannot be retrieved.
A function called with value as argument that returns a Promise which is resolved when the value of the Property matching the name argument to the setPropertyReadHandler function is updated with value, or rejects with an error if the property is not found or the value cannot be updated.
Note that this function is invoked by implementations before the property is updated, so the code in this callback function can invoke the readProperty() method to find out the old value of the property, if needed. Therefore the old value is not provided to this method.
A function called with a parameters dictionary argument assembled by the WoT runtime based on the Thing Description and the external client request. It returns a Promise that rejects with an error or resolves if the action is successful or ongoing (may also resolve with a control object such as an Observable for actions that need progress notifications or that can be canceled).
Takes name as string argument and readHandler as argument of type PropertyReadHandler. Sets the handler function for reading the specified Property matched by name. Throws on error. Returns a reference to the same object for supporting chaining.
The readHandler callback function will implement reading a Property and SHOULD be called by implementations when a request for reading a Property is received from the underlying platform.
There SHOULD be at most one handler for any given Property and newly added handlers replace the old handlers. If no handler is initialized for any given Property, implementations SHOULD implement a default property read handler.
Takes name as string argument and writeHandler as argument of type PropertyWriteHandler. Sets the handler function for writing the specified Property matched by name. Throws on error. Returns a reference to the same object for supporting chaining.
There SHOULD be at most one write handler for any given Property and newly added handlers replace the old handlers. If no write handler is initialized for any given Property, implementations SHOULD implement default property update and notifying observers on change.
Takes name as string argument and action as argument of type ActionHandler. Sets the handler function for the specified Action matched by name. Throws on error. Returns a reference to the same object for supporting chaining.
If provided, this callback function will implement invoking an Action and SHOULD be called by implementations when a request for invoking a Action is received from the underlying platform. The callback will receive a parameters dictionary argument.
There SHOULD be exactly one handler for any given Action. If no handler is initialized for any given Action, implementations SHOULD return error if the action is invoked by any client.
Below some ExposedThing interface examples are given.
try {
var thing = WoT.produce({ name: "tempSensor" });
// manually add Interactions
thing.addProperty({
name: "temperature",
value: 0.0,
schema: '{ "type": "number" }'
// use default values for the rest
}).addProperty({
name: "max",
value: 0.0,
schema: '{ "type": "number" }'
// use default values for the rest
}).addAction({
name: "reset",
// no input, no output
}).addEvent({
name: "onchange",
schema: '{ "type": "number" }'
});
// add server functionality
thing.setActionHandler("reset", () => {
console.log("Resetting maximum");
thing.writeProperty("max", 0.0);
});
thing.start().then(() => {
thing.register();
});
// define Thing business logic
setInterval( async () => {
let mock = Math.random()*100;
thing.writeProperty("temperature", mock);
let old = await thing.readProperty("max");
if (old < mock) {
thing.writeProperty("max", mock);
thing.emitEvent("onchange");
}
}, 1000);
} catch (err) {
console.log("Error creating ExposedThing: " + err);
}
let thingDescription = '{ "@context": [ "https://w3c.github.io/wot/w3c-wot-td-context.jsonld", "https://w3c.github.io/wot/w3c-wot-common-context.jsonld" ], "@type": [ "Thing", "Sensor" ], "name": "mySensor", "geo:location": "testspace", "interaction": [ { "@type": [ "Property", "Temperature" ], "name": "prop1", "schema": { "type": "number" }, "saref:TemperatureUnit": "degree_Celsius" } ] }';
try {
// note that produce() fails if thingDescription contains error
let thing = WoT.produce(thingDescription);
// Interactions were added from TD
// WoT adds generic handler for reading any property
// define a specific handler for one property
let name = "examplePropertyName";
thing.setPropertyReadHandler(name, () => {
console.log("Handling read request for " + name);
return new Promise((resolve, reject) => {
let examplePropertyValue = 5;
resolve(examplePropertyValue);
},
e => {
console.log("Error");
});
});
thing.start();
} catch(err) {
console.log("Error creating ExposedThing: " + err);
}
// fetch an external TD, e.g., to set up a proxy for that Thing
WoT.fetch("http://myservice.org/mySensor/description").then(td => {
// WoT.produce() ignores instance-specific metadata (security, form)
let thing = WoT.produce(td);
// Interactions were added from TD
// add server functionality
// ...
});
Observables are proposed to be included in ECMAScript and are used for handling pushed data associated with various possible sources, for instance events, timers, streams, etc. A minimal required implementation is described here.
This section is informal and contains rather laconic information for implementations on what to support for interoperability.
interface Observable {
Subscription subscribe((Observer or OnNext) next,
optional OnError error,
optional OnComplete complete);
};
interface Subscription {
void unsubscribe();
readonly attribute boolean closed;
};
interface Observer {
void next(any value);
void error(Error error);
void complete();
};
callback OnNext = void (any value);
callback OnError = void (Error error);
callback OnComplete = void ();
The Observer interface defines the callbacks needed to handle an Observable:
value argument.
value argument. It is called when an error occured in producing the data the client should know about.
Contains the closed property of type boolean that tells if the subscription is closed or active.
Also, contains the unsubscribe() method that cancels the subscription, i.e. makes a request to the underlying platform to stop receiving data from the source, and sets the closed property to false.
The Observable interface enabled subscribing to pushed data notifications by the subscribe() method:
subscribe() method is called with an Observer object, initialize the data, error and completion handling callbacks from that object, or throw on error.
subscribe() method is called with a function, initialize the data handler callback with that function. If the next argument is provided and is a function, initialize the error handling callback with that function, or throw on error. If the third argument is provided and is a function, initialize the completion handler with that function, or throw on error.
Please see the WoT Security and Privacy repository for work in progress regarding threat models, assets, risks, recommended mitigations, and best practices for security and privacy for systems using the Web of Things. Once complete, security and privacy considerations relevant to the Scripting API will be summarized in this section.
The generic WoT terminology is defined in [[!WOT-ARCHITECTURE]]: Thing, Thing Description (in short TD), Web of Things (in short WoT), WoT Interface, Protocol Bindings, WoT Runtime, Consuming a Thing Description, Thing Directory, WoT Interactions, Property, Action, Event etc.
JSON-LD is defined in [[!JSON-LD]] as a JSON document that is augmented with support for Linked Data by providing a @context property with a defining URI .
The terms URL and URL path are defined in [[!URL]].
The following terms are defined in [[!HTML5]] and are used in the context of browser implementations: browsing context, top-level browsing context, global object, incumbent settings object, Document, document base URL, Window, WindowProxy, origin, ASCII serialized origin, executing algorithms in parallel, queue a task, task source, iframe, valid MIME type.
A browsing context refers to the environment in which
Document objects are presented to the user. A given
browsing context has a single WindowProxy object,
but it can have many Document objects, with their associated
Window objects. The script execution context
associated with the browsing context identifies the entity which
invokes this API, which can be a web app, a web page, or an
iframe.
The term secure context is defined in [[!WEBAPPSEC]].
Error, EvalError, RangeError, ReferenceError, SyntaxError, TypeError, URIError , script execution context, Promise, JSON, JSON.stringify and JSON.parse are defined in [[!ECMASCRIPT]].
DOMString, USVString, ArrayBuffer, BufferSource and any are defined in [[!WEBIDL]].
The algorithms utf-8 encode, and utf-8 decode are defined in [[!ENCODING]].
IANA media types (formerly known as MIME types) are defined in RFC2046.
The terms hyperlink reference and relation type are defined in [[!HTML5]] and RFC8288.
This document defines conformance criteria that apply to a single product: the UA (user agent) that implements the interfaces it contains.
This specification can be used for implementing the WoT Scripting API in multiple programming languages. The interface definitions are specified in [[!WEBIDL]].
The user agent (UA) may be implemented in the browser, or in a separate runtime environment, such as [Node.js](https://nodejs.org/en/) or small embedded runtimes.
Implementations that use ECMAScript executed in a browser to implement the APIs defined in this document MUST implement them in a manner consistent with the ECMAScript Bindings defined in the Web IDL specification [[!WEBIDL]].
Implementations that use TypeScript or ECMAScript in a runtime to implement the APIs defined in this document MUST implement them in a manner consistent with the TypeScript Bindings defined in the TypeScript specification [[!TYPESCRIPT]].
This document serves a general description of the WoT Scripting API. Language and runtime specific issues are discussed in separate extensions of this document.
The following is a list of major changes to the document. For a complete list of changes, see the [github change log](https://github.com/w3c/wot-scripting-api/commits/master). You can also view the [recently closed bugs](https://github.com/w3c/wot-scripting-api/issues?page=1&state=closed).
ThingDescription, ThingTemplate, ThingMetadata, SemanticType, SemanticMetadata, input and output data descriptions, etc.
consume() to fetch() and consume().
expose() to accept a Thing Template.
addListener(), removeListener() introduced onEvent(), onPropertyChange(), onTDChange().
ExposedThing handlers for Property, Action and Event.
Observable.
The following problems are being discussed and need most attention:
DataSchema better (https://github.com/w3c/wot-scripting-api/issues/89).
Special thanks to former editor Johannes Hund (until August 2017, when at Siemens AG) for developing this specification. Also, the editors would like to thank Dave Raggett, Matthias Kovatsch, Michael Koster and Michael McCool for their comments and guidance.