
Research
Malicious fezbox npm Package Steals Browser Passwords from Cookies via Innovative QR Code Steganographic Technique
A malicious package uses a QR code as steganography in an innovative technique.
@node-wot/binding-mqtt
Advanced tools
W3C Web of Things (WoT) Protocol Binding for MQTT. This package uses mqtt as a low level library for MQTT. W3C WoT Binding Template for MQTT can be found here.
Current Maintainer(s): @egekorkan @sebastiankb @hasanheroglu
The protocol prefix handled by this binding is mqtt://
or mqtts://
.
In the following examples it is shown how to use the MQTT binding of node-wot.
npm install @node-wot/core
npm install @node-wot/binding-mqtt
An MQTT Thing frequently publishes counter values (as an Event Affordance) to the topic /MQTT-Test/events/counterEvent
of the MQTT broker running behind the address test.mosquitto.org:1883
.
In addition, the Thing subscribes to the resetCounter
topic (via its action handler) as a WoT Action Affordance so that
it can handle requests to reset the counter value.
const { Servient } = require("@node-wot/core");
const { MqttBrokerServer } = require("@node-wot/binding-mqtt");
// create Servient add MQTT binding
const servient = new Servient();
servient.addServer(new MqttBrokerServer({ uri: "mqtt://test.mosquitto.org" }));
servient.start().then((WoT) => {
var counter = 0;
WoT.produce({
title: "MQTT-Test",
id: "urn:dev:wot:mqtt:counter",
actions: {
resetCounter: {
description: "Reset counter",
},
},
events: {
counterEvent: {
description: "Counter Value",
data: {
type: "integer",
},
},
},
})
.then((thing) => {
thing.setActionHandler("resetCounter", async () => {
console.log("Resetting counter");
counter = 0;
});
thing.expose().then(() => {
console.info(thing.title + " ready");
setInterval(() => {
++counter;
thing.emitEvent("counterEvent", counter);
console.info("New count ", counter);
}, 1000);
});
})
.catch((e) => {
console.log(e);
});
});
The Thing Description corresponding to the previous example is shown below:
{
"@context": "https://www.w3.org/2019/wot/td/v1",
"title": "MQTT-Test",
"id": "urn:dev:wot:mqtt:counter",
"actions" : {
"resetCounter": {
"description": "Reset counter"
"forms": [
{"href": "mqtt://test.mosquitto.org:1883/MQTT-Test/actions/resetCounter"}
]
}
},
"events": {
"counterEvent": {
"description": "Counter Value",
"data": {
"type": "integer"
},
"forms": [
{"href": "mqtt://test.mosquitto.org:1883/MQTT-Test/events/counterEvent"}
]
}
}
}
This example takes the Thing Description of the previous example and subscribes to the counterEvent
and resets the counter every 20s via the resetCounter
action.
const { Servient } = require("@node-wot/core");
const { MqttClientFactory } = require("@node-wot/binding-mqtt");
// create Servient and add MQTT binding
const servient = new Servient();
servient.addClientFactory(new MqttClientFactory(null));
// Thing Description can be also fetched
const td = `{
"@context": "https://www.w3.org/2019/td/v1",
"title": "MQTT-Test",
"id": "urn:dev:wot:mqtt:counter",
"actions" : {
"resetCounter": {
"forms": [
{"href": "mqtt://test.mosquitto.org:1883/MQTT-Test/actions/resetCounter"}
]
}
},
"events": {
"counterEvent": {
"description": "Counter Value",
"data": {
"type": "integer"
},
"forms": [
{"href": "mqtt://test.mosquitto.org:1883/MQTT-Test/events/counterEvent"}
]
}
}
}`;
try {
servient.start().then((WoT) => {
WoT.consume(JSON.parse(td)).then((source) => {
console.info("=== TD ===");
console.info(td);
console.info("==========");
source.subscribeEvent(
"counterEvent",
(x) => console.info("value:", x),
(e) => console.error("Error: %s", e),
() => console.info("Completed")
);
console.info("Subscribed");
source.invokeAction("resetCounter");
setInterval(async () => {
source
.invokeAction("resetCounter")
.then((res) => {})
.catch((err) => {
console.error("ResetCounter error:", err.message);
});
console.info("Reset counter!");
}, 20000);
});
});
} catch (err) {
console.error("Script error:", err);
}
There are example implementations provided in the example/scripting folder.
Please setup node-wot as described at the node-wot main page.
resetCounter
, by sending a publication message to the topic of this action.
This other client does not have to be node-wot, any MQTT client can interact with this Thing.
For node-wot clients, make sure to provide MQTT broker details (host
, port
, username
, password
, clientId
) in the wot-servient.conf.json:{
"mqtt" : {
"host" : "mqtt://test.mosquitto.org",
"username" : "username",
"password" : "password",
"clientId" : "uniqueId",
"port": 1883
}
}
Start the script by the command wot-servient mqtt-publish.js
or node ../../packages/cli/dist/cli.js mqtt-publish.js
.
Start the script by the command wot-servient -c mqtt-subscribe.js
or node ../../packages/cli/dist/cli.js -c mqtt-subscribe.js
.
FAQs
MQTT binding for node-wot
We found that @node-wot/binding-mqtt demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 7 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
A malicious package uses a QR code as steganography in an innovative technique.
Research
/Security News
Socket identified 80 fake candidates targeting engineering roles, including suspected North Korean operators, exposing the new reality of hiring as a security function.
Application Security
/Research
/Security News
Socket detected multiple compromised CrowdStrike npm packages, continuing the "Shai-Hulud" supply chain attack that has now impacted nearly 500 packages.