HTTP GET to call a device level function

bigjme · December 25, 2013, 11:46pm

I now have the system pretty much fully working for posts that run a function. I say pretty much because I have no spark to test it with. If I give you access, would you like to try it @Hamel Or even you @zach ?

Hamel · December 26, 2013, 8:36am

@bigjme That’s ok for me. Let me know what I need to do.

contractorwolf · December 27, 2013, 12:20am

@bigjme the problem with trying your stuff out on someone elses spark is that they would have to give you the access token, and that is supposed to be kept secret for a reason. Look at the docs here and read the lession:
http://docs.spark.io/#/api

LESSON: Protect your access token.

bigjme · December 27, 2013, 12:35am

Im giving out demo accounts so users try it themselves. Not so I have any details

sobellinni · December 29, 2013, 2:25am

This worked great, now to figure out how to make it simpler and geared for a particular application

SimonP · April 1, 2015, 3:05pm

A friend of mine has an app that will load URLs on various triggers and he wanted a way to call a function from the spark core using a single URL. As we can add variables in to the URL in GET http requests but not in POST I made a little GET to POST proxy which allows you to call any of your functions (and pass variables) by using a GET request. Works great if you have a device that doesn’t have cURL.
Use…

https://api.simonpainter.com/core/neil/?device={device name}&function={function name}&access_token={access token}

https://api.simonpainter.com/core/neil/?device=dolly&function=up&access_token=xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx

If your function takes a parameter then you can include that as well.

bko · April 1, 2015, 6:13pm

Can you describe what you think the security implications for this service are?

While I am sure this on the up and up, given that an access token is a key to lots of things in the Spark world, I am not inclined to share mine with third-party websites without a good deal of thought.

You have cross-posted this several times now and I think we should stick to one thread please.

SimonP · April 1, 2015, 6:23pm

Yeah, I have posted this to three relevant threads.

You’re right, if I was a malicious scumbag you’re passing my server your access token. I could of course log them and then use them to control your device until you realised and changed your access token. I’m not a douchebag though and wouldn’t be doing it using my own name in the domain.

Nobody is forcing you to use it.

Topic		Replies	Views
Yes, great, but how do I get it on a web page? Getting Started	15	6557	December 29, 2013
API method to return all variables with their values Cloud	11	4448	January 7, 2017
Cloud API is Buggy Cloud	14	3007	August 17, 2014
Return value of GET on v1/devices/{DEVICE_ID}/{VARIABLE_NAME} Cloud	3	1566	July 27, 2014
SOLVED: Post Request (Basic Layout) Troubleshooting	11	3702	January 8, 2015

HTTP GET to call a device level function

Related topics