REST streaming code snippets available!

announcements

#1

REST streaming enables your application to listen for changes in Nest devices. This is unlike basic REST calls, where you need to poll to get changes.

We’re adding code snippets showing how to do REST streaming.

Languages added so far:

  • cURL
  • Node.js
  • Python 2.7

We’re planning to add a Java snippet, too. Do you want to do REST streaming? What’s your language of choice?

Cheers,
Betsy


#2

The snippet for Java 8 has now been added.


#3

Hi,

I was just getting the REST streaming up and running. But it does not seem to work in browsers. I can get it to work in nodejs fine, but the browser will give me 401 errors.

Is REST streaming not supported in the browser?

This simple code fails with a 401 or net::ERR_ABORTED in Chrome when I use the firebase url directly;

const NEST_API_URL = 'https://developer-api.nest.com'
// const NEST_API_URL = 'https://firebase-apiserver01-tah01-iad01.dapi.production.nest.com:9553'

const token = 'c.XXXXX'

const source = new EventSource( NEST_API_URL, { headers: { 'Authorization': `Bearer ${token}` } } )

Regards,

Jasper


#4

Hi Jasper,

The Nest API can stream events to the browser, but the browser EventSource object needs to have the authorization token in the URL and won’t use the Authorization header.

Please try this and let us know if you have any issues:

const source = new EventSource(`${NEST_API_URL}?auth=${token}`);

There is a code sample that uses rest streaming in the browser: https://github.com/nestlabs/rest-streaming, and has code similar to this (public/js/streaming.js). The authorization flow is first done in a server script (server-client.js) and stores the token in a cookie. Then the browser retrieves it from the cookie and adds it to the URL when setting up the EventSource.

It would be more secure to use an Authorization header if the EventSource implementation will use it, in case the URLs get logged to files. There may be some custom EventSource libraries that can use the Authorization header in the browser.

Thanks,
Becky


#5

Hi Becky,

Great, thanks. Did not see that part in the documentation.

Yes, I understand the implications. But currently there does not seem to be a browser or EventSource implementation that handles the 307 redirect correctly when combined with the header option.

Thanks,

Jasper