Project Proposals for 2017

[4] https://github.com/wso2/siddhi/tree/master/modules/siddhi-samples/quick-start-samples

[3] Introduction to CEP

[5] https://github.com/wso2/siddhi/tree/master/modules/siddhi-core/src/main/java/org/wso2/siddhi/core/query

[6] http://www.antlr.org/

[7] https://github.com/wso2/siddhi/blob/master/modules/siddhi-query-compiler/src/main/antlr4/org/wso2/siddhi/query/compiler/SiddhiQL.g4

Possible Mentor/s

Suho, Tishan

Proposal 5: Eclipse Plugin for Siddhi

Description

Build an Eclipse Plugin[1] for Siddhi[2] with syntax highlighting, code completion, error reporting and if time permits support for running Siddhi and debugging support. Siddhi is the complex event processing library we use within WSO2 CEP[3]. Siddhi is a SQL like language where you can write queries which can do real-time analysis. You can get yourself familiar with Siddhi language through Siddhi samples[4] and test-cases[5]. Siddhi is based on antlr[6] and grammar file can be found here[7].

Deliverables

Eclipse plugin to with syntax highlighting, code completion and error reporting
Running Siddhi in Idea
Debugging Siddhi in Idea

Skills Needed

Eclipse Plugin development
Java

References

[1] https://www.eclipse.org/articles/Article-Your%20First%20Plug-in/YourFirstPlugin.html

[4] https://github.com/wso2/siddhi/tree/master/modules/siddhi-samples/quick-start-samples

[3] Introduction to CEP

[5] https://github.com/wso2/siddhi/tree/master/modules/siddhi-core/src/main/java/org/wso2/siddhi/core/query

[6] http://www.antlr.org/

[7] https://github.com/wso2/siddhi/blob/master/modules/siddhi-query-compiler/src/main/antlr4/org/wso2/siddhi/query/compiler/SiddhiQL.g4

Possible Mentor/s

Suho, Nirmal

Proposal 6: Atom Plugin for Siddhi

Description

Build an Atom Plugin[1] for Siddhi[2] with syntax highlighting, code completion, error reporting. Siddhi is the complex event processing library we use within WSO2 CEP[3]. Siddhi is a SQL like language where you can write queries which can do real-time analysis. You can get yourself familiar with Siddhi language through Siddhi samples[4] and test-cases[5]. Siddhi is based on antlr[6] and grammar file can be found here[7].

Deliverables

Atom plugin to with syntax highlighting, code completion and error reporting

Skills Needed

Atom Plugin development
JavaScript

References

[1] https://github.com/blog/2231-building-your-first-atom-plugin

[4] https://github.com/wso2/siddhi/tree/master/modules/siddhi-samples/quick-start-samples

[3] Introduction to CEP

[5] https://github.com/wso2/siddhi/tree/master/modules/siddhi-core/src/main/java/org/wso2/siddhi/core/query

[6] http://www.antlr.org/

[7] https://github.com/wso2/siddhi/blob/master/modules/siddhi-query-compiler/src/main/antlr4/org/wso2/siddhi/query/compiler/SiddhiQL.g4

Possible Mentor/s

Suho, Ramindu

Proposal 7: Environments Support for WSO2 API Manager

Description

Currently the WSO2 API Manager user interfaces don't have a mechanism of switching between different environments such as Dev/QA/Staging. This project is for building capability in the user interfaces of WSO2 API Manager version 3.0.0 (SNAPSHOT version as of now) to switch between different environments for performing user operations. The user interface, at a given time will connect to one environment and will have the capability to switch to any other while seamless transferring the user session.

Deliverables

The completed user interface for the API Store.
Documentation on how to setup the environments.

Skills Needed

HTML, CSS, Javascript
Handlebars.js
Fair knowledge on using REST services

References

[2] http://wso2.com/products/api-manager/

Possible Mentor/s

Nuwan Dias, Thilini Shanika, Kasun Tennakon

Proposal 8: CLI tool for WSO2 API Manager

Description

This project is about developing a CLI tool for the WSO2 API Manager which is capable of performing the following operations.

1. Exporting a given API from one environment and Importing to another
2. API Creation / Publishing
3. API Subscription
4. Key Generation

Deliverables

CLI tool
Documentation on how to run the CLI and it's functionality

Skills Needed

Go
Fair knowledge on using REST services

References

[1] https://golang.org/

[3] https://github.com/wso2/carbon-apimgt/tree/C5

[4] https://github.com/wso2/product-apim/tree/C5

[5] Migrating the APIs to a Different Environment

Possible Mentor/s

Nuwan Dias, Pubudu Gunatilaka, Sajith Kariyawasam

Proposal 9: API Tooling: Support Deploying an API

Description

WSO2 API Manager version 3.0.0 (SNAPSHOT version) comes with an editor which enables users to design their APIs offline and later push to the server. This project is for having a capability on the editor user interface itself to be able to push an API to the server. When a particular user performs the "Deploy" action, the editor should prompt the user for his credentials, logon on behalf of the user to the server and then do the deployment operation.

Deliverables

The enhanced editor user interface

Skills Needed

HTML, CSS, Javascript
Handlebars.js
Fair knowledge on using REST services

References

[1] http://wso2.com/products/complex-event-processor/

Possible Mentor/s

Nuwan Dias, Thilini Shanika, Kasun Tennakon, Harsha Kumara

Proposal 10: Video Scene Detection with WSO2 CEP

Description

This project proposes implementation of video scene detection system based on WSO2 Complex Event Processor (CEP). It will consist of a tracking module as well as scene identification module. The project will be carried out in an iterative manner where an initial prototype will be developed in 4 weeks and the prototype will be refined in the latter half of the project.

Deliverables

Video scene detection system
Documentation on the system architecture, algorithms, performance tuning, etc.
User guide

Skills Needed

Familiarity with Image/Video processing
Programming with Java and C
Knowledge on WSO2 CEP

References

Possible Mentor/s

Anusha Jayasundara, Miyuru Dayarathna

Proposal 11: Grouping APIs into Packages

Description

The WSO2 API Manager allows an API Developer to create and publish an API. This API can be consumed by Application Developers. This project is about introducing a capability for API publishers to group APIs into API packages so that Application developers can subscribe to all APIs in the package in one go.

Deliverables

The relevant product API that allow grouping APIs into a package.
The relevant product API that allows subscribing to the API package.
The product user interfaces for packaging and subscribing.

Skills Needed

Java8
Maven
Fair knowledge on using REST services
HTML, CSS, Javascript
Handlebars.js

References

[1] https://docs.kantarainitiative.org/uma/rec-uma-core-v1_0.html

Possible Mentors

Nuwan Dias, Sanjeewa Malalgoda

Proposal 12: User Managed Access based Device Sharing

Description

WSO2 IoT Server currently provides support for device grouping and sharing. However, the implementation does not support UMA. UMA is quickly gaining popularity as a lightweight access control protocol that is built around OAuth2.0. A draft of UMA has been implemented in WSO2 Identity Server.

Deliverables

Share statistics and control of devices managed by IOT Server using UMA.
Apply same functionality for device groups

Skills Needed

Java 8
Maven
Familiarity with OAuth2 and Access Control Protocols
HTML, CSS, Javascript and Handlebars

References

[2] https://github.com/wso2/carbon-device-mgt

[3] https://github.com/wso2/carbon-device-mgt-plugins

[4] https://github.com/wso2/product-iots

Possible Mentor/s

Sumedha Rubasinghe, Ruwan Yatawara, Geeth Munasinghe

Proposal 13: Test automation tool

Description

WSO2 currently tests step-b-step documentation such as tutorials and Quick-Start guides manually. The proposal is to either research on an available tool or develop one from scratch to convert step-by-step docs into some kind of batch scripts that can be run. This way, we can test our tutorials and QSGs through scripts without manually testing.

Providing a tool that requires minimal effort to generate the scripts is ideal as UIs tend to change frequently.

Deliverables

Automation tool

Skills Needed

Java
Test automation
Wiki mark-up

References

[1]

Possible Mentor/s

Dharshana Warusavitharana

Proposal 14: JMeter Test Manager for Distributed Deployments of WSO2 Servers

Description

Jmeter scripts are made at WSO2 to verify specific user scenarios with regard to fixes, improvements, etc. There are identified WSO2 server deployment patterns the Jmeter Scripts are required to run against. It would be useful if a management tool can be built that incorporates aspects of jmeter test script management/execution and server deployment creation/validation.

The tool should provide the user a comprehensive user interface to select and run jmeter scripts against predetermined server deployments.

The tool should provide the user the capability(through a UI) to select a WSO2 product/version, select a valid deployment pattern for the product with 3rd party prerequisites (e.g : MySQL Database, ActiveMQ Broker etc.) provide infrastructure inputs such as where each WSO2 server should be configured (e.g : K8S Master URL etc.).

The tool should take the provided deployment information and create the requested deployment, validate it and run the selected jmeter script against it to produce the jmeter test results.

Deliverables

The tool described above.

Skills Needed

Kubernetes and Docker
Linux administration skills
Java SE
Jmeter

References

[1] - http://jmeter.apache.org/download_jmeter.cgi
[2] - https://github.com/wso2-incubator/qa-tooling-smoketester
[3] - https://github.com/wso2/kubernetes-artifacts

Possible Mentor/s

NuwanS, Yasassri, Dumidu

Proposal 15: APIM Design new REST API for Analytics

Description

WSO2 APIM is a API management solution and provide enterprise level features to manage APIs. Scope of the project is to design and implement new Analytics REST API for Analytics to monitor API invocation. APIM consist publisher/store statistics graph which need to be use this new REST API to retrieved data. APIM have Statistics DB which contain the summary of API invocation and REST API use this DB to retrieve data. Also REST API should be generic interface to support extensibility.

Design and implement new REST API
Rest API should be able to retrieve data from RDBMS based on the user request
Designed REST API should be able to extensible and generic
As a POC implement a UI dashboard to view statistics graphs using the REST API

Deliverables

Rest API component and Dashboard components as described above

Skills Needed

Java
MSF4J
RDBMS
JavaScript

References

[4] https://docs.wso2.com/display/AM200/Analytics

Possible Mentor/s

Rukshan, NuwanD

Proposal 16: Python API for Siddhi CEP

Description

The Goal of the project is to write a Python wrapper for Siddhi so that Siddhi CEP can be used from python to do stream processing and to do sequence analysis. The project should support directly calling java from Python (see http://stackoverflow.com/questions/3652554/calling-java-from-python) and also talking to WSO2 CEP through the Service APIs. Following are some key work items.

Figure out how best to call Siddhi from python
Design Siddhi Python API
Figure out how to get the resulting trigger from Siddhi back to Python
Write a Client to call Siddhi APIs via service calls
Put everything together
Documentation and samples

Deliverables

API code, documentation, and samples

Skills Needed

Java
Complex Event Processing
Python

[1] http://wso2.com/products/complex-event-processor/

Possible Mentor/s

Srinath, Suho, Anjana

Proposal 17: [IS] Enhanced Client Proxy(ECP) Profile for SAML

Description

WSO2 Identity Server already supports SAML2 Core specification and the intention of this project is to enhance it with adding support for SAML2.0 ECP profile. This will add just two more options to the original core profile as below.

Channel Bindings
"Holder of Key Subject" Confirmation

Along with adding SAML2.0 ECP support, Identity Server needs to be enhanced with capability to issue OAuth2.0 access tokens for valid ECP SAML assertions.

Deliverables

Implementation of 'SAML V2.0 Enhanced Client or Proxy Profile Version 2.0' in WSO2 Identity Server
OAuth2 grant handler to issue tokens accepting ECP SAML assertions.
Test automation for the implementation
Documentation (For Dev and Users)

Skills Needed

Java
Maven
Github
Understanding written code

References

[1] - http://docs.oasis-open.org/security/saml/Post2.0/saml-ecp/v2.0/cs01/saml-ecp-v2.0-cs01.pdf

[2] - https://wso2.org/jira/browse/IDENTITY-1014

Possible Mentor/s

Hasintha Indrajee (hasintha AT wso2 DOT com)

Darshana Gunawardana (darshana AT wso2 DOT com)

Johann Nallathamby (johann AT wso2 DOT com)

Proposal 18: [IS] CLI Tool for WSO2 Identity Server

Description

A Command Line Tool(CLI) is a mechanism which provides speed and control to a Software Product. CLI tools make the product traceable, scriptable and adds automation capabilities for developers. There is a large community of developers who are attracted to CLI based tools as opposed to GUI based interfaces due to the simplicity provided by CLI tools.

This project focuses on building such a CLI to interact with WSO2 Identity Server, so that a user can perform functionalities on Identity Server via the CLI tool similar to using the Web based GUI interface. The CLI tool will support basic operations on Identity Server such as CRUD operation on Service Providers, Identity Providers, User Operations and Workflow Integration.

Deliverables

The deliverable for the project is a command line tool which provides operations on Identity Server and which is compatible with linux, windows and mac operating systems.Test
Automation for the implementation
Documentation

Skills Needed

Golang
Java
Maven
Github
Understanding written code

Why Use Golang?

‘Go’ is a language designed with system programming in mind and is gaining attraction as a language designed to develop highly concurrent applications. It also provides the ability to create cross-compiled binaries with no dependencies. It’s capability of compiling to a single, statically linked binary is a high performance improvement as well.[1]

References

[1] http://www.tutorialspoint.com/go/go_overview.htm

Possible Mentor/s

Harsha Thirimanna (harshat AT wso2 DOT com)

Farasath Ahamed (farasatha AT wso2 DOT com)

Proposal 19: [IS] Account Chooser (Working Group of the OPENID)

Description

AccountChooser is a facility where users can store basic identifying information for accounts that they use for signing in to Web sites (Sites). Once stored, users are able to use the AccountChooser user interface to transmit simple account hint information such as email addresses or federated issuer identifiers to sites rather than typing that information manually into login or signup forms.

Deliverables

Implementing OpenID AccountChooser Basic API Profile 1.0
Automation for the implementation
Documentation

Skills Needed

Java
JavaScript
Maven
Github
Understanding written code

References

1] OpenID AccountChooser Advanced Specification

[2] OpenID AccountChooser Basic API Profile 1.0

[3] OpenID AccountChooser Working Group

[4] OpenID AccountChooser API

Possible Mentor/s

Prabath Siriwardena (prabath AT wso2 DOT com)

Harsha Thirimanna (harshat AT wso2 DOT com)

Proposal 20: [IS] OAuth 2.0 Dynamic Client Registration Management Protocol Support

Description

Identity server 5.3.0 support for Oauth 2.0 and OIDC dynamic client registration which allow client to dynamically register with the Authorization server. With Dynamic Client Registration Management Protocol [1] support, registered client can be managed during the lifecycle of the client.

Deliverables

Implementing Dynamic Client Registration Management Protocol
Automation for the implementation
Sample for the implementation
Documentation

Skills Needed

Java
JavaScript
Maven
Github
Understanding written code

References

[1] https://tools.ietf.org/html/rfc7592

Possible Mentor/s

Ishara Karunarathna (isharak AT wso2 DOT com)

Maduranga Siriwardana (maduranga AT wso2 DOT com)

Tharindu Edirisinghe (tharindue AT wso2 DOT com)

Proposal 21: [IS] SCIM 2.0 compliance test suite

Description

The objective of the project is to create a SCIM 2.0 compliance test suite which can be run on both the cloud and on-premise. Upon providing the server SCIM endpoint and running the test suite, validation should be done whether the given SCIM provider supports SCIM: Core Schema [1] and SCIM: Protocol specification [2] and generate a report.

The report should include summary of the test results indicating the coverage percentage of each specification and a detailed view of the results of each test including requests sent by the test suite, expected response and the server response along with the indication whether a particular test is passed or not.

In addition, the test suite should be run against WSO2 Identity Server to identify any gaps between the SCIM 2.0 specifications and Identity Server and provide improvements to the product.

We expect from the students to research on the following prior to submitting the proposal.

Background study on the existing SCIM 1.1 compliance test suite [4].
Background study on compliance tests in general. Ex: OpenID Connect.
Metrics to be captured in the report.
Comparison between a few test suite implementations Ex. Underlying technology, Reporting engine.

Based on the research, include the following in the proposal with a justification as for why they are proposed.

Proposed format of the report.
Proposed architecture of the SCIM test suite.
Proposed technologies for the implementation. Ex: Programming language, HTTP client, Reporting libraries.

For additional information please go through the list of references.

Deliverables

Implementing SCIM 2.0 compliance test suite.
Capability of generating and overall coverage report and detailed analysis view.
Identify and mitigate any disparities between SCIM 2.0 specifications and Identity Server SCIM implementation.
Documentation.

Skills Needed

Java
Javascript
Maven
Understanding standards and specifications

References

[1] - SCIM: Core Schema: https://tools.ietf.org/html/rfc7643

[2] - SCIM: Protocol specification: https://tools.ietf.org/html/rfc7644

[3] - SCIM: Definitions, Overview, Concepts, and Requirements: https://tools.ietf.org/html/rfc7642

[4] - SCIM 1.1 compliance test suite: http://www.simplecloud.info/

[5] - Working with WSO2 IS SCIM API: https://docs.wso2.com/display/IS530/SCIM+APIs

Possible Mentor/s

Omindu Rathnaweera ( omindu AT wso2 DOT com)

Gayan Gunawardana (gayan AT wso2 DOT com)

Darshana Gunawardana ( darshana AT wso2 DOT com)

Proposal 22: [Platform Security] Security Testing as a Service with Docker Containerization

Description

When it is needed to perform a security testing (dynamic and static) on an application by a developer/tester, the required tools should be locally setup and properly configured before running the tests. This is often required by many developers duplicating the effort. In addition to that, this is error prone where if someone misconfigured the tool, the required strength would not be achieved when detecting vulnerabilities.

In this project, the security testing tools used for dynamic and static security testing will be created as preconfigured docker images. Then the developers/testers can simply pull the image of the security tool and run a container from it for performing security testing.

In addition to that, above functionality should be integrated as a cloud service providing an application for performing security testing. The end users of the application should be able to simply provide the source ( project source code, product etc.) and select appropriate security tests and run where in the backend, it would run the security testing tools as docker containers and produce vulnerability reports to the end user. This way, even the user does not have experience or knowledge in security testing, still the testing can be done with the required level of strength, improving the usability of security testing.

Deliverables

Docker Images for security testing tools (OWASP Dependency Check, OWASP ZAP, FindSecBugs)
Cloud based security testing service implementation
Front end application for consuming the cloud service
Documentation (Architecture, Developer, User, Tester)

Skills Needed

Programming with Java (JSP, Servlets, JAX-RS)
Familiarity with Apache Maven
Experience in Web Services (SOAP, REST)
Knowledge in Security Testing Tools (OWASP Dependency Check, OWASP ZAP, FindSecBugs)
Knowledge in Docker and Container based development
Bash shell scripting
Puppet

References

[1] Static Code Analysis with FindSecBugs : http://www.securityinternal.com/2016/06/static-code-analysis-for-java-using.html

[2] Vulnerability Detection on 3rd Party Components : http://www.securityinternal.com/2016/10/owasp-dependency-check-cli-analyzing.html

[3] Dynamic Security Analysis and Automation: https://medium.com/@PrakhashS/automating-security-testing-of-web-applications-using-owasp-zed-attack-proxy-in-jenkins-aa0f9eafdcba#.wqmci8iyv

Possible Mentor/s

Tharindu Edirisinghe (tharindue AT wso2 DOT com)

Ayoma Wijethunga (ayoma AT wso2 DOT com)

Prakhash Sivakumar (prakhash AT wso2 DOT com)

Kasun De Silva (kasuns AT wso2 DOT com)

Nadeeshani Pathirennehelage (nadeeshanip AT wso2 DOT com)

Proposal 23: [IS] WS-Trust Implementation for IS 6.0.0 using Apache CXF Library

Description

WSO2 Identity Server 5.3.0 supports WS-Trust specification using Axis2/Rampart stack. In WSO2 Identity Server 6.0.0, WSO2 has made the decision to move away from Axis2 as a core library of its platform including the Identity Server product. Which means SOAP protocol will not be used in any of the internals of the Identity Server. However one of the key features of the Identity Server when it comes to protecting SOAP endpoints is the capability to function as a Security Token Service (STS). Since we won't be able to use Rampart module anymore with Axis2, the alternative we find is Apache CXF which also supports WS-Trust.

The objective of this project would be to implement WS-Trust specification for the WSO2 Identity Server 6.0.0 by simply integrating with Apache CXF.

Deliverables

Implementation of 'WS-Trust' in WSO2 Identity Server 6.0.0
Test automation for the implementation
Documentation (For Devs and Users)

Skills Needed

Java
Maven
Github
Ability to read and understand specifications
Ability to understand written code

References

[1] - WS-Trust 1.4 Specification: http://docs.oasis-open.org/ws-sx/ws-trust/v1.4/ws-trust.html

[2] - Apache CXF: http://cxf.apache.org/docs/ws-trust.html

Possible Mentor/s

Johann Nallathamby (johann AT wso2 DOT com)

Dhanushka Fernando (danushkaf AT wso2 DOT com)

Kasun Gajasinghe (kasung AT wso2 DOT com)

Proposal 24: [Analytics] Real-Time Machine Learning Toolkit for Siddhi

Description

The goal of the project is to write a Siddhi extension for real-time machine learning. It is a well-known fact that training (as well as predicting) machine learning algorithms are expensive in terms of time and computing resources. However, most algorithms can be adapted to make them online, even though the standard implementations may not support it. So the idea of this project is to implement few (such as Perceptron, SVM, Nearest Neighbor, and Naive Bayes) machine learning algorithms which are suitable for streaming data inside the Siddhi. Following are some key work items.

Algorithms should be able to train using Stochastic Gradient Descent (or an appropriate online optimization algorithm).
Performance (both predictive and running time) of your implementation should be demonstrated using well-known streaming datasets.

Deliverables

Source code (including unit tests), documentation, and samples

Skills Needed

Java
WSO2 CEP Server
Basic Machine Learning knowledge

References

[1] - Mining of Massive Datasets (Chapter 12) http://infolab.stanford.edu/~ullman/mmds/book.pdf

[2] - Stochastic Gradient Descent https://en.wikipedia.org/wiki/Stochastic_gradient_descent

[3] - The Huller: a simple and efficient online SVM http://citeseerx.ist.psu.edu/viewdoc/download?doi=10.1.1.105.8314&rep=rep1&type=pdf

Possible Mentor/s

Upul Bandara (upul AT wso2 DOT com)

Sriskandarajah Suhothayan (suho AT wso2 DOT com)

Proposal 25: Non-Occurrence of Events for Siddhi Patterns

Description

The current Siddhi[2] patterns allow identifying the patterns that present.

See an example:

from every e1=Stream1[price>20] -> e2=Stream2[price>e1.price] within 1 sec

select e1.symbol as symbol1, e2.symbol as symbol2

insert into OutputStream;

Detecting the absence of a pattern is not natively supported by Siddhi patterns for the moment. In other words, identifying event_a not followed by event_b within 2 minutes is not possible using the current patterns implementation (Note that a time frame is required otherwise we have to wait for infinite time to say event_b has not arrived). The current workaround [1] to detect non-delivered items is shown below:

from arrivals_stream#window.time(2 minutes)

select *

insert expired events into overdue_deliveries_stream;

from every arrivalEvent = arrivals_stream ->

deliveryEvent = deliveries_stream[arrivalEvent.trackingId == trackingId]

or overdue_delivery = overdue_deliveries_stream[arrivalEvent.trackingId == trackingId]

select arrivalEvent.trackingId as trackingId, arrivalEvent.customerName as customerName, arrivalEvent.telephoneNo as telephoneNo, deliveryEvent.trackingId as deliveryId

insert into filter_stream;

from filter_stream [ (deliveryId is null)]

select trackingId, customerName, telephoneNo

insert into alert_stream;

This solution requires a time window and it is inefficient if we are interested only on one occurrence of such a pattern (In other words same query without every keyword). Further, the query is more complex and not user-friendly.

If we provide patterns to detect absence of patterns, the above query can be rewritten as below:

from every arrivalEvent = arrivals_stream -> (not deliveries_stream[arrivalEvent.trackingId == trackingId] within 2 min )

select arrivalEvent.trackingId as trackingId, arrivalEvent.customerName as customerName, arrivalEvent.telephoneNo as telephoneNo

insert into alert_stream;

As you can see, we can use the existing language components like not & within. This can be achieved by extending the existing StreamPreStateProcessors and StreamPostStateProcessors with an internal timer so that they can expire their internal list of events based on the time limit. It is somewhat similar to time windows but the processor can turn off the timer and ignore the events if it is a one-time pattern detection.

[1] https://docs.wso2.com/display/CEP400/Sample+0111+-+Detecting+non-occurrences+with+Patterns