Project Proposals for 2019

Proposal 1: Using Envoy Proxy as a routing engine of the API Microgateway

Description

WSO2 API Microgateway currenly uses Ballerina as the undrelying routing engine. This project is to embedd Envoy proxy as the routing engine for the API Microgateway. We will have to use the underlying authentication, authorization, rate-limiting and observability capabilities of Envoy to make it suitable enough to perform the needs of the Microgateway. A developer should be able to use an Open API Specification (Swagger) file and provided the endpoint of the target services, use the Microgateway tooling capabilities to configure the routing paths of the Envoy proxy. When configured properly, Envoy proxy should be able to validate, rate-limit and monitor (observability) the requests received on the relevant paths and route them to the target service.

Deliverables 

An enhanced version of the WSO2 API Microgateway which is capable of switching between Envoy and Ballerina for the routing of requests.

Skills Needed

Java, Docker, YAML, some knowledge on OAuth2.0, some understanding of Microservices.

References

[1] - Working with the API Microgateway

[2] - https://www.envoyproxy.io/

[3] - https://github.com/wso2/product-microgateway

Possible Mentor/s

Nuwan Dias, Sanjeewa Malalgoda, Pubudu Gunatilaka.

Proposal 2: Building a graceful update model for the Microgateway

Description

The WSO2 API Microgateway has an immutable runtime. Meaning that if an update is made to the interface or any other configuration the microgateway runtime needs to be rebuilt and redeployed. This is not a huge concern for Kubernetes like environments where the infrastructure itself handles this via rolling updates. However for traditional VM based infrastructures it is important to build a mechanism to support graceful updates. When this is implemented, we should have a model where a config/interface change can be deployed on the Microgateway with no downtime. 

Deliverables

A framework for gracefully updating the Microgateway

Skills Needed

Java, Reliable Messaging (JMS), An understanding of Microservices

References

[1] - Working with the API Microgateway

[2] - https://kubernetes.io/docs/tutorials/kubernetes-basics/update/update-intro/

Possible Mentor/s

Nuwan Dias, Harsha Kumara, Bhathiya Jayasekara

Proposal 3: Building APIs for Business Verticals on the WSO2 API Manager

Description

Many popular business verticals now have API templates. Such as for Open Banking, Health Care, Telecommunication, etc. This project is about building a mechanism of selecting a few such business verticals and building the API templates of these APIs. This project also requires to build a mechanism where a process reads the template definitions from a given location and populates the API Management design time and run time with the APIs corresponding to the templates.

Deliverables

An executable set of API templates for a few selected business verticals.

Skills Needed

Java, REST, HTTP, templating

References

[1] - https://wso2.com/solutions/financial/open-banking/

[2] - https://www.programmableweb.com/category/healthcare/api

[3] - https://api.data.gov/

Possible Mentor/s

Nuwan Dias, Thilini Shanika, Kasun Tennakoon.

Proposal 4: Prometheus metrics summary based alerting and API microgateway pod autoscaling

Description

WSO2 API Manager has alerting capabilities based on the WSO2 API Analytics. There are different alert types such as abnormal response time, abnormal backend time, abnormal request counts, abnormal resource access pattern, etc. These alerts are already supported and added in API Manager Analytics. This project is about integration Prometheus with WSO2 API Manager and does the alerting using the Prometheus metric summary for alert types available in WSO2 API Manager. In addition to that, based on the Prometheus metric summary, Kubernetes pods have to autoscale. This can be done by writing policies in Kubernetes for API Microgateway.

Deliverables

Prometheus alerting based artifacts, Autoscaling policies for pod autoscaling based on Prometheus

Skills Needed

Kubernetes, Docker, Prometheus

References

[1] - https://docs.wso2.com/display/AM260/Configuring+APIM+Analytics

[2] - https://docs.wso2.com/display/AM260/Alert+Types

[3] - https://prometheus.io/

[4] - https://kubernetes.io/docs/tasks/run-application/horizontal-pod-autoscale/

Possible Mentor/s

Nuwan Dias, Pubudu Gunatilaka, Fazlan Nazeem.

Proposal 5: Revamping the WSO2 API Manager admin web app

Description

WSO2 API Manager Admin application is used to facilitate the administrative tasks in the API Management duties.The existing API Manager Admin portal has developed using JaggeryJS technology. For the next generation of the API Manager product(Version 3.0), We have been working on a new admin portal application with single page application architecture using React JS framework. This React based web app is still in the development stage and you could find the source code of the app in here[2].

The object of this project is to improve the API Manager admin portal written using React framework to have all the existing feature in the JaggeryJS based admin portal application.

Deliverables

Fully fledged Admin portal application(Single Page) with the features in existing jaggery app.

Skills Needed

JavaScript, ReactJS, Java with some knowledge on OAuth2.0 and some understanding of Microservices.

References

[1] - https://docs.wso2.com/display/AM260/apidocs/admin/

[2] - https://github.com/wso2/carbon-apimgt/tree/master/features/apimgt/org.wso2.carbon.apimgt.admin.feature/src/main/resources/admin

[3] - https://docs.wso2.com/display/AM300/WSO2+API+Manager+Documentation

[4] - https://medium.com/@tmkasun/wso2-api-manager-new-look-27a186bc83d5

Possible Mentor/s

Nuwan Dias, Chanaka Jayasena, Kasun Thennakoon

Proposal 6: Implement UI test for ReactJS based web apps

Description

The current Reactjs based web applications have low test coverage for the React components and other JS modules.So that, The objective of this project is to improve the test coverage of the web applications and setup to run unit and integration tests in the build process. The student will have the freedom to come up with the best approach to implement the unit and integration test for React based web applications.

Deliverables

Introduce a test framework to the web applications and setup to run the test during the web app build process.

Skills Needed

JavaScript, ReactJS, Jest, with some knowledge on OAuth2.0.

References

[1] - https://github.com/wso2/product-apim/issues/3892

[2] - https://docs.wso2.com/display/AM300/WSO2+API+Manager+Documentation

[3] - https://medium.com/@tmkasun/wso2-api-manager-new-look-27a186bc83d5

Possible Mentor/s

Nuwan Dias, Chanaka Jayasena, Thilini Shanika

Proposal 7: Visual Studio Code Plugin for Siddhi 

Description

Build a Visual Studio Code Plugin[1] for Siddhi[2] with syntax highlighting, code completion, error reporting.  Siddhi is the complex event processing library we use within WSO2 SP[3]. Siddhi is a SQL like language where you can write queries which can do real-time analysis. You can get yourself familiar with Siddhi language through Siddhi samples[4] and test-cases[5]. Siddhi is based on antlr[6] and grammar file can be found here[7]. 

Deliverables 

• Visual Studio Code Plugin with syntax highlighting, code completion and error reporting

Skills Needed 

• Visual Studio Code Plugin development

References

[1] https://code.visualstudio.com/api

[2] https://github.com/wso2/siddhi

[3] https://wso2.com/analytics-and-stream-processing/

[4] https://github.com/wso2/siddhi/tree/master/modules/siddhi-samples/quick-start-samples

[5] https://github.com/wso2/siddhi/tree/master/modules/siddhi-core/src/main/java/org/wso2/siddhi/core/query

[6] http://www.antlr.org/

[7] https://github.com/wso2/siddhi/blob/master/modules/siddhi-query-compiler/src/main/antlr4/org/wso2/siddhi/query/compiler/SiddhiQL.g4

Possible Mentor/s

Mohan, Suho, NipunaC and Rasika

Proposal 11: WSO2 IS Integration with an Opensource IoT Server 

Description

The idea of this project is to build a real-world IoT device integrated with WSO2 IS for delegated access control using OAuth2. We expect the participant to decide on a problem to be solved with an IoT solution and choose an open source IoT server or framework to build the device. The participant should decide on the way to integrate WSO2 IS with the chosen IoT server and implement the missing parts to complete the integration if required (new APIs, custom modules or extensions).  

Deliverables 

• Select an open source third party IoT Server or Framework (excluding WSO2 IoT Server)

• Get/Build some real IoT device, have APIs to do real work (eg: turn a light on/off)

• Delegate access with WSO2 IS (OAuth2)

• Documentation

• Demo

• Articles

Skills Needed 

• IoT

• Knowledge of delegated access control (OAuth 2)

• REST API

• Understanding product specifications and applying to solve a real-world problem 

• Additional skills depending on the Chosen IoT server and the problem to be solved

References

[1] https://docs.wso2.com/display/IS570/Delegated+Access+Control

[2] https://tools.ietf.org/html/rfc6749 

Possible Mentor/s

Abilashini Thiyagarajah, Ishara Ilangasinghe, Thanuja Jayasinghe

Proposal 12: Anomaly detection for WSO2 IS with an Open source ML/Analytic server

Description

Login, Logout, Token Request, Refresh or any activity data which are generated based on WSO2 IS needs to be fed into an analytics engine. The analytics engine can be selected or can be written from ground up. The analytics engine needs to support microservice architecture.

Implementation can use Markov-Chain, Time-Series analysis, Multi Domain Segmentation or any other model(s) suitable for the purpose.

The system should return a probability (0 to 1) if queries the engine with {User, Activity, Time, and activity data}

The adaptive authentication in WSO2 IS may use this probability to evaluate the current login request whether it needs to be presented to 2nd or 3rd factor.

Token validation in WSO2 IS may use this result while validating or refreshing tokens.

Deliverables 

• User behavior analysis engine (or scripts to be installed to selected analytics server)

• Script to simulate some user behavior, repeated.

• Documentation

Skills Needed 

• Analytics/Data Science

• Basic knowledge on authentication and OAuth 2.0
  

References

[1] https://docs.wso2.com/display/IS570/WSO2+Identity+Server+Documentation

[2] https://docs.wso2.com/display/IS570/Analytics 

Possible Mentor/s

Ashen Weerathunga, Dilin Dampahalage, Tharindu Bandara

Proposal 13: Adaptive Authentication Flow Design UI

Description

WSO2 Identity Server uses JS like scripts to define the adaptive authentication flow. The purpose of this project is to develop a UI based tool where Identity Admins can design the authentication flow by using drag and drop components and providing any required parameters. That will help the Identity admins to define the authentication flow with little or no prior scripting syntax knowledge. And it will also help to present, and understand the flow easily.

The tool at the background should generate or modify the authentication script which is currently used and should do vice versa and update UI based flow if the script is updated directly.

Deliverables 

• UI based tool as mentioned in the description

• Documentation

Skills Needed 

• JS

• UI frameworks

• Java (Optional)

References

[1] https://docs.wso2.com/display/IS570/Adaptive+Authentication

Possible Mentor/s

Senthalan Kanagalingam, Pulasthi Mahawithana

Proposal 14: Biometric Authenticator to integrate with mobile devices

Description

Authenticator to authenticate users using existing biometric hardware(fingerprint, iris) in Mobile devices.

Deliverables 

• Mobile integrable biometric authenticator

• Unit/Integration tests

• A mobile application with an integrated biometric authenticator

• Documentation

• Article

Skills Needed 

• Java

• Knowledge in mobile application development

References

[1] - https://docs.wso2.com/display/IS570/Writing+a+Custom+Local+Authenticator

Possible Mentor/s

Janak Amarasena, Pulasthi Mahawithana

Proposal 15: Support for OIDC Client Initiated Backchannel Authentication Flow

Description

OpenID Connect Client Initiated Backchannel Authentication Flow is an authentication flow like OpenID Connect. However, unlike OpenID Connect, there is direct Relying Party to OpenID Provider communication without redirects through the user's browser. This specification allows a Relying Party that knows the user's identifier to obtain tokens from the OpenID Provider. The user consent is given at the user's Authentication Device mediated by the OpenID Provider.

Deliverables 

• WSO2 IS compliance for CIBA Specification

• Unit/Integration Tests

• Sample application to demonstrate the flow

• Documentation

• Article/Blogs/Screencasts

Skills Needed 

• Java

References

[1] - https://openid.net/specs/openid-client-initiated-backchannel-authentication-core-1_0-02.html

Possible Mentor/s

Farasath Ahamed, Janak Amarasena, Raveen Athapaththu

Proposal 16: Ballerina Eclipse Plugin

Description

Ballerina is a compiled, transactional, statically and strongly typed programming language with textual and graphical syntaxes. The objective of this project is to develop a plugin which can provide the support for Ballerina language in Eclipse. This plugin should be able to use the functionalities already provided by the Ballerina Language Server. Additionally to that, the plugin should also provide a diagram viewer where the plugin users can view the corresponding sequence diagram of the Ballerina codes.

This plugin should provide support for -

• Syntax highlighting

• Code formatting

• Code completion

• Go to definition

• Quick documentation

• Run / Debug

• Semantic analyzing

• Diagram view 

Deliverables

Feature complete plugin distribution which can be installed on Eclipse and can be used by Ballerina developers. 

Skills Needed

Java, Eclipse plugin development knowledge, Familiarity with Language Servers.

References

[1] - https://www.eclipse.org/articles/Article-Your%20First%20Plug-in/YourFirstPlugin.html

[2] - http://www.vogella.com/tutorials/EclipsePlugin/article.html#what-are-run-configurations

[3] - https://www.codeproject.com/Tips/893547/How-to-Create-Your-Own-Eclipse-IDE-Plug-in

[4] - https://langserver.org

[5] - https://microsoft.github.io/language-server-protocol/specification

[6] - https://github.com/ballerina-attic/plugin-eclipse

Possible Mentor/s

Joseph Fonseka, Nadeeshan Gunasinghe, Kavith Lokuhewage, Shan Mahanama.

Proposal 17: Write a BSON Encoder and a Decoder for Ballerina