Thanks for your feedback.
We have a working PoC for API Scanner and Creator. I will go through
this extension and try to improve my implementation.
For the Gateway part we have planed to use tomcat valve. But we can look
into the possible options and come with a better solution.
We are using reflections library to scan annotation. This library
provide facility to scan custom annotations, param annotations and return
type. So creating documentation can be supported.
Thanks and regards
On Thu, Sep 15, 2016 at 12:51 AM, Ayyoob Hamza <ayy...@wso2.com> wrote:
> Hi Senthalan,
> We currently have this capability in EMM/IoTS. However API creator part is
> tightly coupled with api manager features.
>  API Scanner and Creator : https://github.com/wso2/
>  Gateway: This either can use api manager gateway and do a JWT
> validation or Use the tomcat valve and do the authorization as you
> described - https://github.com/wso2/carbon-device-mgt/tree/master/
> Just wanted to add some other features that we can support as a future
> requirement is to support swagger annotation. Which is to read and publish
> along with the api. This way we could create the documentation in store.
> *Ayyoob Hamza*
> *Software Engineer*
> WSO2 Inc.; http://wso2.com
> email: ayy...@wso2.com cell: +94 77 1681010 <%2B94%2077%207779495>
> On Thu, Sep 8, 2016 at 12:20 PM, Senthalan Kanagalingam <
> sentha...@wso2.com> wrote:
>> Hi all,
>> Publishing APIs into APIM from Tomcat based AS 6.0 - Architecture
>> The idea of the above is to automatically create APIs from the deployed
>> web apps in AS and publish them into the API Publisher. Publishing APIs
>> automatically makes it easier for webapp developers on Tomcat to use APIM
>> easier. Right now, the users has to manually create Managed APIs for their
>> REST-ful web apps.
>> As part of this effort, the API gateway will be included within Tomcat
>> based AS itself. This is used to validate whether the request from that end
>> user have permission to access that API. So the AS will have an integrated
>> API gateway to validate.
>> The api everywhere for AS 6.0 have 3 main components,
>> API Scanner
>> API Creator
>> Integrated API gateway
>> API Scanner component will scan the deployed web app and create APIs. In
>> web app deployment time the API scanner will scan the annotations and
>> configurations and generate APIs and API informations.
>> API Creator will publish the APIs into API Publisher. For that user have
>> to provide the “clientId” and “clientSecret” of OAuth 2.0. Access token
>> will be request from the APIM Key manager. Then using that access token the
>> generated APIs will be published into APIM. The API will be in the
>> “CREATED” state, the webapp developers can edit and publish as their wish.
>> API Creator will be a running on new thread to reduce the web app startup
>> Integrated API gateway will intercept the request into AS. The access
>> token of the request will be validated with APIM key manager. If the token
>> have the right to access the web app, the request will be passed or
>> otherwise an exception will be thrown to the end user.
>> Until now implementation of API Scanner and API Creator are completed and
>> working PoC is available.
>> We have to decide which information we are going to publish into the API
>> publisher. There are some items like tags, business information and etc
>> which are not compulsory when creating APIs.
>> [image: Inline image 1]
>> Software Engineering Intern,
>> WSO2 Inc.
>> Tel: +94771877466
>> Email: senthalank...@cse.mrt.ac.lk
>> Architecture mailing list
> Architecture mailing list
Software Engineering Intern,
Architecture mailing list