Last Updated: Jan. 2014 Abimaran Kugathasan & Amila De Silva Extensible API Management WSO2 API Manager Team
Extensible Api Management with WSO2 API Manager
Jul 16, 2015
Welcome message from author
This document is posted to help you gain knowledge. Please leave a comment to let me know what you think about it! Share it to your friends and learn new things together.
Transcript
Last Updated: Jan. 2014
Abimaran Kugathasan & Amila De Silva
Extensible API Management
WSO2 API Manager Team
**
About the Presenters!๏ Amila joined WSO2 in September 2012. He is a
senior software engineer in the WSO2 API Manager team. In addition to his product deve lopment e f fo r t s he has p rov ided development support and technology consulting on customer engagements, including customer QuickStart programs.
!๏ Abimaran in a Software Engineer at WSO2. Prior
to joining WSO2, Abimaran worked at hSenid Mobile Solutions as a Software Engineer where he played a key role in hSenid's Service Delivery Platform and some other products. He holds a b a c h e l o r ' s d e g r e e i n E l e c t r o n i c a n d Telecommunication Engineering from University of Peradeniya and he is a Oracle Certified Java Developer and Oracle Certified Web Component Developer.
*
About WSO2
*
๏ Global enterprise, founded in 2005 by acknowledged leaders in XML, web services technologies, standards and open source
๏ Provides only open source platform-as-a-service for private, public and hybrid cloud deployments
๏ All WSO2 products are 100% open source and released under the Apache License Version 2.0.
๏ Is an Active Member of OASIS, Cloud Security Alliance, OSGi Alliance, AMQP Working Group, OpenID Foundation and W3C.
๏ Driven by Innovation
๏ Launched first open source API Management solution in 2012
๏ Launched App Factory in 2Q 2013
๏ Launched Enterprise Store and first open source Mobile solution in 4Q 2013
**
What WSO2 delivers
*
It’s easy to start, but then...
๏ Exposing business Assets as APIs is easy
๏ API Management platforms are a top trend
๏ With cloud, you can quickly turn your ideas into money
๏ Change is a must
๏ As the users gather new-requirements come up
๏ New features must be introduced to attract more users
๏ A business needs different support services
๏ All the services cannot be homemade
๏ Different entities have expertise on different areas
๏ Integrating with external systems paves a path to use those expertise
*
Extension Points in API Manager
● Using Federated Authenticators ● Mediation Extension
● Modifying in/out flow to orchestrate services ● Customizing fault messages ● Changing message types
● Extending Grant types ● Extending Workflows ● Customizing Publisher/Store !!
*
Story of Alice & DailyQuotes!
๏ Alice has a huge collection of Quotes ๏ She thinks of categorising and hosting them ๏ DailyQuotes is the hosted service
๏ She thinks of going public with this ๏ WSO2 API Manager helps her to throttle and secure API calls. ๏ App Developers register in the Store and create Apps ๏ Only a handful of developers care to Sign-up with the Store
๏ Alice consults Bob ๏ Bob finds that her FB marketing attracts lot of users into the Store ๏ But lot of users are reluctant to Signup with the Store ๏ Bob suggests to provide different login options
๏ Then Alice gets to know about Federated Authentication Support ๏ Enable SSO between API Manager and IS ๏ Use IS for different Authentication options ๏ Use JIT Provisioning to grant necessary privileges to log into Store
*
IS as a Federation Hub
*
Now DailyQuotes receives more hits...
๏ Alice wants to expand her Business Further
๏ Bob finds out that calls are only coming from English speaking regions
๏ If these quotes can be translated, perhaps more calls can be attracted
๏ Bob suggests Alice to translate quotes to different languages
๏ Alice doesn’t like changing existing Daily Quotes service
๏ She finds a service which can translate the Quotes for her.
๏ Instead changing the Backend she can use this service to translate Quotes
๏ Then she reads about Mediation Extensions
๏ Using the Mediation extension the translate Service is called
๏ The response is modified before it’s sent to the client.
*
Use of Mediation Extensions...
๏ Change incoming/outgoing messages ๏ Change the format of a request/response ๏ Location based dispatching ๏ Customise Error messages. ๏ Service Orchestration
*
Now comes more Apps…
๏ Life goes by, everyone is happy using DailyQuotes service ๏ There are many Apps written using DailyQuotes API ๏ Users have to obtain a token before invoking the API ๏ They have to use username password or an online identity to obtain
a token ๏ Then a major Telecom provider contacts Alice
๏ They are going to develop an app using DailyQuotes ๏ But the App uses SIM no (MSISDN) rather than username ๏ They need to exchange a token for the MSISDN
๏ They can provide a service to validate authenticity of an MSISDN ๏ Alice tries to find a grant type that she can use for this ๏ None of the existing four grant types match this requirement as it
is. ๏ Then she gets to know about writing new grant types.
*
Flow of Password grant type
*
Flow of the Extended Grant Type...
*
Workflow Extensions๏ Can be used for API Governance, Auditing, etc ๏ Workflows can be configured for Application
Creation, Registration, Subscription, User SignUp ๏ As Alice business got expanded, she wants to make
money out her API ๏ She wrote a custom workflow extension, which
allows only paid clients to invoke her API
*
Workflow Extensions…
*
Workflow Extensions…๏ User of the API should pay in advance to use Alice’s API ๏ Alice’s Workflow will check whether user had paid for her API subscriptions ๏ In future Alice will extend this future to direct a payment gateway and user
can pay through that payment gateway ๏ Extend public abstract class WorkflowExecutor class, each workflow executor
should extends this class ๏ Subscription Workflow web service Executor
SubscriptionCreationWSWorkflowExecutor ๏ Override following methods ๏ public void execute(WorkflowDTO workflowDTO) - handle logic of the
workflow ๏ public void complete(WorkflowDTO workflowDTO) - handle workflow
completion logic ๏ public abstract String getWorkflowType() - return type of workflow, ex
AM_SUBSCRIPTION_CREATION ๏ public List<WorkflowDTO> getWorkflowDetails(String workflowStatus) - used
to get workflow details
*
!!<WorkFlowExtensions> <!--SubscriptionCreation executor="org.wso2.carbon.apimgt.impl.workflow.SubscriptionCreationSimpleWorkflowExecutor"/--> <SubscriptionCreation executor="org.wso2.carbon.apimgt.impl.workflow.SubscriptionCreationWSWorkflowExecutor"> <Property name="serviceEndpoint">http://localhost:9765/services/SubscriptionApprovalWorkFlowProcess/</Property> <Property name="username">admin</Property> <Property name="password">admin</Property> <Property name="callbackURL">https://localhost:8243/services/WorkflowCallbackService</Property> </SubscriptionCreation> </WorkFlowExtensions> !๏Different Tenants can add their own tenant specific workflows ๏You can add WSO2 Business Process Server as external workflow
executor as well ๏For more, check our documentation https://docs.wso2.com/
display/AM170/Adding+Workflow+Extensions
Workflow Extensions…
*
Store and Publisher API! !๏ Want to write a custom API Publisher and Store ๏ Store has following REST APIS
‣ Login/Logout ‣ User SignUp ‣ Get All APIs ‣ Published APIs by an Application ‣ Add/Update/Get/Remove Application ‣ Add/List/Remove Subscription ‣ Add API Comment
!๏ Publisher has following REST APIS
‣ Login/Logout ‣ Add/Update APIs ‣ Get/Remove/Copy APIs ‣ Change API status ‣ Add/Update/Remove API Documentation
๏ For more details https://docs.wso2.com/display/AM170/Published+APIs
**
Business Model
Contact us !
Related Documents
