WSO2 Identity Server authentication from C Library

Brief:
The project is to develop a C library where an application program will be able to call library method(s) to
check authentication from WSO2 Identity Server.

Details Requirement Specifications

1. Basic Input/Output:

Develop a library method which will take WSO2 Identity and will return success/failure
 Input: WSO2 Identity
 Output: Success/Failure
 If the result is success, method will provide a randomly (32 bytes) generated token back
to the calling program.
Query: There are two values to be returned to calling program. A) success/failure B)Token. Now,
how would you like to get return two values? It may be some formatted string (like JSON/XML
formatted) so that calling program will parse the string and get the result. Also, the result may
be either blank or a 32 bytes token, so that calling program will understand that if it is blank
then result is failure else success. Please advise on this.

2. Method implementation:

 Check whether the user has requested authentication within last 30 minutes or not.
 If yes, A) Immediately return a randomly generated token (32 bytes) B) Override the old
token C) No actual verification against the server.
 If no, A) Verify the authentication from WSO2 Identity Server B) Check whether
authentication corrects or not. C) If correct, generate token (32 bytes) and return to
calling program. D) If it is incorrect, return failure (or blank TBD).
 If Library could not get response from provided WSO2 Server(as example, no network on
that time), return will be failure.

A scheduler will run in the program, which will check whether a user has requested
authentication check before 30 minutes. If so, the user and his token will be removed.
So, when a request comes to library, it will check in the program memory(list)
3. Memory Management:

The program will store following data for a user

o Unique user ID
 o Token
o Last request timestamp

Query: Whether, all requests should be stored or not such as when a user has not requested for 30
minutes, it is not required to store in memory? If so, scheduler logic will be changed accordingly.

4. Documentation
 Document for the method implemented in Library
 How to use
 Return details

Query:

 Platform: As per my understanding, it will run on Unix/Linux platform

 Library format: Whether it will be static (.a) or dynamic(.so)?
 Source Code: Whether I have to deliver the source code also or not?
 WSO2 Server: Whether any WSO2 server will be provided or I have to setup my own
WSO2 server locally?

Estimation:

Task Hours
Understanding WSO2 Server and API's 16
Setup WSO2 Server locally 12
Library Structure Development 12
Memory Structure Development 4
Method Implementation 12
Sample Program 8
QA 12
Documentation 8

Total: 84 hours

If WSO2 Server will be provided to me, yellow marked time will be reduced.