API Gateway engine

This is the gateway engine that is receiving requests from client applications.

The gateway:

Sets a context for the request; this is like a blackboard where we can keep track of the details of each of many possible in-process requests
Verifies “inbound” (client application-to-gateway) security using the authentication server
Obtains the execution plan for the request from the backend service
Passes the (possibly adjusted) request to the target API server
Receives the response from the target API server
Passes the (possibly adjusted) response back to the original calling client application

At any point during processing, we may need to abort the request and return an error response. Finally, we clean up and dispose of the context for the completed request.