Spring Boot

casdoor-spring-boot-example is an example of how to use casdoor-spring-boot-starter in SpringBoot project. We will show you the steps below.

Step1. Deploy Casdoor

Firstly, the Casdoor should be deployed.

You can refer to the Casdoor official documentation for the Server Installation. Please deploy your Casdoor instance in production mode.

After a successful deployment, you need to ensure:

• Open your favorite browser and visit http://localhost:8000, you will see the login page of Casdoor.
• Input admin and 123 to test login functionality is working fine.

Then you can quickly implement a casdoor-based login page in your own app with the following steps.

Step2. Import casdoor-spring-boot-starter

You can import the casdoor-spring-boot-starter with maven or gradle.

Maven

<!-- https://mvnrepository.com/artifact/org.casbin/casdoor-spring-boot-starter -->
<dependency>
    <groupId>org.casbin</groupId>
    <artifactId>casdoor-spring-boot-starter</artifactId>
    <version>1.x.y</version>
</dependency>

Gradle

// https://mvnrepository.com/artifact/org.casbin/casdoor-spring-boot-starter
implementation group: 'org.casbin', name: 'casdoor-spring-boot-starter', version: '1.x.y'

Step3. Init Config

Initialization requires 6 parameters, which are all string type.

Name (in order)	Must	Description
endpoint	Yes	Casdoor Server Url, such as http://localhost:8000
clientId	Yes	Application.client_id
clientSecret	Yes	Application.client_secret
certificate	Yes	Application.certificate
organizationName	Yes	Application.organization
applicationName	No	Application.name

You can use Java properties or YAML files to init as below.

Properties

casdoor.endpoint = http://localhost:8000
casdoor.clientId = <client-id>
casdoor.clientSecret = <client-secret>
casdoor.certificate = <certificate>
casdoor.organizationName = built-in
casdoor.applicationName = app-built-in

YML

casdoor:
  endpoint: http://localhost:8000
  client-id: <client-id>
  client-secret: <client-secret>
  certificate: <certificate>
  organization-name: built-in
  application-name: app-built-in

caution

You should replace the configuration with your own Casdoor instance, especially the clientId, clientSecret and the jwtPublicKey.

Step4. Redirect to the login page

When you need the authentication who access your app, you can send the target url and redirect to the login page provided by Casdoor.

Please be sure that you have added the callback url (e.g. http://localhost:8080/login) in application configuration in advance.

@Resource
private CasdoorAuthService casdoorAuthService;

@RequestMapping("toLogin")
public String toLogin() {
    return "redirect:" + casdoorAuthService.getSigninUrl("http://localhost:8080/login");
}

Step5. Get token and parse

After Casdoor verification passed, it will be redirected to your application with code and state.

You can get the code and call getOAuthToken method, then parse out jwt token.

CasdoorUser contains the basic information about the user provided by Casdoor. You can use it as a keyword to set the session in your application.

@RequestMapping("login")
public String login(String code, String state, HttpServletRequest request) {
    String token = "";
    CasdoorUser user = null;
    try {
        token = casdoorAuthService.getOAuthToken(code, state);
        user = casdoorAuthService.parseJwtToken(token);
    } catch (CasdoorAuthException e) {
        e.printStackTrace();
    }
    HttpSession session = request.getSession();
    session.setAttribute("casdoorUser", user);
    return "redirect:/";
}

Service

Examples of APIs are shown below.

• CasdoorAuthService
  • String token = casdoorAuthService.getOAuthToken(code, "app-built-in");
  • CasdoorUser casdoorUser = casdoorAuthService.parseJwtToken(token);
• CasdoorUserService
  • CasdoorUser casdoorUser = casdoorUserService.getUser("admin");
  • CasdoorUser casdoorUser = casdoorUserService.getUserByEmail("admin@example.com");
  • CasdoorUser[] casdoorUsers = casdoorUserService.getUsers();
  • CasdoorUser[] casdoorUsers = casdoorUserService.getSortedUsers("created_time", 5);
  • int count = casdoorUserService.getUserCount("0");
  • CasdoorResponse response = casdoorUserService.addUser(user);
  • CasdoorResponse response = casdoorUserService.updateUser(user);
  • CasdoorResponse response = casdoorUserService.deleteUser(user);
• CasdoorEmailService
  • CasdoorResponse response = casdoorEmailService.sendEmail(title, content, sender, receiver);
• CasdoorSmsService
  • CasdoorResponse response = casdoorSmsService.sendSms(randomCode(), receiver);
• CasdoorResourceService
  • CasdoorResponse response = casdoorResourceService.uploadResource(user, tag, parent, fullFilePath, file);
  • CasdoorResponse response = casdoorResourceService.deleteResource(file.getName());

What's more

You can explore the following projects/docs to learn more about the integration of Java with Casdoor.

• casdoor-java-sdk
• casdoor-spring-boot-starter
• casdoor-spring-boot-example
• casdoor-spring-security-example
• casdoor-spring-security-react-example
• casdoor-spring-boot-shiro-example