Spring Cloud Gateway
Le casdoor-springcloud-gateway-example est un exemple de comment utiliser le casdoor-spring-boot-starter comme plugin OAuth2 dans Spring Cloud Gateway. Les étapes à suivre sont décrites ci-dessous.
Étape 1 : Déployer Casdoor
Deploy Casdoor in production mode. See Server installation. Ensure the server is reachable and you can sign in at the login page (e.g. admin / 123).
Étape 2 : Initialiser un Spring Cloud Gateway
Use the example code as-is or adapt it to your application.
Vous avez besoin d'un service de passerelle et d'au moins un service métier. Dans cet exemple, casdoor-gateway est le service de passerelle et casdoor-api est le service métier.
Étape 3 : Inclure la dépendance
Ajoutez la dépendance casdoor-spring-boot-starter à votre projet Spring Cloud Gateway.
Pour Apache Maven :
<!-- https://mvnrepository.com/artifact/org.casbin/casdoor-spring-boot-starter -->
<dependency>
<groupId>org.casbin</groupId>
<artifactId>casdoor-spring-boot-starter</artifactId>
<version>1.x.y</version>
</dependency>
Pour Gradle :
// https://mvnrepository.com/artifact/org.casbin/casdoor-spring-boot-starter
implementation group: 'org.casbin', name: 'casdoor-spring-boot-starter', version: '1.x.y'
Étape 4 : Configurer vos propriétés
L'initialisation nécessite 6 paramètres, tous de type chaîne de caractères.
| Nom (dans l'ordre) | Requis | Description |
|---|---|---|
| endpoint | Oui | URL du serveur Casdoor, comme http://localhost:8000 |
| clientId | Oui | Application.client_id |
| clientSecret | Oui | Application.client_secret |
| certificate | Oui | Application.certificate |
| organizationName | Oui | Application.organization |
| applicationName | Non | Application.name |
Initialize these parameters via Java properties or YAML.
Pour les propriétés :
casdoor.endpoint=http://localhost:8000
casdoor.clientId=<client-id>
casdoor.clientSecret=<client-secret>
casdoor.certificate=<certificate>
casdoor.organizationName=built-in
casdoor.applicationName=app-built-in
Pour YAML :
casdoor:
endpoint: http://localhost:8000
client-id: <client-id>
client-secret: <client-secret>
certificate: <certificate>
organization-name: built-in
application-name: app-built-in
Configure gateway routing as well. Pour YAML :
spring:
application:
name: casdoor-gateway
cloud:
gateway:
routes:
- id: api-route
uri: http://localhost:9091
predicates:
- Path=/api/**
Étape 5 : Ajouter le CasdoorAuthFilter
Ajoutez une classe d'implémentation de l'interface GlobalFilter à la passerelle pour la vérification de l'identité, comme le CasdoorAuthFilter utilisé dans cet exemple.
Si l'authentification échoue, elle renvoie un code d'état 401 au frontend pour les rediriger vers l'interface de connexion.
@Component
public class CasdoorAuthFilter implements GlobalFilter, Ordered {
private static final Logger LOGGER = LoggerFactory.getLogger(CasdoorAuthFilter.class);
@Override public int getOrder() {
return 0;
}
@Override public Mono<Void> filter(ServerWebExchange exchange, GatewayFilterChain chain) {
return exchange.getSession().flatMap(webSession -> {
CasdoorUser user = webSession.getAttribute("casdoorUser");
if (user != null) {
return chain.filter(exchange);
}
ServerHttpResponse response = exchange.getResponse();
response.setStatusCode(HttpStatus.UNAUTHORIZED);
response.getHeaders().add("Content-Type", "application/json");
return response.setComplete();
});
}
}
Étape 6 : Obtenir le Service et l'utiliser
Maintenant, fournissez 5 services : CasdoorAuthService, CasdoorUserService, CasdoorEmailService, CasdoorSmsService, et CasdoorResourceService.
Create them in the Gateway project as follows.
@Resource
private CasdoorAuthService casdoorAuthService;
When the app requires authentication, redirect to Casdoor's login page with the target URL.
Add the callback URL (e.g. http://localhost:9090/callback) to the Casdoor application in advance.
@RequestMapping("login")
public Mono<String> login() {
return Mono.just("redirect:" + casdoorAuthService.getSigninUrl("http://localhost:9090/callback"));
}
After Casdoor verifies the user, the app is redirected back with a code and state; use the code and getOAuthToken to obtain the JWT.
CasdoorUser holds the user info from Casdoor; use it to establish the session in your app.
@RequestMapping("callback")
public Mono<String> callback(String code, String state, ServerWebExchange exchange) {
String token = "";
CasdoorUser user = null;
try {
token = casdoorAuthService.getOAuthToken(code, state);
user = casdoorAuthService.parseJwtToken(token);
} catch(CasdoorAuthException e) {
e.printStackTrace();
}
CasdoorUser finalUser = user;
return exchange.getSession().flatMap(session -> {
session.getAttributes().put("casdoorUser", finalUser);
return Mono.just("redirect:/");
});
}
Des exemples des API sont montrés ci-dessous.
- CasdoorAuthService
String token = casdoorAuthService.getOAuthToken(code, "app-built-in");CasdoorUser casdoorUser = casdoorAuthService.parseJwtToken(token);
- CasdoorUserService
CasdoorUser casdoorUser = casdoorUserService.getUser("admin");CasdoorUser casdoorUser = casdoorUserService.getUserByEmail("admin@example.com");CasdoorUser[] casdoorUsers = casdoorUserService.getUsers();CasdoorUser[] casdoorUsers = casdoorUserService.getSortedUsers("created_time", 5);int count = casdoorUserService.getUserCount("0");CasdoorResponse response = casdoorUserService.addUser(user);CasdoorResponse response = casdoorUserService.updateUser(user);CasdoorResponse response = casdoorUserService.deleteUser(user);
- CasdoorEmailService
CasdoorResponse response = casdoorEmailService.sendEmail(title, content, sender, receiver);
- CasdoorSmsService
CasdoorResponse response = casdoorSmsService.sendSms(randomCode(), receiver);
- CasdoorResourceService
CasdoorResponse response = casdoorResourceService.uploadResource(user, tag, parent, fullFilePath, file);CasdoorResponse response = casdoorResourceService.deleteResource(file.getName());
Étape 7 : Redémarrer le projet
After starting the project, open your favorite browser and visit http://localhost:9090. Ensuite, cliquez sur n'importe quel bouton qui demande des ressources de casdoor-api.
The gateway triggers auth; unauthenticated users are redirected to the login page. Click Login.
The Casdoor login page is shown.
After login, you are redirected to the main interface; you can proceed to use the app.
Qui plus est
For more on Java integration, see the following projects and docs.