Skip to main content

Spring Boot

casdoor-spring-boot-example is an example of how to use casdoor-spring-boot-starter in a Spring Boot project. We will guide you through the steps below.

Step 1: Deploy Casdoor

Firstly, Casdoor should be deployed.

You can refer to the Casdoor official documentation for the Server Installation. Please deploy your Casdoor instance in production mode.

After a successful deployment, make sure the following:

  • Open your favorite browser and visit http://localhost:8000. You will see the login page of Casdoor.
  • Test the login functionality by entering admin as the username and 123 as the password.

Now, you can quickly implement a Casdoor-based login page in your own app using the following steps.

Step 2: Import casdoor-spring-boot-starter

You can import the casdoor-spring-boot-starter using Maven or Gradle.

<!-- https://mvnrepository.com/artifact/org.casbin/casdoor-spring-boot-starter -->
<dependency>
<groupId>org.casbin</groupId>
<artifactId>casdoor-spring-boot-starter</artifactId>
<version>1.x.y</version>
</dependency>

Step 3: Initialize Config

Initialization requires 6 string-type parameters in the following order: | Name | Required | Description | | ---------------- | -------- | --------------------------------------------------- | | endpoint | Yes | Casdoor Server URL, such as http://localhost:8000 | | clientId | Yes | Application client ID | | clientSecret | Yes | Application client secret | | certificate | Yes | Application certificate | | organizationName | Yes | Application organization | | applicationName | No | Application name | You can use Java properties or YAML files for initialization.

casdoor.endpoint = http://localhost:8000
casdoor.clientId = <client-id>
casdoor.clientSecret = <client-secret>
casdoor.certificate = <certificate>
casdoor.organizationName = built-in
casdoor.applicationName = app-built-in
caution

Replace the configuration values with your own Casdoor instance, especially the clientId, clientSecret, and jwtPublicKey.

Step 4: Redirect to the Login Page

When you need to authenticate users who access your app, you can send the target URL and redirect to the login page provided by Casdoor. Make sure you have added the callback URL (e.g. http://localhost:8080/login) in the application configuration beforehand.

@Resource
private CasdoorAuthService casdoorAuthService;

@RequestMapping("toLogin")
public String toLogin() {
return "redirect:" + casdoorAuthService.getSigninUrl("http://localhost:8080/login");
}

Step 5: Get Token and Parse

After the Casdoor verification is passed, it will redirect back to your application with the code and state.

You can get the code and call the getOAuthToken method, then parse the JWT token.

CasdoorUser contains the basic information about the user provided by Casdoor. You can use it to set the session in your application.

@RequestMapping("login")
public String login(String code, String state, HttpServletRequest request) {
String token = "";
CasdoorUser user = null;
try {
token = casdoorAuthService.getOAuthToken(code, state);
user = casdoorAuthService.parseJwtToken(token);
} catch (CasdoorAuthException e) {
e.printStackTrace();
}
HttpSession session = request.getSession();
session.setAttribute("casdoorUser", user);
return "redirect:/";
}

Services

Examples of APIs are shown below:

  • CasdoorAuthService
    • String token = casdoorAuthService.getOAuthToken(code, "app-built-in");
    • CasdoorUser casdoorUser = casdoorAuthService.parseJwtToken(token);
  • CasdoorUserService
    • CasdoorUser casdoorUser = casdoorUserService.getUser("admin");
    • CasdoorUser casdoorUser = casdoorUserService.getUserByEmail("admin@example.com");
    • CasdoorUser[] casdoorUsers = casdoorUserService.getUsers();
    • CasdoorUser[] casdoorUsers = casdoorUserService.getSortedUsers("created_time", 5);
    • int count = casdoorUserService.getUserCount("0");
    • CasdoorResponse response = casdoorUserService.addUser(user);
    • CasdoorResponse response = casdoorUserService.updateUser(user);
    • CasdoorResponse response = casdoorUserService.deleteUser(user);
  • CasdoorEmailService
    • CasdoorResponse response = casdoorEmailService.sendEmail(title, content, sender, receiver);
  • CasdoorSmsService
    • CasdoorResponse response = casdoorSmsService.sendSms(randomCode(), receiver);
  • CasdoorResourceService
    • CasdoorResponse response = casdoorResourceService.uploadResource(user, tag, parent, fullFilePath, file);
    • CasdoorResponse response = casdoorResourceService.deleteResource(file.getName());

More Resources

You can explore the following projects/docs to learn more about integrating Java with Casdoor: