Spring Boot
casdoor-spring-boot-example is an example of how to use casdoor-spring-boot-starter in a Spring Boot project. We will guide you through the steps below.
Step 1: Deploy Casdoor
Deploy Casdoor in production mode. See Server installation. Ensure the server is reachable and you can sign in (e.g. admin / 123).
Step 2: Import casdoor-spring-boot-starter
You can import the casdoor-spring-boot-starter using Maven or Gradle.
- Maven
- Gradle
<!-- https://mvnrepository.com/artifact/org.casbin/casdoor-spring-boot-starter -->
<dependency>
<groupId>org.casbin</groupId>
<artifactId>casdoor-spring-boot-starter</artifactId>
<version>1.x.y</version>
</dependency>
// https://mvnrepository.com/artifact/org.casbin/casdoor-spring-boot-starter
implementation group: 'org.casbin', name: 'casdoor-spring-boot-starter', version: '1.x.y'
Step 3: Initialize Config
Initialization requires 6 string-type parameters in the following order:
| Name | Required | Description |
|---|---|---|
| endpoint | Yes | Casdoor Server URL, such as http://localhost:8000 |
| clientId | Yes | Application client ID |
| clientSecret | Yes | Application client secret |
| certificate | Yes | Application certificate |
| organizationName | Yes | Application organization |
| applicationName | No | Application name |
You can use Java properties or YAML files for initialization.
- Properties
- YML
casdoor.endpoint = http://localhost:8000
casdoor.clientId = <client-id>
casdoor.clientSecret = <client-secret>
casdoor.certificate = <certificate>
casdoor.organizationName = built-in
casdoor.applicationName = app-built-in
casdoor:
endpoint: http://localhost:8000
client-id: <client-id>
client-secret: <client-secret>
certificate: <certificate>
organization-name: built-in
application-name: app-built-in
Replace the configuration values with your own Casdoor instance, especially the clientId, clientSecret, and jwtPublicKey.
Step 4: Redirect to the Login Page
To authenticate users, redirect them to Casdoor’s login page (with the target URL as needed).
Make sure you have added the callback URL (e.g. http://localhost:8080/login) in the application configuration beforehand.
@Resource
private CasdoorAuthService casdoorAuthService;
@RequestMapping("toLogin")
public String toLogin() {
return "redirect:" + casdoorAuthService.getSigninUrl("http://localhost:8080/login");
}
Step 5: Get Token and Parse
After the Casdoor verification is passed, it will redirect back to your application with the code and state.
You can get the code and call the getOAuthToken method, then parse the JWT token.
CasdoorUser contains the basic information about the user provided by Casdoor. You can use it to set the session in your application.
@RequestMapping("login")
public String login(String code, String state, HttpServletRequest request) {
String token = "";
CasdoorUser user = null;
try {
token = casdoorAuthService.getOAuthToken(code, state);
user = casdoorAuthService.parseJwtToken(token);
} catch (CasdoorAuthException e) {
e.printStackTrace();
}
HttpSession session = request.getSession();
session.setAttribute("casdoorUser", user);
return "redirect:/";
}
Services
Examples of APIs are shown below:
- CasdoorAuthService
String token = casdoorAuthService.getOAuthToken(code, "app-built-in");CasdoorUser casdoorUser = casdoorAuthService.parseJwtToken(token);
- CasdoorUserService
CasdoorUser casdoorUser = casdoorUserService.getUser("admin");CasdoorUser casdoorUser = casdoorUserService.getUserByEmail("admin@example.com");CasdoorUser[] casdoorUsers = casdoorUserService.getUsers();CasdoorUser[] casdoorUsers = casdoorUserService.getSortedUsers("created_time", 5);int count = casdoorUserService.getUserCount("0");CasdoorResponse response = casdoorUserService.addUser(user);CasdoorResponse response = casdoorUserService.updateUser(user);CasdoorResponse response = casdoorUserService.deleteUser(user);
- CasdoorEmailService
CasdoorResponse response = casdoorEmailService.sendEmail(title, content, sender, receiver);
- CasdoorSmsService
CasdoorResponse response = casdoorSmsService.sendSms(randomCode(), receiver);
- CasdoorResourceService
CasdoorResponse response = casdoorResourceService.uploadResource(user, tag, parent, fullFilePath, file);CasdoorResponse response = casdoorResourceService.deleteResource(file.getName());
More Resources
You can explore the following projects/docs to learn more about integrating Java with Casdoor: