Documentation
¶
Overview ¶
Package casdoor adapts the official Casdoor Go SDK to Kernel authn contracts.
Index ¶
- Constants
- type AdminConfig
- type Client
- func (c *Client) AssignUserToGroup(ctx context.Context, req authn.AssignUserToGroupRequest) error
- func (c *Client) Authenticate(ctx context.Context, credential authn.Credential) (authn.Principal, error)
- func (c *Client) BuildLoginURL(ctx context.Context, req authn.LoginURLRequest) (authn.LoginURL, error)
- func (c *Client) CreateApplication(ctx context.Context, req authn.CreateApplicationRequest) (authn.Application, error)
- func (c *Client) CreateGroup(ctx context.Context, req authn.CreateGroupRequest) (authn.Group, error)
- func (c *Client) CreateOrganization(ctx context.Context, req authn.CreateOrganizationRequest) (authn.Organization, error)
- func (c *Client) DeleteApplication(ctx context.Context, req authn.DeleteApplicationRequest) error
- func (c *Client) DeleteGroup(ctx context.Context, req authn.DeleteGroupRequest) error
- func (c *Client) DeleteOrganization(ctx context.Context, req authn.DeleteOrganizationRequest) error
- func (c *Client) DisableUser(ctx context.Context, orgID, userID string) error
- func (c *Client) ExchangeCode(ctx context.Context, req authn.AuthCodeExchangeRequest) (authn.TokenSet, authn.Principal, error)
- func (c *Client) FindUsers(ctx context.Context, filter authn.UserFilter) ([]authn.User, error)
- func (c *Client) GetApplication(ctx context.Context, orgID, appID string) (authn.Application, error)
- func (c *Client) GetGroup(ctx context.Context, orgID, groupID string) (authn.Group, error)
- func (c *Client) GetIdentityProfile(ctx context.Context, req authn.IdentityProfileRequest) (authn.IdentityProfile, error)
- func (c *Client) GetOrganization(ctx context.Context, orgID string) (authn.Organization, error)
- func (c *Client) GetUser(ctx context.Context, orgID, userID string) (authn.User, error)
- func (c *Client) HandleCallback(ctx context.Context, req authn.CallbackRequest) (authn.CallbackResult, error)
- func (c *Client) ListGroups(ctx context.Context, filter authn.GroupFilter) ([]authn.Group, error)
- func (c *Client) RefreshToken(ctx context.Context, req authn.RefreshTokenRequest) (authn.TokenSet, error)
- func (c *Client) RemoveUserFromGroup(ctx context.Context, req authn.AssignUserToGroupRequest) error
- func (c *Client) RevokeToken(ctx context.Context, req authn.RevokeTokenRequest) error
- func (c *Client) SigninURL(redirectURI string) string
- func (c *Client) SignupURL(enablePassword bool, redirectURI string) string
- func (c *Client) UpdateApplication(ctx context.Context, req authn.UpdateApplicationRequest) (authn.Application, error)
- func (c *Client) UpdateGroup(ctx context.Context, req authn.UpdateGroupRequest) (authn.Group, error)
- func (c *Client) UpdateOrganization(ctx context.Context, req authn.UpdateOrganizationRequest) (authn.Organization, error)
- func (c *Client) UpsertUser(ctx context.Context, user authn.User) (authn.User, error)
- func (c *Client) VerifyToken(ctx context.Context, req authn.VerifyTokenRequest) (authn.Principal, error)
- type Config
Constants ¶
const ProviderName = "casdoor"
Variables ¶
This section is empty.
Functions ¶
This section is empty.
Types ¶
type AdminConfig ¶
type AdminConfig struct {
Enabled bool `json:"enabled" yaml:"enabled"`
OrganizationName string `json:"organization_name" yaml:"organization_name"`
ApplicationName string `json:"application_name" yaml:"application_name"`
ClientID string `json:"client_id" yaml:"client_id"`
ClientSecret string `json:"client_secret" yaml:"client_secret"`
JWTCertificate string `json:"jwt_certificate" yaml:"jwt_certificate"`
JWTCertificateFile string `json:"jwt_certificate_file" yaml:"jwt_certificate_file"`
// Certificate is kept as a backward-compatible alias for JWTCertificate.
Certificate string `json:"certificate" yaml:"certificate"`
}
AdminConfig is the Casdoor credential set for management APIs. In production this should normally be a dedicated admin application with narrowly scoped permissions instead of the public login application.
type Client ¶
type Client struct {
// contains filtered or unexported fields
}
Client implements authn.Authenticator, authn.TokenService and authn.IdentityAdmin using Casdoor's official Go SDK.
func (*Client) AssignUserToGroup ¶
func (*Client) Authenticate ¶
func (*Client) BuildLoginURL ¶
func (c *Client) BuildLoginURL(ctx context.Context, req authn.LoginURLRequest) (authn.LoginURL, error)
BuildLoginURL returns a Casdoor hosted login URL through Kernel's provider- neutral LoginService contract. Callers should not import or call the Casdoor SDK directly.
func (*Client) CreateApplication ¶
func (c *Client) CreateApplication(ctx context.Context, req authn.CreateApplicationRequest) (authn.Application, error)
func (*Client) CreateGroup ¶
func (*Client) CreateOrganization ¶
func (c *Client) CreateOrganization(ctx context.Context, req authn.CreateOrganizationRequest) (authn.Organization, error)
func (*Client) DeleteApplication ¶
func (*Client) DeleteGroup ¶
func (*Client) DeleteOrganization ¶
func (*Client) DisableUser ¶
func (*Client) ExchangeCode ¶
func (*Client) GetApplication ¶
func (*Client) GetIdentityProfile ¶
func (c *Client) GetIdentityProfile(ctx context.Context, req authn.IdentityProfileRequest) (authn.IdentityProfile, error)
func (*Client) GetOrganization ¶
func (*Client) HandleCallback ¶
func (c *Client) HandleCallback(ctx context.Context, req authn.CallbackRequest) (authn.CallbackResult, error)
HandleCallback exchanges the authorization code and verifies the resulting token through Kernel authn contracts. It also validates state when an ExpectedState is provided.
func (*Client) ListGroups ¶
func (*Client) RefreshToken ¶
func (*Client) RemoveUserFromGroup ¶
func (*Client) RevokeToken ¶
func (*Client) SigninURL ¶
SigninURL is kept as a convenience alias for existing integrations. New code should prefer BuildLoginURL via the authn.LoginService interface.
func (*Client) SignupURL ¶
SignupURL returns the Casdoor hosted signup URL for the configured login application. Signup is provider-specific for now and intentionally not part of the core authn.LoginService contract.
func (*Client) UpdateApplication ¶
func (c *Client) UpdateApplication(ctx context.Context, req authn.UpdateApplicationRequest) (authn.Application, error)
func (*Client) UpdateGroup ¶
func (*Client) UpdateOrganization ¶
func (c *Client) UpdateOrganization(ctx context.Context, req authn.UpdateOrganizationRequest) (authn.Organization, error)
func (*Client) UpsertUser ¶
func (*Client) VerifyToken ¶
type Config ¶
type Config struct {
Endpoint string `json:"endpoint" yaml:"endpoint"`
OrganizationName string `json:"organization_name" yaml:"organization_name"`
ApplicationName string `json:"application_name" yaml:"application_name"`
ClientID string `json:"client_id" yaml:"client_id"`
ClientSecret string `json:"client_secret" yaml:"client_secret"`
// JWTCertificate is the PEM public certificate used by Casdoor SDK to verify
// JWT access/id tokens signed by the Casdoor application cert.
JWTCertificate string `json:"jwt_certificate" yaml:"jwt_certificate"`
JWTCertificateFile string `json:"jwt_certificate_file" yaml:"jwt_certificate_file"`
// Certificate is kept as a backward-compatible alias for JWTCertificate.
// Prefer jwt_certificate or jwt_certificate_file in new configs.
Certificate string `json:"certificate" yaml:"certificate"`
Admin AdminConfig `json:"admin" yaml:"admin"`
HTTPClient *http.Client `json:"-" yaml:"-"`
Timeout time.Duration `json:"timeout" yaml:"timeout"`
// Logger is the component logger. If nil, casdoor uses logx.DefaultLogger().
Logger logx.Logger `json:"-" yaml:"-"`
// Metrics is the optional metrics manager for Casdoor backend HTTP calls.
Metrics metricsx.Manager `json:"-" yaml:"-"`
// MetricsEnabled controls whether Casdoor backend calls record metrics.
MetricsEnabled bool `json:"metrics_enabled" yaml:"metrics_enabled"`
}
Config contains Casdoor application configuration used by the SDK.
The top-level fields describe the login/OIDC application that exchanges authorization codes and verifies user tokens. Admin describes the optional management application used for provisioning users, organizations, applications and groups.