casdoor

package
v0.1.11 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Jun 29, 2026 License: MIT Imports: 15 Imported by: 0

Documentation

Overview

Package casdoor adapts the official Casdoor Go SDK to Kernel authn contracts.

Index

Constants

View Source
const ProviderName = "casdoor"

Variables

This section is empty.

Functions

This section is empty.

Types

type AdminConfig

type AdminConfig struct {
	Enabled bool `json:"enabled" yaml:"enabled"`

	OrganizationName string `json:"organization_name" yaml:"organization_name"`
	ApplicationName  string `json:"application_name" yaml:"application_name"`
	ClientID         string `json:"client_id" yaml:"client_id"`
	ClientSecret     string `json:"client_secret" yaml:"client_secret"`

	JWTCertificate     string `json:"jwt_certificate" yaml:"jwt_certificate"`
	JWTCertificateFile string `json:"jwt_certificate_file" yaml:"jwt_certificate_file"`

	// Certificate is kept as a backward-compatible alias for JWTCertificate.
	Certificate string `json:"certificate" yaml:"certificate"`
}

AdminConfig is the Casdoor credential set for management APIs. In production this should normally be a dedicated admin application with narrowly scoped permissions instead of the public login application.

type Client

type Client struct {
	// contains filtered or unexported fields
}

Client implements authn.Authenticator, authn.TokenService and authn.IdentityAdmin using Casdoor's official Go SDK.

func New

func New(cfg Config) (*Client, error)

func (*Client) AssignUserToGroup

func (c *Client) AssignUserToGroup(ctx context.Context, req authn.AssignUserToGroupRequest) error

func (*Client) Authenticate

func (c *Client) Authenticate(ctx context.Context, credential authn.Credential) (authn.Principal, error)

func (*Client) BuildLoginURL

func (c *Client) BuildLoginURL(ctx context.Context, req authn.LoginURLRequest) (authn.LoginURL, error)

BuildLoginURL returns a Casdoor hosted login URL through Kernel's provider- neutral LoginService contract. Callers should not import or call the Casdoor SDK directly.

func (*Client) CreateApplication

func (c *Client) CreateApplication(ctx context.Context, req authn.CreateApplicationRequest) (authn.Application, error)

func (*Client) CreateGroup

func (c *Client) CreateGroup(ctx context.Context, req authn.CreateGroupRequest) (authn.Group, error)

func (*Client) CreateOrganization

func (c *Client) CreateOrganization(ctx context.Context, req authn.CreateOrganizationRequest) (authn.Organization, error)

func (*Client) DeleteApplication

func (c *Client) DeleteApplication(ctx context.Context, req authn.DeleteApplicationRequest) error

func (*Client) DeleteGroup

func (c *Client) DeleteGroup(ctx context.Context, req authn.DeleteGroupRequest) error

func (*Client) DeleteOrganization

func (c *Client) DeleteOrganization(ctx context.Context, req authn.DeleteOrganizationRequest) error

func (*Client) DisableUser

func (c *Client) DisableUser(ctx context.Context, orgID, userID string) error

func (*Client) ExchangeCode

func (*Client) FindUsers

func (c *Client) FindUsers(ctx context.Context, filter authn.UserFilter) ([]authn.User, error)

func (*Client) GetApplication

func (c *Client) GetApplication(ctx context.Context, orgID, appID string) (authn.Application, error)

func (*Client) GetGroup

func (c *Client) GetGroup(ctx context.Context, orgID, groupID string) (authn.Group, error)

func (*Client) GetIdentityProfile

func (c *Client) GetIdentityProfile(ctx context.Context, req authn.IdentityProfileRequest) (authn.IdentityProfile, error)

func (*Client) GetOrganization

func (c *Client) GetOrganization(ctx context.Context, orgID string) (authn.Organization, error)

func (*Client) GetUser

func (c *Client) GetUser(ctx context.Context, orgID, userID string) (authn.User, error)

func (*Client) HandleCallback

func (c *Client) HandleCallback(ctx context.Context, req authn.CallbackRequest) (authn.CallbackResult, error)

HandleCallback exchanges the authorization code and verifies the resulting token through Kernel authn contracts. It also validates state when an ExpectedState is provided.

func (*Client) ListGroups

func (c *Client) ListGroups(ctx context.Context, filter authn.GroupFilter) ([]authn.Group, error)

func (*Client) RefreshToken

func (c *Client) RefreshToken(ctx context.Context, req authn.RefreshTokenRequest) (authn.TokenSet, error)

func (*Client) RemoveUserFromGroup

func (c *Client) RemoveUserFromGroup(ctx context.Context, req authn.AssignUserToGroupRequest) error

func (*Client) RevokeToken

func (c *Client) RevokeToken(ctx context.Context, req authn.RevokeTokenRequest) error

func (*Client) SigninURL

func (c *Client) SigninURL(redirectURI string) string

SigninURL is kept as a convenience alias for existing integrations. New code should prefer BuildLoginURL via the authn.LoginService interface.

func (*Client) SignupURL

func (c *Client) SignupURL(enablePassword bool, redirectURI string) string

SignupURL returns the Casdoor hosted signup URL for the configured login application. Signup is provider-specific for now and intentionally not part of the core authn.LoginService contract.

func (*Client) UpdateApplication

func (c *Client) UpdateApplication(ctx context.Context, req authn.UpdateApplicationRequest) (authn.Application, error)

func (*Client) UpdateGroup

func (c *Client) UpdateGroup(ctx context.Context, req authn.UpdateGroupRequest) (authn.Group, error)

func (*Client) UpdateOrganization

func (c *Client) UpdateOrganization(ctx context.Context, req authn.UpdateOrganizationRequest) (authn.Organization, error)

func (*Client) UpsertUser

func (c *Client) UpsertUser(ctx context.Context, user authn.User) (authn.User, error)

func (*Client) VerifyToken

func (c *Client) VerifyToken(ctx context.Context, req authn.VerifyTokenRequest) (authn.Principal, error)

type Config

type Config struct {
	Endpoint string `json:"endpoint" yaml:"endpoint"`

	OrganizationName string `json:"organization_name" yaml:"organization_name"`
	ApplicationName  string `json:"application_name" yaml:"application_name"`
	ClientID         string `json:"client_id" yaml:"client_id"`
	ClientSecret     string `json:"client_secret" yaml:"client_secret"`

	// JWTCertificate is the PEM public certificate used by Casdoor SDK to verify
	// JWT access/id tokens signed by the Casdoor application cert.
	JWTCertificate     string `json:"jwt_certificate" yaml:"jwt_certificate"`
	JWTCertificateFile string `json:"jwt_certificate_file" yaml:"jwt_certificate_file"`

	// Certificate is kept as a backward-compatible alias for JWTCertificate.
	// Prefer jwt_certificate or jwt_certificate_file in new configs.
	Certificate string `json:"certificate" yaml:"certificate"`

	Admin AdminConfig `json:"admin" yaml:"admin"`

	HTTPClient *http.Client  `json:"-" yaml:"-"`
	Timeout    time.Duration `json:"timeout" yaml:"timeout"`

	// Logger is the component logger. If nil, casdoor uses logx.DefaultLogger().
	Logger logx.Logger `json:"-" yaml:"-"`

	// Metrics is the optional metrics manager for Casdoor backend HTTP calls.
	Metrics metricsx.Manager `json:"-" yaml:"-"`

	// MetricsEnabled controls whether Casdoor backend calls record metrics.
	MetricsEnabled bool `json:"metrics_enabled" yaml:"metrics_enabled"`
}

Config contains Casdoor application configuration used by the SDK.

The top-level fields describe the login/OIDC application that exchanges authorization codes and verifies user tokens. Admin describes the optional management application used for provisioning users, organizations, applications and groups.

func (Config) Normalized

func (c Config) Normalized() Config

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL