{"id":20215646,"url":"https://github.com/casdoor/casdoor-android-sdk-old","last_synced_at":"2025-04-10T14:41:00.246Z","repository":{"id":47887422,"uuid":"387091260","full_name":"casdoor/casdoor-android-sdk-old","owner":"casdoor","description":"Casdoor Android client SDK","archived":false,"fork":false,"pushed_at":"2023-08-06T14:06:51.000Z","size":21,"stargazers_count":0,"open_issues_count":1,"forks_count":4,"subscribers_count":2,"default_branch":"master","last_synced_at":"2025-03-24T13:11:12.351Z","etag":null,"topics":["android","authentication","casdoor","jwt","oidc","sdk"],"latest_commit_sha":null,"homepage":"https://github.com/casdoor/casdoor","language":"Java","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"apache-2.0","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/casdoor.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null}},"created_at":"2021-07-18T04:41:32.000Z","updated_at":"2022-08-28T16:01:01.000Z","dependencies_parsed_at":"2024-01-29T00:03:16.359Z","dependency_job_id":"c382ce6a-3151-4c50-95ce-1cb26182a3a7","html_url":"https://github.com/casdoor/casdoor-android-sdk-old","commit_stats":null,"previous_names":[],"tags_count":0,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/casdoor%2Fcasdoor-android-sdk-old","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/casdoor%2Fcasdoor-android-sdk-old/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/casdoor%2Fcasdoor-android-sdk-old/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/casdoor%2Fcasdoor-android-sdk-old/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/casdoor","download_url":"https://codeload.github.com/casdoor/casdoor-android-sdk-old/tar.gz/refs/heads/master","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":248233991,"owners_count":21069493,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["android","authentication","casdoor","jwt","oidc","sdk"],"created_at":"2024-11-14T06:23:46.499Z","updated_at":"2025-04-10T14:41:00.225Z","avatar_url":"https://github.com/casdoor.png","language":"Java","funding_links":[],"categories":[],"sub_categories":[],"readme":"# Casdoor Android SDK\r\n\r\n[Casdoor](https://casdoor.org/docs/overview) is a UI-first centralized authentication / [Single-Sign-On (SSO)](https://en.wikipedia.org/wiki/Single_sign-on) platform based on OAuth 2.0 / OIDC.\r\n\r\nCasdoor serves both the web UI and the login requests from the application users.\r\n\r\n## Casdoor features:\r\n\r\n1. Front-end and back-end separate architecture, developed by Golang, Casdoor supports high concurrency, provides web-based managing UI and supports multiple languages(Chinese, English).\r\n2. Casdoor supports Github, Google, QQ, WeChat third-party applications login, and support the extension of third-party login with plugins.\r\n3. With [Casbin](https://casbin.org/) based authorization management, Casdoor supports ACL, RBAC, ABAC, RESTful accessing control models.\r\n4. Phone verification code, email verification code and forget password features.\r\n5. Accessing logs auditing and recording.\r\n6. Alibaba Cloud, Tencent Cloud, Qiniu Cloud image CDN cloud storage.\r\n7. Customizable register, login, and forget password pages.\r\n8. Casdoor supports integration with existing systems using db sync method, users can transition to Casdoor smoothly.\r\n9. Casdoor supports mainstream databases: MySQL, PostgreSQL, SQL Server etc, and support the extension of new database with plugins.\r\n\r\n## Casdoor Online demo\r\n\r\nHere is an online demo deployed by Casbin.\r\n\r\n- [Casdoor official demo](https://door.casbin.com/)\r\n\r\nGlobal admin login:\r\n\r\n- Username: `admin`\r\n- Password: `123`\r\n\r\n## Get Started\r\n\r\nBefore using casdoor-andorid-sdk, you should make casdoor started: [Install Guide | Casdoor](https://casdoor.org/docs/basic/server-installation), then, you can quickly implement a casdoor based login page in your own app with the following methods:\r\n\r\n### Login state related\r\n\r\n#### `boolean CasdoorAuth.hasLoggedIn(FragmentActivity activity)`\r\n\r\nThis method could be used to judge whether the user has logged in through casdoor sdk. You would get  `true` when he(she) has logged in. Cause based on the `SharedPreference`, you could just deliver the activity which the caller belong to. Only when the user has logged in, the casdoor sdk is likely to successfullty get info of users and do requests those need authority.\r\n\r\nTo achieve \"Display different content as the login state changes\" effect, you could refer to the below code fragment in onCreateView method in android fragment:\r\n\r\n```java\r\nif (getActivity() != null) {\r\n    FragmentManager fragmentManager = getParentFragmentManager();\r\n    FragmentTransaction fragmentTransaction = fragmentManager.beginTransaction();\r\n    if (CasdoorAuth.hasLoggedIn(getActivity())) {\r\n        UserInfoFragment userInfoFragment = new UserInfoFragment(getActivity());\r\n        fragmentTransaction.replace(R.id.minePage, userInfoFragment);\r\n    } else {\r\n        UserLoginFragment userLoginFragment = new UserLoginFragment(getActivity());\r\n        fragmentTransaction.replace(R.id.minePage, userLoginFragment);\r\n    }\r\n    fragmentTransaction.commit();\r\n}\r\n```\r\n\r\n\u003e UserInfoFragment is a fragment that could display some user information or entrance of some operations that needs user rights. UserLoginFragment is a fragment that provides the entrance for casdoor sdk to complete a series of login steps.\r\n\r\n#### `void CasdoorAuth.logout(FragmentActivity activity)`\r\n\r\nThis method could be used to logout. (just as the method name says).\r\n\r\n### User information related\r\n\r\nTo get user's basic information, you should firstly create the `CasdoorLoginActivity` provided by casdoor android sdk, after starting the activity, the casdoor would take over the app and complete the rest part of login procedure. After the user successfully login, the sdk would be available to use all kinds of method to get user's information. In the seem time, casdoor sdk also provides `SetUser` \u0026 `SetUsers` method to get users' basic public informations (private info is masked)\r\n\r\n#### `class CasdoorLoginActivity`\r\n\r\nAll procedure of login through casdoor is based on the `CasdoorLoginActivity`, once the user successfully login, the access_token would be write in memory which would be saved unless the app data is cleared or logout forwardly even if the app is closed.\r\n\r\nIt should be noticed that before you start the `CasdoorLoginActivity`, you need to setup config by `putExtra` method through intent. To make this easier, casdoor sdk provides some public static final String in `class CasdoorConfig`. The extra Strings you need to put is:\r\n\r\n- `Endpoint`: equal to `CasdoorConfig.ENDPOINT`, Casdoor Server Url, such as `http://localhost:8000`, `https://door.casbin.com`, etc.\r\n- `ClientID`: equal to `CasdoorConfig.CLIENTID`,  Application's client_id in casdoor, you could find it in `Applications` - `Edit Applications` - `Client ID`. The `ClientID` should look like this: `0ba528121ea87b3eb54d`.\r\n- `ClientSecret`: equal to `CasdoorConfig.CLIENTSECRET`, which as seems as the `ClientID`. The `ClientSecret` should look like this: `04f4ca22101529a3503d5a653a877b4e8403edf0`.\r\n- `JWTSecret`: equal to `CasdoorConfig.JWTSECRET`, which is used to parse token to claims.  \r\n- `OrganizationName`: equal to `CasdoorConfig.ORGANIZATIONNAME`, the organization's name.\r\n\r\nYou could refer to the below code fragment to start `CasdoorLoginActivity` when you need to:\r\n\r\n```java\r\nIntent intent = new Intent();\r\nintent.setClass(activity, CasdoorLoginActivity.class);\r\n// Before starting activity, you should init config\r\nintent.putExtra(CasdoorConfig.ENDPOINT, \"https://door.casbin.com\");\r\nintent.putExtra(CasdoorConfig.CLIENTID, \"0ba528121ea87b3eb54d\");\r\nintent.putExtra(CasdoorConfig.CLIENTSECRET, \"04f4ca22101529a3503d5a653a877b4e8403edf0\");\r\nintent.putExtra(CasdoorConfig.JWTSECRET, \"04f4ca22101529a3503d5a653a877b4e8403edf004f4ca22101529a3503d5a653a877b4e8403edf004f4ca22101529a3503d5a653a877b4e8403edf0\");\r\nintent.putExtra(CasdoorConfig.ORGANIZATIONNAME, \"casbin-oa\");\r\nstartActivity(intent);\r\n```\r\n\r\n#### `String CasdoorUserToken.GetUserToken(FragmentActivity activity)`\r\n\r\nAfter logging in, you could get the user token string through method `GetUserToken`, it should be noticed that this user token is `JSON Web Token (JWT)`, thus, it is available to get user's information without doing any extra request.\r\n\r\n\u003e JWT is a means of transmitting information between two parties in a compact, verifiable form.\r\n\u003e\r\n\u003e The bits of information encoded in the body of a JWT are called `claims`. The expanded form of the JWT is in a JSON format, so each `claim` is a key in the JSON object.\r\n\u003e\r\n\u003e JWTs can be cryptographically signed (making it a [JWS](https://tools.ietf.org/html/rfc7515)) or encrypted (making it a [JWE](https://tools.ietf.org/html/rfc7516)).\r\n\u003e\r\n\u003e This adds a powerful layer of verifiability to the user of JWTs. The receiver has a high degree of confidence that the JWT has not been tampered with by verifying the signature, for instance.\r\n\u003e\r\n\u003e The compact representation of a signed JWT is a string that has three parts, each separated by a `.`:\r\n\u003e\r\n\u003e ```\r\n\u003e eyJhbGciOiJIUzI1NiJ9.eyJzdWIiOiJKb2UifQ.ipevRNuRP6HflG8cFKnmUPtypruRC4fb1DWtoLL62SY\r\n\u003e ```\r\n\u003e\r\n\u003e Each part is [Base64URL](https://en.wikipedia.org/wiki/Base64)-encoded. The first part is the header, which at a minimum needs to specify the algorithm used to sign the JWT. The second part is the body. This part has all the claims of this JWT encoded in it. The final part is the signature. It's computed by passing a combination of the header and body through the algorithm specified in the header.\r\n\u003e\r\n\u003e If you pass the first two parts through a base 64 url decoder, you'll get the following (formatting added for clarity):\r\n\u003e\r\n\u003e ```json\r\n\u003e header {\r\n\u003e   \"alg\": \"HS256\"\r\n\u003e }\r\n\u003e body {\r\n\u003e   \"sub\": \"Joe\"\r\n\u003e }\r\n\u003e ```\r\n\u003e\r\n\u003e In this case, the information we have is that the HMAC using SHA-256 algorithm was used to sign the JWT. And, the body has a single claim, `sub` with value `Joe`. In casdoor sdk, the claims struct is:\r\n\u003e\r\n\u003e ```java\r\n\u003e public class CasdoorClaims {\r\n\u003e     String Organization;\r\n\u003e     String UserName;\r\n\u003e     String Type;\r\n\u003e \r\n\u003e     String Name;\r\n\u003e     String Avatar;\r\n\u003e     String Email;\r\n\u003e     String Phone;\r\n\u003e \r\n\u003e     String Affiliation;\r\n\u003e     String Tag;\r\n\u003e     String Language;\r\n\u003e     int Score;\r\n\u003e \r\n\u003e     boolean IsAdmin;\r\n\u003e     String Aud;\r\n\u003e     int Exp;\r\n\u003e     int Iat;\r\n\u003e     String Iss;\r\n\u003e     int Nbf;\r\n\u003e }\t\r\n\u003e ```\r\n\u003e\r\n\u003e There are a number of standard claims, called [Registered Claims](https://tools.ietf.org/html/rfc7519#section-4.1), in the specification and `sub` (for subject) is one of them.\r\n\u003e\r\n\u003e To compute the signature, you need a secret key to sign it. Which is `CasdoorConfig.JWTSECRET` in our case.\r\n\r\n#### `CasdoorClaims CasdoorUserToken.ParseJwtToken(FragmentActivity activity, String token)`\r\n\r\nAs mentioned above, in our case, the user's personal information is underlying of the JWT, to make it easier to use token get user info, casdoor android sdk provides this method to parse token to claim. \r\n\r\n\u003e Using [JJWT](https://github.com/jwtk/jjwt) could easily do all operations of JSON Web Token for Java and Android, actually, this method is based on this, thus, it is 100% compatible to use JJWT instead of this method when you have some advanced customization operations of JWT. You could refer to the below code fragment when you want to customize your JWT parser:\r\n\u003e\r\n\u003e ```java\r\n\u003e Claims claims = Jwts.parserBuilder().setSigningKey(Keys.hmacShaKeyFor(CasdoorConfig.GetConfig(activity).JWTSecret.getBytes())).build().parseClaimsJws(token).getBody();\r\n\u003e ```\r\n\r\nAfter successfully obtaining the `CasdoorClaims`, you could use all kinds of `get` method to get instance variables of claims:\r\n\r\n- `String getOrganization()`\r\n\r\n- `String getUserName()`\r\n- `String getType()`\r\n\r\n- `String getName()`\r\n\r\n- `String getAvatar()`\r\n\r\n- `String getEmail()`\r\n\r\n- `String getPhone()`\r\n\r\n- `String getAffiliation()`\r\n\r\n- `String getTag()`\r\n- `String getLanguage()`\r\n\r\n- `int getScore()`\r\n\r\n- `boolean isAdmin()`\r\n\r\n- `String getAud()`\r\n\r\n- `int getExp()`\r\n\r\n- `int getIat()`\r\n\r\n- `String getIss()`\r\n- `int getNbf()`\r\n\r\n- `String getSub()`\r\n\r\nTo achieve get user's information effect when have logged in, you could refer to the below code fragment in `onCreateView` method of :\r\n\r\n```java\r\npublic View onCreateView(LayoutInflater inflater, ViewGroup container, Bundle savedInstanceState) {\r\n\r\n    binding = FragmentUserInfoBinding.inflate(inflater, container, false);\r\n    View root = binding.getRoot();\r\n\r\n    String userToken = CasdoorUserToken.GetUserToken(getActivity());\r\n    CasdoorClaims casdoorClaims = CasdoorUserToken.ParseJwtToken(getActivity(), userToken);\r\n\r\n    TextView name = binding.UserInfoTableName;\r\n    name.setText(casdoorClaims.getName());\r\n\r\n    TextView email = binding.UserInfoTableEmail;\r\n    email.setText(casdoorClaims.getEmail());\r\n\r\n    TextView phone = binding.UserInfoTablePhone;\r\n    phone.setText(casdoorClaims.getPhone());\r\n\r\n    TextView organization = binding.UserInfoTableOrganization;\r\n    organization.setText(casdoorClaims.getOrganization());\r\n}\r\n```\r\n\r\n\r\n\r\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fcasdoor%2Fcasdoor-android-sdk-old","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fcasdoor%2Fcasdoor-android-sdk-old","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fcasdoor%2Fcasdoor-android-sdk-old/lists"}