{"id":20215691,"url":"https://github.com/casdoor/casdoor-spring-security-example","last_synced_at":"2026-05-10T13:13:23.482Z","repository":{"id":104354327,"uuid":"531765674","full_name":"casdoor/casdoor-spring-security-example","owner":"casdoor","description":"Spring Security example app integrated with Casdoor","archived":false,"fork":false,"pushed_at":"2023-12-20T13:55:55.000Z","size":19,"stargazers_count":0,"open_issues_count":0,"forks_count":1,"subscribers_count":3,"default_branch":"master","last_synced_at":"2025-01-13T22:16:28.287Z","etag":null,"topics":["auth","authn","casdoor","iam","oauth","oidc","spring","spring-security","spring-security-oauth2","sso"],"latest_commit_sha":null,"homepage":"https://casdoor.org/docs/integration/spring-security/spring-security-oauth","language":"Java","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"apache-2.0","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/casdoor.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null}},"created_at":"2022-09-02T03:16:23.000Z","updated_at":"2023-12-16T07:22:32.000Z","dependencies_parsed_at":null,"dependency_job_id":"0f87f0b8-9933-4aa6-92af-839a00f4b335","html_url":"https://github.com/casdoor/casdoor-spring-security-example","commit_stats":null,"previous_names":[],"tags_count":0,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/casdoor%2Fcasdoor-spring-security-example","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/casdoor%2Fcasdoor-spring-security-example/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/casdoor%2Fcasdoor-spring-security-example/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/casdoor%2Fcasdoor-spring-security-example/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/casdoor","download_url":"https://codeload.github.com/casdoor/casdoor-spring-security-example/tar.gz/refs/heads/master","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":241652964,"owners_count":19997578,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["auth","authn","casdoor","iam","oauth","oidc","spring","spring-security","spring-security-oauth2","sso"],"created_at":"2024-11-14T06:23:59.875Z","updated_at":"2026-05-10T13:13:23.441Z","avatar_url":"https://github.com/casdoor.png","language":"Java","funding_links":[],"categories":[],"sub_categories":[],"readme":"# casdoor-spring-security-example\n\nThis example shows how a Spring Security application can connect to Casdoor via OAuth 2.0.\n\n![demo](https://github.com/casdoor/casdoor-spring-security-example/assets/3787410/ddc81f02-a608-4342-8d92-cf52dcc25814)\n\n## Deploy Casdoor\n\nWe assume you have deployed Casdoor in your own URL (refer to: [Server Installation](https://casdoor.org/docs/basic/server-installation)), in this example, we use the Casdoor demo site: https//door.casdoor.com\n\n## Configuration\n\nIn the application edit page of your Casdoor (like: https://door.casdoor.com/applications/casbin/app-vue-python-example), you can get the `Client ID` and `Client secret` of the application. Remember to add your application's URL: `http://localhost:8080/` to Casdoor's \"Redirect URLs\":\n\n![Casdoor Application Setting](https://casdoor.org/assets/images/appsetting_spring_security-f2662d02db2032cea21f3b39b03b6c60.png)\n\nOpen in a browser: https://door.casdoor.com/.well-known/openid-configuration, you will get the OIDC endpoints of Casdoor.\n\n```json\n{\n  \"issuer\": \"https://door.casdoor.com\",\n  \"authorization_endpoint\": \"https://door.casdoor.com/login/oauth/authorize\",\n  \"token_endpoint\": \"https://door.casdoor.com/api/login/oauth/access_token\",\n  \"userinfo_endpoint\": \"https://door.casdoor.com/api/userinfo\",\n  \"jwks_uri\": \"https://door.casdoor.com/.well-known/jwks\",\n  \"introspection_endpoint\": \"https://door.casdoor.com/api/login/oauth/introspect\",\n  \"response_types_supported\": [\n    \"code\",\n    \"token\",\n    \"id_token\",\n    \"code token\",\n    \"code id_token\",\n    \"token id_token\",\n    \"code token id_token\",\n    \"none\"\n  ],\n  \"response_modes_supported\": [\n    \"query\",\n    \"fragment\",\n    \"login\",\n    \"code\",\n    \"link\"\n  ],\n  \"grant_types_supported\": [\n    \"password\",\n    \"authorization_code\"\n  ],\n  \"subject_types_supported\": [\n    \"public\"\n  ],\n  \"id_token_signing_alg_values_supported\": [\n    \"RS256\"\n  ],\n  \"scopes_supported\": [\n    \"openid\",\n    \"email\",\n    \"profile\",\n    \"address\",\n    \"phone\",\n    \"offline_access\"\n  ],\n  \"claims_supported\": [\n    \"iss\",\n    ...\n  ],\n  \"request_parameter_supported\": true,\n  \"request_object_signing_alg_values_supported\": [\n    \"HS256\",\n    \"HS384\",\n    \"HS512\"\n  ],\n  \"end_session_endpoint\": \"https://door.casdoor.com/api/logout\"\n}\n```\n\nReplace the settings in this application's YAML file: [application.yml](https://github.com/casdoor/casdoor-spring-security-example/blob/master/src/main/resources/application.yml) with your own Casdoor's settings.\n\n```yaml\nspring:\n  security:\n    oauth2:\n      client:\n        registration:\n          casdoor:\n            client-id: 294b09fbc17f95daf2fe\n            client-secret: dd8982f7046ccba1bbd7851d5c1ece4e52bf039d\n            scope: read,write\n            authorization-grant-type: authorization_code\n            redirect-uri: http://localhost:8080/login/oauth2/code/custom\n        provider:\n          casdoor:\n            authorization-uri: https://door.casdoor.com/login/oauth/authorize\n            token-uri: https://door.casdoor.com/api/login/oauth/access_token\n            user-info-uri: https://door.casdoor.com/api/get-account\n            user-name-attribute: name\n```\n\n## Run the demo!\n\nIn the browser, visit: http://localhost:8080/foos. It will automatically redirect to Casdoor's login page. Login with username: `admin` and password: `123`.\n\nIf you visit your root page: http://localhost:8080, you will see:\n\n![Casdoor Application Setting](https://casdoor.org/assets/images/spring_security_welcome-5a0d467a89d0134ed035b7718f3c834d.png)\n\nClick the `Login` button to redirect to Casdoor's login page.\n\n![Casdoor Application Setting](https://casdoor.org/assets/images/spring_security_casdoor-c0e156eb1514956214cad0b0d8d3ac98.png)\n\nAfter you logged in, the page will redirect to `/foos`.\n\n![Casdoor Application Setting](https://casdoor.org/assets/images/spring_security_resource-820aab1821d09e451632a46bb73df602.png)\n\n## How is this demo developed? (No need for actions)\n\n1. Create a Spring Boot application in `SSOClientApplication`.\n\n2. Add a configuration which protects all endpoints except `/` and `/login**` for users to login `UiSecurityConfiguration`.\n\n3. Add a naive page for user to login in `resources/templates/index.html`. When user clicks the `login` button, he will be redirected to `casdoor`.\n\n4. Define our protected resource. We can export an endpoint called `/foos` and a web page for display.\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fcasdoor%2Fcasdoor-spring-security-example","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fcasdoor%2Fcasdoor-spring-security-example","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fcasdoor%2Fcasdoor-spring-security-example/lists"}