Skip to content
master
Switch branches/tags
Code

Latest commit

 

Git stats

Files

Permalink
Failed to load latest commit information.
Type
Name
Latest commit message
Commit time
 
 
 
 
 
 
 
 
 
 

Auth0 Role Manager Build Status Coverage Status Godoc

Auth0 Role Manager is the Auth0 role manager for Casbin. With this library, Casbin can load role hierarchy (user-role mapping) from Auth0 Authorization Extension or save role hierarchy to it (NOT Implemented).

Installation

go get github.com/casbin/auth0-role-manager

Simple Example

package main

import (
	"github.com/casbin/auth0-role-manager"
	"github.com/casbin/casbin"
)

func main() {
	// This role manager dose not rely on Casbin policy. So we should not
	// specify grouping policy ("g" policy rules) in the .csv file.
	e := casbin.NewEnforcer("examples/rbac_model.conf", "examples/rbac_policy.csv")

	// Use our role manager.
	// clientID is the Client ID.
	// clientSecret is the Client Secret.
	// tenant is your tenant name. If your domain is: abc.auth0.com, then abc is your tenant name.
	// apiEndpoint is the base URL for your Auth0 Authorization Extension, it should
	// be something like: "https://abc.us.webtask.io/adf6e2f2b84784b57522e3b19dfc9201", there is
	// no "/admins", "/admins/login", "/users" or "/api" in the end.
	rm := auth0rolemanager.NewRoleManager(
		"your_client_id",
		"your_client_secret",
		"your_tenant_name",
		"your_base_url_for_auth0_authorization_extension")
	e.SetRoleManager(rm)

	// If our role manager relies on Casbin policy (like reading "g"
	// policy rules), then we have to set the role manager before loading
	// policy.
	//
	// Otherwise, we can set the role manager at any time, because role
	// manager has nothing to do with the adapter.
	e.LoadPolicy()
	
	// Check the permission.
	// Casbin's subject (user) name uses the Auth0 user's Email field (like "alice@test.com").
	// Casbin's role name uses the Auth0 group's Name field (like "Group1", "Group2").
	e.Enforce("alice@test.com", "data1", "read")
}

Getting Help

License

This project is under Apache 2.0 License. See the LICENSE file for the full license text.