Okta Role Manager is the Okta role manager for Casbin. With this library, Casbin can load role hierarchy (user-role mapping) from Okta or save role hierarchy to it (NOT Implemented).
go get github.com/casbin/okta-role-manager
package main import ( "github.com/casbin/casbin/v2" oktarolemanager "github.com/casbin/okta-role-manager" ) func main() { // This role manager does not rely on Casbin policy. So we should not // specify grouping policy ("g" policy rules) in the .csv file. e, _ := casbin.NewEnforcer("examples/rbac_model.conf", "examples/rbac_policy.csv") // Use our role manager. // orgName is your organization name. // apiToken is the token you created in the Admin portal. // For example, if your domain name is like: dev-123456.oktapreview.com, // then your orgName is dev-123456, isProductionOrPreview is false. // If your domain name is like: company_name.okta.com, then your orgName // is company_name, isProductionOrPreview is true. rm := oktarolemanager.NewRoleManager("dev-000000", "your_api_token", false) e.SetRoleManager(rm) // If our role manager relies on Casbin policy (like reading "g" // policy rules), then we have to set the role manager before loading // policy. // // Otherwise, we can set the role manager at any time, because role // manager has nothing to do with the adapter. e.LoadPolicy() // Check the permission. // Casbin's subject (user) name uses the Okta user's login field (aka Email address). // Casbin's role name uses the Okta group's name field (like "Admin", "Everyone"). e.Enforce("alice@test.com", "data1", "read") }
This project is under Apache 2.0 License. See the LICENSE file for the full license text.