Cedarling Kotlin binding#
UniFFI (Universal Foreign Function Interface) is a tool developed by Mozilla to simplify cross-language bindings, primarily between Rust and other languages like Kotlin, Swift, and Python. It allows Rust libraries to be used in these languages without manually writing complex foreign function interface (FFI) bindings.
Please refer to this document for details on the structs, enums, and functions exposed by UniFFI bindings. This section outlines the process of generating the Kotlin binding for Cedarling using Cedarling UniFFI. The Kotlin binding is then wrapped in a Java class to enable convenient use in Java applications.
Prerequisites#
- Rust: Install it from the official Rust website.
- Java Development Kit (JDK): version 21 or higher
- Apache Maven: Install it from Apache Maven Website
Building from Source#
-
Build Cedarling by executing below command from
./jans/jans-cedarling
of cloned jans project:Incargo build -r -p cedarling_uniffi
target/release
, you should find thelibcedarling_uniffi.dylib
(if Mac OS),libcedarling_uniffi.so
(if Linux OS), orlibcedarling_uniffi.dll
(if Windows OS) file, depending on the operating system you are using. -
Generate the bindings for Kotlin by running the command below. Replace
{build_file}
withlibcedarling_uniffi.dylib
,libcedarling_uniffi.so
, orlibcedarling_uniffi.dll
, depending on which file is generated intarget/release
.cargo run --bin uniffi-bindgen generate --library ./target/release/{build_file} --language kotlin --out-dir ./bindings/cedarling-java/src/main/kotlin/io/jans/cedarling
-
Copy the generated
libcedarling_uniffi.dylib
,libcedarling_uniffi.so
, orlibcedarling_uniffi.dll
file to resource directory of thecedarling-java
Maven project. Replace{build_file}
in the below commad withlibcedarling_uniffi.dylib
,libcedarling_uniffi.so
, orlibcedarling_uniffi.dll
, depending on which file is generated intarget/release
.mkdir ./bindings/cedarling-java/src/main/resources cp ./target/release/{build_file} ./bindings/cedarling-java/src/main/resources
-
Change directory to
./bindings/cedarling-java
and run below command to buildcedarling-java
jar file. This will generatecedarling-java-{version}-distribution.jar
at./bindings/cedarling-java/target/
.mvn clean install
Recipes#
Recipe 1: Using the Cedarling Java binding in custom scripts on the Janssen Auth Server (VM installation).#
Note: This recipe is compatible with Jans version 1.4.0 and earlier.
- Upload bootstrap.json, policy-store.json, action.txt, context.json, principals.json and resource.json at
/opt/jans/jetty/jans-auth/custom/static
location of the auth server. The Asset Screen can be used to upload assets. - Upload the generate
cedarling-java-{version}-distribution.jar
at/opt/jans/jetty/jans-auth/custom/libs
location of the auth server. - The following Post Authn script has been created for calling Cedarling authorization. Add and enable the Post Authn custom script (in Java) with following Custom Properties:
Key | Values |
---|---|
BOOTSTRAP_JSON_PATH | ./custom/static/bootstrap.json |
ACTION_FILE_PATH | ./custom/static/action.txt |
RESOURCE_FILE_PATH | ./custom/static/resource.json |
CONTEXT_FILE_PATH | ./custom/static/context.json |
PRINCIPALS_FILE_PATH | ./custom/static/principals.json |
-
Map the script with client used to perform authentication.
-
The script runs after client authentication to invoke Cedarling authz.
Recipe 2: Sample Java Maven project using the Kotlin binding#
-
Build Cedarling:
Incargo build -r -p cedarling_uniffi
target/release
, you should find thelibcedarling_uniffi.dylib
(if Mac OS),libcedarling_uniffi.so
(if Linux OS), orlibcedarling_uniffi.dll
(if Windows OS) file, depending on the operating system you are using. -
Generate the bindings for Kotlin by running the command below. Replace
{build_file}
withlibcedarling_uniffi.dylib
,libcedarling_uniffi.so
, orlibcedarling_uniffi.dll
, depending on which file is generated intarget/release
.cargo run --bin uniffi-bindgen generate --library ./target/release/{build_file} --language kotlin --out-dir ./bindings/cedarling_uniffi/javaApp/src/main/kotlin/org/example
-
Copy the generated
libcedarling_uniffi.dylib
,libcedarling_uniffi.so
, orlibcedarling_uniffi.dll
file to resource directory of the sample Java Maven project. Replace{build_file}
in the below commad withlibcedarling_uniffi.dylib
,libcedarling_uniffi.so
, orlibcedarling_uniffi.dll
, depending on which file is generated intarget/release
.cp ./target/release/{build_file} ./bindings/cedarling_uniffi/javaApp/src/main/resources
-
Change directory to sample Java project (
./bindings/cedarling_uniffi/javaApp
) and run below command to run the main method of a Maven project from the terminal.The method will execute the steps for Cedarling initialization with a sample bootstrap configuration, run authorization with sample tokens, resource and context inputs and call log interface to print authorization logs on console.mvn clean install mvn exec:java -Dexec.mainClass="org.example.Main"
Sample Java Maven Project#
Note the following points in the sample Java Maven project to understand the changes required for using the Kotlin binding in other Java projects.
- The sample
tokens
,resource
andcontext
input files along with files containingbootstrap configuration
andpolicy- store
used by the sample application are present at./bindings/cedarling_uniffi/javaApp/src/main/resources/config
. - Refer to the Java code in org.example.Main to see how Cedarling's
init
,authz
, andlog
interfaces are called using the Kotlin binding.
Added dependencies in pom.xml:#
-
Java Native Access (JNA): A Java library that allows Java code to call native shared libraries (like .so on Linux, .dll on Windows, or .dylib on macOS) without writing JNI (Java Native Interface) code.
-
kotlinx.coroutines: Adds support for asynchronous programming using coroutines.
-
kotlin-stdlib-jdk: The kotlin-stdlib-jdk8 library is a variant of the Kotlin standard library that includes additional features specifically designed to work with JDK 8 (Java Development Kit 8) or higher.
-
nimbus-jose-jwt: The nimbus-jose-jwt library is a Java library used for working with JWTs (JSON Web Tokens) and JOSE (JavaScript Object Signing and Encryption) standards
-
jackson-databind: The jackson-databind library is a core module of the Jackson JSON processing framework in Java
Created: 2025-05-13