Using Secureable for Authentication

Using Secureable for authentication requires three steps:

PASOE Configuration

Edit conf/oeablSecurity.properties with the following values:

client.login.model=oauth2
jwtToken.signatureAlg=RS256
jwtToken.keystore.type=jwk
# Replace "http://secureable.server" with the root URL of your Secureable server
jwtToken.keystore.jwkurl=https://secureable.server/v1/identity/oidc/.well-known/keys 
jwtToken.defaultRoles=psc
jwtToken.usernameField=entity_name
OEClientPrincipalFilter.passthru=true
OEClientPrincipalFilter.forwardToken=true
# See below instructions for obtaining the value for the audience setting
oauth2.resSvc.audience=fe9g5Vfcgs3ZpmKZc2XRhKH5ys

Obtaining the value for the “oauth2.resSvc.audience” setting

Issue the following POST request to your Secureable server to obtain a session ID:

curl --location --request POST 'http://secureable-server/v1/login' \
--header 'Content-Type: application/json' \
--data-raw '{
    "username":"admin",
    "password":"admin password"
}'

The response you receive should contain an id property. Copy the value of this property, then use it for your next request:

curl --location --request GET 'http://secureable-server/v1/pasoe/pasoe/oeablSecurity.properties.12.2' \
--header 'Authorization: Bearer <value_of_id_property>'

The output from the second request is a complete oeablSecurity.properties file. Find the oauth2.resSvc.audience setting and copy it to your .properties file.Angular Client Configuration

The @consultingwerk/smartcomponent-library package needs to be configured to use Secureable. This is done using the SmartComponentLibraryModule.forRoot configuration function, when you import the module. This is usually done in the @NgModule annotation of your AppModule (src/app/app.module.ts):