From 3f53ffb29b74b1b1350495549e6e0f8ac866ebcc Mon Sep 17 00:00:00 2001
From: Daniel Steiner <daniel.steiner@dsteiner.ch>
Date: Sat, 5 Sep 2020 14:27:35 +0200
Subject: [PATCH] Openidc module added

---
 centos/SPECS/mod_auth_openidc.spec | 108 +++++++++++++++++++++++++++++
 fedora/SPECS/cjose.spec            |  67 ++++++++++++++++++
 fedora/SPECS/mod_auth_openidc.spec | 108 +++++++++++++++++++++++++++++
 3 files changed, 283 insertions(+)
 create mode 100644 centos/SPECS/mod_auth_openidc.spec
 create mode 100644 fedora/SPECS/cjose.spec
 create mode 100644 fedora/SPECS/mod_auth_openidc.spec

diff --git a/centos/SPECS/mod_auth_openidc.spec b/centos/SPECS/mod_auth_openidc.spec
new file mode 100644
index 0000000..21e3b24
--- /dev/null
+++ b/centos/SPECS/mod_auth_openidc.spec
@@ -0,0 +1,108 @@
+%{!?_httpd_mmn: %{expand: %%global _httpd_mmn %%(cat %{_includedir}/httpd/.mmn || echo 0-0)}}
+%{!?_httpd_moddir: %{expand: %%global _httpd_moddir %%{_libdir}/httpd/modules}}
+%{!?_httpd_confdir: %{expand: %%global _httpd_confdir %{_sysconfdir}/httpd/conf.d}}
+
+# Optionally build with hiredis if --with hiredis is passed
+%{!?_with_hiredis: %{!?_without_hiredis: %global _without_hiredis --without-hiredis}}
+# It is an error if both or neither required options exist.
+%{?_with_hiredis: %{?_without_hiredis: %{error: both _with_hiredis and _without_hiredis}}}
+%{!?_with_hiredis: %{!?_without_hiredis: %{error: neither _with_hiredis nor _without_hiredis}}}
+
+# /etc/httpd/conf.d with httpd < 2.4 and defined as /etc/httpd/conf.modules.d with httpd >= 2.4
+%{!?_httpd_modconfdir: %{expand: %%global _httpd_modconfdir %%{_sysconfdir}/httpd/conf.d}}
+
+%global httpd_pkg_cache_dir /var/cache/httpd/mod_auth_openidc
+
+Name:		mod_auth_openidc
+Version:	2.4.4.1
+Release:	1%{?dist}
+Summary:	OpenID Connect auth module for Apache HTTP Server
+
+License:	ASL 2.0
+URL:		https://github.com/zmartzone/mod_auth_openidc
+Source0:	https://github.com/zmartzone/mod_auth_openidc/releases/download/v%{version}/mod_auth_openidc-%{version}.tar.gz
+
+BuildRequires:  gcc
+BuildRequires:	httpd-devel
+BuildRequires:	openssl-devel
+BuildRequires:	curl-devel
+BuildRequires:	jansson-devel
+BuildRequires:	pcre-devel
+BuildRequires:	autoconf
+BuildRequires:	automake
+BuildRequires:	cjose-devel
+#BuildRequires:	jq-devel
+BuildRequires:	jq
+%{?_with_hiredis:BuildRequires: hiredis-devel}
+Requires:	httpd-mmn = %{_httpd_mmn}
+
+%description
+This module enables an Apache 2.x web server to operate as
+an OpenID Connect Relying Party and/or OAuth 2.0 Resource Server.
+
+%prep
+%setup -q
+
+%build
+# workaround rpm-buildroot-usage
+export MODULES_DIR=%{_httpd_moddir}
+export APXS2_OPTS='-S LIBEXECDIR=${MODULES_DIR}'
+autoreconf
+%configure \
+  --with-jq=/usr/lib64/ \
+  %{?_with_hiredis} \
+  %{?_without_hiredis}
+
+make %{?_smp_mflags}
+
+%check
+export MODULES_DIR=%{_httpd_moddir}
+export APXS2_OPTS='-S LIBEXECDIR=${MODULES_DIR}'
+make test
+
+%install
+mkdir -p $RPM_BUILD_ROOT%{_httpd_moddir}
+make install MODULES_DIR=$RPM_BUILD_ROOT%{_httpd_moddir}
+
+install -m 755 -d $RPM_BUILD_ROOT%{_httpd_modconfdir}
+echo 'LoadModule auth_openidc_module modules/mod_auth_openidc.so' > \
+	$RPM_BUILD_ROOT%{_httpd_modconfdir}/10-auth_openidc.conf
+
+install -m 755 -d $RPM_BUILD_ROOT%{_httpd_confdir}
+install -m 644 auth_openidc.conf $RPM_BUILD_ROOT%{_httpd_confdir}
+# Adjust httpd cache location in install config file
+sed -i 's!/var/cache/apache2/!/var/cache/httpd/!' $RPM_BUILD_ROOT%{_httpd_confdir}/auth_openidc.conf
+install -m 700 -d $RPM_BUILD_ROOT%{httpd_pkg_cache_dir}
+install -m 700 -d $RPM_BUILD_ROOT%{httpd_pkg_cache_dir}/metadata
+install -m 700 -d $RPM_BUILD_ROOT%{httpd_pkg_cache_dir}/cache
+
+
+%files
+%if 0%{?rhel} && 0%{?rhel} < 7
+%doc LICENSE.txt
+%else
+%license LICENSE.txt
+%endif
+%doc ChangeLog
+%doc AUTHORS
+%doc README.md
+%{_httpd_moddir}/mod_auth_openidc.so
+%config(noreplace) %{_httpd_modconfdir}/10-auth_openidc.conf
+%config(noreplace) %{_httpd_confdir}/auth_openidc.conf
+%dir %attr(0700, apache, apache) %{httpd_pkg_cache_dir}
+%dir %attr(0700, apache, apache) %{httpd_pkg_cache_dir}/metadata
+%dir %attr(0700, apache, apache) %{httpd_pkg_cache_dir}/cache
+
+%changelog
+* Sat Sep 5 2020 Daniel Steiner <daniel.steiner@dsteiner.ch>
+- Update to 2.4.4.1.
+
+* Mon Jul 6 2020 Daniel Steiner <daniel.steiner@threema.ch>
+- Update to 2.4.3.
+
+* Thu Feb 13 2020 Daniel Steiner <daniel.steiner@threema.ch>
+- Update to 2.4.1.
+
+* Thu Dec 19 2019 Daniel Steiner <daniel.steiner@threema.ch>
+- First initial build.
+
diff --git a/fedora/SPECS/cjose.spec b/fedora/SPECS/cjose.spec
new file mode 100644
index 0000000..c7f55eb
--- /dev/null
+++ b/fedora/SPECS/cjose.spec
@@ -0,0 +1,67 @@
+Name:           cjose
+Version:        0.6.1
+Release:        3%{?dist}
+Summary:        C library implementing the Javascript Object Signing and Encryption (JOSE)
+
+License:        MIT
+URL:            https://github.com/cisco/cjose
+Source0:  	https://github.com/cisco/%{name}/archive/%{version}/%{name}-%{version}.tar.gz
+
+Patch1: concatkdf.patch
+
+BuildRequires:  gcc
+BuildRequires:  doxygen
+BuildRequires:  openssl-devel
+BuildRequires:  jansson-devel
+BuildRequires:  check-devel
+
+%description
+Implementation of JOSE for C/C++
+
+
+%package        devel
+Summary:        Development files for %{name}
+Requires:       %{name}%{?_isa} = %{version}-%{release}
+
+%description    devel
+The %{name}-devel package contains libraries and header files for
+developing applications that use %{name}.
+
+
+%prep
+%autosetup -n %{name}-%{version} -p1
+
+%build
+%configure
+%make_build
+
+
+%install
+%make_install
+find %{buildroot} -name '*.a' -exec rm -f {} ';'
+find %{buildroot} -name '*.la' -exec rm -f {} ';'
+
+
+%ldconfig_scriptlets
+
+
+%check
+make check || (cat test/test-suite.log; exit 1)
+
+%files
+%license LICENSE
+%doc CHANGELOG.md README.md
+%doc /usr/share/doc/cjose
+%{_libdir}/*.so.*
+
+
+%files devel
+%{_includedir}/*
+%{_libdir}/*.so
+%{_libdir}/pkgconfig/cjose.pc
+
+
+%changelog
+* Sat Sep 5 2020 Daniel Steiner <daniel.steiner@dsteiner.ch>
+- First initial build.
+
diff --git a/fedora/SPECS/mod_auth_openidc.spec b/fedora/SPECS/mod_auth_openidc.spec
new file mode 100644
index 0000000..21e3b24
--- /dev/null
+++ b/fedora/SPECS/mod_auth_openidc.spec
@@ -0,0 +1,108 @@
+%{!?_httpd_mmn: %{expand: %%global _httpd_mmn %%(cat %{_includedir}/httpd/.mmn || echo 0-0)}}
+%{!?_httpd_moddir: %{expand: %%global _httpd_moddir %%{_libdir}/httpd/modules}}
+%{!?_httpd_confdir: %{expand: %%global _httpd_confdir %{_sysconfdir}/httpd/conf.d}}
+
+# Optionally build with hiredis if --with hiredis is passed
+%{!?_with_hiredis: %{!?_without_hiredis: %global _without_hiredis --without-hiredis}}
+# It is an error if both or neither required options exist.
+%{?_with_hiredis: %{?_without_hiredis: %{error: both _with_hiredis and _without_hiredis}}}
+%{!?_with_hiredis: %{!?_without_hiredis: %{error: neither _with_hiredis nor _without_hiredis}}}
+
+# /etc/httpd/conf.d with httpd < 2.4 and defined as /etc/httpd/conf.modules.d with httpd >= 2.4
+%{!?_httpd_modconfdir: %{expand: %%global _httpd_modconfdir %%{_sysconfdir}/httpd/conf.d}}
+
+%global httpd_pkg_cache_dir /var/cache/httpd/mod_auth_openidc
+
+Name:		mod_auth_openidc
+Version:	2.4.4.1
+Release:	1%{?dist}
+Summary:	OpenID Connect auth module for Apache HTTP Server
+
+License:	ASL 2.0
+URL:		https://github.com/zmartzone/mod_auth_openidc
+Source0:	https://github.com/zmartzone/mod_auth_openidc/releases/download/v%{version}/mod_auth_openidc-%{version}.tar.gz
+
+BuildRequires:  gcc
+BuildRequires:	httpd-devel
+BuildRequires:	openssl-devel
+BuildRequires:	curl-devel
+BuildRequires:	jansson-devel
+BuildRequires:	pcre-devel
+BuildRequires:	autoconf
+BuildRequires:	automake
+BuildRequires:	cjose-devel
+#BuildRequires:	jq-devel
+BuildRequires:	jq
+%{?_with_hiredis:BuildRequires: hiredis-devel}
+Requires:	httpd-mmn = %{_httpd_mmn}
+
+%description
+This module enables an Apache 2.x web server to operate as
+an OpenID Connect Relying Party and/or OAuth 2.0 Resource Server.
+
+%prep
+%setup -q
+
+%build
+# workaround rpm-buildroot-usage
+export MODULES_DIR=%{_httpd_moddir}
+export APXS2_OPTS='-S LIBEXECDIR=${MODULES_DIR}'
+autoreconf
+%configure \
+  --with-jq=/usr/lib64/ \
+  %{?_with_hiredis} \
+  %{?_without_hiredis}
+
+make %{?_smp_mflags}
+
+%check
+export MODULES_DIR=%{_httpd_moddir}
+export APXS2_OPTS='-S LIBEXECDIR=${MODULES_DIR}'
+make test
+
+%install
+mkdir -p $RPM_BUILD_ROOT%{_httpd_moddir}
+make install MODULES_DIR=$RPM_BUILD_ROOT%{_httpd_moddir}
+
+install -m 755 -d $RPM_BUILD_ROOT%{_httpd_modconfdir}
+echo 'LoadModule auth_openidc_module modules/mod_auth_openidc.so' > \
+	$RPM_BUILD_ROOT%{_httpd_modconfdir}/10-auth_openidc.conf
+
+install -m 755 -d $RPM_BUILD_ROOT%{_httpd_confdir}
+install -m 644 auth_openidc.conf $RPM_BUILD_ROOT%{_httpd_confdir}
+# Adjust httpd cache location in install config file
+sed -i 's!/var/cache/apache2/!/var/cache/httpd/!' $RPM_BUILD_ROOT%{_httpd_confdir}/auth_openidc.conf
+install -m 700 -d $RPM_BUILD_ROOT%{httpd_pkg_cache_dir}
+install -m 700 -d $RPM_BUILD_ROOT%{httpd_pkg_cache_dir}/metadata
+install -m 700 -d $RPM_BUILD_ROOT%{httpd_pkg_cache_dir}/cache
+
+
+%files
+%if 0%{?rhel} && 0%{?rhel} < 7
+%doc LICENSE.txt
+%else
+%license LICENSE.txt
+%endif
+%doc ChangeLog
+%doc AUTHORS
+%doc README.md
+%{_httpd_moddir}/mod_auth_openidc.so
+%config(noreplace) %{_httpd_modconfdir}/10-auth_openidc.conf
+%config(noreplace) %{_httpd_confdir}/auth_openidc.conf
+%dir %attr(0700, apache, apache) %{httpd_pkg_cache_dir}
+%dir %attr(0700, apache, apache) %{httpd_pkg_cache_dir}/metadata
+%dir %attr(0700, apache, apache) %{httpd_pkg_cache_dir}/cache
+
+%changelog
+* Sat Sep 5 2020 Daniel Steiner <daniel.steiner@dsteiner.ch>
+- Update to 2.4.4.1.
+
+* Mon Jul 6 2020 Daniel Steiner <daniel.steiner@threema.ch>
+- Update to 2.4.3.
+
+* Thu Feb 13 2020 Daniel Steiner <daniel.steiner@threema.ch>
+- Update to 2.4.1.
+
+* Thu Dec 19 2019 Daniel Steiner <daniel.steiner@threema.ch>
+- First initial build.
+