%{!?_httpd_modconfdir: %{expand: %%global _httpd_modconfdir %%{_sysconfdir}/httpd/conf.d}}
%{!?_httpd_confdir: %{expand: %%global _httpd_confdir %{_sysconfdir}/httpd/conf.d}}
%{!?_httpd_moddir: %{expand: %%global _httpd_moddir %%{_libdir}/httpd/modules}}
%{!?_httpd_mmn: %{expand: %%global _httpd_mmn %%(cat %{_includedir}/httpd/.mmn || echo 0-0)}}

%global httpd_pkg_cache_dir /var/cache/httpd/mod_auth_openidc

Name:           mod_auth_openidc
Version:        2.4.15.3
Release:        1
Summary:        OpenID Connect Relying Party module for Apache 2.x HTTP Server
License:        ASL 2.0
URL:            https://github.com/OpenIDC/mod_auth_openidc
Source0:        %{url}/releases/download/v%{version}/%{name}-%{version}.tar.gz

BuildRequires:  gcc httpd-devel openssl-devel curl-devel jansson-devel
BuildRequires:  pcre2-devel autoconf automake cjose-devel jq-devel
BuildRequires:  libtool
Requires:       httpd-mmn = %{_httpd_mmn}

%description
This module enables an Apache 2.x web server to operate as
an OpenID Connect Relying Party(RP) to an OpenID Connect Provider(OP).

%prep
%autosetup -p1

%build
export MODULES_DIR=%{_httpd_moddir}
export APXS2_OPTS='-S LIBEXECDIR=${MODULES_DIR}'
autoreconf -vfi
%configure --with-jq=/usr/lib64/ --without-hiredis
make %{?_smp_mflags}

%check
export MODULES_DIR=%{_httpd_moddir}
export APXS2_OPTS='-S LIBEXECDIR=${MODULES_DIR}'
make check

%install
install -d $RPM_BUILD_ROOT%{_httpd_moddir}
make install DESTDIR=$RPM_BUILD_ROOT MODULES_DIR=$RPM_BUILD_ROOT%{_httpd_moddir}

install -m 755 -d $RPM_BUILD_ROOT%{_httpd_modconfdir}
echo 'LoadModule auth_openidc_module modules/mod_auth_openidc.so' > \
        $RPM_BUILD_ROOT%{_httpd_modconfdir}/10-auth_openidc.conf

install -m 755 -d $RPM_BUILD_ROOT%{_httpd_confdir}
install -m 644 auth_openidc.conf $RPM_BUILD_ROOT%{_httpd_confdir}
sed -i 's!/var/cache/apache2/!/var/cache/httpd/!' $RPM_BUILD_ROOT%{_httpd_confdir}/auth_openidc.conf
install -m 700 -d $RPM_BUILD_ROOT%{httpd_pkg_cache_dir}
install -m 700 -d $RPM_BUILD_ROOT%{httpd_pkg_cache_dir}/{metadata,cache}

%files
%doc ChangeLog AUTHORS README.md LICENSE.txt
%{_httpd_moddir}/mod_auth_openidc.so
%config(noreplace) %{_httpd_modconfdir}/10-auth_openidc.conf
%config(noreplace) %{_httpd_confdir}/auth_openidc.conf
%dir %attr(0700, apache, apache) %{httpd_pkg_cache_dir}
%dir %attr(0700, apache, apache) %{httpd_pkg_cache_dir}/{metadata,cache}

%changelog
* Sat Feb 17 2024 yaoxin <yao_xin001@hoperun.com> - 2.4.15.3-1
- Upgrade to 2.4.15.3 for fix CVE-2024-24814

* Wed Apr 12 2023 yaoxin <yao_xin001@hoperun.com> - 2.4.13.2-1
- Update to 2.4.13.2 to fix CVE-2023-28625

* Wed Sep 15 2021 houyingchao <houyingchao@huawei.com> 2.4.9.4-1
- Upgrade to 2.4.9.4
- Fix CVE-2021-39191

* Thu Jun 10 2021 wangyue <wangyue92@huawei.com> 2.4.0.3-4
- Fix CVE-2021-20718

* Fri Feb 19 2021 wangxiao <wangxiao65@huawei.com> 2.4.0.3-3
- Fix CVE-2019-20479

* Fri Apr 24 2020 Captain Wei <captain.a.wei@gmail.com> 2.4.0.3-2
- Package init