File ipsilon.spec of Package ipsilon
#
# spec file for package ipsilon
#
# Copyright (c) 2019 Red Hat, Inc., Raleigh, North Carolina, United States of America.
# Copyright (c) 2020 Neal Gompa <ngompa13@gmail.com>.
#
# All modifications and additions to the file contributed by third parties
# remain the property of their copyright owners, unless otherwise agreed
# upon. The license for this file, and modifications and additions to the
# file, is the same license as for the pristine package itself (unless the
# license for the pristine package is not an Open Source License, in which
# case the license is the MIT License). An "Open Source License" is a
# license that conforms to the Open Source Definition (Version 1.9)
# published by the Open Source Initiative.
# Please submit bugfixes or comments via http://bugs.opensuse.org/
#
Name: ipsilon
Version: 2.1.90
Release: 0
Summary: An Identity Provider Server
License: GPL-3.0-or-later
Group: Productivity/Networking/Security
URL: https://pagure.io/ipsilon/
Source0: http://releases.pagure.org/ipsilon/ipsilon-%{version}.tar.gz
# Patches for upstream
# SUSE only fixes
Patch1001: ipsilon-suse-pathfix.diff
Patch1002: devel.patch
Patch1003: 306.patch
BuildRequires: python3-M2Crypto
BuildRequires: python3-devel
BuildRequires: python3-lasso >= 2.5.0
BuildRequires: python3-python-openid-cla
BuildRequires: python3-python-openid-teams
BuildRequires: python3-python3-openid
BuildRequires: python3-setuptools
BuildRequires: python3-six
Requires: %{name}-base = %{version}-%{release}
Requires: python3-requests
Requires: python3-setuptools
BuildArch: noarch
%description
Ipsilon is a multi-protocol Identity Provider service. Its function is to
bridge authentication providers and applications to achieve Single Sign On
and Federation.
%package base
Summary: Ipsilon base IDP server
Requires: %{name}-filesystem = %{version}-%{release}
Requires: %{name}-provider = %{version}-%{release}
Requires: apache2
Requires: apache2-mod_wsgi-python3
Requires: fontawesome-fonts
Requires: pam
Requires: python3-CherryPy
Requires: python3-Jinja2
Requires: python3-SQLAlchemy
Requires: python3-lxml
Requires: python3-six
Requires: texlive-opensans-fonts
Requires(pre): shadow
%description base
The Ipsilon IdP server without installer
%package filesystem
Summary: Package providing files required by Ipsilon
Group: Productivity/Networking/Security
%description filesystem
Package providing basic directory structure required
for all Ipsilon parts
%package client
Summary: Tools for configuring Ipsilon clients
Requires: %{name}-filesystem = %{version}-%{release}
Requires: %{name}-saml2-base = %{version}-%{release}
Requires: apache2
Requires: apache2-mod_auth_mellon
Requires: apache2-mod_auth_openidc
Requires: python3-requests
%description client
Client install tools
%package tools-ipa
Summary: IPA helpers
Requires: %{name}-authform = %{version}-%{release}
Requires: %{name}-authgssapi = %{version}-%{release}
Requires: %{name}-infosssd = %{version}-%{release}
%if 0%{?rhel}
Requires: ipa-admintools
Requires: ipa-client
%else
Requires: freeipa-admintools
Requires: freeipa-client
%endif
%description tools-ipa
Convenience client install tools for IPA support in the Ipsilon identity Provider
%package saml2-base
Summary: SAML2 base
Requires: python3-lasso
Requires: python3-lxml
%description saml2-base
Provides core SAML2 utilities
%package saml2
Summary: SAML2 provider plugin
Requires: %{name}-base = %{version}-%{release}
Requires: %{name}-saml2-base = %{version}-%{release}
Provides: ipsilon-provider = %{version}-%{release}
%description saml2
Provides a SAML2 provider plugin for the Ipsilon identity Provider
%package openid
Summary: OpenID provider plugin
Requires: %{name}-base = %{version}-%{release}
Requires: python3-python-openid-cla
Requires: python3-python-openid-teams
Requires: python3-python3-openid
Provides: ipsilon-provider = %{version}-%{release}
%description openid
Provides an OpenID provider plugin for the Ipsilon identity Provider
%package openidc
Summary: OpenID Connect provider plugin
Requires: %{name}-base = %{version}-%{release}
Requires: python3-jwcrypto
Provides: ipsilon-provider = %{version}-%{release}
%description openidc
Provides an OpenID Connect and OAuth2 provider plugin for the Ipsilon
identity Provider
%package authform
Summary: mod_intercept_form_submit login plugin
Requires: %{name}-base = %{version}-%{release}
Requires: apache2-mod_intercept_form_submit
%description authform
Provides a login plugin to authenticate with mod_intercept_form_submit
%package authpam
Summary: PAM based login plugin
Requires: %{name}-base = %{version}-%{release}
Requires: python3-python-pam
%description authpam
Provides a login plugin to authenticate against the local PAM stack
%package authgssapi
Summary: mod_auth_gssapi based login plugin
Requires: %{name}-base = %{version}-%{release}
Requires: apache2-mod_auth_gssapi
%description authgssapi
Provides a login plugin to allow authentication via the mod_auth_gssapi
Apache module.
%package authldap
Summary: LDAP info and login plugin
Requires: %{name}-base = %{version}-%{release}
Requires: python3-ldap
%description authldap
Provides a login plugin to allow authentication and info retrieval via LDAP.
%package infosssd
Summary: SSSD based identity plugin
Requires: %{name}-base = %{version}-%{release}
Requires: python3-sssd-config
Requires: libsss_simpleifp0
Requires: sssd >= 1.12.4
%description infosssd
Provides an info plugin to allow retrieval via SSSD.
%package theme-Fedora
Summary: Fedora Account System theme
Requires: %{name}-base = %{version}-%{release}
%description theme-Fedora
Provides a theme for Ipsilon used for the Fedora Account System.
%package theme-openSUSE
Summary: openSUSE Accounts theme
Requires: %{name}-base = %{version}-%{release}
%description theme-openSUSE
Provides a theme for Ipsilon used for openSUSE Accounts.
%prep
%autosetup -p1
# use SUSE font paths:
sed -i -e 's#/open-sans/#/texlive-opensans/#g; s#/fontawesome/#/truetype/#g' \
less/font.less less/patternfly/fonts.less \
ui/css/*.css
# Set the version to match what was packaged
sed -e "s/ version=.*/ version='%{version}',/" -i setup.py
%build
%py3_build
%install
%py3_install
mkdir -p %{buildroot}%{_sbindir}
mkdir -p %{buildroot}%{_libexecdir}/ipsilon
mkdir -p %{buildroot}%{_defaultdocdir}
mkdir -p %{buildroot}%{_localstatedir}/cache/ipsilon
# These 0700 permissions are because ipsilon will store private keys here
install -d -m 0700 %{buildroot}%{_sharedstatedir}/ipsilon
install -d -m 0700 %{buildroot}%{_sysconfdir}/ipsilon
mv %{buildroot}/%{_bindir}/ipsilon %{buildroot}/%{_libexecdir}/ipsilon
mv %{buildroot}/%{_bindir}/ipsilon-server-install %{buildroot}/%{_sbindir}
mv %{buildroot}/%{_bindir}/ipsilon-upgrade-database %{buildroot}/%{_sbindir}
mv %{buildroot}%{_datadir}/doc/%{name} %{buildroot}%{_defaultdocdir}/%{name}-%{version}
rm -fr %{buildroot}%{python3_sitelib}/tests
ln -s %{_datadir}/fonts %{buildroot}%{_datadir}/ipsilon/ui/fonts
mkdir -p %{buildroot}%{_sysconfdir}/pam.d
cp %{buildroot}%{_datadir}/ipsilon/templates/install/pam/ipsilon.pamd %{buildroot}%{_sysconfdir}/pam.d/ipsilon
# Drop dead Persona plugin
rm -rf %{buildroot}%{python3_sitelib}/ipsilon/providers/personaidp.py*
rm -rf %{buildroot}%{python3_sitelib}/ipsilon/providers/__pycache__/personaidp.*
# Drop FAS plugins
rm -rf %{buildroot}%{python3_sitelib}/ipsilon/login/authfas*
rm -rf %{buildroot}%{python3_sitelib}/ipsilon/login/__pycache__/authfas*
rm -rf %{buildroot}%{python3_sitelib}/ipsilon/info/infofas.*
rm -rf %{buildroot}%{python3_sitelib}/ipsilon/info/__pycache__/infofas*
#%check
# The test suite is not being run because:
# 1. The last step of %%install removes the entire test suite
# 2. It increases build time a lot
# 3. It adds more build dependencies (namely postgresql server and client libraries)
%pre base
getent group ipsilon >/dev/null || groupadd -r ipsilon
getent passwd ipsilon >/dev/null || \
useradd -r -g ipsilon -d %{_sharedstatedir}/ipsilon -s /sbin/nologin \
-c "Ipsilon Server" ipsilon
exit 0
%files filesystem
%doc README.md
%license COPYING
%dir %{_datadir}/ipsilon
%dir %{_datadir}/ipsilon/templates
%dir %{_datadir}/ipsilon/templates/install
%dir %{python3_sitelib}/ipsilon
%{python3_sitelib}/ipsilon/__init__.py*
%{python3_sitelib}/ipsilon-*.egg-info
%dir %{python3_sitelib}/ipsilon/__pycache__/
%{python3_sitelib}/ipsilon/__pycache__/__init__.*
%dir %{python3_sitelib}/ipsilon/tools
%{python3_sitelib}/ipsilon/tools/__init__.py*
%{python3_sitelib}/ipsilon/tools/files.py*
%dir %{python3_sitelib}/ipsilon/tools/__pycache__
%{python3_sitelib}/ipsilon/tools/__pycache__/__init__.*
%{python3_sitelib}/ipsilon/tools/__pycache__/files.*
%files
%{_sbindir}/ipsilon-server-install
%{_bindir}/ipsilon-db2conf
%{_datadir}/ipsilon/templates/install/*.conf
%{_datadir}/ipsilon/ui/saml2sp
%dir %{python3_sitelib}/ipsilon/helpers
%{python3_sitelib}/ipsilon/helpers/common.py*
%{python3_sitelib}/ipsilon/helpers/__init__.py*
%dir %{python3_sitelib}/ipsilon/helpers/__pycache__
%{python3_sitelib}/ipsilon/helpers/__pycache__/__init__.*
%{python3_sitelib}/ipsilon/helpers/__pycache__/common.*
%{_mandir}/man*/ipsilon-server-install.1*
%files base
%{_defaultdocdir}/%{name}-%{version}
%{python3_sitelib}/ipsilon/admin
%{python3_sitelib}/ipsilon/authz
%{python3_sitelib}/ipsilon/rest
%{python3_sitelib}/ipsilon/tools/dbupgrade.py*
%{python3_sitelib}/ipsilon/tools/__pycache__/dbupgrade.*
%dir %{python3_sitelib}/ipsilon/login
%{python3_sitelib}/ipsilon/login/__init__*
%{python3_sitelib}/ipsilon/login/common*
%{python3_sitelib}/ipsilon/login/authtest*
%dir %{python3_sitelib}/ipsilon/login/__pycache__
%{python3_sitelib}/ipsilon/login/__pycache__/__init__*
%{python3_sitelib}/ipsilon/login/__pycache__/common*
%{python3_sitelib}/ipsilon/login/__pycache__/authtest*
%dir %{python3_sitelib}/ipsilon/info
%{python3_sitelib}/ipsilon/info/__init__*
%{python3_sitelib}/ipsilon/info/common*
%{python3_sitelib}/ipsilon/info/infonss*
%dir %{python3_sitelib}/ipsilon/info/__pycache__
%{python3_sitelib}/ipsilon/info/__pycache__/__init__*
%{python3_sitelib}/ipsilon/info/__pycache__/common*
%{python3_sitelib}/ipsilon/info/__pycache__/infonss*
%dir %{python3_sitelib}/ipsilon/providers
%{python3_sitelib}/ipsilon/providers/__init__*
%{python3_sitelib}/ipsilon/providers/common*
%dir %{python3_sitelib}/ipsilon/providers/__pycache__
%{python3_sitelib}/ipsilon/providers/__pycache__/__init__*
%{python3_sitelib}/ipsilon/providers/__pycache__/common*
%{python3_sitelib}/ipsilon/root.py*
%{python3_sitelib}/ipsilon/__pycache__/root.*
%{python3_sitelib}/ipsilon/util
%{python3_sitelib}/ipsilon/user
%{_mandir}/man*/ipsilon.7*
%{_mandir}/man*/ipsilon.conf.5*
%{_datadir}/ipsilon/templates/*.html
%{_datadir}/ipsilon/templates/admin
%{_datadir}/ipsilon/templates/user
%dir %{_datadir}/ipsilon/templates/login
%{_datadir}/ipsilon/templates/login/index.html
%{_datadir}/ipsilon/templates/login/form.html
%dir %{_datadir}/ipsilon/ui
%{_datadir}/ipsilon/ui/css
%{_datadir}/ipsilon/ui/img
%{_datadir}/ipsilon/ui/js
%{_datadir}/ipsilon/ui/fonts
%{_datadir}/ipsilon/ui/fonts-local
%dir %{_libexecdir}/ipsilon
%{_libexecdir}/ipsilon/ipsilon
%{_sbindir}/ipsilon-upgrade-database
%dir %attr(0751,root,root) %{_sharedstatedir}/ipsilon
%dir %attr(0751,root,root) %{_sysconfdir}/ipsilon
%dir %attr(0750,ipsilon,apache) %{_localstatedir}/cache/ipsilon
%{_sysconfdir}/pam.d/ipsilon
%dir %{_datadir}/ipsilon/themes
%files client
%{_bindir}/ipsilon-client-install
%{_datadir}/ipsilon/templates/install/saml2
%{_datadir}/ipsilon/templates/install/openidc
%{_mandir}/man*/ipsilon-client-install.1*
%files tools-ipa
%{python3_sitelib}/ipsilon/helpers/ipa.py*
%{python3_sitelib}/ipsilon/helpers/__pycache__/ipa.*
%files saml2-base
%{python3_sitelib}/ipsilon/tools/saml2metadata.py*
%{python3_sitelib}/ipsilon/tools/certs.py*
%{python3_sitelib}/ipsilon/tools/__pycache__/saml2metadata.*
%{python3_sitelib}/ipsilon/tools/__pycache__/certs.*
%files saml2
%{python3_sitelib}/ipsilon/providers/saml2*
%{python3_sitelib}/ipsilon/providers/__pycache__/saml2*
%{_datadir}/ipsilon/templates/saml2
%files openid
%{python3_sitelib}/ipsilon/providers/openidp.py*
%{python3_sitelib}/ipsilon/providers/__pycache__/openidp.*
%{python3_sitelib}/ipsilon/providers/openid/
%{python3_sitelib}/ipsilon/providers/openid/__pycache__/
%{_datadir}/ipsilon/templates/openid
%files openidc
%{python3_sitelib}/ipsilon/providers/openidcp.py*
%{python3_sitelib}/ipsilon/providers/__pycache__/openidcp.*
%{python3_sitelib}/ipsilon/providers/openidc/
%{python3_sitelib}/ipsilon/providers/openidc/__pycache__/
%{_datadir}/ipsilon/templates/openidc
%files authform
%{python3_sitelib}/ipsilon/login/authform*
%{python3_sitelib}/ipsilon/login/__pycache__/authform*
%files authpam
%{python3_sitelib}/ipsilon/login/authpam*
%{python3_sitelib}/ipsilon/login/__pycache__/authpam*
%{_datadir}/ipsilon/templates/install/pam
%files authgssapi
%{python3_sitelib}/ipsilon/login/authgssapi*
%{python3_sitelib}/ipsilon/login/__pycache__/authgssapi*
%{_datadir}/ipsilon/templates/login/gssapi.html
%files authldap
%{python3_sitelib}/ipsilon/login/authldap*
%{python3_sitelib}/ipsilon/info/infoldap*
%{python3_sitelib}/ipsilon/login/__pycache__/authldap*
%{python3_sitelib}/ipsilon/info/__pycache__/infoldap*
%files infosssd
%{python3_sitelib}/ipsilon/info/infosssd.*
%{python3_sitelib}/ipsilon/info/__pycache__/infosssd*
%files theme-Fedora
%{_datadir}/ipsilon/themes/Fedora
%files theme-openSUSE
%{_datadir}/ipsilon/themes/openSUSE
%changelog
