summaryrefslogtreecommitdiff
path: root/python-arpoc.spec
diff options
context:
space:
mode:
Diffstat (limited to 'python-arpoc.spec')
-rw-r--r--python-arpoc.spec328
1 files changed, 328 insertions, 0 deletions
diff --git a/python-arpoc.spec b/python-arpoc.spec
new file mode 100644
index 0000000..1830082
--- /dev/null
+++ b/python-arpoc.spec
@@ -0,0 +1,328 @@
+%global _empty_manifest_terminate_build 0
+Name: python-ARPOC
+Version: 0.3.1
+Release: 1
+Summary: An Authentication Reverse Proxy using OpenID Connect
+License: MIT
+URL: https://pypi.org/project/ARPOC/
+Source0: https://mirrors.nju.edu.cn/pypi/web/packages/51/5b/3a6f6eecbb33fdd4ee98524335b4d550716dab2e7cba562dec2dee4f7b22/ARPOC-0.3.1.tar.gz
+BuildArch: noarch
+
+Requires: python3-cherrypy
+Requires: python3-jinja2
+Requires: python3-lark-parser
+Requires: python3-oic
+Requires: python3-pyjwkest
+Requires: python3-pyyaml
+Requires: python3-routes
+
+%description
+# ARPOC
+
+A simple reverse proxy that adds OpenID Connect Authentication and lets you
+write access rules for services you want to protect.
+
+## Fast tutorial
+
+You will need:
+
+* A domain name `<domain>`
+* A tls keypair (`<fullchain>`, `<privkey>`)
+* A server with python (3.7 or newer) `<python3>`
+
+### Install
+
+* Download the repository and run `<python3> setup.py install`, or install via pip: `pip install arpoc`
+* If successful you should now have the `arpoc` command.
+* Make yourself familiar with the basic interface with `arpoc --help`.
+* Create a configuration file `arpoc --print-sample-config`
+* Save the configuration file (preferable under /etc/arpoc/config.yml)
+* Create a default access control hierarchy using `arpoc --print-sample-config`
+* Save the access control hierarchy in a json file (defaultdir: /etc/arpoc/acl/)
+
+### Edit the sample configuration
+
+Fill in the right values for `<keyfile>`, `<certfile>`, `<domainname>`, `<redirect>`
+urls (path the openid connect providers will redirect the user to, with a leading
+slash) and the contacts field (at least on valid mail adress).
+
+
+### Add an openid connect provider
+
+You need the configuration url (should end with .well-known/openid/configuration, cut this part of, it is added automatically).
+You also need either:
+
+* A configuration token
+* A registration url and a registration token
+* Client ID and Client Secret
+
+
+#### Configuration URL and Token:
+
+Choose a key which arpoc uses internally for the provider.
+
+Add both parameters to the config.yml under
+`openid_providers -> <key> -> configuration_url`
+`openid_providers -> <key> -> configuration_token`
+
+#### Registration URL and registration token:
+
+If you already registered your client and have a registration token add
+the configuration url, the registration url and the registration token
+under to the config.yml file under
+`openid_providers -> <key>` using the `configuration_url`, `registration_url`
+and `registration_token`.
+
+#### Client ID and Client Secret
+
+Add the configuration url to the config.yml.
+Call `arpoc --add-provider <key> --client-id <client_id> --client-secret <client-secret>`
+
+
+### Add a service you want to protect.
+
+You need the origin url, the proxy url and the key of an access control policy
+set (the key of an ac entity in the json file with type policy set).
+
+Choose a key which arpoc will internally use for the service.
+Add the origin url and the proxy url (the path under which the service will be
+available with a leading slash) using the `origin_URL` and `proxy_url` keys
+under `services -> <service key> -> ` to the config.yml
+
+*Now you should be able to access the service.*
+
+
+## Dependencies
+
+* [pyjwkest](https://github.com/IdentityPython/pyjwkest/) -- a python library for web tokens
+* [lark-parser](https://github.com/lark-parser/lark) -- a parser for the access control language
+* [pyoidc](https://github.com/OpenIDC/pyoidc) -- a python library for Open ID Connect
+* ...
+
+
+
+
+%package -n python3-ARPOC
+Summary: An Authentication Reverse Proxy using OpenID Connect
+Provides: python-ARPOC
+BuildRequires: python3-devel
+BuildRequires: python3-setuptools
+BuildRequires: python3-pip
+%description -n python3-ARPOC
+# ARPOC
+
+A simple reverse proxy that adds OpenID Connect Authentication and lets you
+write access rules for services you want to protect.
+
+## Fast tutorial
+
+You will need:
+
+* A domain name `<domain>`
+* A tls keypair (`<fullchain>`, `<privkey>`)
+* A server with python (3.7 or newer) `<python3>`
+
+### Install
+
+* Download the repository and run `<python3> setup.py install`, or install via pip: `pip install arpoc`
+* If successful you should now have the `arpoc` command.
+* Make yourself familiar with the basic interface with `arpoc --help`.
+* Create a configuration file `arpoc --print-sample-config`
+* Save the configuration file (preferable under /etc/arpoc/config.yml)
+* Create a default access control hierarchy using `arpoc --print-sample-config`
+* Save the access control hierarchy in a json file (defaultdir: /etc/arpoc/acl/)
+
+### Edit the sample configuration
+
+Fill in the right values for `<keyfile>`, `<certfile>`, `<domainname>`, `<redirect>`
+urls (path the openid connect providers will redirect the user to, with a leading
+slash) and the contacts field (at least on valid mail adress).
+
+
+### Add an openid connect provider
+
+You need the configuration url (should end with .well-known/openid/configuration, cut this part of, it is added automatically).
+You also need either:
+
+* A configuration token
+* A registration url and a registration token
+* Client ID and Client Secret
+
+
+#### Configuration URL and Token:
+
+Choose a key which arpoc uses internally for the provider.
+
+Add both parameters to the config.yml under
+`openid_providers -> <key> -> configuration_url`
+`openid_providers -> <key> -> configuration_token`
+
+#### Registration URL and registration token:
+
+If you already registered your client and have a registration token add
+the configuration url, the registration url and the registration token
+under to the config.yml file under
+`openid_providers -> <key>` using the `configuration_url`, `registration_url`
+and `registration_token`.
+
+#### Client ID and Client Secret
+
+Add the configuration url to the config.yml.
+Call `arpoc --add-provider <key> --client-id <client_id> --client-secret <client-secret>`
+
+
+### Add a service you want to protect.
+
+You need the origin url, the proxy url and the key of an access control policy
+set (the key of an ac entity in the json file with type policy set).
+
+Choose a key which arpoc will internally use for the service.
+Add the origin url and the proxy url (the path under which the service will be
+available with a leading slash) using the `origin_URL` and `proxy_url` keys
+under `services -> <service key> -> ` to the config.yml
+
+*Now you should be able to access the service.*
+
+
+## Dependencies
+
+* [pyjwkest](https://github.com/IdentityPython/pyjwkest/) -- a python library for web tokens
+* [lark-parser](https://github.com/lark-parser/lark) -- a parser for the access control language
+* [pyoidc](https://github.com/OpenIDC/pyoidc) -- a python library for Open ID Connect
+* ...
+
+
+
+
+%package help
+Summary: Development documents and examples for ARPOC
+Provides: python3-ARPOC-doc
+%description help
+# ARPOC
+
+A simple reverse proxy that adds OpenID Connect Authentication and lets you
+write access rules for services you want to protect.
+
+## Fast tutorial
+
+You will need:
+
+* A domain name `<domain>`
+* A tls keypair (`<fullchain>`, `<privkey>`)
+* A server with python (3.7 or newer) `<python3>`
+
+### Install
+
+* Download the repository and run `<python3> setup.py install`, or install via pip: `pip install arpoc`
+* If successful you should now have the `arpoc` command.
+* Make yourself familiar with the basic interface with `arpoc --help`.
+* Create a configuration file `arpoc --print-sample-config`
+* Save the configuration file (preferable under /etc/arpoc/config.yml)
+* Create a default access control hierarchy using `arpoc --print-sample-config`
+* Save the access control hierarchy in a json file (defaultdir: /etc/arpoc/acl/)
+
+### Edit the sample configuration
+
+Fill in the right values for `<keyfile>`, `<certfile>`, `<domainname>`, `<redirect>`
+urls (path the openid connect providers will redirect the user to, with a leading
+slash) and the contacts field (at least on valid mail adress).
+
+
+### Add an openid connect provider
+
+You need the configuration url (should end with .well-known/openid/configuration, cut this part of, it is added automatically).
+You also need either:
+
+* A configuration token
+* A registration url and a registration token
+* Client ID and Client Secret
+
+
+#### Configuration URL and Token:
+
+Choose a key which arpoc uses internally for the provider.
+
+Add both parameters to the config.yml under
+`openid_providers -> <key> -> configuration_url`
+`openid_providers -> <key> -> configuration_token`
+
+#### Registration URL and registration token:
+
+If you already registered your client and have a registration token add
+the configuration url, the registration url and the registration token
+under to the config.yml file under
+`openid_providers -> <key>` using the `configuration_url`, `registration_url`
+and `registration_token`.
+
+#### Client ID and Client Secret
+
+Add the configuration url to the config.yml.
+Call `arpoc --add-provider <key> --client-id <client_id> --client-secret <client-secret>`
+
+
+### Add a service you want to protect.
+
+You need the origin url, the proxy url and the key of an access control policy
+set (the key of an ac entity in the json file with type policy set).
+
+Choose a key which arpoc will internally use for the service.
+Add the origin url and the proxy url (the path under which the service will be
+available with a leading slash) using the `origin_URL` and `proxy_url` keys
+under `services -> <service key> -> ` to the config.yml
+
+*Now you should be able to access the service.*
+
+
+## Dependencies
+
+* [pyjwkest](https://github.com/IdentityPython/pyjwkest/) -- a python library for web tokens
+* [lark-parser](https://github.com/lark-parser/lark) -- a parser for the access control language
+* [pyoidc](https://github.com/OpenIDC/pyoidc) -- a python library for Open ID Connect
+* ...
+
+
+
+
+%prep
+%autosetup -n ARPOC-0.3.1
+
+%build
+%py3_build
+
+%install
+%py3_install
+install -d -m755 %{buildroot}/%{_pkgdocdir}
+if [ -d doc ]; then cp -arf doc %{buildroot}/%{_pkgdocdir}; fi
+if [ -d docs ]; then cp -arf docs %{buildroot}/%{_pkgdocdir}; fi
+if [ -d example ]; then cp -arf example %{buildroot}/%{_pkgdocdir}; fi
+if [ -d examples ]; then cp -arf examples %{buildroot}/%{_pkgdocdir}; fi
+pushd %{buildroot}
+if [ -d usr/lib ]; then
+ find usr/lib -type f -printf "/%h/%f\n" >> filelist.lst
+fi
+if [ -d usr/lib64 ]; then
+ find usr/lib64 -type f -printf "/%h/%f\n" >> filelist.lst
+fi
+if [ -d usr/bin ]; then
+ find usr/bin -type f -printf "/%h/%f\n" >> filelist.lst
+fi
+if [ -d usr/sbin ]; then
+ find usr/sbin -type f -printf "/%h/%f\n" >> filelist.lst
+fi
+touch doclist.lst
+if [ -d usr/share/man ]; then
+ find usr/share/man -type f -printf "/%h/%f.gz\n" >> doclist.lst
+fi
+popd
+mv %{buildroot}/filelist.lst .
+mv %{buildroot}/doclist.lst .
+
+%files -n python3-ARPOC -f filelist.lst
+%dir %{python3_sitelib}/*
+
+%files help -f doclist.lst
+%{_docdir}/*
+
+%changelog
+* Thu May 18 2023 Python_Bot <Python_Bot@openeuler.org> - 0.3.1-1
+- Package Spec generated
generated by cgit v1.2.3 (git 2.25.1) at 2025-05-16 22:05:46 +0000