From 58b254f9cb923d5d0dfe53df4bca8a0f00bbcf0b Mon Sep 17 00:00:00 2001
From: Aaron Schif <aaronschif@gmail.com>
Date: Mon, 12 Jun 2023 03:22:46 -0500
Subject: Add OpenID Connect (#5351)

* Add OIDC

* Update documentation.

* Update apache conf adding IfModule

* Use IfDefine for OIDC in apache conf

* Fix non-oidc support

* Fix typing

* Use IfDefine to enable OIDC

* Add OIDC support to all dockerfiles

* Re add apache Require option

* Fixes and documentation

* A few more fixes

* A bit more doc

* Change type of environment variable

* Update readme

* Correct apache config for OIDC support.

* Fix README formatting

* Update oidc control path

* Fix oidc endpoint being cached

* A bit more review

* Simplify ExpiresActive

* Add session refresh and improve caching

* Allow more different setups

* A bit more documentation

* A bit more readme

---------

Co-authored-by: Aaron Schif <aschif@netdevgroup.com>
Co-authored-by: Alexandre Alapetite <alexandre@alapetite.fr>
Co-authored-by: maTh <math-home@web.de>
---
 Docker/Dockerfile-Newest | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

(limited to 'Docker/Dockerfile-Newest')

diff --git a/Docker/Dockerfile-Newest b/Docker/Dockerfile-Newest
index bee845771..8c2d6eb71 100644
--- a/Docker/Dockerfile-Newest
+++ b/Docker/Dockerfile-Newest
@@ -6,6 +6,7 @@ RUN echo 'http://dl-cdn.alpinelinux.org/alpine/edge/testing' >> /etc/apk/reposit
 	apk add --no-cache \
 	tzdata \
 	apache2 php82-apache2 \
+	apache-mod-auth-openidc \
 	php82 php82-curl php82-gmp php82-intl php82-mbstring php82-xml php82-zip \
 	php82-ctype php82-dom php82-fileinfo php82-iconv php82-json php82-opcache php82-openssl php82-phar php82-session php82-simplexml php82-xmlreader php82-xmlwriter php82-xml php82-tokenizer php82-zlib \
 	php82-pdo_sqlite php82-pdo_mysql php82-pdo_pgsql
@@ -55,10 +56,11 @@ ENV CRON_MIN ''
 ENV DATA_PATH ''
 ENV FRESHRSS_ENV ''
 ENV LISTEN ''
+ENV OIDC_ENABLED ''
 
 ENTRYPOINT ["./Docker/entrypoint.sh"]
 
 EXPOSE 80
 # hadolint ignore=DL3025
 CMD ([ -z "$CRON_MIN" ] || crond -d 6) && \
-	exec httpd -D FOREGROUND
+	exec httpd -D FOREGROUND $([ -n "$OIDC_ENABLED" ] && [ "$OIDC_ENABLED" -ne 0 ] && echo '-D OIDC_ENABLED')
-- 
cgit v1.2.3