From 6f40746b84d4c36db270f7bcebaa71d0740d028d Mon Sep 17 00:00:00 2001
From: Martin Wilke <miwi@FreeBSD.org>
Date: Mon, 18 Feb 2013 00:18:20 +0000
Subject: [PATCH] An open source PHP-based OpenID identity provider using LDAP
 as backend.

OpenID-LDAP is a small, fairly lightweight, standalone, multi user
Identity Provider for OpenID authentication.  It comprises a few PHP
scripts that can be used by one individual to run their own personal
OpenID IdP.

This program requires no external libraries, and has very minimal
requirements.  It should run on any PHP server (v4.2+), and can
support OpenID in 'Smart Mode.'  This program caches all data using
built-in PHP session handling, so it requires no database, and no
explicit write access to the file system.

OpenID-LDAP is NOT compatible with Suhosin or other hardened PHP
systems.

WWW: http://www.openid-ldap.org/

PR:		ports/175258
Submitted by:	Matthew X. Economou <xenophon+freebsd@irtnog.org>
---
 security/Makefile                             |  1 +
 security/php-openid-ldap/Makefile             | 70 +++++++++++++++++++
 security/php-openid-ldap/distinfo             |  2 +
 security/php-openid-ldap/files/pkg-message.in | 43 ++++++++++++
 security/php-openid-ldap/pkg-descr            | 18 +++++
 5 files changed, 134 insertions(+)
 create mode 100644 security/php-openid-ldap/Makefile
 create mode 100644 security/php-openid-ldap/distinfo
 create mode 100644 security/php-openid-ldap/files/pkg-message.in
 create mode 100644 security/php-openid-ldap/pkg-descr

diff --git a/security/Makefile b/security/Makefile
index 190a8f5b86ef..5286fb977e12 100644
--- a/security/Makefile
+++ b/security/Makefile
@@ -677,6 +677,7 @@
     SUBDIR += pgpin
     SUBDIR += php-Auth_OpenID
     SUBDIR += php-Auth_OpenID2
+    SUBDIR += php-openid-ldap
     SUBDIR += php-suhosin
     SUBDIR += php5-filter
     SUBDIR += php5-hash
diff --git a/security/php-openid-ldap/Makefile b/security/php-openid-ldap/Makefile
new file mode 100644
index 000000000000..cd728197298f
--- /dev/null
+++ b/security/php-openid-ldap/Makefile
@@ -0,0 +1,70 @@
+# Created by: Matthew X. Economou <xenophon+freebsd@irtnog.org>
+# $FreeBSD$
+
+PORTNAME=	openid-ldap
+PORTVERSION=	0.8.9
+CATEGORIES=	security www
+MASTER_SITES=	http://www.openid-ldap.org/releases/
+PKGNAMEPREFIX=	php${PHP_VER}-
+EXTRACT_SUFX=	-noarc.tar.gz
+
+MAINTAINER=	xenophon+freebsd@irtnog.org
+COMMENT=	PHP-based OpenID identity provider using LDAP as backend
+
+LICENSE=	GPLv2
+
+OPTIONS_DEFINE=	DOCS
+
+DEFAULT_PHP_VER=53
+IGNORE_WITH_PHP=5
+USE_PHP=	bcmath ldap session
+
+PKGMESSAGE=	${WRKDIR}/pkg-message
+WRKSRC=		${WRKDIR}/${PORTNAME}-${PORTVERSION}-noarc
+NO_BUILD=	yes
+NO_INSTALL=	yes
+
+SUB_FILES+=	pkg-message
+
+PLIST_FILES=	%%WWWDIR%%/style.css \
+		%%WWWDIR%%/images/openid-logo.gif \
+		%%WWWDIR%%/images/openid.gif \
+		%%WWWDIR%%/images/logo.gif \
+		%%WWWDIR%%/images/openid.ico \
+		%%WWWDIR%%/images/user.gif \
+		%%WWWDIR%%/images/openid.png \
+		%%WWWDIR%%/images/seatbelt/icon-high.png \
+		%%WWWDIR%%/images/seatbelt/icon-gray.png \
+		%%WWWDIR%%/images/seatbelt/icon-logo.png \
+		%%WWWDIR%%/engine.php \
+		%%WWWDIR%%/showme.php \
+		%%WWWDIR%%/index.php \
+		%%WWWDIR%%/ldap.php
+PLIST_DIRS=	%%WWWDIR%%/images/seatbelt \
+		%%WWWDIR%%/images \
+		%%WWWDIR%%
+
+.include <bsd.port.options.mk>
+
+.if ${PORT_OPTIONS:MDOCS}
+PLIST_FILES+=	%%DOCSDIR%%/INSTALL \
+		%%DOCSDIR%%/FAQ \
+		%%DOCSDIR%%/LICENSE \
+		%%DOCSDIR%%/CHANGELOG \
+		%%DOCSDIR%%/htaccess \
+		%%DOCSDIR%%/README
+PLIST_DIRS+=	%%DOCSDIR%%
+.endif
+
+post-install:
+	${MKDIR} ${WWWDIR}
+	(cd ${INSTALL_WRKSRC} && ${COPYTREE_SHARE} "*.php *.css images" ${WWWDIR})
+	${CHOWN} -R ${WWWOWN}:${WWWGRP} ${WWWDIR}
+	${CHMOD} o= ${WWWDIR}/ldap.php
+.if ${PORT_OPTIONS:MDOCS}
+	${MKDIR} ${DOCSDIR}
+	(cd ${INSTALL_WRKSRC}/docs && ${COPYTREE_SHARE} \* ${DOCSDIR})
+.endif
+	@${CAT} ${PKGMESSAGE}
+
+.include <bsd.port.mk>
diff --git a/security/php-openid-ldap/distinfo b/security/php-openid-ldap/distinfo
new file mode 100644
index 000000000000..8a8d5496f8de
--- /dev/null
+++ b/security/php-openid-ldap/distinfo
@@ -0,0 +1,2 @@
+SHA256 (openid-ldap-0.8.9-noarc.tar.gz) = a3dfe816fceaa27d96aa93bc34bbb29a2c5ebc562cc2d6b6a32cbb3b36f70a9a
+SIZE (openid-ldap-0.8.9-noarc.tar.gz) = 46793
diff --git a/security/php-openid-ldap/files/pkg-message.in b/security/php-openid-ldap/files/pkg-message.in
new file mode 100644
index 000000000000..f0ee4c14848b
--- /dev/null
+++ b/security/php-openid-ldap/files/pkg-message.in
@@ -0,0 +1,43 @@
+**********************************************************************
+The OpenID-LDAP identity provider has been installed in the directory
+%%WWWDIR%%.
+
+    SECURITY WARNING: OpenID-LDAP uses HTTP Basic Authentication,
+    which means that users' passwords are transmitted in the clear
+    (unencrypted) between the web browser and the web server.  By
+    default, OpenID-LDAP requires the use of an SSL connection and
+    will fail with an error message if the web server doesn't use SSL.
+
+You must configure OpenID-LDAP to work with your directory server by
+editing the file %%WWWDIR%%/ldap.php.
+
+You must add the appropriate configuration directives to your web
+server configuration file.  A typical configuration for Apache HTTPD
+2.2 installed from the FreeBSD port would involve adding the following
+lines to %%LOCALBASE%%/etc/apache22/Includes/openid-ldap.conf:
+
+    AddType application/x-httpd-php .php
+
+    Alias /openid-ldap %%WWWDIR%%
+
+    <IfModule dir_module>
+      DirectoryIndex index.php
+    </IfModule>
+
+    <Directory %%WWWDIR%%>
+      Options Indexes
+      AllowOverride All
+      Order allow,deny
+      Allow from all
+    </Directory>
+
+    <IfModule rewrite_module>
+      RewriteEngine on
+      RewriteCond %{REQUEST_URI} !^/openid-ldap/(.+)\.php(.*)$
+       RewriteCond %{THE_REQUEST} ^[A-Z]{3,9}\ /openid-ldap/([A-Za-z0-9]+)\?(.*)\ HTTP/
+        RewriteRule ^/(.*)$ http://%{SERVER_NAME}/openid-ldap/index.php?user=%1&%2 [proxy]
+      RewriteCond %{REQUEST_URI} !^/openid-ldap/(.+)\.php(.*)$
+        RewriteRule ^/([A-Za-z0-9]+)$ http://%{SERVER_NAME}/openid-ldap/index.php?user=$1 [proxy]
+    </IfModule>
+
+**********************************************************************
diff --git a/security/php-openid-ldap/pkg-descr b/security/php-openid-ldap/pkg-descr
new file mode 100644
index 000000000000..877bde45600d
--- /dev/null
+++ b/security/php-openid-ldap/pkg-descr
@@ -0,0 +1,18 @@
+An open source PHP-based OpenID identity provider using LDAP as
+backend.
+
+OpenID-LDAP is a small, fairly lightweight, standalone, multi user
+Identity Provider for OpenID authentication.  It comprises a few PHP
+scripts that can be used by one individual to run their own personal
+OpenID IdP.
+
+This program requires no external libraries, and has very minimal
+requirements.  It should run on any PHP server (v4.2+), and can
+support OpenID in 'Smart Mode.'  This program caches all data using
+built-in PHP session handling, so it requires no database, and no
+explicit write access to the file system.
+
+OpenID-LDAP is NOT compatible with Suhosin or other hardened PHP
+systems.
+
+WWW: http://www.openid-ldap.org/