git: 0ecc22072ebf - main - www/glewlwyd: Add new port: Single-Sign-On server
- Go to: [ bottom of page ] [ top of archives ] [ this month ]
Date: Wed, 29 Dec 2021 01:24:29 UTC
The branch main has been updated by dvl:
URL: https://cgit.FreeBSD.org/ports/commit/?id=0ecc22072ebf57bc15002884e4baecf9c1d8dc92
commit 0ecc22072ebf57bc15002884e4baecf9c1d8dc92
Author: Dan Langille <dvl@FreeBSD.org>
AuthorDate: 2021-12-28 23:13:45 +0000
Commit: Dan Langille <dvl@FreeBSD.org>
CommitDate: 2021-12-29 01:23:02 +0000
www/glewlwyd: Add new port: Single-Sign-On server
This SSO server supports multiple factor authentication and multiple
authentication processes.
---
www/Makefile | 1 +
www/glewlwyd/Makefile | 115 +++++++++++++++++++++
www/glewlwyd/distinfo | 3 +
www/glewlwyd/files/glewlwyd.conf.sample.in | 156 +++++++++++++++++++++++++++++
www/glewlwyd/files/glewlwyd.in | 38 +++++++
www/glewlwyd/pkg-descr | 20 ++++
www/glewlwyd/pkg-plist | 88 ++++++++++++++++
7 files changed, 421 insertions(+)
diff --git a/www/Makefile b/www/Makefile
index c8570aa8374e..e6c2f787ab27 100644
--- a/www/Makefile
+++ b/www/Makefile
@@ -196,6 +196,7 @@
SUBDIR += glassfish
SUBDIR += glassfish4
SUBDIR += glpi
+ SUBDIR += glewlwyd
SUBDIR += gnome-user-share
SUBDIR += go-www
SUBDIR += gobuffalo
diff --git a/www/glewlwyd/Makefile b/www/glewlwyd/Makefile
new file mode 100644
index 000000000000..58efbc5c2ea9
--- /dev/null
+++ b/www/glewlwyd/Makefile
@@ -0,0 +1,115 @@
+PORTNAME= glewlwyd
+DISTVERSIONPREFIX= v
+DISTVERSION= 2.6.1
+CATEGORIES= www
+MASTER_SITES= GH
+
+MAINTAINER= dvl@FreeBSD.org
+COMMENT= Single Sign On server, multiple factor authentication
+
+LICENSE= GPLv3
+LICENSE_FILE= ${WRKSRC}/LICENSE
+
+USES= cmake pgsql
+
+USE_GITHUB= yes
+GH_ACCOUNT= babelouest
+GH_TAGNAME= e1ea98a
+
+BUILD_DEPENDS+= yder>0:devel/yder
+BUILD_DEPENDS+= orcania>0:devel/orcania
+BUILD_DEPENDS+= ulfius>0:www/ulfius
+BUILD_DEPENDS+= hoel>0:devel/hoel
+BUILD_DEPENDS+= oath-toolkit>0:security/oath-toolkit
+
+LIB_DEPENDS+= libjansson.so:devel/jansson
+LIB_DEPENDS+= libnettle.so:security/nettle
+LIB_DEPENDS+= libhoel.so:devel/hoel
+
+LIB_DEPENDS+= liboath.so:security/oath-toolkit
+LIB_DEPENDS+= libjwt.so:www/libjwt
+LIB_DEPENDS+= libgnutls.so:security/gnutls
+LIB_DEPENDS+= libconfig.so:devel/libconfig
+
+LIB_DEPENDS+= liblber.so:net/openldap24-client
+
+RUN_DEPENDS+= yder>0:devel/yder
+RUN_DEPENDS+= ulfius>0:www/ulfius
+RUN_DEPENDS+= libjwt>0:www/libjwt
+RUN_DEPENDS+= libcbor>0:devel/libcbor
+RUN_DEPENDS+= libmicrohttpd>0:www/libmicrohttpd
+RUN_DEPENDS+= gnutls>0:security/gnutls
+RUN_DEPENDS+= libconfig>0:devel/libconfig
+RUN_DEPENDS+= orcania>0:devel/orcania
+RUN_DEPENDS+= oath-toolkit>0:security/oath-toolkit
+
+CMAKE_ARGS+= -DWITH_JOURNALD=off
+CMAKE_ARGS+= -DWITH_USER_LDAP=off
+CMAKE_ARGS+= -DWITH_CLIENT_LDAP=off
+CMAKE_ARGS+= -DLIBOATH_INCLUDE_DIR=${PREFIX}/include/liboath
+CMAKE_ARGS+= -DLIBCBOR_INCLUDE_DIR=${PREFIX}/include/cbor
+CMAKE_ARGS+= -DLIBCBOR_LIBRARY=${PREFIX}/lib/libcbor.so
+CMAKE_ARGS+= -DWITH_SCHEME_WEBAUTHN=off
+
+# -DWITH_PGSQL=off -DWITH_SCHEME_WEBAUTHN=off
+
+SUB_FILES= glewlwyd glewlwyd.conf.sample
+
+USERS= glewlwyd
+GROUPS= glewlwyd
+
+USE_LDCONFIG+= ${PREFIX}/lib/glewlwyd/client
+USE_LDCONFIG+= ${PREFIX}/lib/glewlwyd/plugin
+USE_LDCONFIG+= ${PREFIX}/lib/glewlwyd/scheme
+USE_LDCONFIG+= ${PREFIX}/lib/glewlwyd/user
+
+do-install:
+ # make all our dirs first
+ ${MKDIR} ${STAGEDIR}${DATADIR}
+ ${MKDIR} ${STAGEDIR}${DOCSDIR}
+ ${MKDIR} ${STAGEDIR}${ETCDIR}
+# ${MKDIR} ${STAGEDIR}${PREFIX}/bin
+ ${MKDIR} ${STAGEDIR}${PREFIX}/lib/glewlwyd/client
+ ${MKDIR} ${STAGEDIR}${PREFIX}/lib/glewlwyd/plugin
+ ${MKDIR} ${STAGEDIR}${PREFIX}/lib/glewlwyd/scheme
+ ${MKDIR} ${STAGEDIR}${PREFIX}/lib/glewlwyd/user
+ ${MKDIR} ${STAGEDIR}${WWWDIR}
+
+ ${INSTALL_SCRIPT} ${WRKDIR}/glewlwyd ${STAGEDIR}${PREFIX}/etc/rc.d/
+
+ ${INSTALL_PROGRAM} ${WRKDIR}/.build/glewlwyd ${STAGEDIR}${PREFIX}/sbin/
+
+ # move these files so they don't get clobbered during upgrade
+ ${INSTALL_SCRIPT} ${WRKDIR}/glewlwyd.conf.sample ${STAGEDIR}${ETCDIR}
+
+ ${MV} ${WRKSRC}/webapp/config.json.sample ${STAGEDIR}${ETCDIR}/config.json.sample
+
+ # remove this file because we're installing a symlink here
+ ${RM} ${STAGEDIR}${DATADIR}/webapp/config.json
+
+ # create a symlink
+ ${LN} -sf ${ETCDIR}/config.json ${STAGEDIR}${WWWDIR}/config.json
+
+ ${INSTALL_LIB} ${WRKDIR}/.build/libclientmoddatabase.so ${STAGEDIR}${PREFIX}/lib/glewlwyd/client
+
+ ${INSTALL_LIB} ${WRKDIR}/.build/libprotocol_oauth2.so ${STAGEDIR}${PREFIX}/lib/glewlwyd/plugin
+ ${INSTALL_LIB} ${WRKDIR}/.build/libprotocol_oidc.so ${STAGEDIR}${PREFIX}/lib/glewlwyd/plugin
+ ${INSTALL_LIB} ${WRKDIR}/.build/libprotocol_register.so ${STAGEDIR}${PREFIX}/lib/glewlwyd/plugin
+
+ ${INSTALL_LIB} ${WRKDIR}/.build/libschememodcertificate.so ${STAGEDIR}${PREFIX}/lib/glewlwyd/scheme
+ ${INSTALL_LIB} ${WRKDIR}/.build/libschememodemail.so ${STAGEDIR}${PREFIX}/lib/glewlwyd/scheme
+ ${INSTALL_LIB} ${WRKDIR}/.build/libschememodhttp.so ${STAGEDIR}${PREFIX}/lib/glewlwyd/scheme
+ ${INSTALL_LIB} ${WRKDIR}/.build/libschememodotp.so ${STAGEDIR}${PREFIX}/lib/glewlwyd/scheme
+ ${INSTALL_LIB} ${WRKDIR}/.build/libschememodpassword.so ${STAGEDIR}${PREFIX}/lib/glewlwyd/scheme
+
+ ${INSTALL_LIB} ${WRKDIR}/.build/libusermoddatabase.so ${STAGEDIR}${PREFIX}/lib/glewlwyd/user
+ ${INSTALL_LIB} ${WRKDIR}/.build/libusermodhttp.so ${STAGEDIR}${PREFIX}/lib/glewlwyd/user
+
+ ${INSTALL_MAN} ${WRKSRC}/CHANGELOG.md ${STAGEDIR}${DATADIR}
+ ${INSTALL_MAN} ${WRKSRC}/README.md ${STAGEDIR}${DATADIR}
+
+ (cd ${WRKSRC}/docs && ${COPYTREE_SHARE} . ${STAGEDIR}${DOCSDIR})
+
+ (cd ${WRKSRC}/webapp && ${COPYTREE_SHARE} . ${STAGEDIR}${WWWDIR})
+
+.include <bsd.port.mk>
diff --git a/www/glewlwyd/distinfo b/www/glewlwyd/distinfo
new file mode 100644
index 000000000000..35d69eff59de
--- /dev/null
+++ b/www/glewlwyd/distinfo
@@ -0,0 +1,3 @@
+TIMESTAMP = 1640728369
+SHA256 (babelouest-glewlwyd-v2.6.1-e1ea98a_GH0.tar.gz) = b4ca26e7b33590711a9015f19e3f71e15a0d24eaca1bdccf9df5207aab57e730
+SIZE (babelouest-glewlwyd-v2.6.1-e1ea98a_GH0.tar.gz) = 5113982
diff --git a/www/glewlwyd/files/glewlwyd.conf.sample.in b/www/glewlwyd/files/glewlwyd.conf.sample.in
new file mode 100644
index 000000000000..19c2a7f94ca9
--- /dev/null
+++ b/www/glewlwyd/files/glewlwyd.conf.sample.in
@@ -0,0 +1,156 @@
+#
+#
+# Glewlwyd SSO Authorization Server
+#
+# Copyright 2016-2019 Nicolas Mora <mail@babelouest.org>
+# Gnu Public License V3 <http://fsf.org/>
+#
+#
+
+# port to open for remote commands
+port=4593
+
+# bind to IPV4 address
+#bind_address="127.0.0.1"
+
+# external url to access to this instance
+external_url="http://localhost:4593"
+
+# login url relative to external url
+login_url="login.html"
+
+# api prefix
+api_prefix="api"
+
+# path to static files for /webapp url
+static_files_path="/usr/local/www/glewlwyd"
+
+# access-control-allow-origin value
+allow_origin="*"
+
+# log mode (console, syslog, journald, file)
+log_mode="file"
+
+# log level: NONE, ERROR, WARNING, INFO, DEBUG
+log_level="DEBUG"
+
+# output to log file (required if log_mode is file)
+log_file="/var/log/glewlwyd.log"
+
+# cookie domain
+cookie_domain=""
+
+# cookie_secure, this options SHOULD be set to 1, set this to 0 to test glewlwyd on insecure connection http instead of https
+cookie_secure=0
+
+# session expiration, default is 4 weeks
+session_expiration=2419200
+
+# session key
+session_key="GLEWLWYD2_SESSION_ID"
+
+# admin scope name
+admin_scope="g_admin"
+
+# profile scope name
+profile_scope="g_profile"
+
+# user_module path
+user_module_path="/usr/local/lib/glewlwyd/user"
+
+# client_module path
+client_module_path="/usr/local/lib/glewlwyd/client"
+
+# user_auth_scheme_module path
+user_auth_scheme_module_path="/usr/local/lib/glewlwyd/scheme"
+
+# plugin_module path
+plugin_module_path="/usr/local/lib/glewlwyd/plugin"
+
+# TLS/SSL configuration values
+use_secure_connection=false
+secure_connection_key_file="/etc/ssl/certs/cert.key"
+secure_connection_pem_file="/etc/ssl/certs/cert.pem"
+secure_connection_ca_file="/etc/ssl/certs/ca.crt"
+
+# Algorithms available are SHA1, SHA256, SHA512, MD5, default is SHA256
+hash_algorithm = "SHA512"
+
+# MariaDB/Mysql database connection
+#database =
+#{
+# type = "mariadb"
+# host = "localhost"
+# user = "glewlwyd"
+# password = "glewlwyd"
+# dbname = "glewlwyd"
+# port = 0
+#}
+
+# SQLite database connection
+database =
+{
+ type = "sqlite3"
+ path = "/var/cache/glewlwyd/glewlwyd.db"
+};
+
+# PostgreSQL database connection
+#database =
+#{
+# type = "postgre"
+# conninfo = "dbname = glewlwyd"
+#}
+
+# mime types for webapp files
+static_files_mime_types =
+(
+ {
+ extension = ".html"
+ mime_type = "text/html"
+ },
+ {
+ extension = ".css"
+ mime_type = "text/css"
+ },
+ {
+ extension = ".js"
+ mime_type = "application/javascript"
+ },
+ {
+ extension = ".json"
+ mime_type = "application/json"
+ },
+ {
+ extension = ".png"
+ mime_type = "image/png"
+ },
+ {
+ extension = ".jpg"
+ mime_type = "image/jpeg"
+ },
+ {
+ extension = ".jpeg"
+ mime_type = "image/jpeg"
+ },
+ {
+ extension = ".ttf"
+ mime_type = "font/ttf"
+ },
+ {
+ extension = ".woff"
+ mime_type = "font/woff"
+ },
+ {
+ extension = ".woff2"
+ mime_type = "font/woff2"
+ },
+ {
+ extension = ".map"
+ mime_type = "application/octet-stream"
+ },
+ {
+ extension = ".ico"
+ mime_type = "image/x-icon"
+ }
+)
+
diff --git a/www/glewlwyd/files/glewlwyd.in b/www/glewlwyd/files/glewlwyd.in
new file mode 100755
index 000000000000..5aecd941f9f5
--- /dev/null
+++ b/www/glewlwyd/files/glewlwyd.in
@@ -0,0 +1,38 @@
+#!/bin/sh
+# $FreeBSD$
+
+# PROVIDE: glewlwyd
+# REQUIRE: LOGIN cleanvar
+# KEYWORD: shutdown
+
+#
+# Add the following lines to /etc/rc.conf to enable glewlwyd:
+# glewlwyd_enable (bool): Set to "NO" by default.
+# Set it to "YES" to enable glewlwyd
+# glewlwyd_configfile (str): Defaults to %%PREFIX%%/etc/glewlwyd/glewlwyd.conf
+#
+
+
+. /etc/rc.subr
+
+name="glewlwyd"
+rcvar=glewlwyd_enable
+
+load_rc_config $name
+
+: ${glewlwyd_enable:=NO}
+: ${glewlwyd_configfile:=%%PREFIX%%/etc/glewlwyd/glewlwyd.conf}
+
+required_files="${glewlwyd_configfile}"
+
+glewlwyd_user="glewlwyd"
+glewlwyd_command="%%PREFIX%%/sbin/glewlwyd"
+glewlwyd_options="--config=${glewlwyd_configfile}"
+pidfile="/var/run/${name}/${name}.pid"
+
+command="/usr/sbin/daemon"
+command_args="-P ${pidfile} -r -f ${glewlwyd_command} ${glewlwyd_options}"
+
+echo $command $command_args
+
+run_rc_command "$1"
diff --git a/www/glewlwyd/pkg-descr b/www/glewlwyd/pkg-descr
new file mode 100644
index 000000000000..babf5073afe9
--- /dev/null
+++ b/www/glewlwyd/pkg-descr
@@ -0,0 +1,20 @@
+Single-Sign-On (SSO) server with multiple factor authentication.
+
+Authentication processes supported:
+
+* OAuth2
+* OpenID Connect
+* Allows users to authenticate via multiple factors:
+
+Password
+* One-time password (TOTP/HOTP)
+* Webauthn (Yubikey, Android devices)
+* One-time password sent via e-mail
+* TLS Certificate
+* Users and clients can be stored and managed from various backends:
+
+Database
+* LDAP service
+* HTTP Backend service providing Basic Authentication
+
+WWW: https://github.com/babelouest/glewlwyd
diff --git a/www/glewlwyd/pkg-plist b/www/glewlwyd/pkg-plist
new file mode 100644
index 000000000000..e98adc5f4f01
--- /dev/null
+++ b/www/glewlwyd/pkg-plist
@@ -0,0 +1,88 @@
+sbin/glewlwyd
+etc/rc.d/glewlwyd
+@sample %%ETCDIR%%/glewlwyd.conf.sample
+@sample %%ETCDIR%%/config.json.sample
+lib/glewlwyd/client/libclientmoddatabase.so
+lib/glewlwyd/plugin/libprotocol_oauth2.so
+lib/glewlwyd/plugin/libprotocol_oidc.so
+lib/glewlwyd/plugin/libprotocol_register.so
+lib/glewlwyd/scheme/libschememodcertificate.so
+lib/glewlwyd/scheme/libschememodemail.so
+lib/glewlwyd/scheme/libschememodhttp.so
+lib/glewlwyd/scheme/libschememodotp.so
+lib/glewlwyd/scheme/libschememodpassword.so
+lib/glewlwyd/user/libusermoddatabase.so
+lib/glewlwyd/user/libusermodhttp.so
+%%DATADIR%%/CHANGELOG.md
+%%DATADIR%%/README.md
+%%DOCSDIR%%/API.md
+%%DOCSDIR%%/CERTIFICATE.md
+%%DOCSDIR%%/CLIENT_DATABASE.md
+%%DOCSDIR%%/CLIENT_LDAP.md
+%%DOCSDIR%%/GETTING_STARTED.md
+%%DOCSDIR%%/INSTALL.md
+%%DOCSDIR%%/OAUTH2.md
+%%DOCSDIR%%/OIDC.md
+%%DOCSDIR%%/OTP.md
+%%DOCSDIR%%/README.md
+%%DOCSDIR%%/SCOPE.md
+%%DOCSDIR%%/USER.md
+%%DOCSDIR%%/USER_DATABASE.md
+%%DOCSDIR%%/USER_HTTP.md
+%%DOCSDIR%%/USER_LDAP.md
+%%DOCSDIR%%/WEBAUTHN.md
+%%DOCSDIR%%/database/README.md
+%%DOCSDIR%%/database/init-core.mariadb.sql
+%%DOCSDIR%%/database/init-core.postgre.sql
+%%DOCSDIR%%/database/init-core.sqlite3.sql
+%%DOCSDIR%%/database/init.mariadb.sql
+%%DOCSDIR%%/database/init.postgre.sql
+%%DOCSDIR%%/database/init.sqlite3.sql
+%%DOCSDIR%%/glewlwyd-init
+%%DOCSDIR%%/glewlwyd.service
+%%WWWDIR%%/admin.js
+%%WWWDIR%%/config.json
+%%WWWDIR%%/css/admin-custom.css
+%%WWWDIR%%/css/bootstrap.css
+%%WWWDIR%%/css/bootstrap.min.css
+%%WWWDIR%%/css/font-awesome.css
+%%WWWDIR%%/css/font-awesome.min.css
+%%WWWDIR%%/css/glewlwyd-custom.css
+%%WWWDIR%%/css/glewlwyd.css
+%%WWWDIR%%/css/login-custom.css
+%%WWWDIR%%/css/profile-custom.css
+%%WWWDIR%%/favicon.ico
+%%WWWDIR%%/img/logo-admin.png
+%%WWWDIR%%/img/logo-login.png
+%%WWWDIR%%/img/logo-profile.png
+%%WWWDIR%%/index.html
+%%WWWDIR%%/js/bootstrap.js
+%%WWWDIR%%/js/bootstrap.min.js
+%%WWWDIR%%/js/jquery.js
+%%WWWDIR%%/js/jquery.min.js
+%%WWWDIR%%/js/popper.js
+%%WWWDIR%%/js/popper.min.js
+%%WWWDIR%%/locales/en/translations.json
+%%WWWDIR%%/locales/fr/translations.json
+%%WWWDIR%%/locales/nl/translations.json
+%%WWWDIR%%/login.html
+%%WWWDIR%%/login.js
+%%WWWDIR%%/profile.html
+%%WWWDIR%%/profile.js
+%%WWWDIR%%/vendors~admin~login~profile.js
+%%WWWDIR%%/vendors~profile.js
+%%WWWDIR%%/webfonts/fa-brands-400.eot
+%%WWWDIR%%/webfonts/fa-brands-400.svg
+%%WWWDIR%%/webfonts/fa-brands-400.ttf
+%%WWWDIR%%/webfonts/fa-brands-400.woff
+%%WWWDIR%%/webfonts/fa-brands-400.woff2
+%%WWWDIR%%/webfonts/fa-regular-400.eot
+%%WWWDIR%%/webfonts/fa-regular-400.svg
+%%WWWDIR%%/webfonts/fa-regular-400.ttf
+%%WWWDIR%%/webfonts/fa-regular-400.woff
+%%WWWDIR%%/webfonts/fa-regular-400.woff2
+%%WWWDIR%%/webfonts/fa-solid-900.eot
+%%WWWDIR%%/webfonts/fa-solid-900.svg
+%%WWWDIR%%/webfonts/fa-solid-900.ttf
+%%WWWDIR%%/webfonts/fa-solid-900.woff
+%%WWWDIR%%/webfonts/fa-solid-900.woff2