</p>
<p style="margin-left: 2.5em; text-indent: -2.5em;"><strong>-s </strong><em>SCOPE(S)</em><br>
Specifies a space-delimited list of scope names to use when authorizing access.
-The default is to request authorization for all supported scopes.
+The default is to request authorization for all supported OpenID scopes.
</p>
- <h2 id="cups-oauth-1.commands">Commands</h2>
- <h3 id="cups-oauth-1.commands.authorize">Authorize</h3>
+ <h2 id="cups-oauth-1.sub-commands">Sub-Commands</h2>
+ <h3 id="cups-oauth-1.sub-commands.authorize">Authorize</h3>
<p>Starts an authorization workflow with the default web browser.
If a resource URI is specified, the authorization is specific to that resource.
The access token is send to the standard output on success.
</p>
- <h3 id="cups-oauth-1.commands.clear">Clear</h3>
+ <h3 id="cups-oauth-1.sub-commands.clear">Clear</h3>
<p>Clears any authorization for the specified resource or for all resources if no resource URI is supplied.
</p>
- <h3 id="cups-oauth-1.commands.get-access-token">Get-Access-Token</h3>
+ <h3 id="cups-oauth-1.sub-commands.get-access-token">Get-Access-Token</h3>
<p>Output the current, unexpired access token, if any, to the standard output.
</p>
- <h3 id="cups-oauth-1.commands.get-client-id">Get-Client-Id</h3>
+ <h3 id="cups-oauth-1.sub-commands.get-client-id">Get-Client-Id</h3>
<p>Output the client ID string, if any, to the standard output.
</p>
- <h3 id="cups-oauth-1.commands.get-metadata">Get-Metadata</h3>
+ <h3 id="cups-oauth-1.sub-commands.get-metadata">Get-Metadata</h3>
<p>Get the OAuth/OpenID authorization server metadata and send it to the standard output.
If a name is specified, the output is just the value for the specified metadata.
</p>
- <h3 id="cups-oauth-1.commands.get-user-id">Get-User-Id</h3>
+ <h3 id="cups-oauth-1.sub-commands.get-user-id">Get-User-Id</h3>
<p>Get the OpenID user ID information and send it to the standard output.
If a name is specified, the output is just the named claim from the user ID.
</p>
- <h3 id="cups-oauth-1.commands.set-access-token">Set-Access-Token</h3>
+ <h3 id="cups-oauth-1.sub-commands.set-access-token">Set-Access-Token</h3>
<p>Set the access token (which is sometimes also called an API key) for the specified resource or for all resources.
</p>
- <h3 id="cups-oauth-1.commands.set-client-data">Set-Client-Data</h3>
+ <h3 id="cups-oauth-1.sub-commands.set-client-data">Set-Client-Data</h3>
<p>Set the client ID string and secret for an OAuth/OpenID authorization server.
</p>
<h2 id="cups-oauth-1.environment-variables">Environment Variables</h2>
<p>CUPS uses a redirect URI of "<a href="http://127.0.0.1/"">http://127.0.0.1/"</a> for all authorization on the local system.
</p>
<h2 id="cups-oauth-1.examples">Examples</h2>
-<p>TBD
+<p>Register a client ID and secret for the OAuth server at "<a href="https://oauth.example.com/":">https://oauth.example.com/":</a>
</p>
+ <pre> cups-oauth -a <a href="https://oauth.example.com/">https://oauth.example.com/</a> set-client-data CLIENT-ID CLIENT-SECRET
+</pre>
+<p>Save an access token (sometimes called an application or API key) for the OAuth server at "<a href="https://oauth.example.com/":">https://oauth.example.com/":</a>
+</p>
+ <pre> cups-oauth -a <a href="https://oauth.example.com/">https://oauth.example.com/</a> set-access-token TOKEN
+</pre>
+<p>Authorize against the OAuth server at "<a href="https://oauth.example.com/"">https://oauth.example.com/"</a> using your web browser:
+</p>
+ <pre> cups-oauth -a <a href="https://oauth.example.com/">https://oauth.example.com/</a> authorize
+</pre>
<h2 id="cups-oauth-1.see-also">See Also</h2>
<a href="cups.html"><p><strong>cups</strong>(1)</a>
<strong>-u</strong>
<em>USAGE</em>
]
-<em>COMMAND</em>
+<em>SUB-COMMAND</em>
<em>[ARGUMENT(S)]</em>
</p>
<h2 id="cups-x509-1.description">Description</h2>
The supported uses are "digitalSignature", "nonRepudiation", "keyEncipherment", "dataEncipherment", "keyAgreement", "keyCertSign", "cRLSign", "encipherOnly", and "decipherOnly".
The preset "default-ca" specifies those uses required for a Certificate Authority, and the preset "default-tls" specifies those uses required for TLS.
</p>
- <h2 id="cups-x509-1.commands">Commands</h2>
- <h3 id="cups-x509-1.commands.ca-common-name">Ca Common-Name</h3>
+ <h2 id="cups-x509-1.sub-commands">Sub-Commands</h2>
+ <h3 id="cups-x509-1.sub-commands.ca-common-name">Ca Common-Name</h3>
<p>Sign a certificate request for the specified common name.
</p>
- <h3 id="cups-x509-1.commands.cacert-common-name">Cacert Common-Name</h3>
+ <h3 id="cups-x509-1.sub-commands.cacert-common-name">Cacert Common-Name</h3>
<p>Create a CA certificate for the specified common name.
</p>
- <h3 id="cups-x509-1.commands.cert-common-name">Cert Common-Name</h3>
+ <h3 id="cups-x509-1.sub-commands.cert-common-name">Cert Common-Name</h3>
<p>Create a certificate for the specified common name.
</p>
- <h3 id="cups-x509-1.commands.client-uri">Client Uri</h3>
+ <h3 id="cups-x509-1.sub-commands.client-uri">Client Uri</h3>
<p>Connect to the specified URI and validate the server's certificate.
</p>
- <h3 id="cups-x509-1.commands.csr-common-name">Csr Common-Name</h3>
+ <h3 id="cups-x509-1.sub-commands.csr-common-name">Csr Common-Name</h3>
<p>Create a certificate signing request for the specified common name.
</p>
- <h3 id="cups-x509-1.commands.server-common-nameport">Server Common-Name[:Port]</h3>
+ <h3 id="cups-x509-1.sub-commands.server-common-nameport">Server Common-Name[:Port]</h3>
<p>Run a HTTPS test server that echos back the resource path for every GET request.
If PORT is not specified, uses a port number from 8000 to 8999.
</p>
- <h3 id="cups-x509-1.commands.show-common-name">Show Common-Name</h3>
+ <h3 id="cups-x509-1.sub-commands.show-common-name">Show Common-Name</h3>
<p>Shows any stored credentials for the specified common name.
</p>
<h2 id="cups-x509-1.examples">Examples</h2>
-<p>TBD
+<p>Create a certificate signing request for a 384-bit ECDSA certificate for "server.example.com":
</p>
+ <pre> cups-x509 csr -t ecdsa-p384 server.example.com
+</pre>
+<p>Install the certificate you get back from the CA for "server.example.com":
+</p>
+ <pre> cups-x509 install server.example.com server.example.com.crt
+</pre>
+<p>Run a test server for "server.exmaple.com" on port 8080:
+</p>
+ <pre> cups-x509 server SERVER-NAME:8080
+</pre>
+<p>Test a HTTPS client connection to "www.example.com" with validation:
+</p>
+ <pre> cups-x509 client --require-ca <a href="https://www.example.com/">https://www.example.com/</a>
+</pre>
<h2 id="cups-x509-1.see-also">See Also</h2>
<a href="cups.html"><p><strong>cups</strong>(1)</a>
.\" Licensed under Apache License v2.0. See the file "LICENSE" for more
.\" information.
.\"
-.TH cups-oauth 1 "CUPS" "2025-03-04" "OpenPrinting"
+.TH cups-oauth 1 "CUPS" "2025-05-05" "OpenPrinting"
.SH NAME
cups-oauth \- interact with an oauth/openid authorization server
.SH SYNOPSIS
.TP 5
\fB\-s \fISCOPE(S)\fR
Specifies a space-delimited list of scope names to use when authorizing access.
-The default is to request authorization for all supported scopes.
-.SH COMMANDS
+The default is to request authorization for all supported OpenID scopes.
+.SH SUB-COMMANDS
.SS authorize
Starts an authorization workflow with the default web browser.
If a resource URI is specified, the authorization is specific to that resource.
.SH NOTES
CUPS uses a redirect URI of "http://127.0.0.1/" for all authorization on the local system.
.SH EXAMPLES
-TBD
+Register a client ID and secret for the OAuth server at "https://oauth.example.com/":
+.nf
+ cups-oauth -a https://oauth.example.com/ set-client-data CLIENT-ID CLIENT-SECRET
+.fi
+Save an access token (sometimes called an application or API key) for the OAuth server at "https://oauth.example.com/":
+.nf
+ cups-oauth -a https://oauth.example.com/ set-access-token TOKEN
+.fi
+Authorize against the OAuth server at "https://oauth.example.com/" using your web browser:
+.nf
+ cups-oauth -a https://oauth.example.com/ authorize
+.fi
.SH SEE ALSO
.BR cups (1)
.SH COPYRIGHT
.\" Licensed under Apache License v2.0. See the file "LICENSE" for more
.\" information.
.\"
-.TH cups-x509 1 "CUPS" "2025-03-04" "OpenPrinting"
+.TH cups-x509 1 "CUPS" "2025-05-05" "OpenPrinting"
.SH NAME
cups-x509 \- description
.SH SYNOPSIS
.B \-u
.I USAGE
]
-.I COMMAND
+.I SUB-COMMAND
.I [ARGUMENT(S)]
.SH DESCRIPTION
The
Specify the usage for the certificate as a comma-delimited list of uses.
The supported uses are "digitalSignature", "nonRepudiation", "keyEncipherment", "dataEncipherment", "keyAgreement", "keyCertSign", "cRLSign", "encipherOnly", and "decipherOnly".
The preset "default-ca" specifies those uses required for a Certificate Authority, and the preset "default-tls" specifies those uses required for TLS.
-.SH COMMANDS
+.SH SUB-COMMANDS
.SS ca COMMON-NAME
Sign a certificate request for the specified common name.
.SS cacert COMMON-NAME
.SS show COMMON-NAME
Shows any stored credentials for the specified common name.
.SH EXAMPLES
-TBD
+Create a certificate signing request for a 384-bit ECDSA certificate for "server.example.com":
+.nf
+ cups-x509 csr -t ecdsa-p384 server.example.com
+.fi
+Install the certificate you get back from the CA for "server.example.com":
+.nf
+ cups-x509 install server.example.com server.example.com.crt
+.fi
+Run a test server for "server.exmaple.com" on port 8080:
+.nf
+ cups-x509 server SERVER-NAME:8080
+.fi
+Test a HTTPS client connection to "www.example.com" with validation:
+.nf
+ cups-x509 client --require-ca https://www.example.com/
+.fi
.SH SEE ALSO
.BR cups (1)
.SH COPYRIGHT
projects / thirdparty / cups.git / commitdiff
