Understanding and Utilizing the JWT Feature in CUPS #1032
Unanswered
edivanteixeira
asked this question in
Q&A
Replies: 2 comments
-
So you're a bit ahead of the curve at the moment. OAuth/OpenID support is a CUPS 2.5 feature and we are in the process of getting everything in place. There is nothing you can really test/play with at the moment beyond the unit tests in the "testoauth" program, but that won't help you setup OAuth with CUPS or cupsd. Once we do have OAuth support added to cupsd we'll also have documentation for it... :) |
Beta Was this translation helpful? Give feedback.
0 replies
-
Michael, thank you very much for the response. I ended up following a path
where I developed a Proxy in front to forward to the local CUPS. This way,
I can set up filters and URLs with private IDs as if they were virtual
printers. It will be a lot of work to implement the protocol, but I believe
it will work.
Thank you very much for the response, and I hope you're doing well.
Em ter., 13 de ago. de 2024, 13:02, Michael R Sweet <
***@***.***> escreveu:
… So you're a bit ahead of the curve at the moment. OAuth/OpenID support is
a CUPS 2.5 feature and we are in the process of getting everything in
place. There is nothing you can really test/play with at the moment beyond
the unit tests in the "testoauth" program, but that won't help you setup
OAuth with CUPS or cupsd.
Once we *do* have OAuth support added to cupsd we'll also have
documentation for it... :)
—
Reply to this email directly, view it on GitHub
<#1032 (comment)>,
or unsubscribe
<https://github.com/notifications/unsubscribe-auth/AAMO46HA7RS4SYXWUAYVZJ3ZRIUZPAVCNFSM6AAAAABMMUOYE2VHI2DSMVQWIX3LMV43URDJONRXK43TNFXW4Q3PNVWWK3TUHMYTAMZSG44TGNQ>
.
You are receiving this because you authored the thread.Message ID:
***@***.***>
|
Beta Was this translation helpful? Give feedback.
0 replies
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
-
Hi everyone,
I’ve been exploring the CUPS codebase and recently came across the implementation of JSON Web Tokens (JWT) in the source. I noticed several functions and definitions related to JWT, such as
cupsJWTSign()
,cupsJWTImportString()
, andcupsJWTHasValidSignature()
, among others.Background
From what I understand, this JWT feature could potentially allow CUPS to support modern authentication mechanisms, such as OAuth2 and OpenID Connect, by validating tokens issued by an Identity Provider (IdP) like Azure AD. This seems particularly useful for integrating CUPS into environments where Single Sign-On (SSO) is in use, enhancing both security and user management.
Questions
I’d like to start a discussion to better understand the following:
Use Cases and Examples:
Integration with SSO Systems:
Configuration Details:
cupsd.conf
or elsewhere that need to be adjusted to activate JWT support?Security Considerations:
Seeking Guidance
I’m looking for guidance from those who may have experience with this feature or from the maintainers who can provide insight into its design and intended usage. Any pointers to documentation, examples, or advice on setting up a secure and functional JWT-based authentication system with CUPS would be greatly appreciated.
Thanks in advance for your help!
Best regards,
Edivan Teixeira
Beta Was this translation helpful? Give feedback.
All reactions