meecrowave-oauth2-minimal/src/main/java/org/apache/meecrowave/oauth2/configuration/OAuth2Options.java - openwebbeans-meecrowave - Git at Google

 /*
  * Licensed to the Apache Software Foundation (ASF) under one
  * or more contributor license agreements. See the NOTICE file
  * distributed with this work for additional information
  * regarding copyright ownership. The ASF licenses this file
  * to you under the Apache License, Version 2.0 (the
  * "License"); you may not use this file except in compliance
  * with the License. You may obtain a copy of the License at
  *
  * http://www.apache.org/licenses/LICENSE-2.0
  *
  * Unless required by applicable law or agreed to in writing,
  * software distributed under the License is distributed on an
  * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
  * KIND, either express or implied. See the License for the
  * specific language governing permissions and limitations
  * under the License.
  */
 package org.apache.meecrowave.oauth2.configuration;

 import org.apache.meecrowave.runner.Cli;
 import org.apache.meecrowave.runner.cli.CliOption;

 public class OAuth2Options implements Cli.Options {
     @CliOption(name = "oauth2-refresh-token", description = "Is issuing of access token issuing a refreh token too")
     private boolean refreshToken = true;

     @CliOption(name = "oauth2-client-force", description = "Is a client mandatory or can a token be issued without any client")
     private boolean forceClient;

     @CliOption(name = "oauth2-support-public-client", description = "Are public clients supported")
     private boolean canSupportPublicClients;

     @CliOption(name = "oauth2-use-all-client-scopes", description = "Are all client scopes used for refresh tokens")
     private boolean useAllClientScopes;

     @CliOption(name = "oauth2-require-user-to-start-authorization_code-flow", description = "Should the authorization_code flow require an authenicated user.")
     private boolean requireUserToStartAuthorizationCodeFlow;

     @CliOption(name = "oauth2-use-s256-code-challenge", description = "Are the code_challenge used by PKCE flow digested or not.")
     private boolean useS256CodeChallenge = true;

     @CliOption(name = "oauth2-write-custom-errors", description = "Should custom errors be written")
     private boolean writeCustomErrors;

     @CliOption(name = "oauth2-block-unsecure-requests", description = "Should unsecured requests be blocked")
     private boolean blockUnsecureRequests;

     @CliOption(name = "oauth2-write-optional-parameters", description = "Should optional parameters be written")
     private boolean writeOptionalParameters = true;

     @CliOption(name = "oauth2-partial-match-scope-validation", description = "Is partial match for scope validation activated")
     private boolean partialMatchScopeValidation;

     @CliOption(name = "oauth2-use-jaas", description = "Should jaas be used - alternative (default) is to delegate to meecrowave/tomcat realms")
     private boolean jaas;

     @CliOption(name = "oauth2-forward-role-as-jwt-claims", description = "Should jaas be used - alternative (default) is to delegate to meecrowave/tomcat realms")
     private boolean forwardRoleAsJwtClaims;

     @CliOption(name = "oauth2-access-token-lifetime", description = "How long an access token is valid, default to 3600s")
     private int accessTokenLifetime = 3600;

     @CliOption(name = "oauth2-refresh-token-lifetime", description = "How long a refresh token is valid, default to eternity (0)")
     private long refreshTokenLifetime;

     @CliOption(name = "oauth2-refresh-token-recycling", description = "Should refresh token be recycled")
     private boolean recycleRefreshTokens = true;

     @CliOption(name = "oauth2-default-scopes", description = "Comma separated list of default scopes")
     private String defaultScopes;

     @CliOption(name = "oauth2-required-scopes", description = "Comma separated list of required scopes")
     private String requiredScopes;

     @CliOption(name = "oauth2-invisible-scopes", description = "Comma separated list of invisible to client scopes")
     private String invisibleToClientScopes;

     @CliOption(name = "oauth2-support-pre-authorized-tokens", description = "Are pre-authorized token supported")
     private boolean supportPreauthorizedTokens;

     @CliOption(name = "oauth2-use-jwt-format-for-access-token", description = "Should access token be jwt?")
     private boolean useJwtFormatForAccessTokens;

     @CliOption(name = "oauth2-jwt-access-token-claim-map", description = "The jwt claims configuration")
     private String jwtAccessTokenClaimMap;

     @CliOption(name = "oauth2-jwt-issuer", description = "The jwt issuer (ignored if not set)")
     private String jwtIssuer;

     @CliOption(name = "oauth2-provider", description = "Which provider type to use: jcache[-code], jpa[-code], encrypted[-code]")
     private String provider = "jcache";

     @CliOption(name = "oauth2-jcache-config", description = "JCache configuration uri for the cache manager (jcache or provider)")
     private String jcacheConfigUri = "default-oauth2.jcs";

     @CliOption(name = "oauth2-jcache-store-value", description = "Should JCache store value or not")
     private boolean jcacheStoreValue = true;

     @CliOption(name = "oauth2-jcache-statistics", description = "Should JCache statistics be enabled")
     private boolean jcacheStatistics = false;

     @CliOption(name = "oauth2-jcache-jmx", description = "Should JCache JMX MBeans be enabled")
     private boolean jcacheJmx = false;

     @CliOption(name = "oauth2-jcache-loader", description = "The loader bean or class name")
     private String jcacheLoader;

     @CliOption(name = "oauth2-jcache-writer", description = "The writer bean or class name")
     private String jcacheWriter;

     @CliOption(name = "oauth2-jcache-store-jwt-token-key-only", description = "Should JCache store jwt token key only (jcache provider)")
     private boolean jcacheStoreJwtKeyOnly;

     @CliOption(name = "oauth2-jpa-database-url", description = "JPA database url for jpa provider")
     private String jpaDatabaseUrl = "jdbc:h2:mem:oauth2";

     @CliOption(name = "oauth2-jpa-database-username", description = "JPA database username for jpa provider")
     private String jpdaDatabaseUsername = "sa";

     @CliOption(name = "oauth2-jpa-database-password", description = "JPA database password for jpa provider")
     private String jpdaDatabasePassword = "";

     @CliOption(name = "oauth2-jpa-database-driver", description = "JPA database driver for jpa provider")
     private String jpaDriver = "org.h2.Driver";

     @CliOption(name = "oauth2-jpa-properties", description = "JPA persistence unit properties for jpa provider")
     private String jpaProperties;

     @CliOption(name = "oauth2-jpa-max-active", description = "JPA max active connections for jpa provider")
     private int jpaMaxActive = 30;

     @CliOption(name = "oauth2-jpa-max-idle", description = "JPA max idle connections for jpa provider")
     private int jpaMaxIdle = 10;

     @CliOption(name = "oauth2-jpa-max-wait", description = "JPA max wait for connections for jpa provider")
     private int jpaMaxWait = 30000;

     @CliOption(name = "oauth2-jpa-validation-query", description = "validation query for jpa provider")
     private String jpaValidationQuery;

     @CliOption(name = "oauth2-jpa-validation-interval", description = "validation interval for jpa provider")
     private int jpaValidationInterval = 5 * 1000 * 60;

     @CliOption(name = "oauth2-jpa-test-on-borrow", description = "should connections be tested on borrow for jpa provider")
     private boolean jpaTestOnBorrow;

     @CliOption(name = "oauth2-jpa-test-on-return", description = "should connections be tested on return for jpa provider")
     private boolean jpaTestOnReturn;

     @CliOption(name = "oauth2-encrypted-key", description = "The key for encrypted provider")
     private String encryptedKey;

     @CliOption(name = "oauth2-encrypted-algorithm", description = "The algorithm for the key for the encrypted provider")
     private String encryptedAlgo;

     @CliOption(name = "oauth2-token-support", description = "Are token flows supported")
     private boolean tokenSupport = true;

     @CliOption(name = "oauth2-authorization-code-support", description = "Is authorization code flow supported")
     private boolean authorizationCodeSupport;

     @CliOption(name = "oauth2-redirection-use-registered-redirect-uri-if-possible", description = "For authorization code flow, should the registered uri be used")
     private boolean useRegisteredRedirectUriIfPossible = true;

     /*
     private SessionAuthenticityTokenProvider sessionAuthenticityTokenProvider;
     private SubjectCreator subjectCreator;
     private ResourceOwnerNameProvider resourceOwnerNameProvider;
     private AuthorizationRequestFilter authorizationFilter;
     */

     @CliOption(name = "oauth2-redirection-max-default-session-interval", description = "For authorization code flow, how long a session can be")
     private int maxDefaultSessionInterval;

     @CliOption(
             name = "oauth2-redirection-match-redirect-uri-with-application-uri",
             description = "For authorization code flow, should redirect uri be matched with application one")
     private boolean matchRedirectUriWithApplicationUri;

     @CliOption(name = "oauth2-redirection-scopes-requiring-no-consent", description = "For authorization code flow, the scopes using no consent")
     private String scopesRequiringNoConsent;

     public boolean isRequireUserToStartAuthorizationCodeFlow() {
         return requireUserToStartAuthorizationCodeFlow;
     }

     public void setRequireUserToStartAuthorizationCodeFlow(final boolean requireUserToStartAuthorizationCodeFlow) {
         this.requireUserToStartAuthorizationCodeFlow = requireUserToStartAuthorizationCodeFlow;
     }

     public boolean isUseS256CodeChallenge() {
         return useS256CodeChallenge;
     }

     public void setUseS256CodeChallenge(final boolean useS256CodeChallenge) {
         this.useS256CodeChallenge = useS256CodeChallenge;
     }

     public boolean isForwardRoleAsJwtClaims() {
         return forwardRoleAsJwtClaims;
     }

     public void setForwardRoleAsJwtClaims(final boolean forwardRoleAsJwtClaims) {
         this.forwardRoleAsJwtClaims = forwardRoleAsJwtClaims;
     }

     public String getEncryptedAlgo() {
         return encryptedAlgo;
     }

     public void setEncryptedAlgo(final String encryptedAlgo) {
         this.encryptedAlgo = encryptedAlgo;
     }

     public String getEncryptedKey() {
         return encryptedKey;
     }

     public void setEncryptedKey(final String encryptedKey) {
         this.encryptedKey = encryptedKey;
     }

     public int getJpaMaxActive() {
         return jpaMaxActive;
     }

     public void setJpaMaxActive(final int jpaMaxActive) {
         this.jpaMaxActive = jpaMaxActive;
     }

     public int getJpaMaxIdle() {
         return jpaMaxIdle;
     }

     public void setJpaMaxIdle(final int jpaMaxIdle) {
         this.jpaMaxIdle = jpaMaxIdle;
     }

     public int getJpaMaxWait() {
         return jpaMaxWait;
     }

     public void setJpaMaxWait(final int jpaMaxWait) {
         this.jpaMaxWait = jpaMaxWait;
     }

     public String getJpaValidationQuery() {
         return jpaValidationQuery;
     }

     public void setJpaValidationQuery(final String jpaValidationQuery) {
         this.jpaValidationQuery = jpaValidationQuery;
     }

     public int getJpaValidationInterval() {
         return jpaValidationInterval;
     }

     public void setJpaValidationInterval(final int jpaValidationInterval) {
         this.jpaValidationInterval = jpaValidationInterval;
     }

     public boolean isJpaTestOnBorrow() {
         return jpaTestOnBorrow;
     }

     public void setJpaTestOnBorrow(final boolean jpaTestOnBorrow) {
         this.jpaTestOnBorrow = jpaTestOnBorrow;
     }

     public boolean isJpaTestOnReturn() {
         return jpaTestOnReturn;
     }

     public void setJpaTestOnReturn(final boolean jpaTestOnReturn) {
         this.jpaTestOnReturn = jpaTestOnReturn;
     }

     public String getJpaProperties() {
         return jpaProperties;
     }

     public void setJpaProperties(final String jpaProperties) {
         this.jpaProperties = jpaProperties;
     }

     public String getJpaDatabaseUrl() {
         return jpaDatabaseUrl;
     }

     public void setJpaDatabaseUrl(final String jpaDatabaseUrl) {
         this.jpaDatabaseUrl = jpaDatabaseUrl;
     }

     public String getJpdaDatabaseUsername() {
         return jpdaDatabaseUsername;
     }

     public void setJpdaDatabaseUsername(final String jpdaDatabaseUsername) {
         this.jpdaDatabaseUsername = jpdaDatabaseUsername;
     }

     public String getJpdaDatabasePassword() {
         return jpdaDatabasePassword;
     }

     public void setJpdaDatabasePassword(final String jpdaDatabasePassword) {
         this.jpdaDatabasePassword = jpdaDatabasePassword;
     }

     public String getJpaDriver() {
         return jpaDriver;
     }

     public void setJpaDriver(final String jpaDriver) {
         this.jpaDriver = jpaDriver;
     }

     public String getJcacheConfigUri() {
         return jcacheConfigUri;
     }

     public void setJcacheConfigUri(final String jcacheConfigUri) {
         this.jcacheConfigUri = jcacheConfigUri;
     }

     public boolean isJcacheStoreJwtKeyOnly() {
         return jcacheStoreJwtKeyOnly;
     }

     public void setJcacheStoreJwtKeyOnly(final boolean jcacheStoreJwtKeyOnly) {
         this.jcacheStoreJwtKeyOnly = jcacheStoreJwtKeyOnly;
     }

     public String getProvider() {
         return provider;
     }

     public void setProvider(final String provider) {
         this.provider = provider;
     }

     public boolean isWriteCustomErrors() {
         return writeCustomErrors;
     }

     public void setWriteCustomErrors(final boolean writeCustomErrors) {
         this.writeCustomErrors = writeCustomErrors;
     }

     public boolean isBlockUnsecureRequests() {
         return blockUnsecureRequests;
     }

     public void setBlockUnsecureRequests(final boolean blockUnsecureRequests) {
         this.blockUnsecureRequests = blockUnsecureRequests;
     }

     public boolean isWriteOptionalParameters() {
         return writeOptionalParameters;
     }

     public void setWriteOptionalParameters(final boolean writeOptionalParameters) {
         this.writeOptionalParameters = writeOptionalParameters;
     }

     public boolean isCanSupportPublicClients() {
         return canSupportPublicClients;
     }

     public void setCanSupportPublicClients(final boolean canSupportPublicClients) {
         this.canSupportPublicClients = canSupportPublicClients;
     }

     public boolean isForceClient() {
         return forceClient;
     }

     public void setForceClient(final boolean forceClient) {
         this.forceClient = forceClient;
     }

     public boolean isPartialMatchScopeValidation() {
         return partialMatchScopeValidation;
     }

     public void setPartialMatchScopeValidation(final boolean partialMatchScopeValidation) {
         this.partialMatchScopeValidation = partialMatchScopeValidation;
     }

     public boolean isJaas() {
         return jaas;
     }

     public void setJaas(final boolean jaas) {
         this.jaas = jaas;
     }

     public boolean isRefreshToken() {
         return refreshToken;
     }

     public void setRefreshToken(final boolean refreshToken) {
         this.refreshToken = refreshToken;
     }

     public int getAccessTokenLifetime() {
         return accessTokenLifetime;
     }

     public void setAccessTokenLifetime(final int accessTokenLifetime) {
         this.accessTokenLifetime = accessTokenLifetime;
     }

     public long getRefreshTokenLifetime() {
         return refreshTokenLifetime;
     }

     public void setRefreshTokenLifetime(final long refreshTokenLifetime) {
         this.refreshTokenLifetime = refreshTokenLifetime;
     }

     public boolean isRecycleRefreshTokens() {
         return recycleRefreshTokens;
     }

     public void setRecycleRefreshTokens(final boolean recycleRefreshTokens) {
         this.recycleRefreshTokens = recycleRefreshTokens;
     }

     public String getDefaultScopes() {
         return defaultScopes;
     }

     public void setDefaultScopes(final String defaultScopes) {
         this.defaultScopes = defaultScopes;
     }

     public String getRequiredScopes() {
         return requiredScopes;
     }

     public void setRequiredScopes(final String requiredScopes) {
         this.requiredScopes = requiredScopes;
     }

     public String getInvisibleToClientScopes() {
         return invisibleToClientScopes;
     }

     public void setInvisibleToClientScopes(final String invisibleToClientScopes) {
         this.invisibleToClientScopes = invisibleToClientScopes;
     }

     public boolean isSupportPreauthorizedTokens() {
         return supportPreauthorizedTokens;
     }

     public void setSupportPreauthorizedTokens(final boolean supportPreauthorizedTokens) {
         this.supportPreauthorizedTokens = supportPreauthorizedTokens;
     }

     public boolean isUseJwtFormatForAccessTokens() {
         return useJwtFormatForAccessTokens;
     }

     public void setUseJwtFormatForAccessTokens(final boolean useJwtFormatForAccessTokens) {
         this.useJwtFormatForAccessTokens = useJwtFormatForAccessTokens;
     }

     public String getJwtAccessTokenClaimMap() {
         return jwtAccessTokenClaimMap;
     }

     public void setJwtAccessTokenClaimMap(final String jwtAccessTokenClaimMap) {
         this.jwtAccessTokenClaimMap = jwtAccessTokenClaimMap;
     }

     public boolean isUseAllClientScopes() {
         return useAllClientScopes;
     }

     public void setUseAllClientScopes(final boolean useAllClientScopes) {
         this.useAllClientScopes = useAllClientScopes;
     }

     public boolean isAuthorizationCodeSupport() {
         return authorizationCodeSupport;
     }

     public void setAuthorizationCodeSupport(final boolean authorizationCodeSupport) {
         this.authorizationCodeSupport = authorizationCodeSupport;
     }

     public boolean isUseRegisteredRedirectUriIfPossible() {
         return useRegisteredRedirectUriIfPossible;
     }

     public void setUseRegisteredRedirectUriIfPossible(final boolean useRegisteredRedirectUriIfPossible) {
         this.useRegisteredRedirectUriIfPossible = useRegisteredRedirectUriIfPossible;
     }

     public int getMaxDefaultSessionInterval() {
         return maxDefaultSessionInterval;
     }

     public void setMaxDefaultSessionInterval(final int maxDefaultSessionInterval) {
         this.maxDefaultSessionInterval = maxDefaultSessionInterval;
     }

     public boolean isMatchRedirectUriWithApplicationUri() {
         return matchRedirectUriWithApplicationUri;
     }

     public void setMatchRedirectUriWithApplicationUri(final boolean matchRedirectUriWithApplicationUri) {
         this.matchRedirectUriWithApplicationUri = matchRedirectUriWithApplicationUri;
     }

     public String getScopesRequiringNoConsent() {
         return scopesRequiringNoConsent;
     }

     public void setScopesRequiringNoConsent(final String scopesRequiringNoConsent) {
         this.scopesRequiringNoConsent = scopesRequiringNoConsent;
     }

     public boolean isTokenSupport() {
         return tokenSupport;
     }

     public void setTokenSupport(final boolean tokenSupport) {
         this.tokenSupport = tokenSupport;
     }

     public boolean isJcacheStoreValue() {
         return jcacheStoreValue;
     }

     public void setJcacheStoreValue(final boolean jcacheStoreValue) {
         this.jcacheStoreValue = jcacheStoreValue;
     }

     public String getJcacheLoader() {
         return jcacheLoader;
     }

     public void setJcacheLoader(final String jcacheLoader) {
         this.jcacheLoader = jcacheLoader;
     }

     public String getJcacheWriter() {
         return jcacheWriter;
     }

     public void setJcacheWriter(final String jcacheWriter) {
         this.jcacheWriter = jcacheWriter;
     }

     public boolean isJcacheStatistics() {
         return jcacheStatistics;
     }

     public void setJcacheStatistics(final boolean jcacheStatistics) {
         this.jcacheStatistics = jcacheStatistics;
     }

     public boolean isJcacheJmx() {
         return jcacheJmx;
     }

     public void setJcacheJmx(final boolean jcacheJmx) {
         this.jcacheJmx = jcacheJmx;
     }

     public String getJwtIssuer() {
         return jwtIssuer;
     }

     public void setJwtIssuer(final String jwtIssuer) {
         this.jwtIssuer = jwtIssuer;
     }
 }
	/*
	* Licensed to the Apache Software Foundation (ASF) under one
	* or more contributor license agreements. See the NOTICE file
	* distributed with this work for additional information
	* regarding copyright ownership. The ASF licenses this file
	* to you under the Apache License, Version 2.0 (the
	* "License"); you may not use this file except in compliance
	* with the License. You may obtain a copy of the License at
	*
	* http://www.apache.org/licenses/LICENSE-2.0
	*
	* Unless required by applicable law or agreed to in writing,
	* software distributed under the License is distributed on an
	* "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
	* KIND, either express or implied. See the License for the
	* specific language governing permissions and limitations
	* under the License.
	*/
	package org.apache.meecrowave.oauth2.configuration;

	import org.apache.meecrowave.runner.Cli;
	import org.apache.meecrowave.runner.cli.CliOption;

	public class OAuth2Options implements Cli.Options {
	@CliOption(name = "oauth2-refresh-token", description = "Is issuing of access token issuing a refreh token too")
	private boolean refreshToken = true;

	@CliOption(name = "oauth2-client-force", description = "Is a client mandatory or can a token be issued without any client")
	private boolean forceClient;

	@CliOption(name = "oauth2-support-public-client", description = "Are public clients supported")
	private boolean canSupportPublicClients;

	@CliOption(name = "oauth2-use-all-client-scopes", description = "Are all client scopes used for refresh tokens")
	private boolean useAllClientScopes;

	@CliOption(name = "oauth2-require-user-to-start-authorization_code-flow", description = "Should the authorization_code flow require an authenicated user.")
	private boolean requireUserToStartAuthorizationCodeFlow;

	@CliOption(name = "oauth2-use-s256-code-challenge", description = "Are the code_challenge used by PKCE flow digested or not.")
	private boolean useS256CodeChallenge = true;

	@CliOption(name = "oauth2-write-custom-errors", description = "Should custom errors be written")
	private boolean writeCustomErrors;

	@CliOption(name = "oauth2-block-unsecure-requests", description = "Should unsecured requests be blocked")
	private boolean blockUnsecureRequests;

	@CliOption(name = "oauth2-write-optional-parameters", description = "Should optional parameters be written")
	private boolean writeOptionalParameters = true;

	@CliOption(name = "oauth2-partial-match-scope-validation", description = "Is partial match for scope validation activated")
	private boolean partialMatchScopeValidation;

	@CliOption(name = "oauth2-use-jaas", description = "Should jaas be used - alternative (default) is to delegate to meecrowave/tomcat realms")
	private boolean jaas;

	@CliOption(name = "oauth2-forward-role-as-jwt-claims", description = "Should jaas be used - alternative (default) is to delegate to meecrowave/tomcat realms")
	private boolean forwardRoleAsJwtClaims;

	@CliOption(name = "oauth2-access-token-lifetime", description = "How long an access token is valid, default to 3600s")
	private int accessTokenLifetime = 3600;

	@CliOption(name = "oauth2-refresh-token-lifetime", description = "How long a refresh token is valid, default to eternity (0)")
	private long refreshTokenLifetime;

	@CliOption(name = "oauth2-refresh-token-recycling", description = "Should refresh token be recycled")
	private boolean recycleRefreshTokens = true;

	@CliOption(name = "oauth2-default-scopes", description = "Comma separated list of default scopes")
	private String defaultScopes;

	@CliOption(name = "oauth2-required-scopes", description = "Comma separated list of required scopes")
	private String requiredScopes;

	@CliOption(name = "oauth2-invisible-scopes", description = "Comma separated list of invisible to client scopes")
	private String invisibleToClientScopes;

	@CliOption(name = "oauth2-support-pre-authorized-tokens", description = "Are pre-authorized token supported")
	private boolean supportPreauthorizedTokens;

	@CliOption(name = "oauth2-use-jwt-format-for-access-token", description = "Should access token be jwt?")
	private boolean useJwtFormatForAccessTokens;

	@CliOption(name = "oauth2-jwt-access-token-claim-map", description = "The jwt claims configuration")
	private String jwtAccessTokenClaimMap;

	@CliOption(name = "oauth2-jwt-issuer", description = "The jwt issuer (ignored if not set)")
	private String jwtIssuer;

	@CliOption(name = "oauth2-provider", description = "Which provider type to use: jcache[-code], jpa[-code], encrypted[-code]")
	private String provider = "jcache";

	@CliOption(name = "oauth2-jcache-config", description = "JCache configuration uri for the cache manager (jcache or provider)")
	private String jcacheConfigUri = "default-oauth2.jcs";

	@CliOption(name = "oauth2-jcache-store-value", description = "Should JCache store value or not")
	private boolean jcacheStoreValue = true;

	@CliOption(name = "oauth2-jcache-statistics", description = "Should JCache statistics be enabled")
	private boolean jcacheStatistics = false;

	@CliOption(name = "oauth2-jcache-jmx", description = "Should JCache JMX MBeans be enabled")
	private boolean jcacheJmx = false;

	@CliOption(name = "oauth2-jcache-loader", description = "The loader bean or class name")
	private String jcacheLoader;

	@CliOption(name = "oauth2-jcache-writer", description = "The writer bean or class name")
	private String jcacheWriter;

	@CliOption(name = "oauth2-jcache-store-jwt-token-key-only", description = "Should JCache store jwt token key only (jcache provider)")
	private boolean jcacheStoreJwtKeyOnly;

	@CliOption(name = "oauth2-jpa-database-url", description = "JPA database url for jpa provider")
	private String jpaDatabaseUrl = "jdbc:h2:mem:oauth2";

	@CliOption(name = "oauth2-jpa-database-username", description = "JPA database username for jpa provider")
	private String jpdaDatabaseUsername = "sa";

	@CliOption(name = "oauth2-jpa-database-password", description = "JPA database password for jpa provider")
	private String jpdaDatabasePassword = "";

	@CliOption(name = "oauth2-jpa-database-driver", description = "JPA database driver for jpa provider")
	private String jpaDriver = "org.h2.Driver";

	@CliOption(name = "oauth2-jpa-properties", description = "JPA persistence unit properties for jpa provider")
	private String jpaProperties;

	@CliOption(name = "oauth2-jpa-max-active", description = "JPA max active connections for jpa provider")
	private int jpaMaxActive = 30;

	@CliOption(name = "oauth2-jpa-max-idle", description = "JPA max idle connections for jpa provider")
	private int jpaMaxIdle = 10;

	@CliOption(name = "oauth2-jpa-max-wait", description = "JPA max wait for connections for jpa provider")
	private int jpaMaxWait = 30000;

	@CliOption(name = "oauth2-jpa-validation-query", description = "validation query for jpa provider")
	private String jpaValidationQuery;

	@CliOption(name = "oauth2-jpa-validation-interval", description = "validation interval for jpa provider")
	private int jpaValidationInterval = 5 * 1000 * 60;

	@CliOption(name = "oauth2-jpa-test-on-borrow", description = "should connections be tested on borrow for jpa provider")
	private boolean jpaTestOnBorrow;

	@CliOption(name = "oauth2-jpa-test-on-return", description = "should connections be tested on return for jpa provider")
	private boolean jpaTestOnReturn;

	@CliOption(name = "oauth2-encrypted-key", description = "The key for encrypted provider")
	private String encryptedKey;

	@CliOption(name = "oauth2-encrypted-algorithm", description = "The algorithm for the key for the encrypted provider")
	private String encryptedAlgo;

	@CliOption(name = "oauth2-token-support", description = "Are token flows supported")
	private boolean tokenSupport = true;

	@CliOption(name = "oauth2-authorization-code-support", description = "Is authorization code flow supported")
	private boolean authorizationCodeSupport;

	@CliOption(name = "oauth2-redirection-use-registered-redirect-uri-if-possible", description = "For authorization code flow, should the registered uri be used")
	private boolean useRegisteredRedirectUriIfPossible = true;

	/*
	private SessionAuthenticityTokenProvider sessionAuthenticityTokenProvider;
	private SubjectCreator subjectCreator;
	private ResourceOwnerNameProvider resourceOwnerNameProvider;
	private AuthorizationRequestFilter authorizationFilter;
	*/

	@CliOption(name = "oauth2-redirection-max-default-session-interval", description = "For authorization code flow, how long a session can be")
	private int maxDefaultSessionInterval;

	@CliOption(
	name = "oauth2-redirection-match-redirect-uri-with-application-uri",
	description = "For authorization code flow, should redirect uri be matched with application one")
	private boolean matchRedirectUriWithApplicationUri;

	@CliOption(name = "oauth2-redirection-scopes-requiring-no-consent", description = "For authorization code flow, the scopes using no consent")
	private String scopesRequiringNoConsent;

	public boolean isRequireUserToStartAuthorizationCodeFlow() {
	return requireUserToStartAuthorizationCodeFlow;
	}

	public void setRequireUserToStartAuthorizationCodeFlow(final boolean requireUserToStartAuthorizationCodeFlow) {
	this.requireUserToStartAuthorizationCodeFlow = requireUserToStartAuthorizationCodeFlow;
	}

	public boolean isUseS256CodeChallenge() {
	return useS256CodeChallenge;
	}

	public void setUseS256CodeChallenge(final boolean useS256CodeChallenge) {
	this.useS256CodeChallenge = useS256CodeChallenge;
	}

	public boolean isForwardRoleAsJwtClaims() {
	return forwardRoleAsJwtClaims;
	}

	public void setForwardRoleAsJwtClaims(final boolean forwardRoleAsJwtClaims) {
	this.forwardRoleAsJwtClaims = forwardRoleAsJwtClaims;
	}

	public String getEncryptedAlgo() {
	return encryptedAlgo;
	}

	public void setEncryptedAlgo(final String encryptedAlgo) {
	this.encryptedAlgo = encryptedAlgo;
	}

	public String getEncryptedKey() {
	return encryptedKey;
	}

	public void setEncryptedKey(final String encryptedKey) {
	this.encryptedKey = encryptedKey;
	}

	public int getJpaMaxActive() {
	return jpaMaxActive;
	}

	public void setJpaMaxActive(final int jpaMaxActive) {
	this.jpaMaxActive = jpaMaxActive;
	}

	public int getJpaMaxIdle() {
	return jpaMaxIdle;
	}

	public void setJpaMaxIdle(final int jpaMaxIdle) {
	this.jpaMaxIdle = jpaMaxIdle;
	}

	public int getJpaMaxWait() {
	return jpaMaxWait;
	}

	public void setJpaMaxWait(final int jpaMaxWait) {
	this.jpaMaxWait = jpaMaxWait;
	}

	public String getJpaValidationQuery() {
	return jpaValidationQuery;
	}

	public void setJpaValidationQuery(final String jpaValidationQuery) {
	this.jpaValidationQuery = jpaValidationQuery;
	}

	public int getJpaValidationInterval() {
	return jpaValidationInterval;
	}

	public void setJpaValidationInterval(final int jpaValidationInterval) {
	this.jpaValidationInterval = jpaValidationInterval;
	}

	public boolean isJpaTestOnBorrow() {
	return jpaTestOnBorrow;
	}

	public void setJpaTestOnBorrow(final boolean jpaTestOnBorrow) {
	this.jpaTestOnBorrow = jpaTestOnBorrow;
	}

	public boolean isJpaTestOnReturn() {
	return jpaTestOnReturn;
	}

	public void setJpaTestOnReturn(final boolean jpaTestOnReturn) {
	this.jpaTestOnReturn = jpaTestOnReturn;
	}

	public String getJpaProperties() {
	return jpaProperties;
	}

	public void setJpaProperties(final String jpaProperties) {
	this.jpaProperties = jpaProperties;
	}

	public String getJpaDatabaseUrl() {
	return jpaDatabaseUrl;
	}

	public void setJpaDatabaseUrl(final String jpaDatabaseUrl) {
	this.jpaDatabaseUrl = jpaDatabaseUrl;
	}

	public String getJpdaDatabaseUsername() {
	return jpdaDatabaseUsername;
	}

	public void setJpdaDatabaseUsername(final String jpdaDatabaseUsername) {
	this.jpdaDatabaseUsername = jpdaDatabaseUsername;
	}

	public String getJpdaDatabasePassword() {
	return jpdaDatabasePassword;
	}

	public void setJpdaDatabasePassword(final String jpdaDatabasePassword) {
	this.jpdaDatabasePassword = jpdaDatabasePassword;
	}

	public String getJpaDriver() {
	return jpaDriver;
	}

	public void setJpaDriver(final String jpaDriver) {
	this.jpaDriver = jpaDriver;
	}

	public String getJcacheConfigUri() {
	return jcacheConfigUri;
	}

	public void setJcacheConfigUri(final String jcacheConfigUri) {
	this.jcacheConfigUri = jcacheConfigUri;
	}

	public boolean isJcacheStoreJwtKeyOnly() {
	return jcacheStoreJwtKeyOnly;
	}

	public void setJcacheStoreJwtKeyOnly(final boolean jcacheStoreJwtKeyOnly) {
	this.jcacheStoreJwtKeyOnly = jcacheStoreJwtKeyOnly;
	}

	public String getProvider() {
	return provider;
	}

	public void setProvider(final String provider) {
	this.provider = provider;
	}

	public boolean isWriteCustomErrors() {
	return writeCustomErrors;
	}

	public void setWriteCustomErrors(final boolean writeCustomErrors) {
	this.writeCustomErrors = writeCustomErrors;
	}

	public boolean isBlockUnsecureRequests() {
	return blockUnsecureRequests;
	}

	public void setBlockUnsecureRequests(final boolean blockUnsecureRequests) {
	this.blockUnsecureRequests = blockUnsecureRequests;
	}

	public boolean isWriteOptionalParameters() {
	return writeOptionalParameters;
	}

	public void setWriteOptionalParameters(final boolean writeOptionalParameters) {
	this.writeOptionalParameters = writeOptionalParameters;
	}

	public boolean isCanSupportPublicClients() {
	return canSupportPublicClients;
	}

	public void setCanSupportPublicClients(final boolean canSupportPublicClients) {
	this.canSupportPublicClients = canSupportPublicClients;
	}

	public boolean isForceClient() {
	return forceClient;
	}

	public void setForceClient(final boolean forceClient) {
	this.forceClient = forceClient;
	}

	public boolean isPartialMatchScopeValidation() {
	return partialMatchScopeValidation;
	}

	public void setPartialMatchScopeValidation(final boolean partialMatchScopeValidation) {
	this.partialMatchScopeValidation = partialMatchScopeValidation;
	}

	public boolean isJaas() {
	return jaas;
	}

	public void setJaas(final boolean jaas) {
	this.jaas = jaas;
	}

	public boolean isRefreshToken() {
	return refreshToken;
	}

	public void setRefreshToken(final boolean refreshToken) {
	this.refreshToken = refreshToken;
	}

	public int getAccessTokenLifetime() {
	return accessTokenLifetime;
	}

	public void setAccessTokenLifetime(final int accessTokenLifetime) {
	this.accessTokenLifetime = accessTokenLifetime;
	}

	public long getRefreshTokenLifetime() {
	return refreshTokenLifetime;
	}

	public void setRefreshTokenLifetime(final long refreshTokenLifetime) {
	this.refreshTokenLifetime = refreshTokenLifetime;
	}

	public boolean isRecycleRefreshTokens() {
	return recycleRefreshTokens;
	}

	public void setRecycleRefreshTokens(final boolean recycleRefreshTokens) {
	this.recycleRefreshTokens = recycleRefreshTokens;
	}

	public String getDefaultScopes() {
	return defaultScopes;
	}

	public void setDefaultScopes(final String defaultScopes) {
	this.defaultScopes = defaultScopes;
	}

	public String getRequiredScopes() {
	return requiredScopes;
	}

	public void setRequiredScopes(final String requiredScopes) {
	this.requiredScopes = requiredScopes;
	}

	public String getInvisibleToClientScopes() {
	return invisibleToClientScopes;
	}

	public void setInvisibleToClientScopes(final String invisibleToClientScopes) {
	this.invisibleToClientScopes = invisibleToClientScopes;
	}

	public boolean isSupportPreauthorizedTokens() {
	return supportPreauthorizedTokens;
	}

	public void setSupportPreauthorizedTokens(final boolean supportPreauthorizedTokens) {
	this.supportPreauthorizedTokens = supportPreauthorizedTokens;
	}

	public boolean isUseJwtFormatForAccessTokens() {
	return useJwtFormatForAccessTokens;
	}

	public void setUseJwtFormatForAccessTokens(final boolean useJwtFormatForAccessTokens) {
	this.useJwtFormatForAccessTokens = useJwtFormatForAccessTokens;
	}

	public String getJwtAccessTokenClaimMap() {
	return jwtAccessTokenClaimMap;
	}

	public void setJwtAccessTokenClaimMap(final String jwtAccessTokenClaimMap) {
	this.jwtAccessTokenClaimMap = jwtAccessTokenClaimMap;
	}

	public boolean isUseAllClientScopes() {
	return useAllClientScopes;
	}

	public void setUseAllClientScopes(final boolean useAllClientScopes) {
	this.useAllClientScopes = useAllClientScopes;
	}

	public boolean isAuthorizationCodeSupport() {
	return authorizationCodeSupport;
	}

	public void setAuthorizationCodeSupport(final boolean authorizationCodeSupport) {
	this.authorizationCodeSupport = authorizationCodeSupport;
	}

	public boolean isUseRegisteredRedirectUriIfPossible() {
	return useRegisteredRedirectUriIfPossible;
	}

	public void setUseRegisteredRedirectUriIfPossible(final boolean useRegisteredRedirectUriIfPossible) {
	this.useRegisteredRedirectUriIfPossible = useRegisteredRedirectUriIfPossible;
	}

	public int getMaxDefaultSessionInterval() {
	return maxDefaultSessionInterval;
	}

	public void setMaxDefaultSessionInterval(final int maxDefaultSessionInterval) {
	this.maxDefaultSessionInterval = maxDefaultSessionInterval;
	}

	public boolean isMatchRedirectUriWithApplicationUri() {
	return matchRedirectUriWithApplicationUri;
	}

	public void setMatchRedirectUriWithApplicationUri(final boolean matchRedirectUriWithApplicationUri) {
	this.matchRedirectUriWithApplicationUri = matchRedirectUriWithApplicationUri;
	}

	public String getScopesRequiringNoConsent() {
	return scopesRequiringNoConsent;
	}

	public void setScopesRequiringNoConsent(final String scopesRequiringNoConsent) {
	this.scopesRequiringNoConsent = scopesRequiringNoConsent;
	}

	public boolean isTokenSupport() {
	return tokenSupport;
	}

	public void setTokenSupport(final boolean tokenSupport) {
	this.tokenSupport = tokenSupport;
	}

	public boolean isJcacheStoreValue() {
	return jcacheStoreValue;
	}

	public void setJcacheStoreValue(final boolean jcacheStoreValue) {
	this.jcacheStoreValue = jcacheStoreValue;
	}

	public String getJcacheLoader() {
	return jcacheLoader;
	}

	public void setJcacheLoader(final String jcacheLoader) {
	this.jcacheLoader = jcacheLoader;
	}

	public String getJcacheWriter() {
	return jcacheWriter;
	}

	public void setJcacheWriter(final String jcacheWriter) {
	this.jcacheWriter = jcacheWriter;
	}

	public boolean isJcacheStatistics() {
	return jcacheStatistics;
	}

	public void setJcacheStatistics(final boolean jcacheStatistics) {
	this.jcacheStatistics = jcacheStatistics;
	}

	public boolean isJcacheJmx() {
	return jcacheJmx;
	}

	public void setJcacheJmx(final boolean jcacheJmx) {
	this.jcacheJmx = jcacheJmx;
	}

	public String getJwtIssuer() {
	return jwtIssuer;
	}

	public void setJwtIssuer(final String jwtIssuer) {
	this.jwtIssuer = jwtIssuer;
	}
	}