How define can i define on provider side the resources that need to be access passing an access token ?
The tonr and sparklr examples does not need to pass token to access the photos, only require login in sparklr (the provider).
For example, in facebook, to get my friends we have pass a token in url
https://graph.facebook.com/me/friends?access_token=MY_TOKEN

i f i access https://graph.facebook.com/me/friends I got "An active access token must be used to query information about the current user." in a JSON.
How can i provide this behavior with spring ?

On sparklr app we can access a photo by http://localhost:8080/sparklr/rest/jpg/photo/1
without passing a token.
So, why use oauth 2 here ? if we can get any photo, and any app can get too.
I think, the correct way, would be require a token
http://localhost:8080/sparklr/rest/jpg/photo/1?acess_token=XXXXX
So, how can i configure a resource to do this... ?:confused:

The token in the request parameter would work, but the reason you can access it without a request parameter is because you're passing it into the Authorization header.

See http://tools.ietf.org/html/draft-ietf-oauth-v2-18#section-7

So how spring client access a resource ?
Where it pass the access_token, on url ?
I'm trying to get the original request that spring build when we execute, for example:

restTemplate.getForObject(URI.create(fullResourceU RL), byte[].class)

thanks!

Ok, how stoicflame said the token is passed on a header.
For example....

req.getHeaders().add("Authorization", String.format("OAuth2 %s",accessToken.getValue()));

thanks! my doubt is solved.
:)