Apr 6th, 2011, 09:52 AM
Customize the expiry time
is it possible to customize expiry time of the access tokens?
It's set to ~ 30 days by default. In general that's fine, but for testing I might want to reduce it to a minute for example.
Is there a special error code returned once an access token has expired, so the consumer has an easy way to find out if it has to issue a refresh token request?
Apr 11th, 2011, 12:12 PM
The way you do it is by wiring your own instance of org.springframework.security.oauth2.provider.token .InMemoryOAuth2ProviderTokenServices and referencing it with the 'token-services-ref' of the 'provider' element.