token expiration: 'covered' by another exception

[OhadR]

In my resource server, When DefaultTokenService.loadAuthentication() check the access-token and notices that is has been expired, it throws InvalidTokenException with message "Access token expired".

But then, when it is caught by the OAuthRestTemplate, it throws a brand-new OAuth2AccessDeniedException with a message "Invalid token for client...". No trace for the token-expiration ... the user will have no knowledge why the token has no access.

Is it a bug?

[Dave Syer]

Maybe. My argument against is just that the OAuth2RestTemplate should try to re-authenticate if it gets an OAuth2AccessDeniedException so it really shouldn't matter what the underlying problem was. It only retries once. So if you can think of a scenario where the second failure should reveal the detail of the expiry then maybe we should talk about it in JIRA.