Nov 15th, 2012, 07:20 AM
I've just started working with Spring oAuth2 few days back. I have successfully installed the tonr and sparkler webapps on tomcat. I think i have got some understanding of how everything(well most of them) hang together.
My question is related to how the token is stored. I had a bit of dig around the source code(TokenEndpoint, AbstractTokenGranter, DefaultTokenServices and InMemoryTokenStore)
If I'm not wrong, the token is stored in the ConcurrentHashMap(token, OAuth2Authentication). Now in the OAuth2Authentication instance, we are setting the AuthorizationRequest, but Authentication is set to null. I need to somehow set the authentication(end-user details). So, when we validate the access token in subsequent request, I'll have the end user details as well.
Is there something out of the box which I can use? Otherwise Can you advise what will be the best way to implement?