Dec 20th, 2012, 11:41 AM
Check if a token is still valid
I'm new to all this OAuth stuff, but I have Spring OAuth 2.0 working in an application now and I'm starting to have more questions that aren't answered in the documentation. I have a mobile app that is requesting an accessToken using Resource Owner Password Credentials. So when the app launches, we ask the user to login with their username/password and then ask for the token. I get the accessToken and then I save the token for use with all further requests. That is working. What I want to do, is on launch, check if we already have an access token and if so, skip the username/password bit (just log them in). In order to do this, I need to be able to ask the server if the token is valid. How do I do that? I assume there is an endpoint for that, but I don't know what it is...
A separate but related question: I can't find any documentation on all the exposed OAuth resources. In the examples, they always have an http block for all the "protected OAuth resources" but none of them seem to work for me. Things like /oauth/users, /oauth/clients. I would also like to be able to ask for a users tokens to display them on an account page. I would assume those endpoints would help me in both of these problems.
Any help is appreciated!
Tags for this Thread