May 29th, 2013, 08:58 AM
Fine if that works, but you should consider TokenStore to be an internal detail of the implementation of DefaultTokenServices (and not use it directly if possible). If you like decoding the token twice (once in the authentication filter and once in the controller) you can inject a ResourceServerTokenServices into your controller, and that would be preferable. Personally, I would prefer to use the Principal (it should be an instance of OAuth2Authentication if the correct filter is in place).
May 29th, 2013, 09:57 AM
Interested with the above suggestion. I am fairly new to Spring, but let me try that.
Originally Posted by Dave Syer