org.springframework.security.oauth2.provider.filter中的OAuth2ProtectedResourceFilter:
Collection<String> resourceIds = auth.getClientAuthentication().getResourceIds();
if (resourceIds!=null && !resourceIds.isEmpty() && !resourceIds.contains(resourceId)) {
throw new InvalidTokenException("Invalid token does not contain resource id ("+resourceId+"): " + token);
}
我认为这没有用。这段代码检查什么?