I am currently working with Spring Authorization Server and noticed that it uses Base64StringKeyGenerator
for generating tokens. However, I'm unsure about the reasoning behind this choice and whether it's expected for the generated tokens to appear as seemingly random strings without any useful information.
- Why does Spring Authorization Server use
Base64StringKeyGenerator
for token generation? Are there specific advantages or considerations for this choice? - When inspecting the generated tokens, I noticed that they appear as random strings (e.g.,
28VO6BUTCOPRTEmH5odQwuNSODE_T7e2nTvkiAZ0R3rTYwO0UmIE0_de9EeciUvDJFhpVtgd6KPIpavVhWJ7xTMSX2J1sIU8_ZfxaaH763S4DFHO8OFnmcygT8sLlBBQ
) without any discernible information. Is this behavior expected? - Should I expect the tokens generated by Spring Authorization Server to contain meaningful information, or is their purpose primarily for secure identification and validation?