Update claims instead of overwrite from webhook response

[3schwartz]

According to the webhook documentation:

To accept the token exchange without modification, return a 204 or 200 HTTP status code without a response body.

However, this behavior is currently not functioning as expected. When an empty response is returned, it overwrites the additional claims sent to the webhook, effectively erasing them.

Related issue(s)

https://github.com/ory/hydra/issues/3879

Checklist

• [X] I have read the contributing guidelines.
• [X] I have referenced an issue containing the design document if my change introduces a new feature.
• [X] I am following the contributing code guidelines.
• [X] I have read the security policy.
• [X] I confirm that this pull request does not address a security vulnerability. If this pull request addresses a security vulnerability, I confirm that I got the approval (please contact security@ory.sh) from the maintainers to push the changes.
• [X] I have added tests that prove my fix is effective or that my feature works.
• [ ] I have added or changed the documentation.

Further Comments

[CLAassistant]

All committers have signed the CLA.