thephpleague / oauth2-server-bundle

Symfony bundle for the OAuth2 Server.
MIT License
183 stars 87 forks source link

How do you add an extra claim? #198

Open MartijnBUZ opened 1 month ago

MartijnBUZ commented 1 month ago

I get a working JWT token, but I want to add extra data to it:

{
 "...": "...",
  "sub": "myname",
  "scopes": [
    "messaging"
  ],
  "my-own-added-key": "this is a neat custom value"
}

I've found Lcobucci\JWT\Builder::withClaim in the code which seems exactly what I need, but there is no way for my to apply it. For some reason everything is final, so I can't apply the Open/Closed principle anywhere. I'm not looking to rewrite half this tool, I just need a small hook to add a little data.

Is there a reason this is so hard? I dont mind creating some code to implement this, but I'd like to know if that is worth my time.

MartijnBUZ commented 1 month ago

I've been searching for a subtle way to implement this, but this turns out to be a bit challenging. The AccessTokenTrait::convertToJwt has service (or manager) logic, but is placed in a entity structure. IMO an entity should just be the definition of a Thing. Building and doing stuff is service (or manager) logic.

Something like a league.oauth2_server.event.token_creation_claims_added would be perfect. Or just something in the builder I could hook to. But now it instantly goes to __tostring.