How do you add an extra claim?

[MartijnBUZ]

I get a working JWT token, but I want to add extra data to it:

{
 "...": "...",
  "sub": "myname",
  "scopes": [
    "messaging"
  ],
  "my-own-added-key": "this is a neat custom value"
}

I've found Lcobucci\JWT\Builder::withClaim in the code which seems exactly what I need, but there is no way for my to apply it. For some reason everything is final, so I can't apply the Open/Closed principle anywhere. I'm not looking to rewrite half this tool, I just need a small hook to add a little data.

• The events that exists (OAuth2Events) dont offer anything useful.
• Altering the build cant, its incorrectly final anyway.
• cant create a custom AccessToken, the current one is incorrectly final
• None of the managers are usefull
• None of the builds can be configured (and are incorrectly marked as final)
• There is no way to alter an accesstoken to have something like $customClaims which could be picked up in the AccessTokenTrait again.
• 'RelatedTo' must be a string. Using a simplified array here would solve a lot

Is there a reason this is so hard? I dont mind creating some code to implement this, but I'd like to know if that is worth my time.

[MartijnBUZ]

I've been searching for a subtle way to implement this, but this turns out to be a bit challenging. The AccessTokenTrait::convertToJwt has service (or manager) logic, but is placed in a entity structure. IMO an entity should just be the definition of a Thing. Building and doing stuff is service (or manager) logic.

Something like a league.oauth2_server.event.token_creation_claims_added would be perfect. Or just something in the builder I could hook to. But now it instantly goes to __tostring.