How to customize access token with user information (user name, and phone number,..) in the oauth2.1 authorization server in the spring boot?

Question

How to customize access token with user information (user name, and phone number,..) in the oauth2.1 authorization server in the spring boot?

This my workaround project, any resources/help on how to add user details in the access token itself?

Answer 1

We can add any information using jwtCustomizer. Refer this

    @Bean
    OAuth2TokenCustomizer<JwtEncodingContext> jwtCustomizer(CustomClaims claims) {
        return context -> {
            if (context.getTokenType() == OAuth2TokenType.ACCESS_TOKEN) {
                Authentication principal = context.getPrincipal();
                Set<String> authorities = principal.getAuthorities().stream()
                        .map(GrantedAuthority::getAuthority)
                        .collect(Collectors.toSet());
                context.getClaims().claims(c -> c.put("Creator", "Thirumal"));
                context.getClaims().claims(c -> c.putAll(claims.getClaims(principal)));
                context.getClaims().claim("roles", authorities);
            }
        };
    }