How to add custom fields in a Token response

[nanachimi]

After a long debugging session I found following configuration options:

oauth = new OAuthServer({ 
        model: dataModel, 
        debug: true , 
        allowExtendedTokenAttributes: true, 
        alwaysIssueNewRefreshToken: false, 
        requireClientAuthentication: {}, 
        accessTokenLifetime:1800,
        refreshTokenLifetime: 3600});

For my issue allowExtendedTokenAttributes seems to be the correct option. But a remaining question is how to specify the custom fields when the allowExtendedTokenAttributes option is set to true?

I found that in lib\models\token-model.js of the underline library oauth2-server some fields are filtered out and cannot be consider as custom fields.

var modelAttributes = ['accessToken', 'accessTokenExpiresAt', 'refreshToken', 'refreshTokenExpiresAt', 'scope', 'client', 'user'];

  if (options && options.allowExtendedTokenAttributes) {
    this.customAttributes = {};

    console.log("data: ", data)
    for (var key in data) {
      if (data.hasOwnProperty(key) && (modelAttributes.indexOf(key) < 0)) {
        this.customAttributes[key] = data[key];
      }
    }
  }

Now my responses look like this when I hit POST /oauth/token:

{
"access_token": "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpZGVudGl0eSI6IjAwMjM3...",
"token_type": "Bearer",
"expires_in": 1799,
"refresh_token": "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpZGVudGl0eSI6IjA..."
}

How should I proceed if I want to add a new field user_id in the above response?

Here my source code: https://github.com/nanachimi/oauthserverjs

Thanks

[koocbor]

You have to add the additional properties to the object returned from the saveToken method. This is mentioned pretty far down this page: https://oauth2-server.readthedocs.io/en/latest/api/oauth2-server.html

If options.allowExtendedTokenAttributes is true any additional properties set on the object returned from Model#saveToken() are copied to the token response sent to the client.