IdentityServer4 - Is there a way to get the claims in response on connect/token endpoint?

问题

I need to add some fields in the response of the connect/token endpoint on identityserver. I want to add some claims. Is there any way to do that?

I dont want to use the connect/userinfo endpoint, My Client is using resource owner password flow. I just want the respose something like this

{
    "access_token": "eyJhbGciOiJSUzI1NiIsImtpZCI6IjcxQkQwM0MxRUFBOUM3NDc3RkEwMDhFMTY4M0VCMkI4NjQ3Mjg0QjgiLCJ0eXAiOiJKV1QiLCJ4NXQiOiJjYjBEd2VxcHgwZF9vQWpoYUQ2eXVHUnloTGcifQ.eyJuYmYiOjE1NTg5NzMyMjAsImV4cCI6MTU1ODk3NjgyMCwiaXNzIjoiaHR0cDovL2xvY2FsaG9zdDo1NTgzOSIsImF1ZCI6WyJodHRwOi8vbG9jYWxob3N0OjU1ODM5L3Jlc291cmNlcyIsImFwaSJdLCJjbGllbnRfaWQiOiJyZWFscGxhemEuYnVkZ2V0Iiwic3ViIjoiamFpci50YXNheWNvQHJlYWxwbGF6YS5jb20ucGUiLCJhdXRoX3RpbWUiOjE1NTg5NzMyMjAsImlkcCI6ImxvY2FsIiwiZ2l2ZW5fbmFtZSI6IkpBSVIgQU5UT05JTyIsInVzZXJfbmFtZXMiOiJKQUlSIEFOVE9OSU8iLCJ1c2VyX2xhc3RuYW1lIjoiVEFTQVlDTyIsInVzZXJfbW90aGVyX2xhc3RuYW1lIjoiQkFVVElTVEEiLCJ1c2VyX3R5cGUiOiIyIiwidXNlcl9kb2N1bWVudF9udW1iZXIiOiI0NzEwMzMwMyIsImNvZGlnb191bmljbyI6IjQyNSIsInVzZXJfcmVkIjoiUlAwNjg5Iiwic2NvcGUiOlsiYXBpIl0sImFtciI6WyJBdXRlbnRpY2FkbyJdfQ.twCgMlcOTDsaBnwmxy_kNLHVE0vtMYA_bqAjIGjatTmkLPz7ozWltoMfrlw6XUmHtre3TAcMkkoUr7Ak7qWpAiWrcuvNVgHTyfKqSjloG18KyySrhW6qFSfOdtkcNuf7bhWsJYvtiZpdzRv70xC1XrGo8Vx9hhUEQxQVDa03kQdCkeCz_EgMnmQ5JL21lUM80GS3FikZHZ2UVRXdjXkFTARM7FOb6wKnasUyIPxSGfgFKgJmjYqhpjED8gSgmo2So_qc9gpc9f8nlQlTFhuulgJO_cOioOpDE8ywHpxXyjx5dbYp4JQ0hxRjtNTyyA7oA25YMwvNBpYIMzmvqyjDTQ",
    "expires_in": 3600,
    "token_type": "Bearer"
, "claim_1": "XXXXXX", "claim_2" : "SSSSSS" }

回答1:

You can implement your ICustomTokenRequestValidator like the following:

public class YourCustomTokenRequestValidator: ICustomTokenRequestValidator
{
  public Task ValidateAsync(CustomTokenRequestValidationContext context)
  {
    context.Result.CustomResponse = 
      new Dictionary<string, object>{{"claim_1", "XXXXXX"}, {"claim_2", "SSSSSS"}};
    return Task.CompletedTask;
  }
}

and then in your startup:

services.AddIdentityServer()
   .AddCustomTokenRequestValidator<YourCustomTokenRequestValidator>();

来源：https://stackoverflow.com/questions/56329497/identityserver4-is-there-a-way-to-get-the-claims-in-response-on-connect-token