Version 5.x has been out of support since December 13, 2022, and this corresponding section of the documentation is no longer maintained. We strongly recommend upgrading to a supported version.
You can hook into the token request pipeline by implementing the ICustomTokenRequestValidator interface.
This allows you to
The following example emits additional claims and changes the token lifetime on-the-fly based on a granted scope.
public class TransactionScopeTokenRequestValidator : ICustomTokenRequestValidator
{
public Task ValidateAsync(CustomTokenRequestValidationContext context)
{
var transaction = context
.Result
.ValidatedRequest
.ValidatedResources
.ParsedScopes.FirstOrDefault(x => x.ParsedName == "transaction");
// transaction scope has been requested
if (transaction?.ParsedParameter != null)
{
// emit transaction id as a claim
context.Result.ValidatedRequest.ClientClaims.Add(
new Claim(transaction.ParsedName, transaction.ParsedParameter));
// also shorten token lifetime
context.Result.ValidatedRequest.AccessTokenLifetime = 10;
}
return Task.CompletedTask;
}
}
You can register your implementation like this:
builder.AddCustomTokenRequestValidator<TransactionScopeTokenRequestValidator>();