add hook for custom JWT claims to DefaultOIDCTokenService

[bodewig]

This is the same enhancement as #1270 but applies to the id token rather than the access token.

[codecov-io]

Codecov Report

Merging #1342 into master will increase coverage by 0.19%.
The diff coverage is 50%.

@@             Coverage Diff              @@
##             master    #1342      +/-   ##
============================================
+ Coverage      23.7%   23.89%   +0.19%     
- Complexity      849      854       +5     
============================================
  Files           209      209              
  Lines         11664    11666       +2     
  Branches       2116     2116              
============================================
+ Hits           2765     2788      +23     
+ Misses         8422     8389      -33     
- Partials        477      489      +12

Impacted Files	Coverage Δ	Complexity Δ
.../connect/service/impl/DefaultOIDCTokenService.java	22.11% <50%> (+22.11%)	5 <0> (+5)	⬆️

---

Continue to review full report at Codecov.

Legend - Click here to learn more
Δ = absolute <relative> (impact), ø = not affected, ? = missing data
Powered by Codecov. Last update e613087...01eb140. Read the comment docs.

[rhinmass]

Anyone have an example of how to override DefaultOIDCTokenService in an overlay.
I am having trouble getting the application to pickup my custom bean. I could only get it to work by editing application-context.xml, but I don't think this file can be overlayed.

<context:component-scan annotation-config="true" base-package="org.mitre, com.example.overlay" >
  <context:exclude-filter type="regex" expression="org.mitre.openid.connect.service.impl.DefaultOIDCTokenService"/>	
</context:component-scan>

[praseodym]

@rhinmass see:

• https://github.com/WISVCH/connect/blob/de0eb31adc28c7a7e160fc1808c55fa9f13538e1/src/main/webapp/WEB-INF/user-context.xml#L49
• https://github.com/WISVCH/connect/blob/61c2c9ba67307710a40950d8352e10e765483a82/src/main/java/ch/wisv/connect/services/CHOIDCTokenService.java

[rhinmass]

Thank you for the quick response!

That worked great so I don't need to exclude the overridden classes from component-scan

I'm also trying to use this same approach to override a persistence class - SavedUserAuthentication.
(so I can add a column to the saved_user_authentication table. But that is not going as well:

ERROR: org.springframework.web.context.ContextLoader - Context initialization failed
org.springframework.beans.factory.UnsatisfiedDependencyException: Error creating bean with name 'mySavedUserAuthentication' defined in ServletContext resource [/WEB-INF/user-context.xml]: Unsatisfied dependency expressed through constructor parameter 0; nested exception is org.springframework.beans.factory.BeanCurrentlyInCreationException: Error creating bean with name 'mySavedUserAuthentication': Requested bean is currently in creation: Is there an unresolvable circular reference?

[rhinmass]

To answer my own question:
It looks like the right thing to do here is to copy the persistent Entity class into my overlay with the exact same name and package specification. Then it just replaces it in the target.