How to enrich Principal on resource server side

[HJK181]

Hi Dave,

i'm trying to implement a setup similar to the oauth2-logout sample. My setup uses a zuul server as SSOClient, an oauth2 server and a resources server. I wonder how can I enrich the principal information on the resoruces server side?

I have the following code:

@RequestMapping("/me")
	@ResponseBody
	public Principal getCurrentLoggedInUser(Principal user) {
		return user;
	}

Where I need more informations from my domain user model. I've tried to write a custom TokenEnhencer:

@Override
	public OAuth2AccessToken enhance(OAuth2AccessToken accessToken, OAuth2Authentication authentication) {

		final TenantUser user = (TenantUser) authentication.getPrincipal();
		final Map<String, Object> additionalInfo = new HashMap<>();

		additionalInfo.put("gender", user.getUser().getGender());

		((DefaultOAuth2AccessToken) accessToken).setAdditionalInformation(additionalInfo);

		return accessToken;
	}

But the "gender" information is not present on my Principal object.
Its only present when I use the /token endpoint to grand a new access_token.

I'm sure that I'm mixing up something. Could you please give me a hint how the enrich data transported by JWT so that the ressources server can extract it from the current user?

Thank you.

[dsyer]

I'm not sure I follow. If the token does not contain the information you need in the resource server, I don't think it has any choice but to extract it from somewhere else (like a database, or am HTTP endpoint or something). It's nothing to do with tokens or JWTs at that point.