modify token information

src/IdentitySvc/Config.cs

@@ -14,15 +14,15 @@ public static class Config
     public static IEnumerable<ApiScope> ApiScopes =>
         new ApiScope[]
         {
-            new ApiScope("scope1"),
+            new ApiScope("optifitApp", "Optifit App API Scope"),
-            new ApiScope("scope2"),
+            //new ApiScope("scope2"),
         };
 
     public static IEnumerable<Client> Clients =>
         new Client[]
         {
             // m2m client credentials flow client
-            new Client
+            /*new Client
             {
                 ClientId = "m2m.client",
                 ClientName = "Client Credentials Client",
@@ -31,10 +31,10 @@ public static class Config
                 ClientSecrets = { new Secret("511536EF-F270-4058-80CA-1C89C192F69A".Sha256()) },
 
                 AllowedScopes = { "scope1" }
-            },
+            },*/
 
             // interactive client using code flow + pkce
-            new Client
+            /*new Client
             {
                 ClientId = "interactive",
                 ClientSecrets = { new Secret("49C1A7E1-0C79-4A89-A3D6-A37998FB86B0".Sha256()) },
@@ -47,6 +47,16 @@ public static class Config
 
                 AllowOfflineAccess = true,
                 AllowedScopes = { "openid", "profile", "scope2" }
-            },
+            },*/
+            
+            new Client
+            {
+                ClientId = "postman",
+                ClientName = "Postman",
+                AllowedScopes = {"openid", "profile", "optifitApp"},
+                RedirectUris = {"https://www.getpostman.com/oauth2/callback"},
+                ClientSecrets = new[] {new Secret("NotASecret".Sha256())},
+                AllowedGrantTypes = {GrantType.ResourceOwnerPassword}
+            }
         };
 }

src/IdentitySvc/HostingExtensions.cs

@@ -1,6 +1,7 @@
 using Duende.IdentityServer;
 using IdentitySvc.Data;
 using IdentitySvc.Models;
+using IdentitySvc.Services;
 using Microsoft.AspNetCore.Identity;
 using Microsoft.EntityFrameworkCore;
 using Serilog;
@@ -34,7 +35,8 @@ internal static class HostingExtensions
             .AddInMemoryIdentityResources(Config.IdentityResources)
             .AddInMemoryApiScopes(Config.ApiScopes)
             .AddInMemoryClients(Config.Clients)
-            .AddAspNetIdentity<ApplicationUser>();
+            .AddAspNetIdentity<ApplicationUser>()
+            .AddProfileService<CustomProfileService>();
 
         builder.Services.ConfigureApplicationCookie(options =>
         {

src/IdentitySvc/Services/CustomProfileService.cs

@@ -0,0 +1,37 @@
+using System.Security.Claims;
+using Duende.IdentityServer.Models;
+using Duende.IdentityServer.Services;
+using IdentityModel;
+using Microsoft.AspNetCore.Identity;
+using IdentitySvc.Models;
+
+namespace IdentitySvc.Services;
+
+public class CustomProfileService : IProfileService 
+{
+    private readonly UserManager<ApplicationUser> _userManager;
+    
+    public CustomProfileService(UserManager<ApplicationUser> userManager)
+    {
+        _userManager = userManager;
+    }
+    
+    public async Task GetProfileDataAsync(ProfileDataRequestContext context)
+    {
+        var user = await _userManager.GetUserAsync(context.Subject);
+        var existingClaims = await _userManager.GetClaimsAsync(user);
+
+        var claims = new List<Claim>
+        {
+            new Claim("username", user.UserName),
+        };
+        
+        context.IssuedClaims.AddRange(claims);
+        context.IssuedClaims.Add(existingClaims.FirstOrDefault(x => x.Type == JwtClaimTypes.Name));
+    }
+    
+    public Task IsActiveAsync(IsActiveContext context)
+    {
+        return Task.CompletedTask;
+    }
+}