icynet-auth-server/src/modules/oauth2/adapter/jwt.adapter.ts

import { JWTAdapter, OAuth2User, OAuth2Client } from '@icynet/oauth2-provider';
import { OAuth2Service } from '../oauth2.service';

export class IcyJWTAdapter implements JWTAdapter {
  constructor(private _client: OAuth2Service) {}

  async issueIdToken(
    rawUser: OAuth2User,
    rawClient: OAuth2Client,
    scope: string[],
    nonce?: string,
  ): Promise<string> {
    const user = await this._client.userService.getById(rawUser.id as number);

    const userData: Record<string, unknown> = {
      name: user.display_name,
      preferred_username: user.username,
      nickname: user.display_name,
      updated_at: user.updated_at,
      nonce,
    };

    if (scope.includes('email')) {
      userData.email = user.email;
      userData.email_verified = true;
    }

    if (scope.includes('picture') && user.picture) {
      userData.picture = `${this._client.config.get('app.base_url')}/uploads/${
        user.picture.file
      }`;
    }

    return this._client.jwt.issue(
      userData,
      user.uuid as string,
      rawClient.id as string,
    );
  }
}