Adding additional data to the access token
I need to pass additional data back in my access tokens so that our clients are able to receive additional data when the user/client is authorized.
It appears that the OAuth2AccessToken class supports setting additional data via the setAdditionalInformation setter, however, I don't see a hook anywhere in the oauth2 call stack to inject additional data.
Do I need to implement my own TokenGranter. If so is there a way to extend the CompositeTokenGranter class, and get the registered set of token granters as it does?