additional parameters to saveAuthorizationCode

[z1haze]

I am just wondering what the approach would be to pass additional/custom parameters through on authorize() such that they get passed into the AuthorizationCode arg of saveAuthorizationCode. The type is written in such way that it allows for pretty much any k/v to be added to that object, however in my attempts, only the fields explicitly defined in your authorize-handler get passed into that method. In my use case, my provider has a custom parameter called usid, which refers to a unique shopper id that we pass in on the authorize call, and then use it on the token call. It does some behind the scenes magic that I'm not privy too, but I know we need it.

I looked through the code and this is the culprit, as its hardcoding the only values that get passed into saveAuthorizationCode.

node-oauth2-server/lib/handlers/authorize-handler.js

Lines 103 to 112 in 8a2b7c0

	const code = await this.saveAuthorizationCode(
	authorizationCode,
	expiresAt,
	validScope,
	client,
	uri,
	user,
	codeChallenge,
	codeChallengeMethod
	);

I am curious your thoughts on this.

I figured I'd add my 2cents on how I'm currently doing it. I'm using the authenticateHandler handle method which accepts the Request object as a parameter that I can just tack on the usid to the object that the function returns.. then the user object gets passed into the saveAuthorizationCode method. I don't know if that's the right answer but it works for now.

[jankapunkt]

That is why user was added as object, which is only defined as

    interface User {
        [key: string]: any;
    }

However, this would conflict with #341 and create a much more complex solution (and complexity is something we need to avoid or - even better - reduce).