public Task OnGeneratingClaims(TokenGeneratingContext context)
        {
            if (context.CurrentToken.Equals(TokenTypes.IdToken) ||
                context.CurrentToken.Equals(TokenTypes.AccessToken))
            {
                var   userId              = context.User.FindFirstValue(_options.ClaimsIdentity.UserIdClaimType);
                var   applicationId       = context.Application.FindFirstValue(IdentityServiceClaimTypes.ObjectId);
                var   unHashedSubjectBits = Encoding.ASCII.GetBytes($"{userId}/{applicationId}");
                var   hashing             = CryptographyHelpers.CreateSHA256();
                var   subject             = Base64UrlEncoder.Encode(hashing.ComputeHash(unHashedSubjectBits));
                Claim existingClaim       = null;
                foreach (var claim in context.CurrentClaims)
                {
                    if (claim.Type.Equals(IdentityServiceClaimTypes.Subject, StringComparison.Ordinal))
                    {
                        existingClaim = claim;
                    }
                }

                if (existingClaim != null)
                {
                    context.CurrentClaims.Remove(existingClaim);
                }

                context.CurrentClaims.Add(new Claim(IdentityServiceClaimTypes.Subject, subject));
            }

            return(Task.CompletedTask);
        }