Skip to content

Commit

Permalink
Mention subject exception with serversidesessions enabled
Browse files Browse the repository at this point in the history
  • Loading branch information
Roland Guijt committed Aug 12, 2024
1 parent 2f12073 commit 4b2867e
Showing 1 changed file with 34 additions and 34 deletions.
68 changes: 34 additions & 34 deletions IdentityServer/v7/docs/content/reference/services/profile_service.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -31,58 +31,58 @@ public interface IProfileService
}
```

* ***GetProfileDataAsync***

The API that is expected to load claims for a user. It is passed an instance of *ProfileDataRequestContext*.
- **_GetProfileDataAsync_**

* ***IsActiveAsync***

The API that is expected to indicate if a user is currently allowed to obtain tokens. It is passed an instance of *IsActiveContext*.
The API that is expected to load claims for a user. It is passed an instance of _ProfileDataRequestContext_.

- **_IsActiveAsync_**
The API that is expected to indicate if a user is currently allowed to obtain tokens. It is passed an instance of _IsActiveContext_.

#### Duende.IdentityServer.Models.ProfileDataRequestContext

Models the request for user claims and is the vehicle to return those claims. It contains these properties:

* ***Subject***

The *ClaimsPrincipal* modeling the user associated with this request for profile data. When the profile service is invoked for tokens, the *Subject* property will contain the principal that was issued during user sign-in. When the profile service is called for requests to the [userinfo endpoint]({{< ref "/reference/endpoints/userinfo" >}}), the *Subject* property will contain a claims principal populated with the claims in the access token used to authorize the userinfo call.
- **_Subject_**

The _ClaimsPrincipal_ modeling the user associated with this request for profile data. When the profile service is invoked for tokens, the _Subject_ property will contain the principal that was issued during user sign-in. When the profile service is called for requests to the [userinfo endpoint]({{< ref "/reference/endpoints/userinfo" >}}), the _Subject_ property will contain a claims principal populated with the claims in the access token used to authorize the userinfo call.

When the [server-side sessions feature]({{< ref "ui/server_side_sessions/" >}}) is enabled _Subject_ will always contain the claims in the session.

- **_Client_**

The _Client_ for which the claims are being requested.

* ***Client***

The *Client* for which the claims are being requested.
- **_RequestedClaimTypes_**

* ***RequestedClaimTypes***

The collection of claim types being requested. This data is source from the requested scopes and their associated claim types.
The collection of claim types being requested. This data is source from the requested scopes and their associated claim types.

* ***Caller***

An identifier for the context in which the claims are being requested (e.g. an identity token, an access token, or the user info endpoint). The *IdentityServerConstants.ProfileDataCallers* class contains the different constant values.
- **_Caller_**

* ***IssuedClaims***
An identifier for the context in which the claims are being requested (e.g. an identity token, an access token, or the user info endpoint). The _IdentityServerConstants.ProfileDataCallers_ class contains the different constant values.

The list of claims that will be returned. This is expected to be populated by the custom *IProfileService* implementation.
- **_IssuedClaims_**

* ***AddRequestedClaims***
The list of claims that will be returned. This is expected to be populated by the custom _IProfileService_ implementation.

Extension method on the *ProfileDataRequestContext* to populate the *IssuedClaims*, but first filters the claims based on *RequestedClaimTypes*.
- **_AddRequestedClaims_**

Extension method on the _ProfileDataRequestContext_ to populate the _IssuedClaims_, but first filters the claims based on _RequestedClaimTypes_.

#### Duende.IdentityServer.Models.IsActiveContext

Models the request to determine if the user is currently allowed to obtain tokens. It contains these properties:

* ***Subject***

The *ClaimsPrincipal* modeling the user.
- **_Subject_**

The _ClaimsPrincipal_ modeling the user.

- **_Client_**

The _Client_ for which the claims are being requested.

* ***Client***

The *Client* for which the claims are being requested.
- **_Caller_**

* ***Caller***

An identifier for the context in which the claims are being requested (e.g. an identity token, an access token, or the user info endpoint. The constant *IdentityServerConstants.ProfileIsActiveCallers* contains the different constant values.
An identifier for the context in which the claims are being requested (e.g. an identity token, an access token, or the user info endpoint. The constant _IdentityServerConstants.ProfileIsActiveCallers_ contains the different constant values.

* ***IsActive***

The flag indicating if the user is allowed to obtain tokens. This is expected to be assigned by the custom *IProfileService* implementation.
- **_IsActive_**
The flag indicating if the user is allowed to obtain tokens. This is expected to be assigned by the custom _IProfileService_ implementation.

0 comments on commit 4b2867e

Please sign in to comment.