owin - Can IdentityServer return claims as part of authenticate request -


i implementing wsfed authentication using wsfederation plugin on top of thinktecture identityserver, got own userservice implemented authenticatelocalasync method below

public async task<authenticateresult> authenticatelocalasync(string username, string password, signinmessage message)         {             var requestviewmodel = new signinrequestviewmodel                               {                                   emailaddress = username,                                   password = password                               };              var result = await signinapplicationservice.signinasync(requestviewmodel);              var responseviewmodel = result.viewmodel;              var claims = claimbuilder.getclaims(responseviewmodel);              return new authenticateresult(                 responseviewmodel.customerid.tostring(),                 string.format("{0} {1}", responseviewmodel.firstname, responseviewmodel.lastname),                 claims);         } 

this method called when login event triggered, can see authenticate users against own database repository, result built claims object referenced in authenticateresult object , return back.

so thought claims should available on client, no need make further request, makes second request getprofiledataasync method called, , based on document:

this method called whenever claims user requested (e.g. during token creation or via userinfo endpoint

which kinda of making sense, mean need call database again retrieve customer data again, , rebuild claims same did in authenticatelocalasync method?

if so, what's point pass claims in first authenticate method?

can explain please?

thanks

ming

the call getprofiledataasync has claimsprincipal. claims put there in authentication stage should on principal. no need db roundtrip.

if claims not found there, bug , should open issue on issue tracker.


Comments

Popular posts from this blog

Payment information shows nothing in one page checkout page magento -

tcpdump - How to check if server received packet (acknowledged) -