From 6e4da2cf13e79694939aa2a7781c15960ffda151 Mon Sep 17 00:00:00 2001
From: Jared Snider <jsnider@bitwarden.com>
Date: Fri, 30 May 2025 17:16:17 -0400
Subject: [PATCH] PM-20532 - ProfileService.cs - add todos & comments

---
 src/Identity/IdentityServer/ProfileService.cs | 6 ++++--
 1 file changed, 4 insertions(+), 2 deletions(-)

diff --git a/src/Identity/IdentityServer/ProfileService.cs b/src/Identity/IdentityServer/ProfileService.cs
index ce491608b7..8a7ea0a2fb 100644
--- a/src/Identity/IdentityServer/ProfileService.cs
+++ b/src/Identity/IdentityServer/ProfileService.cs
@@ -40,12 +40,16 @@ public class ProfileService : IProfileService
     {
         var existingClaims = context.Subject.Claims;
 
+        // TODO: add comment for why we can exempt send client logic from other logic below
         if (context.Client.ClientId == BitwardenClient.Send)
         {
             // preserve all claims that were already on context.Subject
             // which includes the ones added by the SendAccessGrantValidator
             context.IssuedClaims.AddRange(existingClaims);
             return;
+
+            // If we ever get more clients that need to skip the logic below, consider a configuration
+            // based approach like context.Client.Properties.TryGetValue("skipProfileService");
         }
 
         // Whenever IdentityServer issues a new access token or services a UserInfo request, it calls
@@ -88,8 +92,6 @@ public class ProfileService : IProfileService
         }
     }
 
-    // TODO: this will be called for the SendAccessGrantValidator and no security token stamp will exist.
-
     public async Task IsActiveAsync(IsActiveContext context)
     {
         if (context.Client.ClientId == BitwardenClient.Send)