public async Task <IHttpActionResult> GetExternalLogin(string provider, string error = null)
        {
            var redirectUri = string.Empty;
            var outError    = string.Empty;
            var outClient   = new Client();

            if (error != null)
            {
                return(BadRequest(Uri.EscapeDataString(error)));
            }

            if (!User.Identity.IsAuthenticated)
            {
                return(new ChallengeResult(provider, this));
            }

            if (!_authService.ValidateClient(Request, ref outError, ref outClient))
            {
                return(BadRequest(outError));
            }

            if (!_authService.ValidateRedirectUri(ref redirectUri, ref outError, Request, outClient))
            {
                return(BadRequest(outError));
            }

            var externalLogin = ExternalLoginData.FromIdentity(User.Identity as ClaimsIdentity);

            if (externalLogin == null)
            {
                return(InternalServerError());
            }

            if (externalLogin.LoginProvider != provider)
            {
                Authentication.SignOut(DefaultAuthenticationTypes.ExternalCookie);
                return(new ChallengeResult(provider, this));
            }

            var user = await _repo.FindUserAsync(new UserLoginInfo(externalLogin.LoginProvider, externalLogin.ProviderKey));

            var hasRegistered = user != null;

            redirectUri = string.Format("{0}#external_access_token={1}&provider={2}&haslocalaccount={3}&external_user_name={4}&user_id={5}",
                                        redirectUri,
                                        externalLogin.ExternalAccessToken,
                                        externalLogin.LoginProvider,
                                        hasRegistered,
                                        externalLogin.UserName,
                                        externalLogin.UserId);

            return(Redirect(redirectUri));
        }