public ActionResult Authenticate(string success, string failure, string state) { string key = Guid.NewGuid().ToStringValue(); OAuthState authState = new OAuthState(); authState.FailureUrl = failure; authState.SuccessUrl = success; authState.State = state; this.stateManager.SaveState(key, authState); UrlBuilder urlBuilder = new UrlBuilder(SocialApiSetting.BuildUrl(this.context.Config.Social.Twitter.Domain, "social/twitter/authorize")); urlBuilder.QueryString.Add("state", key); TwitterClient client = new TwitterClient(this.context.Config.Social.Twitter.AppKey, this.context.Config.Social.Twitter.AppSecret); var tempCredential = client.GetRequestToken(urlBuilder.ToString()); if (tempCredential == null || !tempCredential.OAuthCallbackConfirmed) { return(new RedirectResult(failure)); } var authorizationUrl = client.BuildAuthorizationUrl(tempCredential); ITokenManager tokenManager = Container.Get <ITokenManager>(); tokenManager.SaveRequestToken(key, tempCredential); return(new RedirectResult(authorizationUrl)); }