/// <summary>
        /// Perform the OAuth authorization via code
        /// </summary>
        /// <param name="code"></param>
        /// <returns></returns>
        public static async Task <Credentials> CreateFromCodeAsync(string code, IResponseCookies cookies)
        {
            ThreeLeggedApi oauth = new ThreeLeggedApi();

            dynamic credentialInternal = await oauth.GettokenAsync(
                GetAppSetting("FORGE_CLIENT_ID"), GetAppSetting("FORGE_CLIENT_SECRET"),
                oAuthConstants.AUTHORIZATION_CODE, code, GetAppSetting("FORGE_CALLBACK_URL"));

            dynamic credentialPublic = await oauth.RefreshtokenAsync(
                GetAppSetting("FORGE_CLIENT_ID"), GetAppSetting("FORGE_CLIENT_SECRET"),
                "refresh_token", credentialInternal.refresh_token, new Scope[] { Scope.ViewablesRead });

            Credentials credentials = new Credentials();

            credentials.TokenInternal = credentialInternal.access_token;
            credentials.TokenPublic   = credentialPublic.access_token;
            credentials.RefreshToken  = credentialPublic.refresh_token;
            credentials.ExpiresAt     = DateTime.Now.AddSeconds(credentialInternal.expires_in);
            credentials.UserId        = await GetUserId(credentials);

            cookies.Append(FORGE_COOKIE, JsonConvert.SerializeObject(credentials));

            // add a record on our database for the tokens and refresh token
            await OAuthDB.Register(credentials.UserId, JsonConvert.SerializeObject(credentials));

            return(credentials);
        }
        public static async Task <Credentials> FromDatabaseAsync(string userId)
        {
            var doc = await OAuthDB.GetCredentials(userId);

            Credentials credentials = new Credentials();

            credentials.TokenInternal = (string)doc["TokenInternal"];
            credentials.TokenPublic   = (string)doc["TokenPublic"];
            credentials.RefreshToken  = (string)doc["RefreshToken"];
            credentials.ExpiresAt     = DateTime.Parse((string)doc["ExpiresAt"]);
            credentials.UserId        = userId;

            if (credentials.ExpiresAt < DateTime.Now)
            {
                await credentials.RefreshAsync();
            }

            return(credentials);
        }
        /// <summary>
        /// Refresh the credentials (internal & external)
        /// </summary>
        /// <returns></returns>
        private async Task RefreshAsync()
        {
            ThreeLeggedApi oauth = new ThreeLeggedApi();

            dynamic credentialInternal = await oauth.RefreshtokenAsync(
                GetAppSetting("FORGE_CLIENT_ID"), GetAppSetting("FORGE_CLIENT_SECRET"),
                "refresh_token", RefreshToken, new Scope[] { Scope.DataRead, Scope.DataCreate, Scope.DataWrite, Scope.ViewablesRead });

            dynamic credentialPublic = await oauth.RefreshtokenAsync(
                GetAppSetting("FORGE_CLIENT_ID"), GetAppSetting("FORGE_CLIENT_SECRET"),
                "refresh_token", credentialInternal.refresh_token, new Scope[] { Scope.ViewablesRead });

            TokenInternal = credentialInternal.access_token;
            TokenPublic   = credentialPublic.access_token;
            RefreshToken  = credentialPublic.refresh_token;
            ExpiresAt     = DateTime.Now.AddSeconds(credentialInternal.expires_in);

            // update the record on our database for the tokens and refresh token
            await OAuthDB.Register(await GetUserId(this), JsonConvert.SerializeObject(this));
        }