public ActionResult LogOn()
        {
            ViewData["message"] = "You are not logged in";

            OpenIdRelyingParty openid = new OpenIdRelyingParty();
            IAuthenticationResponse response = openid.GetResponse();

            //check for ReturnUrl, which we should have if we use forms
            //authentication and [Authorise] on our controllers
            if (Request.Params["ReturnUrl"] != null)
                Session["ReturnUrl"] = Request.Params["ReturnUrl"];

            if (response != null && response.Status == AuthenticationStatus.Authenticated)
            {
                string cid = response.ClaimedIdentifier;

                var claimUntrusted = response.GetUntrustedExtension<ClaimsResponse>();
                var fetchUntrusted = response.GetUntrustedExtension<FetchResponse>();

                var claim = response.GetExtension<ClaimsResponse>();
                var fetch = response.GetExtension<FetchResponse>();

                UserData userData = null;

                if (claim != null)
                {
                    userData = new UserData();
                    userData.ClaimedIdentifier = cid;
                    userData.Email = claim.Email;
                    userData.FullName = claim.FullName;
                    //Grab Google Profile details
                    if (String.IsNullOrEmpty(claim.FullName) && fetch.Attributes.Count() != 0)
                        userData.FullName = String.Format("{0} {1}",
                            fetch.Attributes["http://axschema.org/namePerson/first"].Values[0].ToString(),
                            fetch.Attributes["http://axschema.org/namePerson/last"].Values[0].ToString());
                }

                //fallback to claim untrusted, as some OpenId providers may not
                //provide the trusted ClaimsResponse, so we have to fallback to
                //trying the untrusted on
                if (claimUntrusted != null && userData == null)
                {
                    userData = new UserData();
                    userData.ClaimedIdentifier = cid;
                    userData.Email = claimUntrusted.Email;
                    userData.FullName = claimUntrusted.FullName;
                }

                //RoundTrip to the DB
                User usr = (from u in db.Users.Where(n => n.ClaimedIdentifier == cid)
                            select u).FirstOrDefault();

                if (usr != null)
                {
                    //Update the User
                    usr.Email = userData.Email;
                    usr.Name = userData.FullName;
                    db.ObjectStateManager.ChangeObjectState(usr, EntityState.Modified);
                    //Setup role
                    if (ConfigurationManager.AppSettings["appAdmin"] == cid)
                        userData.IsAdmin = true;
                    db.SaveChanges();
                }
                else
                {
                    //Insert the User
                    db.Users.AddObject(new User
                    {
                        ClaimedIdentifier = response.ClaimedIdentifier,
                        Email = userData.Email,
                        IsAdmin = ConfigurationManager.AppSettings["appAdmin"] == cid ? true : false,
                        Name = userData.FullName
                    });
                    db.SaveChanges();
                }

                //now store Forms Authorization cookie
                IssueAuthTicket(userData, true);

                //store ClaimedIdentifier it in Session
                //(this would more than likely be something you would store in a database I guess
                Session["ClaimedIdentifierMessage"] = response.ClaimedIdentifier;

                //If we have a ReturnUrl we MUST be using forms authentication,
                //so redirect to the original ReturnUrl
                if (Session["ReturnUrl"] != null)
                {
                    string url = Session["ReturnUrl"].ToString();
                    return new RedirectResult(url);
                }
                //This should not happen if all controllers have [Authorise] used on them
                else
                    return RedirectToAction("Index", new { Controller = "acct" });
            }
            return View("LogOn");
        }
        /// <summary>
        /// Issue forms authentication ticket for authenticated user, and store the cookie
        /// </summary>
        private void IssueAuthTicket(UserData userData, bool rememberMe)
        {
            FormsAuthenticationTicket ticket =
                new FormsAuthenticationTicket(1, userData.ClaimedIdentifier.ToString(),
                    DateTime.Now, DateTime.Now.AddDays(10),
                    rememberMe, userData.IsAdmin == true ? "Admin" : "");

            string ticketString = FormsAuthentication.Encrypt(ticket);
            HttpCookie cookie = new HttpCookie(FormsAuthentication.FormsCookieName, ticketString);
            if (rememberMe)
                cookie.Expires = DateTime.Now.AddDays(10);

            HttpContext.Response.Cookies.Add(cookie);
        }