public async Task <IHttpActionResult> ConfirmEmail(string userId = "", string code = "")
        {
            if (string.IsNullOrWhiteSpace(userId) || string.IsNullOrWhiteSpace(code))
            {
                ModelState.AddModelError("", JWTAuthServerConstants.UserIdAndCode);
                return(BadRequest(ModelState));
            }

            var result = await JWTUserManager.ConfirmEmailAsync(userId, code);

            if (result.Succeeded)
            {
                // Assigning the default user role when successfully confirming the email
                // so the user will have the default rights to access the API.
                await JWTUserManager.AddToRoleAsync(userId,
                                                    ConfigurationManager.AppSettings["JWTServer.InitialUserRole"]);

                var confirmedUser = JWTUserManager.FindById(userId);
                var client        = JWTClientManager.FindById(confirmedUser.ClientId);

                JWTMailer.Send(confirmedUser.Email, JWTAuthServerConstants.ConfirmResponseMailSubject,
                               string.Format(JWTAuthServerConstants.ConfirmResponseMailBody, client.Name));

                return(Ok());
            }
            else
            {
                return(GetErrorResult(result));
            }
        }
        public async Task <IHttpActionResult> RegisterExternal(RegisterExternalBindingModel model)
        {
            if (!ModelState.IsValid)
            {
                return(BadRequest(ModelState));
            }

            var verifiedAccessToken = await VerifyExternalAccessToken(model.Provider, model.ExternalAccessToken);

            if (verifiedAccessToken == null)
            {
                return(BadRequest("Invalid Provider or External Access Token"));
            }

            var user =
                await JWTUserLoginManager.FindUserByLoginAsync(new IdentityUserLogin()
            {
                LoginProvider = model.Provider,
                ProviderKey   = verifiedAccessToken.user_id
            }
                                                               );

            var hasRegistered = user != null;

            if (hasRegistered)
            {
                return(BadRequest("External user is already registered"));
            }

            user = new IdentityUser(model.ClientId, model.UserName)
            {
                Email = model.EMail
            };

            var result = await JWTUserManager.CreateAsync(user);

            if (!result.Succeeded)
            {
                return(GetErrorResult(result));
            }

            var userRole = await JWTRoleManager.FindByNameAsync(IdentityConstants.User);

            if (userRole != null)
            {
                await JWTUserManager.AddToRoleAsync(user, userRole);
            }

            result = await JWTUserLoginManager.CreateAsync(new IdentityUserLogin()
            {
                UserId          = user.Id
                , ClientId      = user.ClientId
                , LoginProvider = model.Provider
                , ProviderKey   = verifiedAccessToken.user_id
            }
                                                           );

            if (!result.Succeeded)
            {
                return(GetErrorResult(result));
            }

            //generate access token response
            var accessTokenResponse = GenerateLocalAccessTokenResponse(user);

            return(Ok(accessTokenResponse));
        }