public async override Task Invoke(IOwinContext context)
{
string code = context.Request.Query["code"];
if (code != null)
{
//extract state
string state = HttpUtility.UrlDecode(context.Request.Query["state"]);
string signedInUserID = context.Authentication.User.FindFirst(System.IdentityModel.Claims.ClaimTypes.NameIdentifier).Value;
HttpContextBase hcb = context.Environment["System.Web.HttpContextBase"] as HttpContextBase;
//validate state
CodeRedemptionData crd = OAuth2RequestManager.ValidateState(state, hcb);
if (crd != null)
{
//if valid, redeem code
IConfidentialClientApplication cc = await MsalAppBuilder.BuildConfidentialClientApplication();
AuthenticationResult result = await cc.AcquireTokenByAuthorizationCode(crd.Scopes, code).ExecuteAsync().ConfigureAwait(false);
//redirect to original requestor
context.Response.StatusCode = 302;
context.Response.Headers.Set("Location", crd.RequestOriginatorUrl);
}
else
{
context.Response.StatusCode = 302;
context.Response.Headers.Set("Location", "/Error?message=" + "code_redeem_failed");
}
}
else
{
await Next.Invoke(context);
}
}
