public async Task <IActionResult> Authenticate( [FromQuery] string client_id, [FromQuery] string scope, [FromQuery] string response_type, [FromQuery] string redirect_uri, [FromQuery] string state, UserSignIn userSignIn) { var query = new QueryBuilder(); query.Add("state", state); if (string.IsNullOrEmpty(state) || string.IsNullOrEmpty(client_id)) { query.Add("error", "invalid_request"); return(Redirect($"{redirect_uri}?{query}")); } if (!_appSettings.OAuthSettings.Clients.Contains(client_id)) { query.Add("error", "unauthorized_client"); return(Redirect($"{redirect_uri}?{query}")); } if (response_type != "code") { query.Add("error", "unsupported_response_type"); return(Redirect($"{redirect_uri}?{query}")); } var user = await _userRepository.GetAsync(userSignIn.Email); if ((user is null) || !user.CheckPassword(userSignIn.Password)) { query.Add("error", "access_denied"); } UserToken userToken = new UserToken(user.Email, redirect_uri, DateTime.Now.AddMinutes(5).Ticks); await _userTokenRepository.CreateAsync(userToken); query.Add("code", userToken.AuthorizationCode); return(Redirect($"{redirect_uri}{query}")); }