public override object Authenticate(IServiceBase authService, IAuthSession session, Authenticate request) { var tokens = this.Init(authService, ref session, request); var authServer = new AuthorizationServerDescription { AuthorizationEndpoint = new Uri(this.AuthorizeUrl), TokenEndpoint = new Uri(this.AccessTokenUrl) }; if (AuthServerFilter != null) AuthServerFilter(authServer); var authClient = new WebServerClient(authServer, this.ConsumerKey) { ClientCredentialApplicator = ClientCredentialApplicator.PostParameter(this.ConsumerSecret), AuthorizationTracker = new DotNetOpenAuthTokenManager(), }; if (AuthClientFilter != null) AuthClientFilter(authClient); var authState = ProcessUserAuthorization(authClient, authServer, authService); if (authState == null) { try { var authReq = authClient.PrepareRequestUserAuthorization(this.Scopes, new Uri(this.CallbackUrl)); var authContentType = authReq.Headers[HttpHeaders.ContentType]; var httpResult = new HttpResult(authReq.ResponseStream, authContentType) { StatusCode = authReq.Status, StatusDescription = "Moved Temporarily" }; foreach (string header in authReq.Headers) { httpResult.Headers[header] = authReq.Headers[header]; } foreach (string name in authReq.Cookies) { var cookie = authReq.Cookies[name]; if (cookie != null) { httpResult.SetCookie(name, cookie.Value, cookie.Expires, cookie.Path, cookie.Secure, cookie.HttpOnly); } } authService.SaveSession(session, this.SessionExpiry); return httpResult; } catch (ProtocolException ex) { Log.Error("Failed to login to {0}".Fmt(this.Provider), ex); return authService.Redirect(FailedRedirectUrlFilter(this, session.ReferrerUrl.SetParam("f", "Unknown"))); } } var accessToken = authState.AccessToken; if (accessToken != null) { try { tokens.AccessToken = accessToken; tokens.RefreshToken = authState.RefreshToken; tokens.RefreshTokenExpiry = authState.AccessTokenExpirationUtc; var authInfo = this.CreateAuthInfo(accessToken); session.IsAuthenticated = true; return OnAuthenticated(authService, session, tokens, authInfo) ?? authService.Redirect(SuccessRedirectUrlFilter(this, session.ReferrerUrl.SetParam("s", "1"))); } catch (WebException we) { var statusCode = ((HttpWebResponse)we.Response).StatusCode; if (statusCode == HttpStatusCode.BadRequest) { return authService.Redirect(FailedRedirectUrlFilter(this, session.ReferrerUrl.SetParam("f", "AccessTokenFailed"))); } } } return authService.Redirect(FailedRedirectUrlFilter(this, session.ReferrerUrl.SetParam("f", "RequestTokenFailed"))); }