public async Task <ContentResult> Authorize([FromQuery(Name = "state")] string state, [FromQuery(Name = "code")] string code = null, [FromQuery(Name = "error")] string error = null) { string userId = GetUserId(); // if Spotify returned an error, throw it if (error != null) { throw new SpotifyApiErrorException(error); } // Use the code to request a token var tokens = await _userAccounts.RequestAccessRefreshToken(userId, code); var userAuth = _authService.SetUserAuthRefreshToken(userId, tokens); //TODO: check state is valid _stateService.ValidateState(state, userId); // return an HTML result that posts a message back to the opening window and then closes itself. return(new ContentResult { ContentType = "text/html", StatusCode = (int)HttpStatusCode.OK, Content = $"<html><body><script>window.opener.postMessage(true, \"*\");window.close()</script>Spotify Authorization successful. You can close this window now</body></html>" }); }