public void Authorize(HttpResponse Response, bool IsSecure) { Requires.PropertyNotNullOrEmpty("Config", "TenantDomain", Config.TenantDomain); Requires.PropertyNotNullOrEmpty("Config", "ClientId", Config.ClientId); var cookie = AntiForgery.GenerateCookie(IsSecure); var apiClient = new AuthenticationApiClient(Config.TenantDomain); var authBuilder = apiClient.BuildAuthorizationUrl() .WithResponseType(AuthorizationResponseType.Code) .WithClient(Config.ClientId) .WithRedirectUrl(RedirectUrl) .WithScope(_Scope) .WithState(cookie.Value); var authorizationUrl = string.IsNullOrEmpty(Config.ConnectionName) ? authBuilder.Build() : authBuilder.WithConnection(Config.ConnectionName).Build(); Response.Cookies.Set(cookie); Response.Redirect(authorizationUrl.ToString(), true); }