public async Task <IActionResult> Authorize(
            [EnableIntegratedWebClient, ModelBinder(typeof(AuthorizationRequestModelBinder))] AuthorizationRequest authorization)
        {
            if (!authorization.IsValid)
            {
                return(this.InvalidAuthorization(authorization.Error));
            }

            var authorizationResult = await _sessionManager.IsAuthorizedAsync(authorization);

            if (authorizationResult.Status == AuthorizationStatus.Forbidden)
            {
                return(this.InvalidAuthorization(authorizationResult.Error));
            }

            if (authorizationResult.Status == AuthorizationStatus.LoginRequired)
            {
                return(RedirectToLogin(nameof(AccountController.Login), "Account", authorization.Message));
            }

            var context = authorization.CreateTokenGeneratingContext(
                authorizationResult.User,
                authorizationResult.Application);

            AddAmbientClaims(context);

            await _tokenManager.IssueTokensAsync(context);

            var response = await _authorizationResponseFactory.CreateAuthorizationResponseAsync(context);

            await _sessionManager.StartSessionAsync(authorizationResult.User, authorizationResult.Application);

            return(this.ValidAuthorization(response));
        }
        public async Task <IActionResult> Authorize(
            [EnableIntegratedWebClient, ModelBinder(typeof(AuthorizationRequestModelBinder))] AuthorizationRequest authorization)
        {
            if (!authorization.IsValid)
            {
                return(this.InvalidAuthorization(authorization.Error));
            }

            var authorizationResult = await _sessionManager.IsAuthorizedAsync(authorization);

            if (authorizationResult.Status == AuthorizationStatus.Forbidden)
            {
                return(this.InvalidAuthorization(authorizationResult.Error));
            }

            if (authorizationResult.Status == AuthorizationStatus.LoginRequired)
            {
                return(RedirectToLogin(nameof(AccountController.Login), "Account", authorization.Message));
            }

            var context = authorization.CreateTokenGeneratingContext(
                authorizationResult.User,
                authorizationResult.Application);

            context.AmbientClaims.Add(new Claim("policy", "signinsignup"));
            context.AmbientClaims.Add(new Claim("version", "1.0"));
            context.AmbientClaims.Add(new Claim("tenantId", "CDF07358 -BA97-470F-93CD-FC46E1B57F99"));

            await _tokenManager.IssueTokensAsync(context);

            var response = await _authorizationResponseFactory.CreateAuthorizationResponseAsync(context);

            await _sessionManager.StartSessionAsync(authorizationResult.User, authorizationResult.Application);

            return(this.ValidAuthorization(response));
        }