public async Task <IActionResult> AuthReturn( [FromQuery] string code, [FromQuery] string state) { var stateFromCookie = HttpContext.Session.GetString(_googleSessionSettings.StateKey); if (stateFromCookie != state) { return(RedirectToAction("Index", "Home")); } var redirectUri = ApiUri.GetGoogleRedirectUri(HttpContext); var tokens = await _googleService.GetTokensFromApi(code, redirectUri); HttpContext.Session.SetString(_googleSessionSettings.AccessTokenKey, tokens.AccessToken); HttpContext.Session.SetString(_googleSessionSettings.IdTokenKey, tokens.IdToken); return(RedirectToAction("Profile")); }