public async Task <IHttpActionResult> GetExternalLogin(string provider, string error = null) { var redirectUri = string.Empty; var outError = string.Empty; var outClient = new Client(); if (error != null) { return(BadRequest(Uri.EscapeDataString(error))); } if (!User.Identity.IsAuthenticated) { return(new ChallengeResult(provider, this)); } if (!_authService.ValidateClient(Request, ref outError, ref outClient)) { return(BadRequest(outError)); } if (!_authService.ValidateRedirectUri(ref redirectUri, ref outError, Request, outClient)) { return(BadRequest(outError)); } var externalLogin = ExternalLoginData.FromIdentity(User.Identity as ClaimsIdentity); if (externalLogin == null) { return(InternalServerError()); } if (externalLogin.LoginProvider != provider) { Authentication.SignOut(DefaultAuthenticationTypes.ExternalCookie); return(new ChallengeResult(provider, this)); } var user = await _repo.FindUserAsync(new UserLoginInfo(externalLogin.LoginProvider, externalLogin.ProviderKey)); var hasRegistered = user != null; redirectUri = string.Format("{0}#external_access_token={1}&provider={2}&haslocalaccount={3}&external_user_name={4}&user_id={5}", redirectUri, externalLogin.ExternalAccessToken, externalLogin.LoginProvider, hasRegistered, externalLogin.UserName, externalLogin.UserId); return(Redirect(redirectUri)); }