public Token RetrieveAndStoreAccessToken(string userId, string tokenKey, string verifier) { var existingAccessToken = Store.FindAsync(userId).Result; if (existingAccessToken != null) { if (!existingAccessToken.HasExpired) { return(new TokenAdapter(existingAccessToken)); } else { Store.DeleteAsync(existingAccessToken); } } var requestToken = requestTokenStore.FindAsync(userId).Result; if (requestToken == null) { throw new ApplicationException("Failed to look up request token for user"); } //Delete the request token from the _requestTokenStore as the next few lines will render it useless for the future. requestTokenStore.DeleteAsync(requestToken); if (requestToken.TokenKey != tokenKey) { throw new ApplicationException("Request token key does not match"); } var accessToken = Tokens.GetAccessTokenAsync( requestToken, GetAuthorization(requestToken, "POST", Tokens.AccessTokenEndpoint, null, verifier)) .Result; accessToken.UserId = userId; Store.AddAsync(accessToken); return(new TokenAdapter(accessToken)); }