public override async Task <object> AuthenticateAsync(IServiceBase authService, IAuthSession session, Authenticate request, CancellationToken token = default) { var tokens = this.Init(authService, ref session, request); var ctx = CreateAuthContext(authService, session, tokens); //Transferring AccessToken/Secret from Mobile/Desktop App to Server if (request?.AccessToken != null) { if (VerifyAccessToken == null) { throw new NotImplementedException($"VerifyAccessToken is not implemented by {Provider}"); } if (!VerifyAccessToken(request.AccessToken)) { return(HttpError.Unauthorized($"AccessToken is not for the configured {Provider} App")); } var failedResult = await AuthenticateWithAccessTokenAsync(authService, session, tokens, request.AccessToken, token).ConfigAwait(); var isHtml = authService.Request.IsHtml(); if (failedResult != null) { return(ConvertToClientError(failedResult, isHtml)); } return(isHtml ? authService.Redirect(SuccessRedirectUrlFilter(ctx, session.ReferrerUrl.SetParam("s", "1"))) : null); //return default AuthenticateResponse } var authServer = new AuthorizationServerDescription { AuthorizationEndpoint = new Uri(this.AuthorizeUrl), TokenEndpoint = new Uri(this.AccessTokenUrl) }; AuthServerFilter?.Invoke(authServer); var authClient = new WebServerClient(authServer, this.ConsumerKey) { ClientCredentialApplicator = ClientCredentialApplicator.PostParameter(this.ConsumerSecret), }; AuthClientFilter?.Invoke(authClient); var authState = ProcessUserAuthorization(authClient, authServer, authService); if (authState == null) { try { var authReq = authClient.PrepareRequestUserAuthorization(this.Scopes, new Uri(this.CallbackUrl)); var authContentType = authReq.Headers[HttpHeaders.ContentType]; var httpResult = new HttpResult(authReq.ResponseStream, authContentType) { StatusCode = authReq.Status, StatusDescription = "Moved Temporarily" }; foreach (string header in authReq.Headers) { httpResult.Headers[header] = authReq.Headers[header]; } foreach (string name in authReq.Cookies) { var cookie = authReq.Cookies[name]; if (cookie != null) { httpResult.AddCookie(authService.Request, cookie.ToCookie()); } } await this.SaveSessionAsync(authService, session, SessionExpiry, token).ConfigAwait(); return(httpResult); } catch (ProtocolException ex) { Log.Error("Failed to login to {0}".Fmt(this.Provider), ex); return(authService.Redirect(FailedRedirectUrlFilter(ctx, session.ReferrerUrl.SetParam("f", "Unknown")))); } } var accessToken = authState.AccessToken; if (accessToken != null) { tokens.RefreshToken = authState.RefreshToken; tokens.RefreshTokenExpiry = authState.AccessTokenExpirationUtc; } if (accessToken != null) { try { return(await AuthenticateWithAccessTokenAsync(authService, session, tokens, accessToken, token).ConfigAwait() ?? authService.Redirect(SuccessRedirectUrlFilter(ctx, session.ReferrerUrl.SetParam("s", "1")))); } catch (WebException we) { var statusCode = ((HttpWebResponse)we.Response).StatusCode; if (statusCode == HttpStatusCode.BadRequest) { return(authService.Redirect(FailedRedirectUrlFilter(ctx, session.ReferrerUrl.SetParam("f", "AccessTokenFailed")))); } } } return(authService.Redirect(FailedRedirectUrlFilter(ctx, session.ReferrerUrl.SetParam("f", "RequestTokenFailed")))); }