public async Task <IHttpActionResult> RegisterExternal(RegisterExternalBindingModel model) { if (!ModelState.IsValid) { return(BadRequest(ModelState)); } ExternalAccessToken externalToken = ExternalTokenHandler.Unprotect(model.ExternalAccessToken); if (externalToken == null || !externalToken.IsValid) { return(BadRequest("External login failure.")); } string existingUserId = await IdentityStore.GetUserIdForLogin(externalToken.LoginProvider, externalToken.ProviderKey); if (!String.IsNullOrEmpty(existingUserId)) { return(BadRequest("The external login is already associated with an account.")); } if (await IdentityStore.GetUserIdForLocalLogin(model.UserName) != null) { return(BadRequest("A user with the name '{0}' already exists.", model.UserName)); } // Create a profile and link the local account before signing in the user User user = new User(model.UserName); try { if (!await IdentityStore.CreateExternalUser(user, externalToken.LoginProvider, externalToken.ProviderKey)) { return(BadRequest("Failed to create login for '{0}'.", model.UserName)); } } catch (IdentityException e) { return(BadRequest(e.ToString())); } InitiateDatabaseForNewUser(user.Id); ClaimsIdentity identity = await GetIdentityAsync(user.Id); string token = CreateAccessToken(identity); return(OAuthAccessToken(token, "bearer", user.UserName)); }