public IdentityTokenResponse PostJSONToken(IdentityTokenRequest token)
        {
            IdentityTokenResponse response = new IdentityTokenResponse();

            try
            {
                IdentityToken identityToken = null;

                using (DecodedJsonToken decodedToken = JsonTokenDecoder.Decode(token))
                {
                    if (decodedToken.IsValid)
                    {
                        identityToken = new IdentityToken(token, decodedToken.Audience, decodedToken.AuthMetadataUri);
                    }
                }

                response.token = identityToken;
            }
            catch (Exception ex)
            {
                response.errorMessage = ex.Message;
            }

            return(response);
        }
        public async System.Threading.Tasks.Task <AppointmentProxyResponse> PostServiceRequest(AppointmentProxyRequest proxyRequest)
        {
            AppointmentProxyResponse proxyResponse = new AppointmentProxyResponse();

            try
            {
                IdentityToken identityToken       = null;
                var           organizerDomain     = string.Empty;
                var           thirdPartyEventId   = (string.IsNullOrEmpty(proxyRequest.thirdPartyEventId)) ? string.Empty : proxyRequest.thirdPartyEventId;
                var           thirdPartySecretKey = string.Empty;

                using (DecodedJsonToken decodedToken = JsonTokenDecoder.Decode(proxyRequest))
                {
                    if (decodedToken.IsValid)
                    {
                        identityToken = new IdentityToken(proxyRequest, decodedToken.Audience, decodedToken.AuthMetadataUri);

                        // todo - add whatever logic you need to do here
                        if (!string.IsNullOrEmpty(proxyRequest.organizerEmailAddress))
                        {
                            organizerDomain = proxyRequest.organizerEmailAddress.Split('@')[1];
                        }

                        if (string.IsNullOrEmpty(thirdPartyEventId))
                        {
                            thirdPartyEventId = $"KF{Guid.NewGuid().ToString()}";
                        }

                        var secretKey = organizerDomain.Replace('.', '-');

                        thirdPartySecretKey = await KeyVaultClientHelper.GetDomainSecret(secretKey);
                    }
                }

                proxyResponse.token               = identityToken;
                proxyResponse.organizerTenant     = organizerDomain;
                proxyResponse.thirdPartyEventId   = thirdPartyEventId;
                proxyResponse.thirdPartySecretKey = thirdPartySecretKey;
            }
            catch (Exception ex)
            {
                proxyResponse.errorMessage = ex.Message;
            }

            return(proxyResponse);
        }
        public async Task <HttpResponseMessage> Validate([FromBody] IdentityTokenRequest token)
        {
            //validate the identity token passed from the client
            IdentityTokenResponse response = new IdentityTokenResponse();

            try
            {
                //decode and validate the token passed in
                IdentityToken identityToken = null;
                using (DecodedJsonToken decodedToken = JsonTokenDecoder.Decode(token))
                {
                    if (decodedToken.IsValid)
                    {
                        identityToken = new IdentityToken(token, decodedToken.Audience, decodedToken.AuthMetadataUri);
                    }
                }
                response.token = identityToken;

                //now that the key is validated, we can perform a lookup against DocDB for it's hased value (combination of metadata document URL with the Exchange identifier)
                if (identityToken != null)
                {
                    //the token is valid...check if user is valid (has valid refresh token)
                    response.validToken = true;
                    string hash = ComputeSHA256Hash(response.token.uniqueID, response.token.amurl, Salt);
                    response.user = DocumentDBRepository <UserModel> .GetItem("Users", i => i.hash == hash);

                    if (response.user != null)
                    {
                        //check for and validate the refresh token
                        if (!String.IsNullOrEmpty(response.user.refresh_token))
                        {
                            var graphToken = await TokenHelper.GetAccessTokenWithRefreshToken(response.user.refresh_token, SettingsHelper.O365UnifiedAPIResourceId);

                            if (graphToken != null)
                            {
                                //TODO: get the user details against AAD Graph
                                response.validUser = true;
                            }
                        }
                    }
                    else
                    {
                        //the user doesn't exist, so we can add a placeholder record in the data store...TODO: get more data on user????
                        response.user = new UserModel()
                        {
                            id = Guid.NewGuid().ToString().ToLower(), hash = hash
                        };
                        await DocumentDBRepository <UserModel> .CreateItemAsync("Users", response.user);
                    }
                }
                else
                {
                    //this was an invalid token!!!!
                }
            }
            catch (Exception ex)
            {
                response.errorMessage = ex.Message;
            }

            return(Request.CreateResponse <IdentityTokenResponse>(HttpStatusCode.OK, response));
        }