public void Handle(HttpContext context)
        {
            if (context.Request.Method == "GET")
            {
                var state = context.Request.Query["State"];
                _nonce = context.Request.Query["Nonce"];

                _idToken = _generator.GenerateToken(new ClaimsIdentity(new List <Claim>
                {
                    new Claim("sub", "blah"),
                    new Claim("nonce", _nonce)
                }));

                var code = Guid.NewGuid().ToString();
                NonceStorage.Add(code, _nonce);

                using (var client = new HttpClient())
                {
                    client.PostAsync(_callbackUrl, new FormUrlEncodedContent(new List <KeyValuePair <string, string> >
                    {
                        new KeyValuePair <string, string>("access_token", _accessToken),
                        new KeyValuePair <string, string>("refresh_token", _refreshToken),
                        new KeyValuePair <string, string>("code", code),
                        new KeyValuePair <string, string>("state", state),
                        new KeyValuePair <string, string>("id_token", _idToken),
                        new KeyValuePair <string, string>("nonce", _nonce)
                    })).Wait();
                }

                return;
            }

            if (context.Request.Method == "POST")
            {
                var responseData = JsonConvert.SerializeObject(new TokenResponseWrapper(_accessToken, _refreshToken)
                {
                    IdentityToken = _idToken
                });

                var memStream   = new MemoryStream();
                var streamWrite = new StreamWriter(memStream);
                streamWrite.Write(responseData);
                streamWrite.Flush();
                memStream.Position = 0;
                memStream.CopyTo(context.Response.Body);

                context.Response.ContentType = "application/json";
                context.Response.StatusCode  = (int)HttpStatusCode.OK;
            }
        }
        public void HandleTokenExchange(HttpContext context)
        {
            var streamReader = new StreamReader(context.Request.Body);
            var data         = streamReader.ReadToEnd();
            var dataArray    = data.Split("&");
            var codeArray    = dataArray.First(x => x.StartsWith("code")).Split("=");

            var(code, nonce) = NonceStorage.First(x => x.Key == codeArray[1]);

            _idToken = _generator.GenerateToken(new ClaimsIdentity(new List <Claim>
            {
                new Claim("sub", "blah"),
                new Claim("nonce", nonce)
            }));

            var response = new
            {
                access_token  = _accessToken,
                refresh_token = _refreshToken,
                code,
                id_token = _idToken,
                nonce
            };

            var jsonResponse = JsonConvert.SerializeObject(response);

            context.Response.ContentType = "application/json";
            context.Response.StatusCode  = (int)HttpStatusCode.OK;
            var memStream   = new MemoryStream();
            var streamWrite = new StreamWriter(memStream);

            streamWrite.Write(jsonResponse);
            streamWrite.Flush();
            memStream.Position = 0;
            memStream.CopyTo(context.Response.Body);
        }