public async Task <ActionResult> Authorize(string code, string state)
{
if (string.IsNullOrEmpty(code))
{
return(RedirectToAction("Index", "Home"));
}
var expectedState = HttpContext.Session.GetString("CSRF:State");
if (state != expectedState)
{
throw new InvalidOperationException();
}
HttpContext.Session.Remove("CSRF:State");
var token = await _githubService.GetOauthAccessToken(_configuration["AppSettings:GithubClientId"],
_configuration["AppSettings:GithubClientSecret"], code);
HttpContext.Session.SetString("OAuthToken", token.AccessToken);
await _userManager.AddClaimAsync(await _userManager.GetUserAsync(User),
new Claim("GithubAccessToken", token.AccessToken));
return(RedirectToAction("Index", "Manage"));
}
