public IHttpActionResult Post([FromBody] TokenChallenge challenge) { var enabled = false; bool.TryParse(ConfigurationManager.AppSettings["TokensEpEnabled"], out enabled); if (!enabled) { return(NotFound()); } var secret = ConfigurationManager.AppSettings["TokensSecret"]; var expiration = 365; if (challenge == null || string.IsNullOrEmpty(challenge.UserId) || string.IsNullOrEmpty(challenge.Secret) || !string.Equals(challenge.Secret, secret)) { return(Unauthorized()); } var token = AuthUtils.CreateToken(challenge.UserId, TimeSpan.FromDays(expiration)); return(Ok(token.RawData)); } // ReportStatus