public async Task <IHttpActionResult> AddExternalLogin(AddExternalLoginBindingModel model) { if (!ModelState.IsValid) { return(BadRequest(ModelState)); } ExternalAccessToken token = ExternalTokenHandler.Unprotect(model.ExternalAccessToken); if (token == null || !token.IsValid) { return(BadRequest("External login failure.")); } string userId = await IdentityStore.GetUserIdForLogin(token.LoginProvider, token.ProviderKey); if (!String.IsNullOrEmpty(userId)) { return(BadRequest("The external login is already associated with an account.")); } // The current user is logged in, just add the new account if (!await IdentityStore.AddLogin(User.Identity.GetUserId(), token.LoginProvider, token.ProviderKey)) { return(BadRequest("Failed to add the external login.")); } return(OK()); }