RequestAuthentication
is going to redirect the user to the website and ask for the login. Once the credentials are entered and permission granted for your application it is going back to your website (returnUrl).
Once it comes back you should use VerifyAuthentication
to validate the tokens returned by the provider.
var result = OAuthWebSecurity.VerifyAuthentication();
if (result.IsSuccessful)
{
var provider = result.Provider;
var uniqueUserID = result.ProviderUserId;
}
So RequestAuthentication
is called when the user should be redirected to the provider to login/grant access. (User Login & Consent)
And VerifyAuthentication
is the validation part just bellow.