3 files changed, 24 insertions, 4 deletions
diff --git a/samples/OpenIdRelyingPartyWebForms/DetectGoogleSession.aspx b/samples/OpenIdRelyingPartyWebForms/DetectGoogleSession.aspx
index f8b7dfd..403858f 100644
--- a/samples/OpenIdRelyingPartyWebForms/DetectGoogleSession.aspx
+++ b/samples/OpenIdRelyingPartyWebForms/DetectGoogleSession.aspx
@@ -9,6 +9,8 @@
 <asp:Content ID="Content1" runat="server" ContentPlaceHolderID="Main">
 	<asp:Label Text="We've detected that you're logged into Google!" runat="server" Visible="false"
 		ID="YouAreLoggedInLabel" />
+	<asp:Label Text="We've detected that you're logged into Google because your Google account trusts this site!" runat="server" Visible="false"
+		ID="YouTrustUsLabel" />
 	<asp:Label Text="We've detected that you're NOT logged into Google!" runat="server" Visible="false"
 		ID="YouAreNotLoggedInLabel" />
 </asp:Content>
diff --git a/samples/OpenIdRelyingPartyWebForms/DetectGoogleSession.aspx.cs b/samples/OpenIdRelyingPartyWebForms/DetectGoogleSession.aspx.cs
index bdd6c0d..98fe745 100644
--- a/samples/OpenIdRelyingPartyWebForms/DetectGoogleSession.aspx.cs
+++ b/samples/OpenIdRelyingPartyWebForms/DetectGoogleSession.aspx.cs
@@ -26,10 +26,19 @@
 					request.Mode = AuthenticationRequestMode.Immediate;
 					request.RedirectToProvider();
 				} else {
-					// Now see if the UIRequest was mirrored back to us.
-					var ext = response.GetUntrustedExtension<UIRequest>();
-					this.YouAreLoggedInLabel.Visible = ext != null && ext.Mode == UIModeDetectSession;
-					this.YouAreNotLoggedInLabel.Visible = !this.YouAreLoggedInLabel.Visible;
+					if (response.Status == AuthenticationStatus.Authenticated) {
+						this.YouTrustUsLabel.Visible = true;
+					} else if (response.Status == AuthenticationStatus.SetupRequired) {
+						// Google refused to authenticate the user without user interaction.
+						// This is either because Google doesn't know who the user is yet,
+						// or because the user hasn't indicated to Google to trust this site.
+						// Google uniquely offers the RP a tip as to which of the above situations is true.
+						// Figure out which it is.  In a real app, you might use this value to promote a 
+						// Google login button on your site if you detect that a Google session exists.
+						var ext = response.GetUntrustedExtension<UIRequest>();
+						this.YouAreLoggedInLabel.Visible = ext != null && ext.Mode == UIModeDetectSession;
+						this.YouAreNotLoggedInLabel.Visible = !this.YouAreLoggedInLabel.Visible;
+					}
 				}
 			}
 		}
diff --git a/samples/OpenIdRelyingPartyWebForms/DetectGoogleSession.aspx.designer.cs b/samples/OpenIdRelyingPartyWebForms/DetectGoogleSession.aspx.designer.cs
index e9f6a46..576c646 100644
--- a/samples/OpenIdRelyingPartyWebForms/DetectGoogleSession.aspx.designer.cs
+++ b/samples/OpenIdRelyingPartyWebForms/DetectGoogleSession.aspx.designer.cs
@@ -22,6 +22,15 @@ namespace OpenIdRelyingPartyWebForms {
         protected global::System.Web.UI.WebControls.Label YouAreLoggedInLabel;
         
         /// <summary>
+        /// YouTrustUsLabel control.
+        /// </summary>
+        /// <remarks>
+        /// Auto-generated field.
+        /// To modify move field declaration from designer file to code-behind file.
+        /// </remarks>
+        protected global::System.Web.UI.WebControls.Label YouTrustUsLabel;
+        
+        /// <summary>
         /// YouAreNotLoggedInLabel control.
         /// </summary>
         /// <remarks>