Adding additional logic to Bearer authorization

Question

I am attempting to implement OWIN bearer token authorization, and based on this article. However, there\'s one additional piece of information I need in bearer token that I don\

Answer 1

On a side note, if you want to set a custom error message you'll have to swap the order of the context.Rejected and context.SetError.

    // Summary:
    //     Marks this context as not validated by the application. IsValidated and HasError
    //     become false as a result of calling.
    public virtual void Rejected();

If you place context.Rejected after context.SetError then the property context.HasError will be reset to false therefore the correct way to use it is:

    // Client could not be validated.
    context.Rejected();
    context.SetError("invalid_client", "Client credentials are invalid.");