/// <summary>
		/// Handles the AuthenticateRequest event of the HttpApplication.
		/// </summary>
		/// <param name="sender">The source of the event.</param>
		/// <param name="e">The <see cref="System.EventArgs"/> instance containing the event data.</param>
		private void context_AuthenticateRequest(object sender, EventArgs e) {
			// Don't read OAuth messages directed at the OAuth controller or else we'll fail nonce checks.
			if (this.IsOAuthControllerRequest()) {
				return;
			}

			using (var crypto = OAuthResourceServer.CreateRSA()) {
				var tokenAnalyzer = new SpecialAccessTokenAnalyzer(crypto, crypto);
				var resourceServer = new ResourceServer(tokenAnalyzer);
				var context = this.application.Context;
				Task.Run(
					async delegate {
						ProtocolFaultResponseException exception = null;
						try {
							IPrincipal principal = await resourceServer.GetPrincipalAsync(new HttpRequestWrapper(context.Request));
							context.User = principal;
							return;
						} catch (ProtocolFaultResponseException ex) {
							exception = ex;
						}

						var errorResponse = await exception.CreateErrorResponseAsync(CancellationToken.None);
						await errorResponse.SendAsync();
					}).Wait();
			}
		}
		/// <summary>
		/// Handles the AuthenticateRequest event of the HttpApplication.
		/// </summary>
		/// <param name="sender">The source of the event.</param>
		/// <param name="e">The <see cref="System.EventArgs"/> instance containing the event data.</param>
		private void context_AuthenticateRequest(object sender, EventArgs e) {
			// Don't read OAuth messages directed at the OAuth controller or else we'll fail nonce checks.
			if (this.IsOAuthControllerRequest()) {
				return;
			}

			using (var crypto = OAuthResourceServer.CreateRSA()) {
				var tokenAnalyzer = new SpecialAccessTokenAnalyzer(crypto, crypto);
				var resourceServer = new ResourceServer(tokenAnalyzer);

				IPrincipal principal;
				var errorMessage = resourceServer.VerifyAccess(new HttpRequestInfo(this.application.Context.Request), out principal);
				if (errorMessage == null) {
					this.application.Context.User = principal;
				}
			}
		}
		protected override bool CheckAccessCore(OperationContext operationContext) {
			if (!base.CheckAccessCore(operationContext)) {
				return false;
			}

			var httpDetails = operationContext.RequestContext.RequestMessage.Properties[HttpRequestMessageProperty.Name] as HttpRequestMessageProperty;
			var requestUri = operationContext.RequestContext.RequestMessage.Properties.Via;

			return Task.Run(
				async delegate {
					using (var crypto = OAuthResourceServer.CreateRSA()) {
						var tokenAnalyzer = new SpecialAccessTokenAnalyzer(crypto, crypto);
						var resourceServer = new ResourceServer(tokenAnalyzer);
						ProtocolFaultResponseException exception = null;
						try {
							IPrincipal principal =
								await resourceServer.GetPrincipalAsync(httpDetails, requestUri, CancellationToken.None, operationContext.IncomingMessageHeaders.Action);
							var policy = new OAuthPrincipalAuthorizationPolicy(principal);
							var policies = new List<IAuthorizationPolicy> { policy, };

							var securityContext = new ServiceSecurityContext(policies.AsReadOnly());
							if (operationContext.IncomingMessageProperties.Security != null) {
								operationContext.IncomingMessageProperties.Security.ServiceSecurityContext = securityContext;
							} else {
								operationContext.IncomingMessageProperties.Security = new SecurityMessageProperty {
									ServiceSecurityContext = securityContext,
								};
							}

							securityContext.AuthorizationContext.Properties["Identities"] = new List<IIdentity> { principal.Identity, };

							return true;
						} catch (ProtocolFaultResponseException ex) {
							// Return the appropriate unauthorized response to the client.
							exception = ex;
						} catch (DotNetOpenAuth.Messaging.ProtocolException /* ex*/) {
							////Logger.Error("Error processing OAuth messages.", ex);
						}

						var errorResponse = await exception.CreateErrorResponseAsync(CancellationToken.None);
						await errorResponse.SendAsync();
					}

					return false;
				}).Result;
		}
		protected override bool CheckAccessCore(OperationContext operationContext) {
			if (!base.CheckAccessCore(operationContext)) {
				return false;
			}

			var httpDetails = operationContext.RequestContext.RequestMessage.Properties[HttpRequestMessageProperty.Name] as HttpRequestMessageProperty;
			var requestUri = operationContext.RequestContext.RequestMessage.Properties.Via;

			using (var crypto = OAuthAuthorizationServer.CreateAsymmetricKeyServiceProvider()) {
				var tokenAnalyzer = new SpecialAccessTokenAnalyzer(crypto, crypto);
				var resourceServer = new ResourceServer(tokenAnalyzer);

				try {
					IPrincipal principal;
					var errorResponse = resourceServer.VerifyAccess(httpDetails, requestUri, out principal);
					if (errorResponse == null) {
						var policy = new OAuthPrincipalAuthorizationPolicy(principal);
						var policies = new List<IAuthorizationPolicy> {
						policy,
					};

						var securityContext = new ServiceSecurityContext(policies.AsReadOnly());
						if (operationContext.IncomingMessageProperties.Security != null) {
							operationContext.IncomingMessageProperties.Security.ServiceSecurityContext = securityContext;
						} else {
							operationContext.IncomingMessageProperties.Security = new SecurityMessageProperty {
								ServiceSecurityContext = securityContext,
							};
						}

						securityContext.AuthorizationContext.Properties["Identities"] = new List<IIdentity> {
						principal.Identity,
					};

						// Only allow this method call if the access token scope permits it.
						if (principal.IsInRole(operationContext.IncomingMessageHeaders.Action)) {
							return true;
						}
					}
				} catch (ProtocolException /*ex*/) {
					////Logger.Error("Error processing OAuth messages.", ex);
				}
			}

			return false;
		}
		/// <summary>
		/// Handles the AuthenticateRequest event of the HttpApplication.
		/// </summary>
		/// <param name="sender">The source of the event.</param>
		/// <param name="e">The <see cref="System.EventArgs"/> instance containing the event data.</param>
		private void context_AuthenticateRequest(object sender, EventArgs e) {
			// Don't read OAuth messages directed at the OAuth controller or else we'll fail nonce checks.
			if (this.IsOAuthControllerRequest()) {
				return;
			}

			using (var crypto = OAuthResourceServer.CreateRSA()) {
				var tokenAnalyzer = new SpecialAccessTokenAnalyzer(crypto, crypto);
				var resourceServer = new ResourceServer(tokenAnalyzer);

				try {
					IPrincipal principal = resourceServer.GetPrincipal(new HttpRequestWrapper(this.application.Context.Request));
					this.application.Context.User = principal;
				} catch (ProtocolFaultResponseException ex) {
					ex.CreateErrorResponse().Send();
				}
			}
		}