private bool ValidateClient(out Client client)
        {
            client = null;

            if (!ClaimsPrincipal.Current.Identity.IsAuthenticated)
            {
                Tracing.Error("Anonymous client.");
                return(false);
            }

            var passwordClaim = ClaimsPrincipal.Current.FindFirst("password");

            if (passwordClaim == null)
            {
                Tracing.Error("No client secret provided.");
                return(false);
            }

            return(ClientsRepository.ValidateAndGetClient(
                       ClaimsPrincipal.Current.Identity.Name,
                       passwordClaim.Value,
                       out client));
        }