private Task<dynamic> CreateClaim(dynamic parameters, CancellationToken ct)
        {
            return Task<dynamic>.Factory.StartNew(() => {

                //Read the claim we're trying to give away
                string claimName;
                using (var reader = new StreamReader(Request.Body))
                    claimName = reader.ReadToEnd();

                //Check that the user is logged in and has the create-claim claim *AND* the claim they're trying to give away
                this.RequiresAuthentication();
                if (!Context.CurrentUser.Claims.Contains("superuser"))
                    this.RequiresClaims(new[] { "create-claim", claimName });

                using (var transaction = _connection.OpenTransaction())
                {
                    //Get the user we're giving a claim to
                    var username = (string) parameters.username;
                    var user = _connection.SingleWhere<User>("Username", username);
                    if (user == null)
                    {
                        return Negotiate
                            .WithModel(new {Error = "No Such User Exists"})
                            .WithStatusCode(HttpStatusCode.NotFound);
                    }

                    //Create the claim
                    using (var reader = new StreamReader(Request.Body))
                    {
                        var claim = new Claim(user, reader.ReadToEnd());
                        _connection.Save(claim);
                    }

                    transaction.Commit();
                }

                return Identity.GetClaims(((Identity)Context.CurrentUser).User, _connection).Select(SerializeClaim).ToArray();
            }, ct);
        }
 private static dynamic SerializeClaim(Claim claim)
 {
     return claim.Name;
 }