private async Task<ID2LPrincipal> AuthenticateHelper(
			string cookie,
			string xsrfToken,
			string bearerToken,
			AuthenticationMode authMode
		) {
		
			bool cookieExists = !string.IsNullOrEmpty( cookie );
			bool bearerTokenExists = !string.IsNullOrEmpty( bearerToken );

			if( !cookieExists && !bearerTokenExists ) {
				return ANONYMOUS_PRINCIPAL;
			}

			string token = bearerTokenExists ? bearerToken : cookie;
			
			IAccessToken accessToken = await m_accessTokenValidator
				.ValidateAsync( token )
				.SafeAsync();

			// TODO .. we should consider doing the xsrf check without validating the jwt
			bool isXsrfSafe = IsXsrfSafe( cookie, xsrfToken, accessToken, authMode );
			if( !isXsrfSafe ) {
				throw new XsrfException( "Request is lacking XSRF protection" );
			}

			ID2LPrincipal principal = new D2LPrincipal( accessToken );

			return principal;
		}
		private async Task<ID2LPrincipal> AuthenticateHelper(
			string bearerToken
		) {
			if( string.IsNullOrEmpty( bearerToken ) ) {
				return ANONYMOUS_PRINCIPAL;
			}

			IAccessToken accessToken = await m_accessTokenValidator
				.ValidateAsync( bearerToken )
				.SafeAsync();

			ID2LPrincipal principal = new D2LPrincipal( accessToken );

			return principal;
		}