/// <summary> /// Handles Bearer Token authentication failures. /// </summary> /// <param name="context">The JWT authentication failed context.</param> /// <param name="auditLogger">The audit logger provider.</param> /// <returns>An async task.</returns> private Task OnAuthenticationFailed(Microsoft.AspNetCore.Authentication.JwtBearer.AuthenticationFailedContext context, IAuditLogger auditLogger) { this.Logger.LogDebug("OnAuthenticationFailed..."); AuditEvent auditEvent = new AuditEvent(); auditEvent.AuditEventDateTime = DateTime.UtcNow; auditEvent.TransactionDuration = 0; // There's not a way to calculate the duration here. auditLogger.PopulateWithHttpContext(context.HttpContext, auditEvent); auditEvent.TransactionResultCode = AuditTransactionResult.Unauthorized; auditEvent.CreatedBy = nameof(StartupConfiguration); auditEvent.CreatedDateTime = DateTime.UtcNow; auditLogger.WriteAuditEvent(auditEvent); context.Response.StatusCode = (int)HttpStatusCode.Unauthorized; context.Response.ContentType = "application/json"; return(context.Response.WriteAsync(JsonConvert.SerializeObject(new { State = "AuthenticationFailed", Message = context.Exception.ToString(), }))); }