private async Task GenerateToken(HttpContext context) { var username = context.Request.Form["username"]; var password = context.Request.Form["password"]; var userResolverService = _options.UserResolverServiceFactory(); var user = await userResolverService.Resolve(username, password); if (user == null) { context.Response.StatusCode = 400; await context.Response.WriteAsync("Invalid username or password."); return; } var encodedJwt = await _tokenHelper.Build(user, _options); var response = new { access_token = encodedJwt, expires_in = (int)_options.Expiration.TotalSeconds }; // Serialize and return the response context.Response.ContentType = "application/json"; await context.Response.WriteAsync(JsonConvert.SerializeObject(response, _serializerSettings)); }