public async Task ReceiveAsync(AuthenticationTokenReceiveContext context) {
var allowedOrigin = context.OwinContext.Get<string>("as:clientAllowedOrigin");
context.OwinContext.Response.Headers.Add("Access-Control-Allow-Origin", new[] { allowedOrigin });
string hashedToken = PasswordHelper.HashToken(context.Token);
var authenticationClient = new AuthenticationClient();
var response = await authenticationClient.GetRefreshToken(new GetRefreshTokenRequest { HashedToken = hashedToken });
if (response.RefreshToken != null) {
context.DeserializeTicket(response.RefreshToken.ProtectedTicket);
await authenticationClient.DeleteRefreshToken(new DeleteRefreshTokenRequest { HashedToken = hashedToken });
}
}
