private bool ValidateClient(out Client client) { client = null; if (!ClaimsPrincipal.Current.Identity.IsAuthenticated) { Tracing.Error("Anonymous client."); return(false); } var passwordClaim = ClaimsPrincipal.Current.FindFirst("password"); if (passwordClaim == null) { Tracing.Error("No client secret provided."); return(false); } return(ClientsRepository.ValidateAndGetClient( ClaimsPrincipal.Current.Identity.Name, passwordClaim.Value, out client)); }