public ClaimsPrincipal AuthenticateHeaders(HttpRequestHeaders headers)
        {
            SecurityTokenHandlerCollection handlers;

            foreach (var header in headers.AsEnumerable())
            {
                if (Configuration.TryGetHeaderMapping(header.Key, out handlers))
                {
                    return(InvokeHandler(handlers, header.Value.First(), null));
                }
            }

            return(CreateAnonymousClaimsPrincipal());
        }