public async Task ReceiveAsync(AuthenticationTokenReceiveContext context) { var allowedOrigin = context.OwinContext.Get <string>("as:clientAllowedOrigin"); context.OwinContext.Response.Headers.Add("Access-Control-Allow-Origin", new[] { allowedOrigin }); var hashedTokenId = PasswordAssertionConcern.GetHash(context.Token); var repo = new RepositoryRefreshToken(new MainContext()); var refreshToken = repo.Find(hashedTokenId); if (refreshToken != null) { //Get protectedTicket from refreshToken class context.DeserializeTicket(refreshToken.ProtectedTicket); repo.Remove(refreshToken); } }