/// <summary>
/// Handles Bearer Token authentication failures.
/// </summary>
/// <param name="context">The JWT authentication failed context.</param>
/// <param name="auditLogger">The audit logger provider.</param>
/// <returns>An async task.</returns>
private Task OnAuthenticationFailed(Microsoft.AspNetCore.Authentication.JwtBearer.AuthenticationFailedContext context, IAuditLogger auditLogger)
{
this.Logger.LogDebug("OnAuthenticationFailed...");
AuditEvent auditEvent = new AuditEvent();
auditEvent.AuditEventDateTime = DateTime.UtcNow;
auditEvent.TransactionDuration = 0; // There's not a way to calculate the duration here.
auditLogger.PopulateWithHttpContext(context.HttpContext, auditEvent);
auditEvent.TransactionResultCode = AuditTransactionResult.Unauthorized;
auditEvent.CreatedBy = nameof(StartupConfiguration);
auditEvent.CreatedDateTime = DateTime.UtcNow;
auditLogger.WriteAuditEvent(auditEvent);
context.Response.StatusCode = (int)HttpStatusCode.Unauthorized;
context.Response.ContentType = "application/json";
return(context.Response.WriteAsync(JsonConvert.SerializeObject(new
{
State = "AuthenticationFailed",
Message = context.Exception.ToString(),
})));
}
