private async Task <IHttpActionResult> GenerateTokenResponse(SystemUser user, TimeSpan ticketLifetime) { var identity = await _systemUserManager.GenerateUserIdentityAsync(user, OAuthDefaults.AuthenticationType); var properties = ApplicationOAuthProvider.CreateProperties(user.UserName); var ticket = new AuthenticationTicket(identity, properties); ticket.Properties.ExpiresUtc = DateTime.UtcNow.Add(ticketLifetime); var token = AuthConfig.OAuthOptions.AccessTokenFormat.Protect(ticket); return(Json(new { token }, DefaultSerializerSettings.Instance)); }