public async Task InvokeAsync( HttpContext context, IWindowsIdentityService windowsIdentityService, IMediator mediator) { if (!context.User.HasClaim(claim => claim.Type == RuleTypes.User) && windowsIdentityService.Identity != null) { try { var token = await mediator.Send( new AuthenticateOnRestServiceQuery { TemporaryToken = (Token)windowsIdentityService.Identity.Guid.Value }); (ClaimsPrincipal principal, SecurityToken authToken) = _jsonWebTokenService.ValidateToken(token); var claims = new List <Claim> { new Claim( RuleTypes.User, "true", ClaimValueTypes.Boolean, authToken.Issuer, authToken.Issuer), new Claim( RuleTypes.Token, token, ClaimValueTypes.String, authToken.Issuer, authToken.Issuer), new Claim( RuleTypes.ValidTo, authToken.ValidTo.ToUniversalTime().ToString("o", CultureInfo.InvariantCulture), ClaimValueTypes.DateTime, authToken.Issuer, authToken.Issuer) }; claims.AddRange(principal.Claims); claims.AddRange(windowsIdentityService.GetIdentityClaims()); var user = new ClaimsPrincipal(new ClaimsIdentity(claims, CookieAuthenticationDefaults.AuthenticationScheme)); var authenticationProperties = new AuthenticationProperties() { ExpiresUtc = authToken.ValidTo, AllowRefresh = true, IsPersistent = true }; await context.SignInAsync( CookieAuthenticationDefaults.AuthenticationScheme, user, authenticationProperties); context.Items[GlobalConstants.TemporaryUserKey] = user; } catch (System.Exception ex) { throw new RestAuthenticationException( context.User != null, windowsIdentityService.Identity != null, ex); } } }