private Task HandleOnRequestToken( OAuthRequestTokenContext context, OAuthSiteInfo site) { string authcode = context.Request.Query.Get("code"); ClaimsIdentity identity = _identityHelper.GetCurrentClaimsPrincipal()?.Identity as ClaimsIdentity; if (identity?.IsAuthenticated ?? false) { context.Token = identity.Claims.FirstOrDefault(c => c.Type == OAuthAccessTokenClaimType)?.Value; } else if (context.Request.Path.ToString().Contains("/login") && !string.IsNullOrWhiteSpace(authcode)) { OAuthToken token = ExchangeAuthorizationCode(new OAuthAuthorizationTokenRequest(site, authcode)); context.Token = token?.Access_Token; context.OwinContext.Set(OAuthAuthentication.OAuthOwinContextKey, token?.ToClaimsIdentity()); } else { // No method to retrieve token, either anonymous request or challenge will be thrown } return(Task.CompletedTask); }