AuthorizationContext GetContext()
{
var ctx = HttpContext.Current;
var cookie = ctx.Request.Cookies[AuthorizationContextCookieName];
if (cookie == null) return null;
var json = Encoding.UTF8.GetString(Unprotect(cookie.Value));
var authCtx = AuthorizationContext.Parse(json);
cookie = new HttpCookie(AuthorizationContextCookieName, ".");
cookie.Secure = ctx.Request.IsSecureConnection;
cookie.HttpOnly = true;
cookie.Path = ctx.Request.ApplicationPath;
cookie.Expires = DateTime.UtcNow.AddYears(-1);
ctx.Response.Cookies.Add(cookie);
return authCtx;
}