gistfile1.cs

    public class TokenValidationHandler : DelegatingHandler
    {

        protected override async Task<HttpResponseMessage> SendAsync(HttpRequestMessage request, CancellationToken cancellationToken)
        {

            const string errorMessage = "Unauthorized access";
            const HttpStatusCode code = HttpStatusCode.Unauthorized;

            var authValue = request.Headers.Authorization;

            if (authValue == null)
                return CreateErrorResponse(errorMessage, code);

            if (String.IsNullOrWhiteSpace(authValue.Parameter))
                return CreateErrorResponse(errorMessage, code);

            if (string.CompareOrdinal(authValue.Parameter, 0, authValue.Parameter, 0, authValue.Parameter.Length) != 0)
                return CreateErrorResponse(errorMessage, code);

            return await base.SendAsync(request, cancellationToken);
        }

        private static HttpResponseMessage CreateErrorResponse(string errorMessage, HttpStatusCode httpStatusCode)
        {
            return new HttpResponseMessage(httpStatusCode)
            {
                Content = new StringContent(errorMessage)
            };
        }
    }