Fixes #405. Users have been confused by SecurityTokenValidated, thinking it indicated that all authentication is finished. In fact it only refers to one step of the validation, the token itself. Adding a clarifying comment.
This should be ported forward to AspNetCore as well.
Fixes #405. Users have been confused by SecurityTokenValidated, thinking it indicated that all authentication is finished. In fact it only refers to one step of the validation, the token itself. Adding a clarifying comment.
This should be ported forward to AspNetCore as well.