Fixed an issue in HawkAuthenticationHandler with AuthenticationHeaderValue.Parse which would lead to an exception if IncludeServerAuthorization is set to true and client sends a value for Authorization which is empty, other scheme or missing altogether.
See here this problem reproduced.
Switched to AuthenticationHeaderValue.TryParse and checked for scheme before calling AuthenticateResponse. Also added 3 unit test cases.
Fixed an issue in HawkAuthenticationHandler with AuthenticationHeaderValue.Parse which would lead to an exception if IncludeServerAuthorization is set to true and client sends a value for Authorization which is empty, other scheme or missing altogether. See here this problem reproduced.
Switched to AuthenticationHeaderValue.TryParse and checked for scheme before calling AuthenticateResponse. Also added 3 unit test cases.