WebApi OAuth UseOAuthBearerAuthentication gives "Sequence contains more than one element" error

Question

I configured my WebApi OAuth 2.0 by these lines:

    app.UseOAuthBearerAuthentication(new OAuthBearerAuthenticationOptions
    {
        Provider = new OAuthBearerAuthenticationProvider(),
    });

    app.UseOAuthBearerTokens(OAuthOptions);

But it gives me the following error at each request :

Message : An error has occurred.
ExceptionMessage : Sequence contains more than one element
ExceptionType : System.InvalidOperationException
StackTrace :    at System.Linq.Enumerable.SingleOrDefault[TSource](IEnumerable`1 source)
   at Microsoft.Owin.Security.AuthenticationManager.d__8.MoveNext()
--- End of stack trace from previous location where exception was thrown ---
   at System.Runtime.CompilerServices.TaskAwaiter.ThrowForNonSuccess(Task task)
   at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task)
   at System.Runtime.CompilerServices.TaskAwaiter`1.GetResult()
   at System.Web.Http.HostAuthenticationFilter.d__0.MoveNext()
--- End of stack trace from previous location where exception was thrown ---
   at System.Runtime.CompilerServices.TaskAwaiter.ThrowForNonSuccess(Task task)
   at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task)
   at System.Web.Http.Controllers.AuthenticationFilterResult.d__0.MoveNext()
--- End of stack trace from previous location where exception was thrown ---
   at System.Runtime.CompilerServices.TaskAwaiter.ThrowForNonSuccess(Task task)
   at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task)
   at System.Runtime.CompilerServices.TaskAwaiter`1.GetResult()
   at System.Web.Http.Dispatcher.HttpControllerDispatcher.d__1.MoveNext()

My OAuthOptions is :

    OAuthOptions = new OAuthAuthorizationServerOptions
    {
        TokenEndpointPath = new PathString("/Token"),
        Provider = new ApplicationOAuthProvider(PublicClientId, UserManagerFactory),
        AuthorizeEndpointPath = new PathString("/Account/ExternalLogin"),
        AccessTokenExpireTimeSpan = TimeSpan.FromDays(14),
        AllowInsecureHttp = true,
    };
}

If I comment UseOAuthBearerAuthentication everything is ok! I didn't customize OAuthBearerAuthenticationProvider yet and I use it directly but why does it give me error?

Answer 1

It should be a bug! Use

app.UseOAuthAuthorizationServer(OAuthOptions);

instead of

app.UseOAuthBearerTokens(OAuthOptions);