iis - Authenticate Web API session before body upload -

i have simple web api 2 controller handles file uploads. looks this:

[mycustomauthenticationfilter] [authorize] public class filecontroller : apicontroller {     private ifilerepository _filerepository;      public filecontroller(ifilerepository filerepository)     {         _filerepository = filerepository;     }      public async task<fileinfo> post()     {         var stream = await request.content.readasstreamasync();                     var info = await _filerepository.createfileasync(stream);          return new fileinfo(info);     } } 

it takes streamed upload client, hands off repository object (which talks azure storage blob container), , returns data uploaded file. simple enough, , works great.

except, authentication filter not applied until client has finished uploading file. authentication simple challenge/response system using token, means client upload several hundred megabytes of data (potentially on slow cellular data connection) before finding out token has expired , need refresh , try again. i'd able examine request header , validate (or reject) possible, doesn't seem doable standard filters. tried creating simple ihttpmodule , hooking beginrequest event, apparently not fire until after upload completes, either.

how can hook pipeline such can validate authorization headers request before client upload completes?

edit add: authenticating doesn't me if can't authorize, based on route in web api. service has few anonymous methods, can't blanket reject un-authenticated users. given architecture of iis , asp.net, maybe means isn't possible.

you'll need make request 2 stage request. 1 authentication request prior file upload request. that's lot of baggage , end point can't process request until finishes receiving it. try separate authorization request before uploading file. if request passes can send file upload. okay solution?