I am working with an Azure hosted WebSerice which authenticates with an ADFS and creates an user access bearer token for communication with an on-premise SharePoint via a provider-hosted-add-in.
I can access SharePoint data via standard SharePoint REST API calls just fine. But when I try to call a custom WCF Service which is hosted in the same SharePoint I am not authenticated and as a result I do not have a current user, claim or identity in either the httpcontext, spcontext, operationcontext, thread.principal or ServiceSecurityContext.
Therefore I cannot access data in the SharePoint with the custom SharePoint hosted WCF Service.
How do I enforce authentication with the bearer access token in the same way the SharePoint REST API does?