基于策略的授权的自定义响应

我有一个授权处理程序，但如果失败，我希望响应为 401 并带有响应正文。

    public class TokenValidationAuthorizationHandler: AuthorizationHandler<TokenValidationCustomRequirement>
    {
        private readonly IHttpContextAccessor _httpContextAccessor;

        public TokenValidationAuthorizationHandler(IHttpContextAccessor httpContextAccessor)
        {
            _httpContextAccessor = httpContextAccessor;
        }
        protected override Task HandleRequirementAsync(AuthorizationHandlerContext context, TokenValidationCustomRequirement requirement)
        {
            var httpContext = context.Resource as DefaultHttpContext;
            if (httpContext == null)
            {
                context.Fail();

            }

            var authHead =  httpContext.Request.Headers.Authorization;
            var bearerToken = TokenHelper.GetToken(authHead.ToString());
            if (string.IsNullOrEmpty(bearerToken))
            {
                context.Fail();
            }
            else
            {
                context.Succeed(requirement);
            }

            return Task.CompletedTask;
        }
}

即使上下文失败或成功，下面代码中的authorizeResult.Succeeded和authorizeResult.Forbidden始终结果为false。

    public class TokenValidationAuthorizationMiddlewareResultHandler : IAuthorizationMiddlewareResultHandler
    {
        public Task HandleAsync(RequestDelegate next, HttpContext httpContext, AuthorizationPolicy policy, PolicyAuthorizationResult authorizeResult)
        {
            if (authorizeResult.Challenged || authorizeResult.Forbidden)
            {
                var response = new BadRequestResponse("Forbidden");
                httpContext.Response.StatusCode = 401;
                httpContext.Response.ContentType = "application/json";
                return httpContext.Response.WriteAsync(JsonConvert.SerializeObject(response));
            }

            return next(httpContext);
        }
    }

这些代码有什么问题，真正的解决方案是什么？