ASP.NET Identity 2.0 error not working

I am writing a web API with ASP.NET and Identity 2.0 rights. The API should only be available if the user has successfully logged in. Logging in works fine, but logging out (shutting down) doesn't work. Here is the code I'm using:

ID Configuration:

public static OAuthBearerAuthenticationOptions OAuthBearerOptions { get; private set; }

public void Configuration(IAppBuilder app)
{
    app.CreatePerOwinContext<IdentityDbContext<IdentityUser>>(HLAccountManager.CreateDbContext);
    app.CreatePerOwinContext<UserManager<IdentityUser>>(HLAccountManager.CreateUserManager);

    OAuthBearerOptions = new OAuthBearerAuthenticationOptions();

    app.UseOAuthBearerAuthentication(OAuthBearerOptions);
    app.UseCookieAuthentication(new CookieAuthenticationOptions
    {
        AuthenticationType = DefaultAuthenticationTypes.ApplicationCookie,
        LoginPath = new PathString("/Account/Login")
    });

    GlobalConfiguration.Configuration.SuppressDefaultHostAuthentication();
    GlobalConfiguration.Configuration.Filters.Add(new HostAuthenticationFilter("Bearer"));
}

Authentication controller:

[HttpPost]
[ActionName("Authenticate")]
[AllowAnonymous]
public String Authenticate(JObject data)
{
    dynamic json = data;
    string user = json.user;
    string password = json.password;

    if (string.IsNullOrEmpty(user) || string.IsNullOrEmpty(password))
        return "failed";

    var userIdentity = UserManager.FindAsync(user, password).Result;
    if (userIdentity != null)
    {
        var identity = new ClaimsIdentity(IdentityConfig.OAuthBearerOptions.AuthenticationType);
        identity.AddClaim(new Claim(ClaimTypes.Name, user));
        identity.AddClaim(new Claim(ClaimTypes.NameIdentifier, userIdentity.Id));
        AuthenticationTicket ticket = new AuthenticationTicket(identity, new AuthenticationProperties());
        var currentUtc = new SystemClock().UtcNow;
        ticket.Properties.IssuedUtc = currentUtc;
        ticket.Properties.ExpiresUtc = currentUtc.Add(TimeSpan.FromMinutes(30));
        string AccessToken = IdentityConfig.OAuthBearerOptions.AccessTokenFormat.Protect(ticket);
        return AccessToken;
    }
    return "failed";
}

[HttpGet]
[Authorize]
[ActionName("Logout")]
public String Logout()
{
    var owinContext = HttpContext.Current.GetOwinContext();
    owinContext.Authentication.SignOut(DefaultAuthenticationTypes.ApplicationCookie, DefaultAuthenticationTypes.ExternalBearer);

    return "OK";
}

Authenticate . webapp , (, $http angular). [] . , Logout, "OK" , . Authorize Logout, , 401 - Unauthorized.

• : ASP.Net . .
• HttpContext GetOwinContext. HttpContext.Current . - ?
• ?