AccessDeniedPath has been added for cookie middleware (aspnet/Announcements#40). Could we have that for OpenIdConnect middleware?

As it stands, unauthorized requests result in a redirect to AAD. I'd like to be able to direct to my own view in the app. I'm currently using some custom attribute role processing (aspnet/MVC#2698) that I don't like too much, and I couldn't get OnAuthorization or HandleUnauthorizedRequest to work.