43 files changed, 2438 insertions, 0 deletions

diff --git a/src/OAuth/OAuthConsumer/Code/Logging.cs b/src/OAuth/OAuthConsumer/Code/Logging.cs
new file mode 100644
index 0000000..510ea85
--- /dev/null
+++ b/src/OAuth/OAuthConsumer/Code/Logging.cs
@@ -0,0 +1,22 @@
+namespace OAuthConsumer {
+	using System;
+	using System.Collections.Generic;
+	using System.Linq;
+	using System.Text;
+	using System.Web;
+
+	/// <summary>
+	/// Logging tools for this sample.
+	/// </summary>
+	public static class Logging {
+		/// <summary>
+		/// An application memory cache of recent log messages.
+		/// </summary>
+		public static StringBuilder LogMessages = new StringBuilder();
+
+		/// <summary>
+		/// The logger for this sample to use.
+		/// </summary>
+		public static log4net.ILog Logger = log4net.LogManager.GetLogger("DotNetOpenAuth.OAuthConsumer");
+	}
+}
\ No newline at end of file
diff --git a/src/OAuth/OAuthConsumer/Code/TracePageAppender.cs b/src/OAuth/OAuthConsumer/Code/TracePageAppender.cs
new file mode 100644
index 0000000..5d3ba36
--- /dev/null
+++ b/src/OAuth/OAuthConsumer/Code/TracePageAppender.cs
@@ -0,0 +1,13 @@
+namespace OAuthConsumer {
+	using System;
+	using System.Collections.Generic;
+	using System.IO;
+	using System.Web;
+
+	public class TracePageAppender : log4net.Appender.AppenderSkeleton {
+		protected override void Append(log4net.Core.LoggingEvent loggingEvent) {
+			StringWriter sw = new StringWriter(Logging.LogMessages);
+			Layout.Format(sw, loggingEvent);
+		}
+	}
+}
\ No newline at end of file
diff --git a/src/OAuth/OAuthConsumer/Default.aspx b/src/OAuth/OAuthConsumer/Default.aspx
new file mode 100644
index 0000000..c952877
--- /dev/null
+++ b/src/OAuth/OAuthConsumer/Default.aspx
@@ -0,0 +1,14 @@
+<%@ Page Title="DotNetOpenAuth Consumer samples" Language="C#" MasterPageFile="~/MasterPage.master"
+	AutoEventWireup="true" %>
+
+<asp:Content ID="Content2" ContentPlaceHolderID="Body" runat="Server">
+	<p>OAuth allows this web site to access your private data with your authorization, but
+		without you having to give up your password. </p>
+	<p>Select a demo:</p>
+	<ul>
+		<li><a href="GoogleAddressBook.aspx">Download your Gmail address book</a></li>
+		<li><a href="Twitter.aspx">Get your Twitter updates</a></li>
+		<li><a href="SignInWithTwitter.aspx">Sign In With Twitter</a></li>
+		<li><a href="SampleWcf.aspx">Interop with Service Provider sample using WCF w/ OAuth</a></li>
+	</ul>
+</asp:Content>
diff --git a/src/OAuth/OAuthConsumer/Global.asax b/src/OAuth/OAuthConsumer/Global.asax
new file mode 100644
index 0000000..06ffcd8
--- /dev/null
+++ b/src/OAuth/OAuthConsumer/Global.asax
@@ -0,0 +1 @@
+<%@ Application Language="C#" Inherits="OAuthConsumer.Global" CodeBehind="Global.asax.cs" %>
diff --git a/src/OAuth/OAuthConsumer/Global.asax.cs b/src/OAuth/OAuthConsumer/Global.asax.cs
new file mode 100644
index 0000000..10f297e
--- /dev/null
+++ b/src/OAuth/OAuthConsumer/Global.asax.cs
@@ -0,0 +1,35 @@
+namespace OAuthConsumer {
+	using System;
+	using System.Collections.Generic;
+	using System.Linq;
+	using System.Web;
+
+	public partial class Global : HttpApplication {
+		protected void Application_Start(object sender, EventArgs e) {
+			log4net.Config.XmlConfigurator.Configure();
+			Logging.Logger.Info("Sample starting...");
+		}
+
+		protected void Application_End(object sender, EventArgs e) {
+			Logging.Logger.Info("Sample shutting down...");
+
+			// this would be automatic, but in partial trust scenarios it is not.
+			log4net.LogManager.Shutdown();
+		}
+
+		protected void Application_Error(object sender, EventArgs e) {
+			Logging.Logger.ErrorFormat("An unhandled exception was raised. Details follow: {0}", HttpContext.Current.Server.GetLastError());
+		}
+
+		protected void Session_Start(object sender, EventArgs e) {
+			// Code that runs when a new session is started
+		}
+
+		protected void Session_End(object sender, EventArgs e) {
+			// Code that runs when a session ends. 
+			// Note: The Session_End event is raised only when the sessionstate mode
+			// is set to InProc in the Web.config file. If session mode is set to StateServer 
+			// or SQLServer, the event is not raised.
+		}
+	}
+}
\ No newline at end of file
diff --git a/src/OAuth/OAuthConsumer/GoogleAddressBook.aspx b/src/OAuth/OAuthConsumer/GoogleAddressBook.aspx
new file mode 100644
index 0000000..19fb505
--- /dev/null
+++ b/src/OAuth/OAuthConsumer/GoogleAddressBook.aspx
@@ -0,0 +1,26 @@
+<%@ Page Title="Gmail address book demo" Language="C#" MasterPageFile="~/MasterPage.master"
+	AutoEventWireup="true" Inherits="OAuthConsumer.GoogleAddressBook" Codebehind="GoogleAddressBook.aspx.cs" %>
+
+<asp:Content ID="Content2" ContentPlaceHolderID="Body" runat="Server">
+	<asp:MultiView ID="MultiView1" runat="server" ActiveViewIndex="0">
+		<asp:View runat="server">
+			<h2>Google setup</h2>
+			<p>A Google client app must be endorsed by a Google user. </p>
+			<ol>
+				<li><a target="_blank" href="https://www.google.com/accounts/ManageDomains">Visit Google
+					and create a client app</a>. </li>
+				<li>Modify your web.config file to include your consumer key and consumer secret.
+				</li>
+			</ol>
+		</asp:View>
+		<asp:View runat="server">
+			<h2>Updates</h2>
+			<p>Ok, Google has authorized us to download your contacts. Click &#39;Get address book&#39;
+				to download the first 5 contacts to this sample. Notice how we never asked you
+				for your Google username or password. </p>
+			<asp:Button ID="getAddressBookButton" runat="server" OnClick="getAddressBookButton_Click"
+				Text="Get address book" />
+			<asp:PlaceHolder ID="resultsPlaceholder" runat="server" />
+		</asp:View>
+	</asp:MultiView>
+</asp:Content>
diff --git a/src/OAuth/OAuthConsumer/GoogleAddressBook.aspx.cs b/src/OAuth/OAuthConsumer/GoogleAddressBook.aspx.cs
new file mode 100644
index 0000000..ddca7e4
--- /dev/null
+++ b/src/OAuth/OAuthConsumer/GoogleAddressBook.aspx.cs
@@ -0,0 +1,75 @@
+namespace OAuthConsumer {
+	using System;
+	using System.Configuration;
+	using System.Linq;
+	using System.Text;
+	using System.Web;
+	using System.Web.UI;
+	using System.Web.UI.WebControls;
+	using System.Xml.Linq;
+	using DotNetOpenAuth.ApplicationBlock;
+	using DotNetOpenAuth.OAuth;
+
+	/// <summary>
+	/// A page to demonstrate downloading a Gmail address book using OAuth.
+	/// </summary>
+	public partial class GoogleAddressBook : System.Web.UI.Page {
+		private string AccessToken {
+			get { return (string)Session["GoogleAccessToken"]; }
+			set { Session["GoogleAccessToken"] = value; }
+		}
+
+		private InMemoryTokenManager TokenManager {
+			get {
+				var tokenManager = (InMemoryTokenManager)Application["GoogleTokenManager"];
+				if (tokenManager == null) {
+					string consumerKey = ConfigurationManager.AppSettings["googleConsumerKey"];
+					string consumerSecret = ConfigurationManager.AppSettings["googleConsumerSecret"];
+					if (!string.IsNullOrEmpty(consumerKey)) {
+						tokenManager = new InMemoryTokenManager(consumerKey, consumerSecret);
+						Application["GoogleTokenManager"] = tokenManager;
+					}
+				}
+
+				return tokenManager;
+			}
+		}
+
+		protected void Page_Load(object sender, EventArgs e) {
+			if (this.TokenManager != null) {
+				this.MultiView1.ActiveViewIndex = 1;
+
+				if (!IsPostBack) {
+					var google = new WebConsumer(GoogleConsumer.ServiceDescription, this.TokenManager);
+
+					// Is Google calling back with authorization?
+					var accessTokenResponse = google.ProcessUserAuthorization();
+					if (accessTokenResponse != null) {
+						this.AccessToken = accessTokenResponse.AccessToken;
+					} else if (this.AccessToken == null) {
+						// If we don't yet have access, immediately request it.
+						GoogleConsumer.RequestAuthorization(google, GoogleConsumer.Applications.Contacts);
+					}
+				}
+			}
+		}
+
+		protected void getAddressBookButton_Click(object sender, EventArgs e) {
+			var google = new WebConsumer(GoogleConsumer.ServiceDescription, this.TokenManager);
+
+			XDocument contactsDocument = GoogleConsumer.GetContacts(google, this.AccessToken, 5, 1);
+			var contacts = from entry in contactsDocument.Root.Elements(XName.Get("entry", "http://www.w3.org/2005/Atom"))
+						   select new { Name = entry.Element(XName.Get("title", "http://www.w3.org/2005/Atom")).Value, Email = entry.Element(XName.Get("email", "http://schemas.google.com/g/2005")).Attribute("address").Value };
+			StringBuilder tableBuilder = new StringBuilder();
+			tableBuilder.Append("<table><tr><td>Name</td><td>Email</td></tr>");
+			foreach (var contact in contacts) {
+				tableBuilder.AppendFormat(
+					"<tr><td>{0}</td><td>{1}</td></tr>",
+					HttpUtility.HtmlEncode(contact.Name),
+					HttpUtility.HtmlEncode(contact.Email));
+			}
+			tableBuilder.Append("</table>");
+			this.resultsPlaceholder.Controls.Add(new Literal { Text = tableBuilder.ToString() });
+		}
+	}
+}
\ No newline at end of file
diff --git a/src/OAuth/OAuthConsumer/GoogleAddressBook.aspx.designer.cs b/src/OAuth/OAuthConsumer/GoogleAddressBook.aspx.designer.cs
new file mode 100644
index 0000000..64558d5
--- /dev/null
+++ b/src/OAuth/OAuthConsumer/GoogleAddressBook.aspx.designer.cs
@@ -0,0 +1,42 @@
+//------------------------------------------------------------------------------
+// <auto-generated>
+//     This code was generated by a tool.
+//
+//     Changes to this file may cause incorrect behavior and will be lost if
+//     the code is regenerated. 
+// </auto-generated>
+//------------------------------------------------------------------------------
+
+namespace OAuthConsumer {
+    
+    
+    public partial class GoogleAddressBook {
+        
+        /// <summary>
+        /// MultiView1 control.
+        /// </summary>
+        /// <remarks>
+        /// Auto-generated field.
+        /// To modify move field declaration from designer file to code-behind file.
+        /// </remarks>
+        protected global::System.Web.UI.WebControls.MultiView MultiView1;
+        
+        /// <summary>
+        /// getAddressBookButton control.
+        /// </summary>
+        /// <remarks>
+        /// Auto-generated field.
+        /// To modify move field declaration from designer file to code-behind file.
+        /// </remarks>
+        protected global::System.Web.UI.WebControls.Button getAddressBookButton;
+        
+        /// <summary>
+        /// resultsPlaceholder control.
+        /// </summary>
+        /// <remarks>
+        /// Auto-generated field.
+        /// To modify move field declaration from designer file to code-behind file.
+        /// </remarks>
+        protected global::System.Web.UI.WebControls.PlaceHolder resultsPlaceholder;
+    }
+}
diff --git a/src/OAuth/OAuthConsumer/GoogleApps2Legged.aspx b/src/OAuth/OAuthConsumer/GoogleApps2Legged.aspx
new file mode 100644
index 0000000..cd9d9a1
--- /dev/null
+++ b/src/OAuth/OAuthConsumer/GoogleApps2Legged.aspx
@@ -0,0 +1,25 @@
+<%@ Page Language="C#" AutoEventWireup="true" MasterPageFile="~/MasterPage.master"CodeBehind="GoogleApps2Legged.aspx.cs" Inherits="OAuthConsumer.GoogleApps2Legged" %>
+
+<asp:Content ID="Content2" ContentPlaceHolderID="Body" runat="Server">
+	<asp:MultiView ID="MultiView1" runat="server" ActiveViewIndex="0">
+		<asp:View runat="server">
+			<h2>Google setup</h2>
+			<p>A Google client app must be endorsed by a Google user. </p>
+			<ol>
+				<li><a target="_blank" href="https://www.google.com/accounts/ManageDomains">Visit Google
+					and create a client app</a>. </li>
+				<li>Modify your web.config file to include your consumer key and consumer secret.
+				</li>
+			</ol>
+		</asp:View>
+		<asp:View runat="server">
+			<h2>Updates</h2>
+			<p>Ok, Google has authorized us to download your contacts. Click &#39;Get address book&#39;
+				to download the first 5 contacts to this sample. Notice how we never asked you
+				for your Google username or password. </p>
+			<asp:Button ID="getAddressBookButton" runat="server" OnClick="getAddressBookButton_Click"
+				Text="Get address book" />
+			<asp:PlaceHolder ID="resultsPlaceholder" runat="server" />
+		</asp:View>
+	</asp:MultiView>
+</asp:Content>
diff --git a/src/OAuth/OAuthConsumer/GoogleApps2Legged.aspx.cs b/src/OAuth/OAuthConsumer/GoogleApps2Legged.aspx.cs
new file mode 100644
index 0000000..afb156b
--- /dev/null
+++ b/src/OAuth/OAuthConsumer/GoogleApps2Legged.aspx.cs
@@ -0,0 +1,39 @@
+namespace OAuthConsumer {
+	using System;
+	using System.Collections.Generic;
+	using System.Configuration;
+	using System.Linq;
+	using System.Web;
+	using System.Web.UI;
+	using System.Web.UI.WebControls;
+	using DotNetOpenAuth.ApplicationBlock;
+	using DotNetOpenAuth.Messaging;
+	using DotNetOpenAuth.OAuth;
+	using DotNetOpenAuth.OAuth.Messages;
+
+	public partial class GoogleApps2Legged : System.Web.UI.Page {
+		private InMemoryTokenManager TokenManager {
+			get {
+				var tokenManager = (InMemoryTokenManager)Application["GoogleTokenManager"];
+				if (tokenManager == null) {
+					string consumerKey = ConfigurationManager.AppSettings["googleConsumerKey"];
+					string consumerSecret = ConfigurationManager.AppSettings["googleConsumerSecret"];
+					if (!string.IsNullOrEmpty(consumerKey)) {
+						tokenManager = new InMemoryTokenManager(consumerKey, consumerSecret);
+						Application["GoogleTokenManager"] = tokenManager;
+					}
+				}
+
+				return tokenManager;
+			}
+		}
+
+		protected void Page_Load(object sender, EventArgs e) {
+			var google = new WebConsumer(GoogleConsumer.ServiceDescription, this.TokenManager);
+			string accessToken = google.RequestNewClientAccount();
+			////string tokenSecret = google.TokenManager.GetTokenSecret(accessToken);
+			MessageReceivingEndpoint ep = null; // set up your authorized call here.
+			google.PrepareAuthorizedRequestAndSend(ep, accessToken);
+		}
+	}
+}
\ No newline at end of file
diff --git a/src/OAuth/OAuthConsumer/GoogleApps2Legged.aspx.designer.cs b/src/OAuth/OAuthConsumer/GoogleApps2Legged.aspx.designer.cs
new file mode 100644
index 0000000..f952937
--- /dev/null
+++ b/src/OAuth/OAuthConsumer/GoogleApps2Legged.aspx.designer.cs
@@ -0,0 +1,42 @@
+//------------------------------------------------------------------------------
+// <auto-generated>
+//     This code was generated by a tool.
+//
+//     Changes to this file may cause incorrect behavior and will be lost if
+//     the code is regenerated. 
+// </auto-generated>
+//------------------------------------------------------------------------------
+
+namespace OAuthConsumer {
+    
+    
+    public partial class GoogleApps2Legged {
+        
+        /// <summary>
+        /// MultiView1 control.
+        /// </summary>
+        /// <remarks>
+        /// Auto-generated field.
+        /// To modify move field declaration from designer file to code-behind file.
+        /// </remarks>
+        protected global::System.Web.UI.WebControls.MultiView MultiView1;
+        
+        /// <summary>
+        /// getAddressBookButton control.
+        /// </summary>
+        /// <remarks>
+        /// Auto-generated field.
+        /// To modify move field declaration from designer file to code-behind file.
+        /// </remarks>
+        protected global::System.Web.UI.WebControls.Button getAddressBookButton;
+        
+        /// <summary>
+        /// resultsPlaceholder control.
+        /// </summary>
+        /// <remarks>
+        /// Auto-generated field.
+        /// To modify move field declaration from designer file to code-behind file.
+        /// </remarks>
+        protected global::System.Web.UI.WebControls.PlaceHolder resultsPlaceholder;
+    }
+}
diff --git a/src/OAuth/OAuthConsumer/MasterPage.master b/src/OAuth/OAuthConsumer/MasterPage.master
new file mode 100644
index 0000000..0044208
--- /dev/null
+++ b/src/OAuth/OAuthConsumer/MasterPage.master
@@ -0,0 +1,23 @@
+<%@ Master Language="C#" %>
+
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
+
+<script runat="server">
+
+</script>
+
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head runat="server">
+	<title>DotNetOpenAuth Consumer sample</title>
+	<asp:ContentPlaceHolder ID="head" runat="server"/>
+</head>
+<body>
+	<form id="form1" runat="server">
+	<h1>DotNetOpenAuth Consumer ASP.NET WebForms sample</h1>
+	<div>
+		<asp:ContentPlaceHolder ID="Body" runat="server">
+		</asp:ContentPlaceHolder>
+	</div>
+	</form>
+</body>
+</html>
diff --git a/src/OAuth/OAuthConsumer/OAuthConsumer.csproj b/src/OAuth/OAuthConsumer/OAuthConsumer.csproj
new file mode 100644
index 0000000..2e362f2
--- /dev/null
+++ b/src/OAuth/OAuthConsumer/OAuthConsumer.csproj
@@ -0,0 +1,220 @@
+<?xml version="1.0" encoding="utf-8"?>

+<Project ToolsVersion="4.0" DefaultTargets="Build" xmlns="http://schemas.microsoft.com/developer/msbuild/2003">

+  <Import Project="$([MSBuild]::GetDirectoryNameOfFileAbove($(MSBuildProjectDirectory), EnlistmentInfo.props))\EnlistmentInfo.props" Condition=" '$([MSBuild]::GetDirectoryNameOfFileAbove($(MSBuildProjectDirectory), EnlistmentInfo.props))' != '' " />

+  <PropertyGroup>

+    <Configuration Condition=" '$(Configuration)' == '' ">Debug</Configuration>

+    <Platform Condition=" '$(Platform)' == '' ">AnyCPU</Platform>

+    <ProductVersion>

+    </ProductVersion>

+    <SchemaVersion>2.0</SchemaVersion>

+    <ProjectGuid>{2BF1FFD1-607E-40D0-8AB5-EDA677EF932D}</ProjectGuid>

+    <ProjectTypeGuids>{349c5851-65df-11da-9384-00065b846f21};{fae04ec0-301f-11d3-bf4b-00c04f79efbc}</ProjectTypeGuids>

+    <OutputType>Library</OutputType>

+    <AppDesignerFolder>Properties</AppDesignerFolder>

+    <RootNamespace>OAuthConsumer</RootNamespace>

+    <AssemblyName>OAuthConsumer</AssemblyName>

+    <TargetFrameworkVersion>v4.0</TargetFrameworkVersion>

+    <TargetFrameworkProfile />

+    <UseIISExpress>false</UseIISExpress>

+    <SolutionDir Condition="$(SolutionDir) == '' Or $(SolutionDir) == '*Undefined*'">..\..\..\</SolutionDir>

+    <RestorePackages>true</RestorePackages>

+  </PropertyGroup>

+  <PropertyGroup Condition=" '$(Configuration)|$(Platform)' == 'Debug|AnyCPU' ">

+    <DebugSymbols>true</DebugSymbols>

+    <DebugType>full</DebugType>

+    <Optimize>false</Optimize>

+    <OutputPath>bin\</OutputPath>

+    <DefineConstants>TRACE;DEBUG</DefineConstants>

+    <ErrorReport>prompt</ErrorReport>

+    <WarningLevel>4</WarningLevel>

+  </PropertyGroup>

+  <PropertyGroup Condition=" '$(Configuration)|$(Platform)' == 'Release|AnyCPU' ">

+    <DebugType>pdbonly</DebugType>

+    <Optimize>true</Optimize>

+    <OutputPath>bin\</OutputPath>

+    <DefineConstants>TRACE</DefineConstants>

+    <ErrorReport>prompt</ErrorReport>

+    <WarningLevel>4</WarningLevel>

+  </PropertyGroup>

+  <PropertyGroup>

+    <DefineConstants>$(DefineConstants);SAMPLESONLY</DefineConstants>

+  </PropertyGroup>

+  <ItemGroup>

+    <Reference Include="DotNetOpenAuth.Core, Version=4.0.0.0, Culture=neutral, PublicKeyToken=2780ccd10d57b246, processorArchitecture=MSIL">

+      <HintPath>..\..\..\packages\DotNetOpenAuth.Core.4.0.0.12084\lib\net40-full\DotNetOpenAuth.Core.dll</HintPath>

+    </Reference>

+    <Reference Include="DotNetOpenAuth.OAuth, Version=4.0.0.0, Culture=neutral, PublicKeyToken=2780ccd10d57b246, processorArchitecture=MSIL">

+      <HintPath>..\..\..\packages\DotNetOpenAuth.OAuth.Core.4.0.0.12084\lib\net40-full\DotNetOpenAuth.OAuth.dll</HintPath>

+    </Reference>

+    <Reference Include="DotNetOpenAuth.OAuth.Common, Version=4.0.0.0, Culture=neutral, PublicKeyToken=2780ccd10d57b246, processorArchitecture=MSIL">

+      <HintPath>..\..\..\packages\DotNetOpenAuth.OAuth.Common.4.0.0.12084\lib\net40-full\DotNetOpenAuth.OAuth.Common.dll</HintPath>

+    </Reference>

+    <Reference Include="DotNetOpenAuth.OAuth.Consumer, Version=4.0.0.0, Culture=neutral, PublicKeyToken=2780ccd10d57b246, processorArchitecture=MSIL">

+      <HintPath>..\..\..\packages\DotNetOpenAuth.OAuth.Consumer.4.0.0.12084\lib\net40-full\DotNetOpenAuth.OAuth.Consumer.dll</HintPath>

+    </Reference>

+    <Reference Include="DotNetOpenAuth.OAuth.ServiceProvider, Version=4.0.0.0, Culture=neutral, PublicKeyToken=2780ccd10d57b246, processorArchitecture=MSIL">

+      <HintPath>..\..\..\packages\DotNetOpenAuth.OAuth.ServiceProvider.4.0.0.12084\lib\net40-full\DotNetOpenAuth.OAuth.ServiceProvider.dll</HintPath>

+    </Reference>

+    <Reference Include="DotNetOpenAuth.OpenId, Version=4.0.0.0, Culture=neutral, PublicKeyToken=2780ccd10d57b246, processorArchitecture=MSIL">

+      <HintPath>..\..\..\packages\DotNetOpenAuth.OpenId.Core.4.0.0.12084\lib\net40-full\DotNetOpenAuth.OpenId.dll</HintPath>

+    </Reference>

+    <Reference Include="DotNetOpenAuth.OpenIdOAuth, Version=4.0.0.0, Culture=neutral, PublicKeyToken=2780ccd10d57b246, processorArchitecture=MSIL">

+      <HintPath>..\..\..\packages\DotNetOpenAuth.OpenIdOAuth.4.0.0.12084\lib\net40-full\DotNetOpenAuth.OpenIdOAuth.dll</HintPath>

+    </Reference>

+    <Reference Include="log4net">

+      <HintPath>..\..\..\packages\log4net.2.0.0\lib\net40-full\log4net.dll</HintPath>

+    </Reference>

+    <Reference Include="System" />

+    <Reference Include="System.Data" />

+    <Reference Include="System.Data.DataSetExtensions" />

+    <Reference Include="System.Runtime.Serialization" />

+    <Reference Include="System.ServiceModel" />

+    <Reference Include="System.Drawing" />

+    <Reference Include="System.Web" />

+    <Reference Include="System.Web.ApplicationServices" />

+    <Reference Include="System.Web.Extensions" />

+    <Reference Include="System.Xml" />

+    <Reference Include="System.Configuration" />

+    <Reference Include="System.Web.Services" />

+    <Reference Include="System.EnterpriseServices" />

+    <Reference Include="System.Web.DynamicData" />

+    <Reference Include="System.Web.Entity" />

+    <Reference Include="System.Xml.Linq" />

+  </ItemGroup>

+  <ItemGroup>

+    <Content Include="Default.aspx" />

+    <Content Include="favicon.ico" />

+    <Content Include="Global.asax" />

+    <Content Include="GoogleAddressBook.aspx" />

+    <Content Include="GoogleApps2Legged.aspx" />

+    <Content Include="images\Sign-in-with-Twitter-darker.png" />

+    <Content Include="SampleWcf.aspx" />

+    <Content Include="Yammer.aspx" />

+    <Content Include="packages.config" />

+    <None Include="Service References\SampleServiceProvider\DataApi.disco" />

+    <None Include="Service References\SampleServiceProvider\configuration91.svcinfo" />

+    <None Include="Service References\SampleServiceProvider\configuration.svcinfo" />

+    <None Include="Service References\SampleServiceProvider\Reference.svcmap">

+      <Generator>WCF Proxy Generator</Generator>

+      <LastGenOutput>Reference.cs</LastGenOutput>

+    </None>

+    <Content Include="SignInWithTwitter.aspx" />

+    <Content Include="TracePage.aspx" />

+    <Content Include="Twitter.aspx" />

+    <Content Include="Web.config" />

+    <None Include="Service References\SampleServiceProvider\DataApi1.xsd">

+      <SubType>Designer</SubType>

+    </None>

+    <None Include="Service References\SampleServiceProvider\DataApi2.xsd">

+      <SubType>Designer</SubType>

+    </None>

+  </ItemGroup>

+  <ItemGroup>

+    <Compile Include="Global.asax.cs">

+      <DependentUpon>Global.asax</DependentUpon>

+    </Compile>

+    <Compile Include="GoogleAddressBook.aspx.designer.cs">

+      <DependentUpon>GoogleAddressBook.aspx</DependentUpon>

+    </Compile>

+    <Compile Include="GoogleApps2Legged.aspx.cs">

+      <DependentUpon>GoogleApps2Legged.aspx</DependentUpon>

+      <SubType>ASPXCodeBehind</SubType>

+    </Compile>

+    <Compile Include="GoogleApps2Legged.aspx.designer.cs">

+      <DependentUpon>GoogleApps2Legged.aspx</DependentUpon>

+    </Compile>

+    <Compile Include="SampleWcf.aspx.cs">

+      <DependentUpon>SampleWcf.aspx</DependentUpon>

+      <SubType>ASPXCodeBehind</SubType>

+    </Compile>

+    <Compile Include="SampleWcf.aspx.designer.cs">

+      <DependentUpon>SampleWcf.aspx</DependentUpon>

+    </Compile>

+    <Compile Include="Service References\SampleServiceProvider\Reference.cs">

+      <AutoGen>True</AutoGen>

+      <DesignTime>True</DesignTime>

+      <DependentUpon>Reference.svcmap</DependentUpon>

+    </Compile>

+    <Compile Include="SignInWithTwitter.aspx.cs">

+      <DependentUpon>SignInWithTwitter.aspx</DependentUpon>

+      <SubType>ASPXCodeBehind</SubType>

+    </Compile>

+    <Compile Include="SignInWithTwitter.aspx.designer.cs">

+      <DependentUpon>SignInWithTwitter.aspx</DependentUpon>

+    </Compile>

+    <Compile Include="TracePage.aspx.cs">

+      <DependentUpon>TracePage.aspx</DependentUpon>

+      <SubType>ASPXCodeBehind</SubType>

+    </Compile>

+    <Compile Include="TracePage.aspx.designer.cs">

+      <DependentUpon>TracePage.aspx</DependentUpon>

+    </Compile>

+    <Compile Include="Twitter.aspx.cs">

+      <DependentUpon>Twitter.aspx</DependentUpon>

+      <SubType>ASPXCodeBehind</SubType>

+    </Compile>

+    <Compile Include="Code\Logging.cs" />

+    <Compile Include="Code\TracePageAppender.cs" />

+    <Compile Include="GoogleAddressBook.aspx.cs">

+      <DependentUpon>GoogleAddressBook.aspx</DependentUpon>

+      <SubType>ASPXCodeBehind</SubType>

+    </Compile>

+    <Compile Include="Properties\AssemblyInfo.cs" />

+    <Compile Include="Twitter.aspx.designer.cs">

+      <DependentUpon>Twitter.aspx</DependentUpon>

+    </Compile>

+    <Compile Include="Yammer.aspx.cs">

+      <DependentUpon>Yammer.aspx</DependentUpon>

+      <SubType>ASPXCodeBehind</SubType>

+    </Compile>

+    <Compile Include="Yammer.aspx.designer.cs">

+      <DependentUpon>Yammer.aspx</DependentUpon>

+    </Compile>

+  </ItemGroup>

+  <ItemGroup>

+    <Folder Include="App_Data\" />

+  </ItemGroup>

+  <ItemGroup>

+    <Content Include="MasterPage.master" />

+    <None Include="Service References\SampleServiceProvider\DataApi.wsdl" />

+    <None Include="Service References\SampleServiceProvider\DataApi.xsd">

+      <SubType>Designer</SubType>

+    </None>

+    <None Include="Settings.StyleCop" />

+  </ItemGroup>

+  <ItemGroup>

+    <ProjectReference Include="..\..\DotNetOpenAuth.ApplicationBlock\DotNetOpenAuth.ApplicationBlock.csproj">

+      <Project>{AA78D112-D889-414B-A7D4-467B34C7B663}</Project>

+      <Name>DotNetOpenAuth.ApplicationBlock</Name>

+    </ProjectReference>

+  </ItemGroup>

+  <ItemGroup>

+    <WCFMetadata Include="Service References\" />

+  </ItemGroup>

+  <ItemGroup>

+    <WCFMetadataStorage Include="Service References\SampleServiceProvider\" />

+  </ItemGroup>

+  <Import Project="$(MSBuildBinPath)\Microsoft.CSharp.targets" />

+  <Import Project="$(MSBuildExtensionsPath32)\Microsoft\VisualStudio\v10.0\WebApplications\Microsoft.WebApplication.targets" />

+  <ProjectExtensions>

+    <VisualStudio>

+      <FlavorProperties GUID="{349c5851-65df-11da-9384-00065b846f21}">

+        <WebProjectProperties>

+          <UseIIS>False</UseIIS>

+          <AutoAssignPort>False</AutoAssignPort>

+          <DevelopmentServerPort>59721</DevelopmentServerPort>

+          <DevelopmentServerVPath>/</DevelopmentServerVPath>

+          <IISUrl>

+          </IISUrl>

+          <NTLMAuthentication>False</NTLMAuthentication>

+          <UseCustomServer>False</UseCustomServer>

+          <CustomServerUrl>

+          </CustomServerUrl>

+          <SaveServerSettingsInUserFile>False</SaveServerSettingsInUserFile>

+        </WebProjectProperties>

+      </FlavorProperties>

+    </VisualStudio>

+  </ProjectExtensions>

+  <Import Project="$([MSBuild]::GetDirectoryNameOfFileAbove($(MSBuildProjectDirectory), EnlistmentInfo.targets))\EnlistmentInfo.targets" Condition=" '$([MSBuild]::GetDirectoryNameOfFileAbove($(MSBuildProjectDirectory), EnlistmentInfo.targets))' != '' " />

+  <Import Project="$(SolutionDir)\.nuget\nuget.targets" />

+</Project>
\ No newline at end of file
diff --git a/src/OAuth/OAuthConsumer/Properties/AssemblyInfo.cs b/src/OAuth/OAuthConsumer/Properties/AssemblyInfo.cs
new file mode 100644
index 0000000..35efa1c
--- /dev/null
+++ b/src/OAuth/OAuthConsumer/Properties/AssemblyInfo.cs
@@ -0,0 +1,35 @@
+using System.Reflection;
+using System.Runtime.CompilerServices;
+using System.Runtime.InteropServices;
+
+// General Information about an assembly is controlled through the following 
+// set of attributes. Change these attribute values to modify the information
+// associated with an assembly.
+[assembly: AssemblyTitle("OAuthConsumer")]
+[assembly: AssemblyDescription("")]
+[assembly: AssemblyConfiguration("")]
+[assembly: AssemblyCompany("")]
+[assembly: AssemblyProduct("OAuthConsumer")]
+[assembly: AssemblyCopyright("Copyright ©  2010")]
+[assembly: AssemblyTrademark("")]
+[assembly: AssemblyCulture("")]
+
+// Setting ComVisible to false makes the types in this assembly not visible 
+// to COM components.  If you need to access a type in this assembly from 
+// COM, set the ComVisible attribute to true on that type.
+[assembly: ComVisible(false)]
+
+// The following GUID is for the ID of the typelib if this project is exposed to COM
+[assembly: Guid("12549916-9ec2-4cf6-9fe3-82ea1f6ea665")]
+
+// Version information for an assembly consists of the following four values:
+//
+//      Major Version
+//      Minor Version 
+//      Build Number
+//      Revision
+//
+// You can specify all the values or you can default the Revision and Build Numbers 
+// by using the '*' as shown below:
+[assembly: AssemblyVersion("1.0.0.0")]
+[assembly: AssemblyFileVersion("1.0.0.0")]
diff --git a/src/OAuth/OAuthConsumer/SampleWcf.aspx b/src/OAuth/OAuthConsumer/SampleWcf.aspx
new file mode 100644
index 0000000..fb318ce
--- /dev/null
+++ b/src/OAuth/OAuthConsumer/SampleWcf.aspx
@@ -0,0 +1,23 @@
+<%@ Page Title="" Language="C#" MasterPageFile="~/MasterPage.master" AutoEventWireup="true" Inherits="OAuthConsumer.SampleWcf" Codebehind="SampleWcf.aspx.cs" %>
+
+<asp:Content ID="Content2" ContentPlaceHolderID="Body" runat="Server">
+	<fieldset title="Authorization">
+		<asp:CheckBoxList runat="server" ID="scopeList">
+			<asp:ListItem Value="http://tempuri.org/IDataApi/GetName">GetName</asp:ListItem>
+			<asp:ListItem Value="http://tempuri.org/IDataApi/GetAge">GetAge</asp:ListItem>
+			<asp:ListItem Value="http://tempuri.org/IDataApi/GetFavoriteSites">GetFavoriteSites</asp:ListItem>
+		</asp:CheckBoxList>
+		<asp:Button ID="getAuthorizationButton" runat="server" Text="Get Authorization" OnClick="getAuthorizationButton_Click" />
+		<asp:Label ID="authorizationLabel" runat="server" />
+	</fieldset>
+	<br />
+	<asp:Button ID="getNameButton" runat="server" Text="Get Name" OnClick="getNameButton_Click" />
+	<asp:Label ID="nameLabel" runat="server" />
+	<br />
+	<asp:Button ID="getAgeButton" runat="server" Text="Get Age" OnClick="getAgeButton_Click" />
+	<asp:Label ID="ageLabel" runat="server" />
+	<br />
+	<asp:Button ID="getFavoriteSites" runat="server" Text="Get Favorite Sites" 
+		onclick="getFavoriteSites_Click" />
+	<asp:Label ID="favoriteSitesLabel" runat="server" />
+</asp:Content>
diff --git a/src/OAuth/OAuthConsumer/SampleWcf.aspx.cs b/src/OAuth/OAuthConsumer/SampleWcf.aspx.cs
new file mode 100644
index 0000000..d56a161
--- /dev/null
+++ b/src/OAuth/OAuthConsumer/SampleWcf.aspx.cs
@@ -0,0 +1,119 @@
+namespace OAuthConsumer {
+	using System;
+	using System.Collections.Generic;
+	using System.Globalization;
+	using System.Linq;
+	using System.Net;
+	using System.ServiceModel;
+	using System.ServiceModel.Channels;
+	using System.ServiceModel.Security;
+	using System.Web.UI.WebControls;
+	using DotNetOpenAuth;
+	using DotNetOpenAuth.ApplicationBlock;
+	using DotNetOpenAuth.Messaging;
+	using DotNetOpenAuth.OAuth;
+	using DotNetOpenAuth.OAuth.ChannelElements;
+	using OAuthConsumer.SampleServiceProvider;
+
+	/// <summary>
+	/// Sample consumer of our Service Provider sample's WCF service.
+	/// </summary>
+	public partial class SampleWcf : System.Web.UI.Page {
+		protected void Page_Load(object sender, EventArgs e) {
+			if (!IsPostBack) {
+				if (Session["WcfTokenManager"] != null) {
+					WebConsumer consumer = this.CreateConsumer();
+					var accessTokenMessage = consumer.ProcessUserAuthorization();
+					if (accessTokenMessage != null) {
+						Session["WcfAccessToken"] = accessTokenMessage.AccessToken;
+						this.authorizationLabel.Text = "Authorized!  Access token: " + accessTokenMessage.AccessToken;
+					}
+				}
+			}
+		}
+
+		protected void getAuthorizationButton_Click(object sender, EventArgs e) {
+			WebConsumer consumer = this.CreateConsumer();
+			UriBuilder callback = new UriBuilder(Request.Url);
+			callback.Query = null;
+			string[] scopes = (from item in this.scopeList.Items.OfType<ListItem>()
+							   where item.Selected
+							   select item.Value).ToArray();
+			string scope = string.Join("|", scopes);
+			var requestParams = new Dictionary<string, string> {
+			{ "scope", scope },
+		};
+			var response = consumer.PrepareRequestUserAuthorization(callback.Uri, requestParams, null);
+			consumer.Channel.Send(response);
+		}
+
+		protected void getNameButton_Click(object sender, EventArgs e) {
+			try {
+				this.nameLabel.Text = this.CallService(client => client.GetName());
+			} catch (SecurityAccessDeniedException) {
+				this.nameLabel.Text = "Access denied!";
+			}
+		}
+
+		protected void getAgeButton_Click(object sender, EventArgs e) {
+			try {
+				int? age = this.CallService(client => client.GetAge());
+				this.ageLabel.Text = age.HasValue ? age.Value.ToString(CultureInfo.CurrentCulture) : "not available";
+			} catch (SecurityAccessDeniedException) {
+				this.ageLabel.Text = "Access denied!";
+			}
+		}
+
+		protected void getFavoriteSites_Click(object sender, EventArgs e) {
+			try {
+				string[] favoriteSites = this.CallService(client => client.GetFavoriteSites());
+				this.favoriteSitesLabel.Text = string.Join(", ", favoriteSites);
+			} catch (SecurityAccessDeniedException) {
+				this.favoriteSitesLabel.Text = "Access denied!";
+			}
+		}
+
+		private T CallService<T>(Func<DataApiClient, T> predicate) {
+			DataApiClient client = new DataApiClient();
+			var serviceEndpoint = new MessageReceivingEndpoint(client.Endpoint.Address.Uri, HttpDeliveryMethods.AuthorizationHeaderRequest | HttpDeliveryMethods.PostRequest);
+			var accessToken = Session["WcfAccessToken"] as string;
+			if (accessToken == null) {
+				throw new InvalidOperationException("No access token!");
+			}
+			WebConsumer consumer = this.CreateConsumer();
+			WebRequest httpRequest = consumer.PrepareAuthorizedRequest(serviceEndpoint, accessToken);
+
+			HttpRequestMessageProperty httpDetails = new HttpRequestMessageProperty();
+			httpDetails.Headers[HttpRequestHeader.Authorization] = httpRequest.Headers[HttpRequestHeader.Authorization];
+			using (OperationContextScope scope = new OperationContextScope(client.InnerChannel)) {
+				OperationContext.Current.OutgoingMessageProperties[HttpRequestMessageProperty.Name] = httpDetails;
+				return predicate(client);
+			}
+		}
+
+		private WebConsumer CreateConsumer() {
+			string consumerKey = "sampleconsumer";
+			string consumerSecret = "samplesecret";
+			var tokenManager = Session["WcfTokenManager"] as InMemoryTokenManager;
+			if (tokenManager == null) {
+				tokenManager = new InMemoryTokenManager(consumerKey, consumerSecret);
+				Session["WcfTokenManager"] = tokenManager;
+			}
+			MessageReceivingEndpoint oauthEndpoint = new MessageReceivingEndpoint(
+				new Uri("http://localhost:65169/OAuth.ashx"),
+				HttpDeliveryMethods.PostRequest);
+			WebConsumer consumer = new WebConsumer(
+				new ServiceProviderDescription {
+					RequestTokenEndpoint = oauthEndpoint,
+					UserAuthorizationEndpoint = oauthEndpoint,
+					AccessTokenEndpoint = oauthEndpoint,
+					TamperProtectionElements = new DotNetOpenAuth.Messaging.ITamperProtectionChannelBindingElement[] {
+					new HmacSha1SigningBindingElement(),
+				},
+				},
+				tokenManager);
+
+			return consumer;
+		}
+	}
+}
\ No newline at end of file
diff --git a/src/OAuth/OAuthConsumer/SampleWcf.aspx.designer.cs b/src/OAuth/OAuthConsumer/SampleWcf.aspx.designer.cs
new file mode 100644
index 0000000..c041338
--- /dev/null
+++ b/src/OAuth/OAuthConsumer/SampleWcf.aspx.designer.cs
@@ -0,0 +1,96 @@
+//------------------------------------------------------------------------------
+// <auto-generated>
+//     This code was generated by a tool.
+//
+//     Changes to this file may cause incorrect behavior and will be lost if
+//     the code is regenerated. 
+// </auto-generated>
+//------------------------------------------------------------------------------
+
+namespace OAuthConsumer {
+    
+    
+    public partial class SampleWcf {
+        
+        /// <summary>
+        /// scopeList control.
+        /// </summary>
+        /// <remarks>
+        /// Auto-generated field.
+        /// To modify move field declaration from designer file to code-behind file.
+        /// </remarks>
+        protected global::System.Web.UI.WebControls.CheckBoxList scopeList;
+        
+        /// <summary>
+        /// getAuthorizationButton control.
+        /// </summary>
+        /// <remarks>
+        /// Auto-generated field.
+        /// To modify move field declaration from designer file to code-behind file.
+        /// </remarks>
+        protected global::System.Web.UI.WebControls.Button getAuthorizationButton;
+        
+        /// <summary>
+        /// authorizationLabel control.
+        /// </summary>
+        /// <remarks>
+        /// Auto-generated field.
+        /// To modify move field declaration from designer file to code-behind file.
+        /// </remarks>
+        protected global::System.Web.UI.WebControls.Label authorizationLabel;
+        
+        /// <summary>
+        /// getNameButton control.
+        /// </summary>
+        /// <remarks>
+        /// Auto-generated field.
+        /// To modify move field declaration from designer file to code-behind file.
+        /// </remarks>
+        protected global::System.Web.UI.WebControls.Button getNameButton;
+        
+        /// <summary>
+        /// nameLabel control.
+        /// </summary>
+        /// <remarks>
+        /// Auto-generated field.
+        /// To modify move field declaration from designer file to code-behind file.
+        /// </remarks>
+        protected global::System.Web.UI.WebControls.Label nameLabel;
+        
+        /// <summary>
+        /// getAgeButton control.
+        /// </summary>
+        /// <remarks>
+        /// Auto-generated field.
+        /// To modify move field declaration from designer file to code-behind file.
+        /// </remarks>
+        protected global::System.Web.UI.WebControls.Button getAgeButton;
+        
+        /// <summary>
+        /// ageLabel control.
+        /// </summary>
+        /// <remarks>
+        /// Auto-generated field.
+        /// To modify move field declaration from designer file to code-behind file.
+        /// </remarks>
+        protected global::System.Web.UI.WebControls.Label ageLabel;
+        
+        /// <summary>
+        /// getFavoriteSites control.
+        /// </summary>
+        /// <remarks>
+        /// Auto-generated field.
+        /// To modify move field declaration from designer file to code-behind file.
+        /// </remarks>
+        protected global::System.Web.UI.WebControls.Button getFavoriteSites;
+        
+        /// <summary>
+        /// favoriteSitesLabel control.
+        /// </summary>
+        /// <remarks>
+        /// Auto-generated field.
+        /// To modify move field declaration from designer file to code-behind file.
+        /// </remarks>
+        protected global::System.Web.UI.WebControls.Label favoriteSitesLabel;
+    }
+}
diff --git a/src/OAuth/OAuthConsumer/Service References/SampleServiceProvider/DataApi.disco b/src/OAuth/OAuthConsumer/Service References/SampleServiceProvider/DataApi.disco
new file mode 100644
index 0000000..f8d5e5b
--- /dev/null
+++ b/src/OAuth/OAuthConsumer/Service References/SampleServiceProvider/DataApi.disco
@@ -0,0 +1,4 @@
+<?xml version="1.0" encoding="utf-8"?>
+<discovery xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns="http://schemas.xmlsoap.org/disco/">
+  <contractRef ref="http://localhost:65169/DataApi.svc?wsdl" docRef="http://localhost:65169/DataApi.svc" xmlns="http://schemas.xmlsoap.org/disco/scl/" />
+</discovery>
\ No newline at end of file
diff --git a/src/OAuth/OAuthConsumer/Service References/SampleServiceProvider/DataApi.wsdl b/src/OAuth/OAuthConsumer/Service References/SampleServiceProvider/DataApi.wsdl
new file mode 100644
index 0000000..702762a
--- /dev/null
+++ b/src/OAuth/OAuthConsumer/Service References/SampleServiceProvider/DataApi.wsdl
@@ -0,0 +1,310 @@
+<?xml version="1.0" encoding="utf-8"?>
+<wsdl:definitions xmlns:wsap="http://schemas.xmlsoap.org/ws/2004/08/addressing/policy" xmlns:wsa10="http://www.w3.org/2005/08/addressing" xmlns:tns="http://tempuri.org/" xmlns:msc="http://schemas.microsoft.com/ws/2005/12/wsdl/contract" xmlns:soapenc="http://schemas.xmlsoap.org/soap/encoding/" xmlns:wsx="http://schemas.xmlsoap.org/ws/2004/09/mex" xmlns:wsp="http://schemas.xmlsoap.org/ws/2004/09/policy" xmlns:wsam="http://www.w3.org/2007/05/addressing/metadata" xmlns:soap12="http://schemas.xmlsoap.org/wsdl/soap12/" xmlns:wsa="http://schemas.xmlsoap.org/ws/2004/08/addressing" xmlns:wsaw="http://www.w3.org/2006/05/addressing/wsdl" xmlns:soap="http://schemas.xmlsoap.org/wsdl/soap/" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd" xmlns:xsd="http://www.w3.org/2001/XMLSchema" name="DataApi" targetNamespace="http://tempuri.org/" xmlns:wsdl="http://schemas.xmlsoap.org/wsdl/">
+  <wsp:Policy wsu:Id="WSHttpBinding_IDataApi_policy">
+    <wsp:ExactlyOne>
+      <wsp:All>
+        <sp:SymmetricBinding xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy">
+          <wsp:Policy>
+            <sp:ProtectionToken>
+              <wsp:Policy>
+                <sp:SecureConversationToken sp:IncludeToken="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy/IncludeToken/AlwaysToRecipient">
+                  <wsp:Policy>
+                    <sp:RequireDerivedKeys />
+                    <sp:BootstrapPolicy>
+                      <wsp:Policy>
+                        <sp:SignedParts>
+                          <sp:Body />
+                          <sp:Header Name="To" Namespace="http://www.w3.org/2005/08/addressing" />
+                          <sp:Header Name="From" Namespace="http://www.w3.org/2005/08/addressing" />
+                          <sp:Header Name="FaultTo" Namespace="http://www.w3.org/2005/08/addressing" />
+                          <sp:Header Name="ReplyTo" Namespace="http://www.w3.org/2005/08/addressing" />
+                          <sp:Header Name="MessageID" Namespace="http://www.w3.org/2005/08/addressing" />
+                          <sp:Header Name="RelatesTo" Namespace="http://www.w3.org/2005/08/addressing" />
+                          <sp:Header Name="Action" Namespace="http://www.w3.org/2005/08/addressing" />
+                        </sp:SignedParts>
+                        <sp:EncryptedParts>
+                          <sp:Body />
+                        </sp:EncryptedParts>
+                        <sp:SymmetricBinding>
+                          <wsp:Policy>
+                            <sp:ProtectionToken>
+                              <wsp:Policy>
+                                <sp:SpnegoContextToken sp:IncludeToken="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy/IncludeToken/AlwaysToRecipient">
+                                  <wsp:Policy>
+                                    <sp:RequireDerivedKeys />
+                                  </wsp:Policy>
+                                </sp:SpnegoContextToken>
+                              </wsp:Policy>
+                            </sp:ProtectionToken>
+                            <sp:AlgorithmSuite>
+                              <wsp:Policy>
+                                <sp:Basic256 />
+                              </wsp:Policy>
+                            </sp:AlgorithmSuite>
+                            <sp:Layout>
+                              <wsp:Policy>
+                                <sp:Strict />
+                              </wsp:Policy>
+                            </sp:Layout>
+                            <sp:IncludeTimestamp />
+                            <sp:EncryptSignature />
+                            <sp:OnlySignEntireHeadersAndBody />
+                          </wsp:Policy>
+                        </sp:SymmetricBinding>
+                        <sp:Wss11>
+                          <wsp:Policy>
+                            <sp:MustSupportRefKeyIdentifier />
+                            <sp:MustSupportRefIssuerSerial />
+                            <sp:MustSupportRefThumbprint />
+                            <sp:MustSupportRefEncryptedKey />
+                          </wsp:Policy>
+                        </sp:Wss11>
+                        <sp:Trust10>
+                          <wsp:Policy>
+                            <sp:MustSupportIssuedTokens />
+                            <sp:RequireClientEntropy />
+                            <sp:RequireServerEntropy />
+                          </wsp:Policy>
+                        </sp:Trust10>
+                      </wsp:Policy>
+                    </sp:BootstrapPolicy>
+                  </wsp:Policy>
+                </sp:SecureConversationToken>
+              </wsp:Policy>
+            </sp:ProtectionToken>
+            <sp:AlgorithmSuite>
+              <wsp:Policy>
+                <sp:Basic256 />
+              </wsp:Policy>
+            </sp:AlgorithmSuite>
+            <sp:Layout>
+              <wsp:Policy>
+                <sp:Strict />
+              </wsp:Policy>
+            </sp:Layout>
+            <sp:IncludeTimestamp />
+            <sp:EncryptSignature />
+            <sp:OnlySignEntireHeadersAndBody />
+          </wsp:Policy>
+        </sp:SymmetricBinding>
+        <sp:Wss11 xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy">
+          <wsp:Policy>
+            <sp:MustSupportRefKeyIdentifier />
+            <sp:MustSupportRefIssuerSerial />
+            <sp:MustSupportRefThumbprint />
+            <sp:MustSupportRefEncryptedKey />
+          </wsp:Policy>
+        </sp:Wss11>
+        <sp:Trust10 xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy">
+          <wsp:Policy>
+            <sp:MustSupportIssuedTokens />
+            <sp:RequireClientEntropy />
+            <sp:RequireServerEntropy />
+          </wsp:Policy>
+        </sp:Trust10>
+        <wsaw:UsingAddressing />
+      </wsp:All>
+    </wsp:ExactlyOne>
+  </wsp:Policy>
+  <wsp:Policy wsu:Id="WSHttpBinding_IDataApi_GetAge_Input_policy">
+    <wsp:ExactlyOne>
+      <wsp:All>
+        <sp:SignedParts xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy">
+          <sp:Body />
+          <sp:Header Name="To" Namespace="http://www.w3.org/2005/08/addressing" />
+          <sp:Header Name="From" Namespace="http://www.w3.org/2005/08/addressing" />
+          <sp:Header Name="FaultTo" Namespace="http://www.w3.org/2005/08/addressing" />
+          <sp:Header Name="ReplyTo" Namespace="http://www.w3.org/2005/08/addressing" />
+          <sp:Header Name="MessageID" Namespace="http://www.w3.org/2005/08/addressing" />
+          <sp:Header Name="RelatesTo" Namespace="http://www.w3.org/2005/08/addressing" />
+          <sp:Header Name="Action" Namespace="http://www.w3.org/2005/08/addressing" />
+        </sp:SignedParts>
+        <sp:EncryptedParts xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy">
+          <sp:Body />
+        </sp:EncryptedParts>
+      </wsp:All>
+    </wsp:ExactlyOne>
+  </wsp:Policy>
+  <wsp:Policy wsu:Id="WSHttpBinding_IDataApi_GetAge_output_policy">
+    <wsp:ExactlyOne>
+      <wsp:All>
+        <sp:SignedParts xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy">
+          <sp:Body />
+          <sp:Header Name="To" Namespace="http://www.w3.org/2005/08/addressing" />
+          <sp:Header Name="From" Namespace="http://www.w3.org/2005/08/addressing" />
+          <sp:Header Name="FaultTo" Namespace="http://www.w3.org/2005/08/addressing" />
+          <sp:Header Name="ReplyTo" Namespace="http://www.w3.org/2005/08/addressing" />
+          <sp:Header Name="MessageID" Namespace="http://www.w3.org/2005/08/addressing" />
+          <sp:Header Name="RelatesTo" Namespace="http://www.w3.org/2005/08/addressing" />
+          <sp:Header Name="Action" Namespace="http://www.w3.org/2005/08/addressing" />
+        </sp:SignedParts>
+        <sp:EncryptedParts xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy">
+          <sp:Body />
+        </sp:EncryptedParts>
+      </wsp:All>
+    </wsp:ExactlyOne>
+  </wsp:Policy>
+  <wsp:Policy wsu:Id="WSHttpBinding_IDataApi_GetName_Input_policy">
+    <wsp:ExactlyOne>
+      <wsp:All>
+        <sp:SignedParts xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy">
+          <sp:Body />
+          <sp:Header Name="To" Namespace="http://www.w3.org/2005/08/addressing" />
+          <sp:Header Name="From" Namespace="http://www.w3.org/2005/08/addressing" />
+          <sp:Header Name="FaultTo" Namespace="http://www.w3.org/2005/08/addressing" />
+          <sp:Header Name="ReplyTo" Namespace="http://www.w3.org/2005/08/addressing" />
+          <sp:Header Name="MessageID" Namespace="http://www.w3.org/2005/08/addressing" />
+          <sp:Header Name="RelatesTo" Namespace="http://www.w3.org/2005/08/addressing" />
+          <sp:Header Name="Action" Namespace="http://www.w3.org/2005/08/addressing" />
+        </sp:SignedParts>
+        <sp:EncryptedParts xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy">
+          <sp:Body />
+        </sp:EncryptedParts>
+      </wsp:All>
+    </wsp:ExactlyOne>
+  </wsp:Policy>
+  <wsp:Policy wsu:Id="WSHttpBinding_IDataApi_GetName_output_policy">
+    <wsp:ExactlyOne>
+      <wsp:All>
+        <sp:SignedParts xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy">
+          <sp:Body />
+          <sp:Header Name="To" Namespace="http://www.w3.org/2005/08/addressing" />
+          <sp:Header Name="From" Namespace="http://www.w3.org/2005/08/addressing" />
+          <sp:Header Name="FaultTo" Namespace="http://www.w3.org/2005/08/addressing" />
+          <sp:Header Name="ReplyTo" Namespace="http://www.w3.org/2005/08/addressing" />
+          <sp:Header Name="MessageID" Namespace="http://www.w3.org/2005/08/addressing" />
+          <sp:Header Name="RelatesTo" Namespace="http://www.w3.org/2005/08/addressing" />
+          <sp:Header Name="Action" Namespace="http://www.w3.org/2005/08/addressing" />
+        </sp:SignedParts>
+        <sp:EncryptedParts xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy">
+          <sp:Body />
+        </sp:EncryptedParts>
+      </wsp:All>
+    </wsp:ExactlyOne>
+  </wsp:Policy>
+  <wsp:Policy wsu:Id="WSHttpBinding_IDataApi_GetFavoriteSites_Input_policy">
+    <wsp:ExactlyOne>
+      <wsp:All>
+        <sp:SignedParts xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy">
+          <sp:Body />
+          <sp:Header Name="To" Namespace="http://www.w3.org/2005/08/addressing" />
+          <sp:Header Name="From" Namespace="http://www.w3.org/2005/08/addressing" />
+          <sp:Header Name="FaultTo" Namespace="http://www.w3.org/2005/08/addressing" />
+          <sp:Header Name="ReplyTo" Namespace="http://www.w3.org/2005/08/addressing" />
+          <sp:Header Name="MessageID" Namespace="http://www.w3.org/2005/08/addressing" />
+          <sp:Header Name="RelatesTo" Namespace="http://www.w3.org/2005/08/addressing" />
+          <sp:Header Name="Action" Namespace="http://www.w3.org/2005/08/addressing" />
+        </sp:SignedParts>
+        <sp:EncryptedParts xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy">
+          <sp:Body />
+        </sp:EncryptedParts>
+      </wsp:All>
+    </wsp:ExactlyOne>
+  </wsp:Policy>
+  <wsp:Policy wsu:Id="WSHttpBinding_IDataApi_GetFavoriteSites_output_policy">
+    <wsp:ExactlyOne>
+      <wsp:All>
+        <sp:SignedParts xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy">
+          <sp:Body />
+          <sp:Header Name="To" Namespace="http://www.w3.org/2005/08/addressing" />
+          <sp:Header Name="From" Namespace="http://www.w3.org/2005/08/addressing" />
+          <sp:Header Name="FaultTo" Namespace="http://www.w3.org/2005/08/addressing" />
+          <sp:Header Name="ReplyTo" Namespace="http://www.w3.org/2005/08/addressing" />
+          <sp:Header Name="MessageID" Namespace="http://www.w3.org/2005/08/addressing" />
+          <sp:Header Name="RelatesTo" Namespace="http://www.w3.org/2005/08/addressing" />
+          <sp:Header Name="Action" Namespace="http://www.w3.org/2005/08/addressing" />
+        </sp:SignedParts>
+        <sp:EncryptedParts xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy">
+          <sp:Body />
+        </sp:EncryptedParts>
+      </wsp:All>
+    </wsp:ExactlyOne>
+  </wsp:Policy>
+  <wsdl:types>
+    <xsd:schema targetNamespace="http://tempuri.org/Imports">
+      <xsd:import schemaLocation="http://localhost:65169/DataApi.svc?xsd=xsd0" namespace="http://tempuri.org/" />
+      <xsd:import schemaLocation="http://localhost:65169/DataApi.svc?xsd=xsd1" namespace="http://schemas.microsoft.com/2003/10/Serialization/" />
+      <xsd:import schemaLocation="http://localhost:65169/DataApi.svc?xsd=xsd2" namespace="http://schemas.microsoft.com/2003/10/Serialization/Arrays" />
+    </xsd:schema>
+  </wsdl:types>
+  <wsdl:message name="IDataApi_GetAge_InputMessage">
+    <wsdl:part name="parameters" element="tns:GetAge" />
+  </wsdl:message>
+  <wsdl:message name="IDataApi_GetAge_OutputMessage">
+    <wsdl:part name="parameters" element="tns:GetAgeResponse" />
+  </wsdl:message>
+  <wsdl:message name="IDataApi_GetName_InputMessage">
+    <wsdl:part name="parameters" element="tns:GetName" />
+  </wsdl:message>
+  <wsdl:message name="IDataApi_GetName_OutputMessage">
+    <wsdl:part name="parameters" element="tns:GetNameResponse" />
+  </wsdl:message>
+  <wsdl:message name="IDataApi_GetFavoriteSites_InputMessage">
+    <wsdl:part name="parameters" element="tns:GetFavoriteSites" />
+  </wsdl:message>
+  <wsdl:message name="IDataApi_GetFavoriteSites_OutputMessage">
+    <wsdl:part name="parameters" element="tns:GetFavoriteSitesResponse" />
+  </wsdl:message>
+  <wsdl:portType name="IDataApi">
+    <wsdl:operation name="GetAge">
+      <wsdl:input wsaw:Action="http://tempuri.org/IDataApi/GetAge" message="tns:IDataApi_GetAge_InputMessage" />
+      <wsdl:output wsaw:Action="http://tempuri.org/IDataApi/GetAgeResponse" message="tns:IDataApi_GetAge_OutputMessage" />
+    </wsdl:operation>
+    <wsdl:operation name="GetName">
+      <wsdl:input wsaw:Action="http://tempuri.org/IDataApi/GetName" message="tns:IDataApi_GetName_InputMessage" />
+      <wsdl:output wsaw:Action="http://tempuri.org/IDataApi/GetNameResponse" message="tns:IDataApi_GetName_OutputMessage" />
+    </wsdl:operation>
+    <wsdl:operation name="GetFavoriteSites">
+      <wsdl:input wsaw:Action="http://tempuri.org/IDataApi/GetFavoriteSites" message="tns:IDataApi_GetFavoriteSites_InputMessage" />
+      <wsdl:output wsaw:Action="http://tempuri.org/IDataApi/GetFavoriteSitesResponse" message="tns:IDataApi_GetFavoriteSites_OutputMessage" />
+    </wsdl:operation>
+  </wsdl:portType>
+  <wsdl:binding name="WSHttpBinding_IDataApi" type="tns:IDataApi">
+    <wsp:PolicyReference URI="#WSHttpBinding_IDataApi_policy" />
+    <soap12:binding transport="http://schemas.xmlsoap.org/soap/http" />
+    <wsdl:operation name="GetAge">
+      <soap12:operation soapAction="http://tempuri.org/IDataApi/GetAge" style="document" />
+      <wsdl:input>
+        <wsp:PolicyReference URI="#WSHttpBinding_IDataApi_GetAge_Input_policy" />
+        <soap12:body use="literal" />
+      </wsdl:input>
+      <wsdl:output>
+        <wsp:PolicyReference URI="#WSHttpBinding_IDataApi_GetAge_output_policy" />
+        <soap12:body use="literal" />
+      </wsdl:output>
+    </wsdl:operation>
+    <wsdl:operation name="GetName">
+      <soap12:operation soapAction="http://tempuri.org/IDataApi/GetName" style="document" />
+      <wsdl:input>
+        <wsp:PolicyReference URI="#WSHttpBinding_IDataApi_GetName_Input_policy" />
+        <soap12:body use="literal" />
+      </wsdl:input>
+      <wsdl:output>
+        <wsp:PolicyReference URI="#WSHttpBinding_IDataApi_GetName_output_policy" />
+        <soap12:body use="literal" />
+      </wsdl:output>
+    </wsdl:operation>
+    <wsdl:operation name="GetFavoriteSites">
+      <soap12:operation soapAction="http://tempuri.org/IDataApi/GetFavoriteSites" style="document" />
+      <wsdl:input>
+        <wsp:PolicyReference URI="#WSHttpBinding_IDataApi_GetFavoriteSites_Input_policy" />
+        <soap12:body use="literal" />
+      </wsdl:input>
+      <wsdl:output>
+        <wsp:PolicyReference URI="#WSHttpBinding_IDataApi_GetFavoriteSites_output_policy" />
+        <soap12:body use="literal" />
+      </wsdl:output>
+    </wsdl:operation>
+  </wsdl:binding>
+  <wsdl:service name="DataApi">
+    <wsdl:port name="WSHttpBinding_IDataApi" binding="tns:WSHttpBinding_IDataApi">
+      <soap12:address location="http://localhost:65169/DataApi.svc" />
+      <wsa10:EndpointReference>
+        <wsa10:Address>http://localhost:65169/DataApi.svc</wsa10:Address>
+        <Identity xmlns="http://schemas.xmlsoap.org/ws/2006/02/addressingidentity">
+          <Dns>localhost</Dns>
+        </Identity>
+      </wsa10:EndpointReference>
+    </wsdl:port>
+  </wsdl:service>
+</wsdl:definitions>
\ No newline at end of file
diff --git a/src/OAuth/OAuthConsumer/Service References/SampleServiceProvider/DataApi.xsd b/src/OAuth/OAuthConsumer/Service References/SampleServiceProvider/DataApi.xsd
new file mode 100644
index 0000000..3109534
--- /dev/null
+++ b/src/OAuth/OAuthConsumer/Service References/SampleServiceProvider/DataApi.xsd
@@ -0,0 +1,40 @@
+<?xml version="1.0" encoding="utf-8"?>
+<xs:schema xmlns:tns="http://tempuri.org/" elementFormDefault="qualified" targetNamespace="http://tempuri.org/" xmlns:xs="http://www.w3.org/2001/XMLSchema">
+  <xs:import schemaLocation="http://localhost:65169/DataApi.svc?xsd=xsd2" namespace="http://schemas.microsoft.com/2003/10/Serialization/Arrays" />
+  <xs:element name="GetAge">
+    <xs:complexType>
+      <xs:sequence />
+    </xs:complexType>
+  </xs:element>
+  <xs:element name="GetAgeResponse">
+    <xs:complexType>
+      <xs:sequence>
+        <xs:element minOccurs="0" name="GetAgeResult" nillable="true" type="xs:int" />
+      </xs:sequence>
+    </xs:complexType>
+  </xs:element>
+  <xs:element name="GetName">
+    <xs:complexType>
+      <xs:sequence />
+    </xs:complexType>
+  </xs:element>
+  <xs:element name="GetNameResponse">
+    <xs:complexType>
+      <xs:sequence>
+        <xs:element minOccurs="0" name="GetNameResult" nillable="true" type="xs:string" />
+      </xs:sequence>
+    </xs:complexType>
+  </xs:element>
+  <xs:element name="GetFavoriteSites">
+    <xs:complexType>
+      <xs:sequence />
+    </xs:complexType>
+  </xs:element>
+  <xs:element name="GetFavoriteSitesResponse">
+    <xs:complexType>
+      <xs:sequence>
+        <xs:element xmlns:q1="http://schemas.microsoft.com/2003/10/Serialization/Arrays" minOccurs="0" name="GetFavoriteSitesResult" nillable="true" type="q1:ArrayOfstring" />
+      </xs:sequence>
+    </xs:complexType>
+  </xs:element>
+</xs:schema>
\ No newline at end of file
diff --git a/src/OAuth/OAuthConsumer/Service References/SampleServiceProvider/DataApi1.xsd b/src/OAuth/OAuthConsumer/Service References/SampleServiceProvider/DataApi1.xsd
new file mode 100644
index 0000000..d58e7f3
--- /dev/null
+++ b/src/OAuth/OAuthConsumer/Service References/SampleServiceProvider/DataApi1.xsd
@@ -0,0 +1,42 @@
+<?xml version="1.0" encoding="utf-8"?>
+<xs:schema xmlns:tns="http://schemas.microsoft.com/2003/10/Serialization/" attributeFormDefault="qualified" elementFormDefault="qualified" targetNamespace="http://schemas.microsoft.com/2003/10/Serialization/" xmlns:xs="http://www.w3.org/2001/XMLSchema">
+  <xs:element name="anyType" nillable="true" type="xs:anyType" />
+  <xs:element name="anyURI" nillable="true" type="xs:anyURI" />
+  <xs:element name="base64Binary" nillable="true" type="xs:base64Binary" />
+  <xs:element name="boolean" nillable="true" type="xs:boolean" />
+  <xs:element name="byte" nillable="true" type="xs:byte" />
+  <xs:element name="dateTime" nillable="true" type="xs:dateTime" />
+  <xs:element name="decimal" nillable="true" type="xs:decimal" />
+  <xs:element name="double" nillable="true" type="xs:double" />
+  <xs:element name="float" nillable="true" type="xs:float" />
+  <xs:element name="int" nillable="true" type="xs:int" />
+  <xs:element name="long" nillable="true" type="xs:long" />
+  <xs:element name="QName" nillable="true" type="xs:QName" />
+  <xs:element name="short" nillable="true" type="xs:short" />
+  <xs:element name="string" nillable="true" type="xs:string" />
+  <xs:element name="unsignedByte" nillable="true" type="xs:unsignedByte" />
+  <xs:element name="unsignedInt" nillable="true" type="xs:unsignedInt" />
+  <xs:element name="unsignedLong" nillable="true" type="xs:unsignedLong" />
+  <xs:element name="unsignedShort" nillable="true" type="xs:unsignedShort" />
+  <xs:element name="char" nillable="true" type="tns:char" />
+  <xs:simpleType name="char">
+    <xs:restriction base="xs:int" />
+  </xs:simpleType>
+  <xs:element name="duration" nillable="true" type="tns:duration" />
+  <xs:simpleType name="duration">
+    <xs:restriction base="xs:duration">
+      <xs:pattern value="\-?P(\d*D)?(T(\d*H)?(\d*M)?(\d*(\.\d*)?S)?)?" />
+      <xs:minInclusive value="-P10675199DT2H48M5.4775808S" />
+      <xs:maxInclusive value="P10675199DT2H48M5.4775807S" />
+    </xs:restriction>
+  </xs:simpleType>
+  <xs:element name="guid" nillable="true" type="tns:guid" />
+  <xs:simpleType name="guid">
+    <xs:restriction base="xs:string">
+      <xs:pattern value="[\da-fA-F]{8}-[\da-fA-F]{4}-[\da-fA-F]{4}-[\da-fA-F]{4}-[\da-fA-F]{12}" />
+    </xs:restriction>
+  </xs:simpleType>
+  <xs:attribute name="FactoryType" type="xs:QName" />
+  <xs:attribute name="Id" type="xs:ID" />
+  <xs:attribute name="Ref" type="xs:IDREF" />
+</xs:schema>
\ No newline at end of file
diff --git a/src/OAuth/OAuthConsumer/Service References/SampleServiceProvider/DataApi2.xsd b/src/OAuth/OAuthConsumer/Service References/SampleServiceProvider/DataApi2.xsd
new file mode 100644
index 0000000..04a74a4
--- /dev/null
+++ b/src/OAuth/OAuthConsumer/Service References/SampleServiceProvider/DataApi2.xsd
@@ -0,0 +1,9 @@
+<?xml version="1.0" encoding="utf-8"?>
+<xs:schema xmlns:tns="http://schemas.microsoft.com/2003/10/Serialization/Arrays" elementFormDefault="qualified" targetNamespace="http://schemas.microsoft.com/2003/10/Serialization/Arrays" xmlns:xs="http://www.w3.org/2001/XMLSchema">
+  <xs:complexType name="ArrayOfstring">
+    <xs:sequence>
+      <xs:element minOccurs="0" maxOccurs="unbounded" name="string" nillable="true" type="xs:string" />
+    </xs:sequence>
+  </xs:complexType>
+  <xs:element name="ArrayOfstring" nillable="true" type="tns:ArrayOfstring" />
+</xs:schema>
\ No newline at end of file
diff --git a/src/OAuth/OAuthConsumer/Service References/SampleServiceProvider/Reference.cs b/src/OAuth/OAuthConsumer/Service References/SampleServiceProvider/Reference.cs
new file mode 100644
index 0000000..5451c9f
--- /dev/null
+++ b/src/OAuth/OAuthConsumer/Service References/SampleServiceProvider/Reference.cs
@@ -0,0 +1,67 @@
+//------------------------------------------------------------------------------
+// <auto-generated>
+//     This code was generated by a tool.
+//     Runtime Version:4.0.30319.17379
+//
+//     Changes to this file may cause incorrect behavior and will be lost if
+//     the code is regenerated.
+// </auto-generated>
+//------------------------------------------------------------------------------
+
+namespace OAuthConsumer.SampleServiceProvider {
+    
+    
+    [System.CodeDom.Compiler.GeneratedCodeAttribute("System.ServiceModel", "4.0.0.0")]
+    [System.ServiceModel.ServiceContractAttribute(ConfigurationName="SampleServiceProvider.IDataApi")]
+    public interface IDataApi {
+        
+        [System.ServiceModel.OperationContractAttribute(Action="http://tempuri.org/IDataApi/GetAge", ReplyAction="http://tempuri.org/IDataApi/GetAgeResponse")]
+        System.Nullable<int> GetAge();
+        
+        [System.ServiceModel.OperationContractAttribute(Action="http://tempuri.org/IDataApi/GetName", ReplyAction="http://tempuri.org/IDataApi/GetNameResponse")]
+        string GetName();
+        
+        [System.ServiceModel.OperationContractAttribute(Action="http://tempuri.org/IDataApi/GetFavoriteSites", ReplyAction="http://tempuri.org/IDataApi/GetFavoriteSitesResponse")]
+        string[] GetFavoriteSites();
+    }
+    
+    [System.CodeDom.Compiler.GeneratedCodeAttribute("System.ServiceModel", "4.0.0.0")]
+    public interface IDataApiChannel : OAuthConsumer.SampleServiceProvider.IDataApi, System.ServiceModel.IClientChannel {
+    }
+    
+    [System.Diagnostics.DebuggerStepThroughAttribute()]
+    [System.CodeDom.Compiler.GeneratedCodeAttribute("System.ServiceModel", "4.0.0.0")]
+    public partial class DataApiClient : System.ServiceModel.ClientBase<OAuthConsumer.SampleServiceProvider.IDataApi>, OAuthConsumer.SampleServiceProvider.IDataApi {
+        
+        public DataApiClient() {
+        }
+        
+        public DataApiClient(string endpointConfigurationName) : 
+                base(endpointConfigurationName) {
+        }
+        
+        public DataApiClient(string endpointConfigurationName, string remoteAddress) : 
+                base(endpointConfigurationName, remoteAddress) {
+        }
+        
+        public DataApiClient(string endpointConfigurationName, System.ServiceModel.EndpointAddress remoteAddress) : 
+                base(endpointConfigurationName, remoteAddress) {
+        }
+        
+        public DataApiClient(System.ServiceModel.Channels.Binding binding, System.ServiceModel.EndpointAddress remoteAddress) : 
+                base(binding, remoteAddress) {
+        }
+        
+        public System.Nullable<int> GetAge() {
+            return base.Channel.GetAge();
+        }
+        
+        public string GetName() {
+            return base.Channel.GetName();
+        }
+        
+        public string[] GetFavoriteSites() {
+            return base.Channel.GetFavoriteSites();
+        }
+    }
+}
diff --git a/src/OAuth/OAuthConsumer/Service References/SampleServiceProvider/Reference.svcmap b/src/OAuth/OAuthConsumer/Service References/SampleServiceProvider/Reference.svcmap
new file mode 100644
index 0000000..4463f99
--- /dev/null
+++ b/src/OAuth/OAuthConsumer/Service References/SampleServiceProvider/Reference.svcmap
@@ -0,0 +1,34 @@
+<?xml version="1.0" encoding="utf-8"?>
+<ReferenceGroup xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xsd="http://www.w3.org/2001/XMLSchema" ID="41652b7a-0e9d-40be-8e75-8ccd843850c4" xmlns="urn:schemas-microsoft-com:xml-wcfservicemap">
+  <ClientOptions>
+    <GenerateAsynchronousMethods>false</GenerateAsynchronousMethods>
+    <EnableDataBinding>true</EnableDataBinding>
+    <ExcludedTypes />
+    <ImportXmlTypes>false</ImportXmlTypes>
+    <GenerateInternalTypes>false</GenerateInternalTypes>
+    <GenerateMessageContracts>false</GenerateMessageContracts>
+    <NamespaceMappings />
+    <CollectionMappings />
+    <GenerateSerializableTypes>true</GenerateSerializableTypes>
+    <Serializer>Auto</Serializer>
+    <UseSerializerForFaults>true</UseSerializerForFaults>
+    <ReferenceAllAssemblies>true</ReferenceAllAssemblies>
+    <ReferencedAssemblies />
+    <ReferencedDataContractTypes />
+    <ServiceContractMappings />
+  </ClientOptions>
+  <MetadataSources>
+    <MetadataSource Address="http://localhost:65169/DataApi.svc" Protocol="http" SourceId="1" />
+  </MetadataSources>
+  <Metadata>
+    <MetadataFile FileName="DataApi.xsd" MetadataType="Schema" ID="82a34da8-d721-4c35-aaf9-fc5d08771cd2" SourceId="1" SourceUrl="http://localhost:65169/DataApi.svc?xsd=xsd0" />
+    <MetadataFile FileName="DataApi.wsdl" MetadataType="Wsdl" ID="96350220-1df2-429e-8cb5-4fc33703bcc7" SourceId="1" SourceUrl="http://localhost:65169/DataApi.svc?wsdl" />
+    <MetadataFile FileName="DataApi.disco" MetadataType="Disco" ID="c4f66dee-ac01-4476-afb0-34f7350c06ad" SourceId="1" SourceUrl="http://localhost:65169/DataApi.svc?disco" />
+    <MetadataFile FileName="DataApi1.xsd" MetadataType="Schema" ID="7aaf262f-6342-421b-8f44-0e624be7a5fb" SourceId="1" SourceUrl="http://localhost:65169/DataApi.svc?xsd=xsd1" />
+    <MetadataFile FileName="DataApi2.xsd" MetadataType="Schema" ID="67c1ea8d-12c4-4a0c-aa33-7226018cf16e" SourceId="1" SourceUrl="http://localhost:65169/DataApi.svc?xsd=xsd2" />
+  </Metadata>
+  <Extensions>
+    <ExtensionFile FileName="configuration91.svcinfo" Name="configuration91.svcinfo" />
+    <ExtensionFile FileName="configuration.svcinfo" Name="configuration.svcinfo" />
+  </Extensions>
+</ReferenceGroup>
\ No newline at end of file
diff --git a/src/OAuth/OAuthConsumer/Service References/SampleServiceProvider/configuration.svcinfo b/src/OAuth/OAuthConsumer/Service References/SampleServiceProvider/configuration.svcinfo
new file mode 100644
index 0000000..24b13a5
--- /dev/null
+++ b/src/OAuth/OAuthConsumer/Service References/SampleServiceProvider/configuration.svcinfo
@@ -0,0 +1,10 @@
+<?xml version="1.0" encoding="utf-8"?>
+<configurationSnapshot xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns="urn:schemas-microsoft-com:xml-wcfconfigurationsnapshot">
+  <behaviors />
+  <bindings>
+    <binding digest="System.ServiceModel.Configuration.WSHttpBindingElement, System.ServiceModel, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089:&lt;?xml version=&quot;1.0&quot; encoding=&quot;utf-16&quot;?&gt;&lt;Data hostNameComparisonMode=&quot;StrongWildcard&quot; messageEncoding=&quot;Text&quot; name=&quot;WSHttpBinding_IDataApi1&quot; textEncoding=&quot;utf-8&quot; transactionFlow=&quot;false&quot;&gt;&lt;readerQuotas maxArrayLength=&quot;16384&quot; maxBytesPerRead=&quot;4096&quot; maxDepth=&quot;32&quot; maxNameTableCharCount=&quot;16384&quot; maxStringContentLength=&quot;8192&quot; /&gt;&lt;reliableSession enabled=&quot;false&quot; inactivityTimeout=&quot;00:10:00&quot; ordered=&quot;true&quot; /&gt;&lt;security mode=&quot;Message&quot;&gt;&lt;message algorithmSuite=&quot;Default&quot; clientCredentialType=&quot;Windows&quot; negotiateServiceCredential=&quot;true&quot; /&gt;&lt;transport clientCredentialType=&quot;Windows&quot; proxyCredentialType=&quot;None&quot; realm=&quot;&quot; /&gt;&lt;/security&gt;&lt;/Data&gt;" bindingType="wsHttpBinding" name="WSHttpBinding_IDataApi1" />
+  </bindings>
+  <endpoints>
+    <endpoint normalizedDigest="&lt;?xml version=&quot;1.0&quot; encoding=&quot;utf-16&quot;?&gt;&lt;Data address=&quot;http://localhost:65169/DataApi.svc&quot; binding=&quot;wsHttpBinding&quot; bindingConfiguration=&quot;WSHttpBinding_IDataApi1&quot; contract=&quot;SampleServiceProvider.IDataApi&quot; name=&quot;WSHttpBinding_IDataApi1&quot;&gt;&lt;identity&gt;&lt;dns value=&quot;localhost&quot; /&gt;&lt;/identity&gt;&lt;/Data&gt;" digest="&lt;?xml version=&quot;1.0&quot; encoding=&quot;utf-16&quot;?&gt;&lt;Data address=&quot;http://localhost:65169/DataApi.svc&quot; binding=&quot;wsHttpBinding&quot; bindingConfiguration=&quot;WSHttpBinding_IDataApi1&quot; contract=&quot;SampleServiceProvider.IDataApi&quot; name=&quot;WSHttpBinding_IDataApi1&quot;&gt;&lt;identity&gt;&lt;dns value=&quot;localhost&quot; /&gt;&lt;/identity&gt;&lt;/Data&gt;" contractName="SampleServiceProvider.IDataApi" name="WSHttpBinding_IDataApi1" />
+  </endpoints>
+</configurationSnapshot>
\ No newline at end of file
diff --git a/src/OAuth/OAuthConsumer/Service References/SampleServiceProvider/configuration91.svcinfo b/src/OAuth/OAuthConsumer/Service References/SampleServiceProvider/configuration91.svcinfo
new file mode 100644
index 0000000..822d218
--- /dev/null
+++ b/src/OAuth/OAuthConsumer/Service References/SampleServiceProvider/configuration91.svcinfo
@@ -0,0 +1,216 @@
+<?xml version="1.0" encoding="utf-8"?>
+<SavedWcfConfigurationInformation xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xsd="http://www.w3.org/2001/XMLSchema" Version="9.1" CheckSum="GUEgzgg89GpE4CgPbgPkvKCNLCE=">
+  <bindingConfigurations>
+    <bindingConfiguration bindingType="wsHttpBinding" name="WSHttpBinding_IDataApi1">
+      <properties>
+        <property path="/name" isComplexType="false" isExplicitlyDefined="true" clrType="System.String, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089">
+          <serializedValue>WSHttpBinding_IDataApi1</serializedValue>
+        </property>
+        <property path="/closeTimeout" isComplexType="false" isExplicitlyDefined="true" clrType="System.TimeSpan, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089">
+          <serializedValue>00:01:00</serializedValue>
+        </property>
+        <property path="/openTimeout" isComplexType="false" isExplicitlyDefined="true" clrType="System.TimeSpan, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089">
+          <serializedValue>00:01:00</serializedValue>
+        </property>
+        <property path="/receiveTimeout" isComplexType="false" isExplicitlyDefined="true" clrType="System.TimeSpan, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089">
+          <serializedValue>00:10:00</serializedValue>
+        </property>
+        <property path="/sendTimeout" isComplexType="false" isExplicitlyDefined="true" clrType="System.TimeSpan, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089">
+          <serializedValue>00:01:00</serializedValue>
+        </property>
+        <property path="/bypassProxyOnLocal" isComplexType="false" isExplicitlyDefined="true" clrType="System.Boolean, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089">
+          <serializedValue>False</serializedValue>
+        </property>
+        <property path="/transactionFlow" isComplexType="false" isExplicitlyDefined="true" clrType="System.Boolean, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089">
+          <serializedValue>False</serializedValue>
+        </property>
+        <property path="/hostNameComparisonMode" isComplexType="false" isExplicitlyDefined="true" clrType="System.ServiceModel.HostNameComparisonMode, System.ServiceModel, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089">
+          <serializedValue>StrongWildcard</serializedValue>
+        </property>
+        <property path="/maxBufferPoolSize" isComplexType="false" isExplicitlyDefined="true" clrType="System.Int64, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089">
+          <serializedValue>524288</serializedValue>
+        </property>
+        <property path="/maxReceivedMessageSize" isComplexType="false" isExplicitlyDefined="true" clrType="System.Int64, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089">
+          <serializedValue>65536</serializedValue>
+        </property>
+        <property path="/messageEncoding" isComplexType="false" isExplicitlyDefined="true" clrType="System.ServiceModel.WSMessageEncoding, System.ServiceModel, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089">
+          <serializedValue>Text</serializedValue>
+        </property>
+        <property path="/proxyAddress" isComplexType="false" isExplicitlyDefined="false" clrType="System.Uri, System, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089">
+          <serializedValue />
+        </property>
+        <property path="/readerQuotas" isComplexType="true" isExplicitlyDefined="false" clrType="System.ServiceModel.Configuration.XmlDictionaryReaderQuotasElement, System.ServiceModel, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089">
+          <serializedValue>System.ServiceModel.Configuration.XmlDictionaryReaderQuotasElement</serializedValue>
+        </property>
+        <property path="/readerQuotas/maxDepth" isComplexType="false" isExplicitlyDefined="true" clrType="System.Int32, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089">
+          <serializedValue>32</serializedValue>
+        </property>
+        <property path="/readerQuotas/maxStringContentLength" isComplexType="false" isExplicitlyDefined="true" clrType="System.Int32, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089">
+          <serializedValue>8192</serializedValue>
+        </property>
+        <property path="/readerQuotas/maxArrayLength" isComplexType="false" isExplicitlyDefined="true" clrType="System.Int32, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089">
+          <serializedValue>16384</serializedValue>
+        </property>
+        <property path="/readerQuotas/maxBytesPerRead" isComplexType="false" isExplicitlyDefined="true" clrType="System.Int32, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089">
+          <serializedValue>4096</serializedValue>
+        </property>
+        <property path="/readerQuotas/maxNameTableCharCount" isComplexType="false" isExplicitlyDefined="true" clrType="System.Int32, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089">
+          <serializedValue>16384</serializedValue>
+        </property>
+        <property path="/reliableSession" isComplexType="true" isExplicitlyDefined="false" clrType="System.ServiceModel.Configuration.StandardBindingOptionalReliableSessionElement, System.ServiceModel, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089">
+          <serializedValue>System.ServiceModel.Configuration.StandardBindingOptionalReliableSessionElement</serializedValue>
+        </property>
+        <property path="/reliableSession/ordered" isComplexType="false" isExplicitlyDefined="true" clrType="System.Boolean, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089">
+          <serializedValue>True</serializedValue>
+        </property>
+        <property path="/reliableSession/inactivityTimeout" isComplexType="false" isExplicitlyDefined="true" clrType="System.TimeSpan, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089">
+          <serializedValue>00:10:00</serializedValue>
+        </property>
+        <property path="/reliableSession/enabled" isComplexType="false" isExplicitlyDefined="true" clrType="System.Boolean, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089">
+          <serializedValue>False</serializedValue>
+        </property>
+        <property path="/textEncoding" isComplexType="false" isExplicitlyDefined="true" clrType="System.Text.Encoding, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089">
+          <serializedValue>System.Text.UTF8Encoding</serializedValue>
+        </property>
+        <property path="/useDefaultWebProxy" isComplexType="false" isExplicitlyDefined="true" clrType="System.Boolean, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089">
+          <serializedValue>True</serializedValue>
+        </property>
+        <property path="/allowCookies" isComplexType="false" isExplicitlyDefined="true" clrType="System.Boolean, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089">
+          <serializedValue>False</serializedValue>
+        </property>
+        <property path="/security" isComplexType="true" isExplicitlyDefined="false" clrType="System.ServiceModel.Configuration.WSHttpSecurityElement, System.ServiceModel, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089">
+          <serializedValue>System.ServiceModel.Configuration.WSHttpSecurityElement</serializedValue>
+        </property>
+        <property path="/security/mode" isComplexType="false" isExplicitlyDefined="true" clrType="System.ServiceModel.SecurityMode, System.ServiceModel, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089">
+          <serializedValue>Message</serializedValue>
+        </property>
+        <property path="/security/transport" isComplexType="true" isExplicitlyDefined="false" clrType="System.ServiceModel.Configuration.WSHttpTransportSecurityElement, System.ServiceModel, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089">
+          <serializedValue>System.ServiceModel.Configuration.WSHttpTransportSecurityElement</serializedValue>
+        </property>
+        <property path="/security/transport/clientCredentialType" isComplexType="false" isExplicitlyDefined="true" clrType="System.ServiceModel.HttpClientCredentialType, System.ServiceModel, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089">
+          <serializedValue>Windows</serializedValue>
+        </property>
+        <property path="/security/transport/proxyCredentialType" isComplexType="false" isExplicitlyDefined="true" clrType="System.ServiceModel.HttpProxyCredentialType, System.ServiceModel, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089">
+          <serializedValue>None</serializedValue>
+        </property>
+        <property path="/security/transport/extendedProtectionPolicy" isComplexType="true" isExplicitlyDefined="false" clrType="System.Security.Authentication.ExtendedProtection.Configuration.ExtendedProtectionPolicyElement, System, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089">
+          <serializedValue>System.Security.Authentication.ExtendedProtection.Configuration.ExtendedProtectionPolicyElement</serializedValue>
+        </property>
+        <property path="/security/transport/extendedProtectionPolicy/policyEnforcement" isComplexType="false" isExplicitlyDefined="false" clrType="System.Security.Authentication.ExtendedProtection.PolicyEnforcement, System, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089">
+          <serializedValue>Never</serializedValue>
+        </property>
+        <property path="/security/transport/extendedProtectionPolicy/protectionScenario" isComplexType="false" isExplicitlyDefined="false" clrType="System.Security.Authentication.ExtendedProtection.ProtectionScenario, System, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089">
+          <serializedValue>TransportSelected</serializedValue>
+        </property>
+        <property path="/security/transport/extendedProtectionPolicy/customServiceNames" isComplexType="true" isExplicitlyDefined="false" clrType="System.Security.Authentication.ExtendedProtection.Configuration.ServiceNameElementCollection, System, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089">
+          <serializedValue>(Collection)</serializedValue>
+        </property>
+        <property path="/security/transport/realm" isComplexType="false" isExplicitlyDefined="true" clrType="System.String, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089">
+          <serializedValue />
+        </property>
+        <property path="/security/message" isComplexType="true" isExplicitlyDefined="false" clrType="System.ServiceModel.Configuration.NonDualMessageSecurityOverHttpElement, System.ServiceModel, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089">
+          <serializedValue>System.ServiceModel.Configuration.NonDualMessageSecurityOverHttpElement</serializedValue>
+        </property>
+        <property path="/security/message/clientCredentialType" isComplexType="false" isExplicitlyDefined="true" clrType="System.ServiceModel.MessageCredentialType, System.ServiceModel, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089">
+          <serializedValue>Windows</serializedValue>
+        </property>
+        <property path="/security/message/negotiateServiceCredential" isComplexType="false" isExplicitlyDefined="true" clrType="System.Boolean, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089">
+          <serializedValue>True</serializedValue>
+        </property>
+        <property path="/security/message/algorithmSuite" isComplexType="false" isExplicitlyDefined="true" clrType="System.ServiceModel.Security.SecurityAlgorithmSuite, System.ServiceModel, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089">
+          <serializedValue>Default</serializedValue>
+        </property>
+        <property path="/security/message/establishSecurityContext" isComplexType="false" isExplicitlyDefined="false" clrType="System.Boolean, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089">
+          <serializedValue>True</serializedValue>
+        </property>
+      </properties>
+    </bindingConfiguration>
+  </bindingConfigurations>
+  <endpoints>
+    <endpoint name="WSHttpBinding_IDataApi1" contract="SampleServiceProvider.IDataApi" bindingType="wsHttpBinding" address="http://localhost:65169/DataApi.svc" bindingConfiguration="WSHttpBinding_IDataApi1">
+      <properties>
+        <property path="/address" isComplexType="false" isExplicitlyDefined="true" clrType="System.Uri, System, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089">
+          <serializedValue>http://localhost:65169/DataApi.svc</serializedValue>
+        </property>
+        <property path="/behaviorConfiguration" isComplexType="false" isExplicitlyDefined="false" clrType="System.String, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089">
+          <serializedValue />
+        </property>
+        <property path="/binding" isComplexType="false" isExplicitlyDefined="true" clrType="System.String, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089">
+          <serializedValue>wsHttpBinding</serializedValue>
+        </property>
+        <property path="/bindingConfiguration" isComplexType="false" isExplicitlyDefined="true" clrType="System.String, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089">
+          <serializedValue>WSHttpBinding_IDataApi1</serializedValue>
+        </property>
+        <property path="/contract" isComplexType="false" isExplicitlyDefined="true" clrType="System.String, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089">
+          <serializedValue>SampleServiceProvider.IDataApi</serializedValue>
+        </property>
+        <property path="/headers" isComplexType="true" isExplicitlyDefined="false" clrType="System.ServiceModel.Configuration.AddressHeaderCollectionElement, System.ServiceModel, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089">
+          <serializedValue>System.ServiceModel.Configuration.AddressHeaderCollectionElement</serializedValue>
+        </property>
+        <property path="/headers/headers" isComplexType="false" isExplicitlyDefined="true" clrType="System.ServiceModel.Channels.AddressHeaderCollection, System.ServiceModel, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089">
+          <serializedValue>&lt;Header /&gt;</serializedValue>
+        </property>
+        <property path="/identity" isComplexType="true" isExplicitlyDefined="false" clrType="System.ServiceModel.Configuration.IdentityElement, System.ServiceModel, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089">
+          <serializedValue>System.ServiceModel.Configuration.IdentityElement</serializedValue>
+        </property>
+        <property path="/identity/userPrincipalName" isComplexType="true" isExplicitlyDefined="false" clrType="System.ServiceModel.Configuration.UserPrincipalNameElement, System.ServiceModel, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089">
+          <serializedValue>System.ServiceModel.Configuration.UserPrincipalNameElement</serializedValue>
+        </property>
+        <property path="/identity/userPrincipalName/value" isComplexType="false" isExplicitlyDefined="false" clrType="System.String, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089">
+          <serializedValue />
+        </property>
+        <property path="/identity/servicePrincipalName" isComplexType="true" isExplicitlyDefined="false" clrType="System.ServiceModel.Configuration.ServicePrincipalNameElement, System.ServiceModel, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089">
+          <serializedValue>System.ServiceModel.Configuration.ServicePrincipalNameElement</serializedValue>
+        </property>
+        <property path="/identity/servicePrincipalName/value" isComplexType="false" isExplicitlyDefined="false" clrType="System.String, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089">
+          <serializedValue />
+        </property>
+        <property path="/identity/dns" isComplexType="true" isExplicitlyDefined="false" clrType="System.ServiceModel.Configuration.DnsElement, System.ServiceModel, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089">
+          <serializedValue>System.ServiceModel.Configuration.DnsElement</serializedValue>
+        </property>
+        <property path="/identity/dns/value" isComplexType="false" isExplicitlyDefined="true" clrType="System.String, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089">
+          <serializedValue>localhost</serializedValue>
+        </property>
+        <property path="/identity/rsa" isComplexType="true" isExplicitlyDefined="false" clrType="System.ServiceModel.Configuration.RsaElement, System.ServiceModel, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089">
+          <serializedValue>System.ServiceModel.Configuration.RsaElement</serializedValue>
+        </property>
+        <property path="/identity/rsa/value" isComplexType="false" isExplicitlyDefined="false" clrType="System.String, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089">
+          <serializedValue />
+        </property>
+        <property path="/identity/certificate" isComplexType="true" isExplicitlyDefined="false" clrType="System.ServiceModel.Configuration.CertificateElement, System.ServiceModel, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089">
+          <serializedValue>System.ServiceModel.Configuration.CertificateElement</serializedValue>
+        </property>
+        <property path="/identity/certificate/encodedValue" isComplexType="false" isExplicitlyDefined="false" clrType="System.String, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089">
+          <serializedValue />
+        </property>
+        <property path="/identity/certificateReference" isComplexType="true" isExplicitlyDefined="false" clrType="System.ServiceModel.Configuration.CertificateReferenceElement, System.ServiceModel, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089">
+          <serializedValue>System.ServiceModel.Configuration.CertificateReferenceElement</serializedValue>
+        </property>
+        <property path="/identity/certificateReference/storeName" isComplexType="false" isExplicitlyDefined="false" clrType="System.Security.Cryptography.X509Certificates.StoreName, System, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089">
+          <serializedValue>My</serializedValue>
+        </property>
+        <property path="/identity/certificateReference/storeLocation" isComplexType="false" isExplicitlyDefined="false" clrType="System.Security.Cryptography.X509Certificates.StoreLocation, System, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089">
+          <serializedValue>LocalMachine</serializedValue>
+        </property>
+        <property path="/identity/certificateReference/x509FindType" isComplexType="false" isExplicitlyDefined="false" clrType="System.Security.Cryptography.X509Certificates.X509FindType, System, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089">
+          <serializedValue>FindBySubjectDistinguishedName</serializedValue>
+        </property>
+        <property path="/identity/certificateReference/findValue" isComplexType="false" isExplicitlyDefined="false" clrType="System.String, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089">
+          <serializedValue />
+        </property>
+        <property path="/identity/certificateReference/isChainIncluded" isComplexType="false" isExplicitlyDefined="false" clrType="System.Boolean, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089">
+          <serializedValue>False</serializedValue>
+        </property>
+        <property path="/name" isComplexType="false" isExplicitlyDefined="true" clrType="System.String, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089">
+          <serializedValue>WSHttpBinding_IDataApi1</serializedValue>
+        </property>
+        <property path="/kind" isComplexType="false" isExplicitlyDefined="false" clrType="System.String, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089">
+          <serializedValue />
+        </property>
+        <property path="/endpointConfiguration" isComplexType="false" isExplicitlyDefined="false" clrType="System.String, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089">
+          <serializedValue />
+        </property>
+      </properties>
+    </endpoint>
+  </endpoints>
+</SavedWcfConfigurationInformation>
\ No newline at end of file
diff --git a/src/OAuth/OAuthConsumer/Settings.StyleCop b/src/OAuth/OAuthConsumer/Settings.StyleCop
new file mode 100644
index 0000000..7f55ce6
--- /dev/null
+++ b/src/OAuth/OAuthConsumer/Settings.StyleCop
@@ -0,0 +1 @@
+<StyleCopSettings Version="4.3" />
\ No newline at end of file
diff --git a/src/OAuth/OAuthConsumer/SignInWithTwitter.aspx b/src/OAuth/OAuthConsumer/SignInWithTwitter.aspx
new file mode 100644
index 0000000..86d29a4
--- /dev/null
+++ b/src/OAuth/OAuthConsumer/SignInWithTwitter.aspx
@@ -0,0 +1,38 @@
+<%@ Page Language="C#" AutoEventWireup="true"
+	Inherits="OAuthConsumer.SignInWithTwitter" Codebehind="SignInWithTwitter.aspx.cs" %>
+
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head runat="server">
+	<title>Sign-in with Twitter</title>
+</head>
+<body>
+	<form id="form1" runat="server">
+	<div>
+		<asp:MultiView ID="MultiView1" runat="server" ActiveViewIndex="0">
+			<asp:View ID="View1" runat="server">
+				<h2>
+					Twitter setup</h2>
+				<p>
+					A Twitter client app must be endorsed by a Twitter user.
+				</p>
+				<ol>
+					<li><a target="_blank" href="https://twitter.com/oauth_clients">Visit Twitter and create
+						a client app</a>. </li>
+					<li>Modify your web.config file to include your consumer key and consumer secret.</li>
+				</ol>
+			</asp:View>
+			<asp:View ID="View2" runat="server">
+				<asp:ImageButton ImageUrl="~/images/Sign-in-with-Twitter-darker.png" runat="server"
+					AlternateText="Sign In With Twitter" ID="signInButton" OnClick="signInButton_Click" />
+				<asp:CheckBox Text="force re-login" runat="server" ID="forceLoginCheckbox" />
+				<br />
+				<asp:Panel runat="server" ID="loggedInPanel" Visible="false">
+					Now logged in as
+					<asp:Label Text="[name]" runat="server" ID="loggedInName" />
+				</asp:Panel>
+			</asp:View>
+		</asp:MultiView>
+	</form>
+</body>
+</html>
diff --git a/src/OAuth/OAuthConsumer/SignInWithTwitter.aspx.cs b/src/OAuth/OAuthConsumer/SignInWithTwitter.aspx.cs
new file mode 100644
index 0000000..e104f3a
--- /dev/null
+++ b/src/OAuth/OAuthConsumer/SignInWithTwitter.aspx.cs
@@ -0,0 +1,39 @@
+namespace OAuthConsumer {
+	using System;
+	using System.Collections.Generic;
+	using System.Configuration;
+	using System.Linq;
+	using System.Web;
+	using System.Web.Security;
+	using System.Web.UI;
+	using System.Web.UI.WebControls;
+	using System.Xml.Linq;
+	using System.Xml.XPath;
+	using DotNetOpenAuth.ApplicationBlock;
+	using DotNetOpenAuth.OAuth;
+
+	public partial class SignInWithTwitter : System.Web.UI.Page {
+		protected void Page_Load(object sender, EventArgs e) {
+			if (TwitterConsumer.IsTwitterConsumerConfigured) {
+				this.MultiView1.ActiveViewIndex = 1;
+
+				if (!IsPostBack) {
+					string screenName;
+					int userId;
+					if (TwitterConsumer.TryFinishSignInWithTwitter(out screenName, out userId)) {
+						this.loggedInPanel.Visible = true;
+						this.loggedInName.Text = screenName;
+
+						// In a real app, the Twitter username would likely be used
+						// to log the user into the application.
+						////FormsAuthentication.RedirectFromLoginPage(screenName, false);
+					}
+				}
+			}
+		}
+
+		protected void signInButton_Click(object sender, ImageClickEventArgs e) {
+			TwitterConsumer.StartSignInWithTwitter(this.forceLoginCheckbox.Checked).Send();
+		}
+	}
+}
\ No newline at end of file
diff --git a/src/OAuth/OAuthConsumer/SignInWithTwitter.aspx.designer.cs b/src/OAuth/OAuthConsumer/SignInWithTwitter.aspx.designer.cs
new file mode 100644
index 0000000..962a1af
--- /dev/null
+++ b/src/OAuth/OAuthConsumer/SignInWithTwitter.aspx.designer.cs
@@ -0,0 +1,87 @@
+//------------------------------------------------------------------------------
+// <auto-generated>
+//     This code was generated by a tool.
+//
+//     Changes to this file may cause incorrect behavior and will be lost if
+//     the code is regenerated. 
+// </auto-generated>
+//------------------------------------------------------------------------------
+
+namespace OAuthConsumer {
+    
+    
+    public partial class SignInWithTwitter {
+        
+        /// <summary>
+        /// form1 control.
+        /// </summary>
+        /// <remarks>
+        /// Auto-generated field.
+        /// To modify move field declaration from designer file to code-behind file.
+        /// </remarks>
+        protected global::System.Web.UI.HtmlControls.HtmlForm form1;
+        
+        /// <summary>
+        /// MultiView1 control.
+        /// </summary>
+        /// <remarks>
+        /// Auto-generated field.
+        /// To modify move field declaration from designer file to code-behind file.
+        /// </remarks>
+        protected global::System.Web.UI.WebControls.MultiView MultiView1;
+        
+        /// <summary>
+        /// View1 control.
+        /// </summary>
+        /// <remarks>
+        /// Auto-generated field.
+        /// To modify move field declaration from designer file to code-behind file.
+        /// </remarks>
+        protected global::System.Web.UI.WebControls.View View1;
+        
+        /// <summary>
+        /// View2 control.
+        /// </summary>
+        /// <remarks>
+        /// Auto-generated field.
+        /// To modify move field declaration from designer file to code-behind file.
+        /// </remarks>
+        protected global::System.Web.UI.WebControls.View View2;
+        
+        /// <summary>
+        /// signInButton control.
+        /// </summary>
+        /// <remarks>
+        /// Auto-generated field.
+        /// To modify move field declaration from designer file to code-behind file.
+        /// </remarks>
+        protected global::System.Web.UI.WebControls.ImageButton signInButton;
+        
+        /// <summary>
+        /// forceLoginCheckbox control.
+        /// </summary>
+        /// <remarks>
+        /// Auto-generated field.
+        /// To modify move field declaration from designer file to code-behind file.
+        /// </remarks>
+        protected global::System.Web.UI.WebControls.CheckBox forceLoginCheckbox;
+        
+        /// <summary>
+        /// loggedInPanel control.
+        /// </summary>
+        /// <remarks>
+        /// Auto-generated field.
+        /// To modify move field declaration from designer file to code-behind file.
+        /// </remarks>
+        protected global::System.Web.UI.WebControls.Panel loggedInPanel;
+        
+        /// <summary>
+        /// loggedInName control.
+        /// </summary>
+        /// <remarks>
+        /// Auto-generated field.
+        /// To modify move field declaration from designer file to code-behind file.
+        /// </remarks>
+        protected global::System.Web.UI.WebControls.Label loggedInName;
+    }
+}
diff --git a/src/OAuth/OAuthConsumer/TracePage.aspx b/src/OAuth/OAuthConsumer/TracePage.aspx
new file mode 100644
index 0000000..d3539fb
--- /dev/null
+++ b/src/OAuth/OAuthConsumer/TracePage.aspx
@@ -0,0 +1,18 @@
+<%@ Page Language="C#" AutoEventWireup="true" Inherits="OAuthConsumer.TracePage" Codebehind="TracePage.aspx.cs" %>
+
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head runat="server">
+	<title></title>
+</head>
+<body>
+	<form id="form1" runat="server">
+	<p align="right">
+		<asp:Button runat="server" Text="Clear log" ID="clearLogButton" OnClick="clearLogButton_Click" />
+	</p>
+	<pre>
+		<asp:PlaceHolder runat="server" ID="placeHolder1" />
+	</pre>
+	</form>
+</body>
+</html>
diff --git a/src/OAuth/OAuthConsumer/TracePage.aspx.cs b/src/OAuth/OAuthConsumer/TracePage.aspx.cs
new file mode 100644
index 0000000..b9ca260
--- /dev/null
+++ b/src/OAuth/OAuthConsumer/TracePage.aspx.cs
@@ -0,0 +1,23 @@
+namespace OAuthConsumer {
+	using System;
+	using System.Collections.Generic;
+	using System.Web;
+	using System.Web.UI;
+	using System.Web.UI.WebControls;
+
+	/// <summary>
+	/// A page to display recent log messages.
+	/// </summary>
+	public partial class TracePage : System.Web.UI.Page {
+		protected void Page_Load(object sender, EventArgs e) {
+			this.placeHolder1.Controls.Add(new Label { Text = HttpUtility.HtmlEncode(Logging.LogMessages.ToString()) });
+		}
+
+		protected void clearLogButton_Click(object sender, EventArgs e) {
+			Logging.LogMessages.Length = 0;
+
+			// clear the page immediately, and allow for F5 without a Postback warning.
+			Response.Redirect(Request.Url.AbsoluteUri);
+		}
+	}
+}
\ No newline at end of file
diff --git a/src/OAuth/OAuthConsumer/TracePage.aspx.designer.cs b/src/OAuth/OAuthConsumer/TracePage.aspx.designer.cs
new file mode 100644
index 0000000..73184b5
--- /dev/null
+++ b/src/OAuth/OAuthConsumer/TracePage.aspx.designer.cs
@@ -0,0 +1,42 @@
+//------------------------------------------------------------------------------
+// <auto-generated>
+//     This code was generated by a tool.
+//
+//     Changes to this file may cause incorrect behavior and will be lost if
+//     the code is regenerated. 
+// </auto-generated>
+//------------------------------------------------------------------------------
+
+namespace OAuthConsumer {
+    
+    
+    public partial class TracePage {
+        
+        /// <summary>
+        /// form1 control.
+        /// </summary>
+        /// <remarks>
+        /// Auto-generated field.
+        /// To modify move field declaration from designer file to code-behind file.
+        /// </remarks>
+        protected global::System.Web.UI.HtmlControls.HtmlForm form1;
+        
+        /// <summary>
+        /// clearLogButton control.
+        /// </summary>
+        /// <remarks>
+        /// Auto-generated field.
+        /// To modify move field declaration from designer file to code-behind file.
+        /// </remarks>
+        protected global::System.Web.UI.WebControls.Button clearLogButton;
+        
+        /// <summary>
+        /// placeHolder1 control.
+        /// </summary>
+        /// <remarks>
+        /// Auto-generated field.
+        /// To modify move field declaration from designer file to code-behind file.
+        /// </remarks>
+        protected global::System.Web.UI.WebControls.PlaceHolder placeHolder1;
+    }
+}
diff --git a/src/OAuth/OAuthConsumer/Twitter.aspx b/src/OAuth/OAuthConsumer/Twitter.aspx
new file mode 100644
index 0000000..a24c7bd
--- /dev/null
+++ b/src/OAuth/OAuthConsumer/Twitter.aspx
@@ -0,0 +1,35 @@
+<%@ Page Title="" Language="C#" MasterPageFile="~/MasterPage.master" AutoEventWireup="true" Inherits="OAuthConsumer.Twitter" Codebehind="Twitter.aspx.cs" %>
+
+<asp:Content ID="Content1" ContentPlaceHolderID="head" runat="Server">
+</asp:Content>
+<asp:Content ID="Content2" ContentPlaceHolderID="Body" runat="Server">
+	<asp:MultiView ID="MultiView1" runat="server" ActiveViewIndex="0">
+		<asp:View ID="View1" runat="server">
+			<h2>Twitter setup</h2>
+			<p>A Twitter client app must be endorsed by a Twitter user. </p>
+			<ol>
+				<li><a target="_blank" href="https://twitter.com/oauth_clients">Visit Twitter and create
+					a client app</a>. </li>
+				<li>Modify your web.config file to include your consumer key and consumer secret.</li>
+			</ol>
+		</asp:View>
+		<asp:View runat="server">
+			<h2>Updates</h2>
+			<p>Ok, Twitter has authorized us to download your feeds. Notice how we never asked 
+				you for your Twitter username or password. </p>
+			<p>
+				Upload a new profile photo:
+				<asp:FileUpload ID="profilePhoto" runat="server" />
+				&nbsp;<asp:Button ID="uploadProfilePhotoButton" runat="server" 
+					onclick="uploadProfilePhotoButton_Click" Text="Upload photo" />
+				&nbsp;<asp:Label ID="photoUploadedLabel" runat="server" EnableViewState="False" 
+					Text="Done!" Visible="False"></asp:Label>
+			</p>
+			<p>
+				Click &#39;Get updates&#39; to download updates to this sample.
+			</p>
+			<asp:Button ID="downloadUpdates" runat="server" Text="Get updates" OnClick="downloadUpdates_Click" />
+			<asp:PlaceHolder runat="server" ID="resultsPlaceholder" />
+		</asp:View>
+	</asp:MultiView>
+</asp:Content>
diff --git a/src/OAuth/OAuthConsumer/Twitter.aspx.cs b/src/OAuth/OAuthConsumer/Twitter.aspx.cs
new file mode 100644
index 0000000..8288ed0
--- /dev/null
+++ b/src/OAuth/OAuthConsumer/Twitter.aspx.cs
@@ -0,0 +1,96 @@
+namespace OAuthConsumer {
+	using System;
+	using System.Collections.Generic;
+	using System.Configuration;
+	using System.Linq;
+	using System.Text;
+	using System.Web;
+	using System.Web.UI;
+	using System.Web.UI.WebControls;
+	using System.Xml.Linq;
+	using System.Xml.XPath;
+	using DotNetOpenAuth.ApplicationBlock;
+	using DotNetOpenAuth.OAuth;
+
+	public partial class Twitter : System.Web.UI.Page {
+		private string AccessToken {
+			get { return (string)Session["TwitterAccessToken"]; }
+			set { Session["TwitterAccessToken"] = value; }
+		}
+
+		private InMemoryTokenManager TokenManager {
+			get {
+				var tokenManager = (InMemoryTokenManager)Application["TwitterTokenManager"];
+				if (tokenManager == null) {
+					string consumerKey = ConfigurationManager.AppSettings["twitterConsumerKey"];
+					string consumerSecret = ConfigurationManager.AppSettings["twitterConsumerSecret"];
+					if (!string.IsNullOrEmpty(consumerKey)) {
+						tokenManager = new InMemoryTokenManager(consumerKey, consumerSecret);
+						Application["TwitterTokenManager"] = tokenManager;
+					}
+				}
+
+				return tokenManager;
+			}
+		}
+
+		protected void Page_Load(object sender, EventArgs e) {
+			if (this.TokenManager != null) {
+				this.MultiView1.ActiveViewIndex = 1;
+
+				if (!IsPostBack) {
+					var twitter = new WebConsumer(TwitterConsumer.ServiceDescription, this.TokenManager);
+
+					// Is Twitter calling back with authorization?
+					var accessTokenResponse = twitter.ProcessUserAuthorization();
+					if (accessTokenResponse != null) {
+						this.AccessToken = accessTokenResponse.AccessToken;
+					} else if (this.AccessToken == null) {
+						// If we don't yet have access, immediately request it.
+						twitter.Channel.Send(twitter.PrepareRequestUserAuthorization());
+					}
+				}
+			}
+		}
+
+		protected void downloadUpdates_Click(object sender, EventArgs e) {
+			var twitter = new WebConsumer(TwitterConsumer.ServiceDescription, this.TokenManager);
+			XPathDocument updates = new XPathDocument(TwitterConsumer.GetUpdates(twitter, this.AccessToken).CreateReader());
+			XPathNavigator nav = updates.CreateNavigator();
+			var parsedUpdates = from status in nav.Select("/statuses/status").OfType<XPathNavigator>()
+								where !status.SelectSingleNode("user/protected").ValueAsBoolean
+								select new {
+									User = status.SelectSingleNode("user/name").InnerXml,
+									Status = status.SelectSingleNode("text").InnerXml,
+								};
+
+			StringBuilder tableBuilder = new StringBuilder();
+			tableBuilder.Append("<table><tr><td>Name</td><td>Update</td></tr>");
+
+			foreach (var update in parsedUpdates) {
+				tableBuilder.AppendFormat(
+					"<tr><td>{0}</td><td>{1}</td></tr>",
+					HttpUtility.HtmlEncode(update.User),
+					HttpUtility.HtmlEncode(update.Status));
+			}
+			tableBuilder.Append("</table>");
+			this.resultsPlaceholder.Controls.Add(new Literal { Text = tableBuilder.ToString() });
+		}
+
+		protected void uploadProfilePhotoButton_Click(object sender, EventArgs e) {
+			if (this.profilePhoto.PostedFile.ContentType == null) {
+				this.photoUploadedLabel.Visible = true;
+				this.photoUploadedLabel.Text = "Select a file first.";
+				return;
+			}
+
+			var twitter = new WebConsumer(TwitterConsumer.ServiceDescription, this.TokenManager);
+			XDocument imageResult = TwitterConsumer.UpdateProfileImage(
+				twitter,
+				this.AccessToken,
+				this.profilePhoto.PostedFile.InputStream,
+				this.profilePhoto.PostedFile.ContentType);
+			this.photoUploadedLabel.Visible = true;
+		}
+	}
+}
\ No newline at end of file
diff --git a/src/OAuth/OAuthConsumer/Twitter.aspx.designer.cs b/src/OAuth/OAuthConsumer/Twitter.aspx.designer.cs
new file mode 100644
index 0000000..7c37271
--- /dev/null
+++ b/src/OAuth/OAuthConsumer/Twitter.aspx.designer.cs
@@ -0,0 +1,78 @@
+//------------------------------------------------------------------------------
+// <auto-generated>
+//     This code was generated by a tool.
+//
+//     Changes to this file may cause incorrect behavior and will be lost if
+//     the code is regenerated. 
+// </auto-generated>
+//------------------------------------------------------------------------------
+
+namespace OAuthConsumer {
+    
+    
+    public partial class Twitter {
+        
+        /// <summary>
+        /// MultiView1 control.
+        /// </summary>
+        /// <remarks>
+        /// Auto-generated field.
+        /// To modify move field declaration from designer file to code-behind file.
+        /// </remarks>
+        protected global::System.Web.UI.WebControls.MultiView MultiView1;
+        
+        /// <summary>
+        /// View1 control.
+        /// </summary>
+        /// <remarks>
+        /// Auto-generated field.
+        /// To modify move field declaration from designer file to code-behind file.
+        /// </remarks>
+        protected global::System.Web.UI.WebControls.View View1;
+        
+        /// <summary>
+        /// profilePhoto control.
+        /// </summary>
+        /// <remarks>
+        /// Auto-generated field.
+        /// To modify move field declaration from designer file to code-behind file.
+        /// </remarks>
+        protected global::System.Web.UI.WebControls.FileUpload profilePhoto;
+        
+        /// <summary>
+        /// uploadProfilePhotoButton control.
+        /// </summary>
+        /// <remarks>
+        /// Auto-generated field.
+        /// To modify move field declaration from designer file to code-behind file.
+        /// </remarks>
+        protected global::System.Web.UI.WebControls.Button uploadProfilePhotoButton;
+        
+        /// <summary>
+        /// photoUploadedLabel control.
+        /// </summary>
+        /// <remarks>
+        /// Auto-generated field.
+        /// To modify move field declaration from designer file to code-behind file.
+        /// </remarks>
+        protected global::System.Web.UI.WebControls.Label photoUploadedLabel;
+        
+        /// <summary>
+        /// downloadUpdates control.
+        /// </summary>
+        /// <remarks>
+        /// Auto-generated field.
+        /// To modify move field declaration from designer file to code-behind file.
+        /// </remarks>
+        protected global::System.Web.UI.WebControls.Button downloadUpdates;
+        
+        /// <summary>
+        /// resultsPlaceholder control.
+        /// </summary>
+        /// <remarks>
+        /// Auto-generated field.
+        /// To modify move field declaration from designer file to code-behind file.
+        /// </remarks>
+        protected global::System.Web.UI.WebControls.PlaceHolder resultsPlaceholder;
+    }
+}
diff --git a/src/OAuth/OAuthConsumer/Web.config b/src/OAuth/OAuthConsumer/Web.config
new file mode 100644
index 0000000..3963433
--- /dev/null
+++ b/src/OAuth/OAuthConsumer/Web.config
@@ -0,0 +1,140 @@
+<?xml version="1.0" encoding="utf-8"?>

+<configuration>

+  <configSections>

+    <section name="log4net" type="log4net.Config.Log4NetConfigurationSectionHandler" requirePermission="false" />

+    <sectionGroup name="dotNetOpenAuth" type="DotNetOpenAuth.Configuration.DotNetOpenAuthSection, DotNetOpenAuth.Core">

+      <section name="messaging" type="DotNetOpenAuth.Configuration.MessagingElement, DotNetOpenAuth.Core" requirePermission="false" allowLocation="true" />

+      <section name="reporting" type="DotNetOpenAuth.Configuration.ReportingElement, DotNetOpenAuth.Core" requirePermission="false" allowLocation="true" />

+      <section name="oauth" type="DotNetOpenAuth.Configuration.OAuthElement, DotNetOpenAuth.OAuth" requirePermission="false" allowLocation="true" />

+      <section name="openid" type="DotNetOpenAuth.Configuration.OpenIdElement, DotNetOpenAuth.OpenId" requirePermission="false" allowLocation="true" />

+    </sectionGroup>

+  </configSections>

+  <!-- The uri section is necessary to turn on .NET 3.5 support for IDN (international domain names),

+       which is necessary for OpenID urls with unicode characters in the domain/host name. 

+       It is also required to put the Uri class into RFC 3986 escaping mode, which OpenID and OAuth require. -->

+  <!-- this is an optional configuration section where aspects of dotnetopenauth can be customized -->

+  <appSettings>

+    <!-- Fill in your various consumer keys and secrets here to make the sample work. -->

+    <!-- You must get these values by signing up with each individual service provider. -->

+    <!-- Twitter sign-up: https://twitter.com/oauth_clients -->

+    <add key="twitterConsumerKey" value="" />

+    <add key="twitterConsumerSecret" value="" />

+    <!-- Google sign-up: https://www.google.com/accounts/ManageDomains -->

+    <add key="googleConsumerKey" value="anonymous" />

+    <add key="googleConsumerSecret" value="anonymous" />

+    <!-- Yammer sign-up: https://www.yammer.com/client_applications/new -->

+    <add key="yammerConsumerKey" value="" />

+    <add key="yammerConsumerSecret" value="" />

+  </appSettings>

+  <connectionStrings />

+  <system.web>

+    <!-- 

+            Set compilation debug="true" to insert debugging 

+            symbols into the compiled page. Because this 

+            affects performance, set this value to true only 

+            during development.

+        -->

+    <compilation debug="true" targetFramework="4.0">

+      <assemblies>

+        <remove assembly="DotNetOpenAuth.Contracts" />

+      </assemblies>

+    </compilation>

+    <!--

+            The <authentication> section enables configuration 

+            of the security authentication mode used by 

+            ASP.NET to identify an incoming user. 

+        -->

+    <authentication mode="Windows" />

+    <!--

+            The <customErrors> section enables configuration 

+            of what to do if/when an unhandled error occurs 

+            during the execution of a request. Specifically, 

+            it enables developers to configure html error pages 

+            to be displayed in place of a error stack trace.

+

+        <customErrors mode="RemoteOnly" defaultRedirect="GenericErrorPage.htm">

+            <error statusCode="403" redirect="NoAccess.htm" />

+            <error statusCode="404" redirect="FileNotFound.htm" />

+        </customErrors>

+        -->

+    <pages controlRenderingCompatibilityVersion="3.5" clientIDMode="AutoID" />

+  </system.web>

+  <!-- 

+        The system.webServer section is required for running ASP.NET AJAX under Internet

+        Information Services 7.0.  It is not necessary for previous version of IIS.

+    -->

+  <log4net>

+    <appender name="TracePageAppender" type="OAuthConsumer.TracePageAppender, OAuthConsumer">

+      <layout type="log4net.Layout.PatternLayout">

+        <conversionPattern value="%date (GMT%date{%z}) [%thread] %-5level %logger - %message%newline" />

+      </layout>

+    </appender>

+    <!-- Setup the root category, add the appenders and set the default level -->

+    <root>

+      <level value="INFO" />

+      <!--<appender-ref ref="RollingFileAppender" />-->

+      <appender-ref ref="TracePageAppender" />

+    </root>

+    <!-- Specify the level for some specific categories -->

+    <logger name="DotNetOpenAuth">

+      <level value="ALL" />

+    </logger>

+  </log4net>

+  <system.serviceModel>

+    <bindings>

+      <wsHttpBinding>

+        <binding name="WSHttpBinding_IDataApi" closeTimeout="00:01:00" openTimeout="00:01:00" receiveTimeout="00:10:00" sendTimeout="00:01:00" bypassProxyOnLocal="false" transactionFlow="false" hostNameComparisonMode="StrongWildcard" maxBufferPoolSize="524288" maxReceivedMessageSize="65536" messageEncoding="Text" textEncoding="utf-8" useDefaultWebProxy="true" allowCookies="false">

+          <readerQuotas maxDepth="32" maxStringContentLength="8192" maxArrayLength="16384" maxBytesPerRead="4096" maxNameTableCharCount="16384" />

+          <reliableSession ordered="true" inactivityTimeout="00:10:00" enabled="false" />

+          <security mode="Message">

+            <transport clientCredentialType="Windows" proxyCredentialType="None" realm="" />

+            <message clientCredentialType="Windows" negotiateServiceCredential="true" algorithmSuite="Default" establishSecurityContext="true" />

+          </security>

+        </binding>

+      </wsHttpBinding>

+    </bindings>

+    <client>

+      <endpoint address="http://localhost:65169/DataApi.svc" binding="wsHttpBinding" bindingConfiguration="WSHttpBinding_IDataApi" contract="SampleServiceProvider.IDataApi" name="WSHttpBinding_IDataApi">

+        <identity>

+          <dns value="localhost" />

+        </identity>

+      </endpoint>

+    </client>

+  </system.serviceModel>

+  <system.net>

+    <defaultProxy enabled="true" />

+    <settings>

+      <!-- This setting causes .NET to check certificate revocation lists (CRL) 

+			     before trusting HTTPS certificates.  But this setting tends to not 

+			     be allowed in shared hosting environments. -->

+      <!--<servicePointManager checkCertificateRevocationList="true"/>-->

+    </settings>

+  </system.net>

+  <runtime>

+    <!-- This prevents the Windows Event Log from frequently logging that HMAC1 is being used (when the other party needs it). -->

+    <legacyHMACWarning enabled="0" />

+  </runtime>

+  <dotNetOpenAuth>

+    <messaging>

+      <untrustedWebRequest>

+        <whitelistHosts>

+          <!-- Uncomment to enable communication with localhost (should generally not activate in production!) -->

+          <!--<add name="localhost" />-->

+        </whitelistHosts>

+      </untrustedWebRequest>

+    </messaging>

+    <!-- Allow DotNetOpenAuth to publish usage statistics to library authors to improve the library. -->

+    <reporting enabled="true" />

+    <openid></openid>

+  </dotNetOpenAuth>

+  <uri>

+    <!-- See an error due to this section?  When targeting .NET 3.5, please add the following line to your <configSections> at the top of this file:

+		<section name="uri" type="System.Configuration.UriSection, System, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089" />

+		-->

+    <!-- The uri section is necessary to turn on .NET 3.5 support for IDN (international domain names),

+	     which is necessary for OpenID urls with unicode characters in the domain/host name. 

+	     It is also required to put the Uri class into RFC 3986 escaping mode, which OpenID and OAuth require. -->

+    <idn enabled="All" />

+    <iriParsing enabled="true" />

+  </uri>

+</configuration>
\ No newline at end of file
diff --git a/src/OAuth/OAuthConsumer/Yammer.aspx b/src/OAuth/OAuthConsumer/Yammer.aspx
new file mode 100644
index 0000000..90b61b8
--- /dev/null
+++ b/src/OAuth/OAuthConsumer/Yammer.aspx
@@ -0,0 +1,48 @@
+<%@ Page Language="C#" AutoEventWireup="true" MasterPageFile="~/MasterPage.master"
+	CodeBehind="Yammer.aspx.cs" Inherits="OAuthConsumer.Yammer" %>
+
+<asp:Content ID="Content2" ContentPlaceHolderID="Body" runat="Server">
+	<asp:MultiView ID="MultiView1" runat="server" ActiveViewIndex="0">
+		<asp:View ID="ClientRegistrationRequiredView" runat="server">
+			<h2>
+				Yammer setup</h2>
+			<p>
+				A Yammer client app must be registered.
+			</p>
+			<ol>
+				<li><a target="_blank" href="https://www.yammer.com/client_applications/new">Visit Yammer
+					and register a client app</a>. </li>
+				<li>Modify your web.config file to include your consumer key and consumer secret.
+				</li>
+			</ol>
+		</asp:View>
+		<asp:View ID="BeginAuthorizationView" runat="server">
+			<asp:Label Text="An error occurred in authorization.  You may try again." EnableViewState="false" Visible="false" ForeColor="Red" ID="authorizationErrorLabel" runat="server" />
+			<asp:Button Text="Obtain authorization now" runat="server" ID="obtainAuthorizationButton"
+				OnClick="obtainAuthorizationButton_Click" />
+		</asp:View>
+		<asp:View ID="CompleteAuthorizationView" runat="server">
+			After you have authorized Yammer to share your information, please enter the code
+			Yammer gives you here:
+			<asp:TextBox runat="server" ID="yammerUserCode" EnableViewState="false" />
+			<asp:RequiredFieldValidator ErrorMessage="*" ControlToValidate="yammerUserCode" runat="server" />
+			<asp:Button Text="Finish" runat="server" ID="finishAuthorizationButton" OnClick="finishAuthorizationButton_Click" />
+		</asp:View>
+		<asp:View ID="AuthorizationCompleteView" runat="server">
+			<h2>
+				Updates
+			</h2>
+			<p>The access token we have obtained is: 
+				<asp:Label ID="accessTokenLabel" runat="server" />
+			</p>
+			<p>
+				Ok, Yammer has authorized us to download your messages. Click &#39;Get messages&#39;
+				to download the latest few messages to this sample. Notice how we never asked you
+				for your Yammer username or password.
+			</p>
+			<asp:Button ID="getYammerMessagesButton" runat="server" OnClick="getYammerMessages_Click"
+				Text="Get address book" />
+			<asp:PlaceHolder ID="resultsPlaceholder" runat="server" />
+		</asp:View>
+	</asp:MultiView>
+</asp:Content>
diff --git a/src/OAuth/OAuthConsumer/Yammer.aspx.cs b/src/OAuth/OAuthConsumer/Yammer.aspx.cs
new file mode 100644
index 0000000..d8993fe
--- /dev/null
+++ b/src/OAuth/OAuthConsumer/Yammer.aspx.cs
@@ -0,0 +1,76 @@
+namespace OAuthConsumer {
+	using System;
+	using System.Collections.Generic;
+	using System.Configuration;
+	using System.Linq;
+	using System.Web;
+	using System.Web.UI;
+	using System.Web.UI.WebControls;
+	using DotNetOpenAuth.ApplicationBlock;
+	using DotNetOpenAuth.Messaging;
+	using DotNetOpenAuth.OAuth;
+
+	public partial class Yammer : System.Web.UI.Page {
+		private string RequestToken {
+			get { return (string)ViewState["YammerRequestToken"]; }
+			set { ViewState["YammerRequestToken"] = value; }
+		}
+
+		private string AccessToken {
+			get { return (string)Session["YammerAccessToken"]; }
+			set { Session["YammerAccessToken"] = value; }
+		}
+
+		private InMemoryTokenManager TokenManager {
+			get {
+				var tokenManager = (InMemoryTokenManager)Application["YammerTokenManager"];
+				if (tokenManager == null) {
+					string consumerKey = ConfigurationManager.AppSettings["YammerConsumerKey"];
+					string consumerSecret = ConfigurationManager.AppSettings["YammerConsumerSecret"];
+					if (!string.IsNullOrEmpty(consumerKey)) {
+						tokenManager = new InMemoryTokenManager(consumerKey, consumerSecret);
+						Application["YammerTokenManager"] = tokenManager;
+					}
+				}
+
+				return tokenManager;
+			}
+		}
+
+		protected void Page_Load(object sender, EventArgs e) {
+			if (this.TokenManager != null) {
+				this.MultiView1.SetActiveView(this.BeginAuthorizationView);
+			}
+		}
+
+		protected void getYammerMessages_Click(object sender, EventArgs e) {
+			var yammer = new WebConsumer(YammerConsumer.ServiceDescription, this.TokenManager);
+		}
+
+		protected void obtainAuthorizationButton_Click(object sender, EventArgs e) {
+			var yammer = YammerConsumer.CreateConsumer(this.TokenManager);
+			string requestToken;
+			Uri popupWindowLocation = YammerConsumer.PrepareRequestAuthorization(yammer, out requestToken);
+			this.RequestToken = requestToken;
+			string javascript = "window.open('" + popupWindowLocation.AbsoluteUri + "');";
+			this.Page.ClientScript.RegisterStartupScript(GetType(), "YammerPopup", javascript, true);
+			this.MultiView1.SetActiveView(this.CompleteAuthorizationView);
+		}
+
+		protected void finishAuthorizationButton_Click(object sender, EventArgs e) {
+			if (!Page.IsValid) {
+				return;
+			}
+
+			var yammer = YammerConsumer.CreateConsumer(this.TokenManager);
+			var authorizationResponse = YammerConsumer.CompleteAuthorization(yammer, this.RequestToken, this.yammerUserCode.Text);
+			if (authorizationResponse != null) {
+				this.accessTokenLabel.Text = HttpUtility.HtmlEncode(authorizationResponse.AccessToken);
+				this.MultiView1.SetActiveView(this.AuthorizationCompleteView);
+			} else {
+				this.MultiView1.SetActiveView(this.BeginAuthorizationView);
+				this.authorizationErrorLabel.Visible = true;
+			}
+		}
+	}
+}
\ No newline at end of file
diff --git a/src/OAuth/OAuthConsumer/Yammer.aspx.designer.cs b/src/OAuth/OAuthConsumer/Yammer.aspx.designer.cs
new file mode 100644
index 0000000..57f6db5
--- /dev/null
+++ b/src/OAuth/OAuthConsumer/Yammer.aspx.designer.cs
@@ -0,0 +1,123 @@
+//------------------------------------------------------------------------------
+// <auto-generated>
+//     This code was generated by a tool.
+//
+//     Changes to this file may cause incorrect behavior and will be lost if
+//     the code is regenerated. 
+// </auto-generated>
+//------------------------------------------------------------------------------
+
+namespace OAuthConsumer {
+    
+    
+    public partial class Yammer {
+        
+        /// <summary>
+        /// MultiView1 control.
+        /// </summary>
+        /// <remarks>
+        /// Auto-generated field.
+        /// To modify move field declaration from designer file to code-behind file.
+        /// </remarks>
+        protected global::System.Web.UI.WebControls.MultiView MultiView1;
+        
+        /// <summary>
+        /// ClientRegistrationRequiredView control.
+        /// </summary>
+        /// <remarks>
+        /// Auto-generated field.
+        /// To modify move field declaration from designer file to code-behind file.
+        /// </remarks>
+        protected global::System.Web.UI.WebControls.View ClientRegistrationRequiredView;
+        
+        /// <summary>
+        /// BeginAuthorizationView control.
+        /// </summary>
+        /// <remarks>
+        /// Auto-generated field.
+        /// To modify move field declaration from designer file to code-behind file.
+        /// </remarks>
+        protected global::System.Web.UI.WebControls.View BeginAuthorizationView;
+        
+        /// <summary>
+        /// authorizationErrorLabel control.
+        /// </summary>
+        /// <remarks>
+        /// Auto-generated field.
+        /// To modify move field declaration from designer file to code-behind file.
+        /// </remarks>
+        protected global::System.Web.UI.WebControls.Label authorizationErrorLabel;
+        
+        /// <summary>
+        /// obtainAuthorizationButton control.
+        /// </summary>
+        /// <remarks>
+        /// Auto-generated field.
+        /// To modify move field declaration from designer file to code-behind file.
+        /// </remarks>
+        protected global::System.Web.UI.WebControls.Button obtainAuthorizationButton;
+        
+        /// <summary>
+        /// CompleteAuthorizationView control.
+        /// </summary>
+        /// <remarks>
+        /// Auto-generated field.
+        /// To modify move field declaration from designer file to code-behind file.
+        /// </remarks>
+        protected global::System.Web.UI.WebControls.View CompleteAuthorizationView;
+        
+        /// <summary>
+        /// yammerUserCode control.
+        /// </summary>
+        /// <remarks>
+        /// Auto-generated field.
+        /// To modify move field declaration from designer file to code-behind file.
+        /// </remarks>
+        protected global::System.Web.UI.WebControls.TextBox yammerUserCode;
+        
+        /// <summary>
+        /// finishAuthorizationButton control.
+        /// </summary>
+        /// <remarks>
+        /// Auto-generated field.
+        /// To modify move field declaration from designer file to code-behind file.
+        /// </remarks>
+        protected global::System.Web.UI.WebControls.Button finishAuthorizationButton;
+        
+        /// <summary>
+        /// AuthorizationCompleteView control.
+        /// </summary>
+        /// <remarks>
+        /// Auto-generated field.
+        /// To modify move field declaration from designer file to code-behind file.
+        /// </remarks>
+        protected global::System.Web.UI.WebControls.View AuthorizationCompleteView;
+        
+        /// <summary>
+        /// accessTokenLabel control.
+        /// </summary>
+        /// <remarks>
+        /// Auto-generated field.
+        /// To modify move field declaration from designer file to code-behind file.
+        /// </remarks>
+        protected global::System.Web.UI.WebControls.Label accessTokenLabel;
+        
+        /// <summary>
+        /// getYammerMessagesButton control.
+        /// </summary>
+        /// <remarks>
+        /// Auto-generated field.
+        /// To modify move field declaration from designer file to code-behind file.
+        /// </remarks>
+        protected global::System.Web.UI.WebControls.Button getYammerMessagesButton;
+        
+        /// <summary>
+        /// resultsPlaceholder control.
+        /// </summary>
+        /// <remarks>
+        /// Auto-generated field.
+        /// To modify move field declaration from designer file to code-behind file.
+        /// </remarks>
+        protected global::System.Web.UI.WebControls.PlaceHolder resultsPlaceholder;
+    }
+}
diff --git a/src/OAuth/OAuthConsumer/favicon.ico b/src/OAuth/OAuthConsumer/favicon.ico
new file mode 100644
index 0000000..e227dbe
--- /dev/null
+++ b/src/OAuth/OAuthConsumer/favicon.ico
diff --git a/src/OAuth/OAuthConsumer/images/Sign-in-with-Twitter-darker.png b/src/OAuth/OAuthConsumer/images/Sign-in-with-Twitter-darker.png
new file mode 100644
index 0000000..746b6b9
--- /dev/null
+++ b/src/OAuth/OAuthConsumer/images/Sign-in-with-Twitter-darker.png
diff --git a/src/OAuth/OAuthConsumer/packages.config b/src/OAuth/OAuthConsumer/packages.config
new file mode 100644
index 0000000..56ae497
--- /dev/null
+++ b/src/OAuth/OAuthConsumer/packages.config
@@ -0,0 +1,12 @@
+<?xml version="1.0" encoding="utf-8"?>

+<packages>

+  <package id="CodeContracts.Unofficial" version="1.0.0.2" />

+  <package id="DotNetOpenAuth.Core" version="4.0.0.12084" />

+  <package id="DotNetOpenAuth.OAuth.Common" version="4.0.0.12084" />

+  <package id="DotNetOpenAuth.OAuth.Consumer" version="4.0.0.12084" />

+  <package id="DotNetOpenAuth.OAuth.Core" version="4.0.0.12084" />

+  <package id="DotNetOpenAuth.OAuth.ServiceProvider" version="4.0.0.12084" />

+  <package id="DotNetOpenAuth.OpenId.Core" version="4.0.0.12084" />

+  <package id="DotNetOpenAuth.OpenIdOAuth" version="4.0.0.12084" />

+  <package id="log4net" version="2.0.0" />

+</packages>
\ No newline at end of file