More warning fixes.

45 files changed, 221 insertions, 66 deletions

diff --git a/projecttemplates/MvcRelyingParty/Controllers/AuthController.cs b/projecttemplates/MvcRelyingParty/Controllers/AuthController.cs
index 1d9dadf..35c39ea 100644
--- a/projecttemplates/MvcRelyingParty/Controllers/AuthController.cs
+++ b/projecttemplates/MvcRelyingParty/Controllers/AuthController.cs
@@ -210,6 +210,9 @@ namespace MvcRelyingParty.Controllers {
 		/// <summary>
 		/// Preloads discovery results for the OP buttons we display on the selector in the ViewData.
 		/// </summary>
+		/// <returns>
+		/// A task that completes with the asynchronous operation.
+		/// </returns>
 		private async Task PreloadDiscoveryResultsAsync() {
 			this.ViewData["PreloadedDiscoveryResults"] = this.RelyingParty.PreloadDiscoveryResultsAsync(
 				Realm.AutoDetect,
diff --git a/samples/DotNetOpenAuth.ApplicationBlock/GoogleConsumer.cs b/samples/DotNetOpenAuth.ApplicationBlock/GoogleConsumer.cs
index a6a6e9f..631b495 100644
--- a/samples/DotNetOpenAuth.ApplicationBlock/GoogleConsumer.cs
+++ b/samples/DotNetOpenAuth.ApplicationBlock/GoogleConsumer.cs
@@ -177,9 +177,13 @@ namespace DotNetOpenAuth.ApplicationBlock
 		/// <summary>
 		/// Requests authorization from Google to access data from a set of Google applications.
 		/// </summary>
-		/// <param name="consumer">The Google consumer previously constructed using <see cref="CreateWebConsumer"/> or <see cref="CreateDesktopConsumer"/>.</param>
+		/// <param name="consumer">The Google consumer previously constructed using <see cref="CreateWebConsumer" /> or <see cref="CreateDesktopConsumer" />.</param>
 		/// <param name="requestedAccessScope">The requested access scope.</param>
 		/// <param name="cancellationToken">The cancellation token.</param>
+		/// <returns>
+		/// A task that completes with the asynchronous operation.
+		/// </returns>
+		/// <exception cref="System.ArgumentNullException">consumer</exception>
 		public static async Task RequestAuthorizationAsync(WebConsumer consumer, Applications requestedAccessScope, CancellationToken cancellationToken = default(CancellationToken)) {
 			if (consumer == null) {
 				throw new ArgumentNullException("consumer");
diff --git a/samples/OpenIdOfflineProvider/CheckIdWindow.xaml.cs b/samples/OpenIdOfflineProvider/CheckIdWindow.xaml.cs
index 66bc109..3e27507 100644
--- a/samples/OpenIdOfflineProvider/CheckIdWindow.xaml.cs
+++ b/samples/OpenIdOfflineProvider/CheckIdWindow.xaml.cs
@@ -55,6 +55,9 @@ namespace DotNetOpenAuth.OpenIdOfflineProvider {
 		/// </summary>
 		/// <param name="provider">The OpenID Provider host.</param>
 		/// <param name="request">The incoming authentication request.</param>
+		/// <returns>
+		/// A task that completes with the asynchronous operation.
+		/// </returns>
 		internal static async Task ProcessAuthenticationAsync(HostedProvider provider, IAuthenticationRequest request) {
 			Requires.NotNull(provider, "provider");
 			Requires.NotNull(request, "request");
diff --git a/samples/OpenIdOfflineProvider/HostedProvider.cs b/samples/OpenIdOfflineProvider/HostedProvider.cs
index a11c625..1f41e9a 100644
--- a/samples/OpenIdOfflineProvider/HostedProvider.cs
+++ b/samples/OpenIdOfflineProvider/HostedProvider.cs
@@ -210,6 +210,9 @@ namespace DotNetOpenAuth.OpenIdOfflineProvider {
 		/// Handles incoming HTTP requests.
 		/// </summary>
 		/// <param name="context">The HttpListener context.</param>
+		/// <returns>
+		/// A task that completes with the asynchronous operation.
+		/// </returns>
 		private async Task RequestHandlerAsync(HttpListenerContext context) {
 			Requires.NotNull(context, "context");
 			Requires.NotNull(context.Response.OutputStream, "context.Response.OutputStream");
diff --git a/samples/OpenIdOfflineProvider/HttpHost.cs b/samples/OpenIdOfflineProvider/HttpHost.cs
index 242a8d3..335d677 100644
--- a/samples/OpenIdOfflineProvider/HttpHost.cs
+++ b/samples/OpenIdOfflineProvider/HttpHost.cs
@@ -65,6 +65,7 @@ namespace DotNetOpenAuth.OpenIdOfflineProvider {
 		/// The request handler delegate.
 		/// </summary>
 		/// <param name="context">Information on the incoming HTTP request.</param>
+		/// <returns>A task that completes with the async operation.</returns>
 		internal delegate Task RequestHandlerAsync(HttpListenerContext context);
 
 		/// <summary>
@@ -117,6 +118,9 @@ namespace DotNetOpenAuth.OpenIdOfflineProvider {
 		/// <summary>
 		/// The HTTP listener thread body.
 		/// </summary>
+		/// <returns>
+		/// A task that completes with the asynchronous operation.
+		/// </returns>
 		private async Task ProcessRequestsAsync() {
 			Assumes.True(this.listener != null);
 
diff --git a/samples/OpenIdOfflineProvider/MainWindow.xaml.cs b/samples/OpenIdOfflineProvider/MainWindow.xaml.cs
index ad96edd..b5d7891 100644
--- a/samples/OpenIdOfflineProvider/MainWindow.xaml.cs
+++ b/samples/OpenIdOfflineProvider/MainWindow.xaml.cs
@@ -128,6 +128,9 @@ namespace DotNetOpenAuth.OpenIdOfflineProvider {
 		/// </summary>
 		/// <param name="requestInfo">The request info.</param>
 		/// <param name="response">The response.</param>
+		/// <returns>
+		/// A task that completes with the asynchronous operation.
+		/// </returns>
 		private async Task ProcessRequestAsync(HttpRequestBase requestInfo, HttpListenerResponse response) {
 			IRequest request = await this.hostedProvider.Provider.GetRequestAsync(requestInfo, CancellationToken.None);
 			if (request == null) {
diff --git a/src/DotNetOpenAuth.AspNet/Clients/OAuth/DotNetOpenAuthWebConsumer.cs b/src/DotNetOpenAuth.AspNet/Clients/OAuth/DotNetOpenAuthWebConsumer.cs
index a87a678..09a56a8 100644
--- a/src/DotNetOpenAuth.AspNet/Clients/OAuth/DotNetOpenAuthWebConsumer.cs
+++ b/src/DotNetOpenAuth.AspNet/Clients/OAuth/DotNetOpenAuthWebConsumer.cs
@@ -68,7 +68,10 @@ namespace DotNetOpenAuth.AspNet.Clients {
 		/// <summary>
 		/// The process user authorization.
 		/// </summary>
-		/// <returns>The response message.</returns>
+		/// <param name="cancellationToken"></param>
+		/// <returns>
+		/// The response message.
+		/// </returns>
 		public Task<AuthorizedTokenResponse> ProcessUserAuthorizationAsync(CancellationToken cancellationToken = default(CancellationToken)) {
 			return this.webConsumer.ProcessUserAuthorizationAsync(cancellationToken: cancellationToken);
 		}
@@ -76,9 +79,11 @@ namespace DotNetOpenAuth.AspNet.Clients {
 		/// <summary>
 		/// The request authentication.
 		/// </summary>
-		/// <param name="callback">
-		/// The callback.
-		/// </param>
+		/// <param name="callback">The callback.</param>
+		/// <param name="cancellationToken">The cancellation token.</param>
+		/// <returns>
+		/// The response message.
+		/// </returns>
 		public async Task<HttpResponseMessage> RequestAuthenticationAsync(Uri callback, CancellationToken cancellationToken = default(CancellationToken)) {
 			var redirectParameters = new Dictionary<string, string>();
 			UserAuthorizationRequest request = await this.webConsumer.PrepareRequestUserAuthorizationAsync(
diff --git a/src/DotNetOpenAuth.AspNet/Clients/OAuth/IOAuthWebWorker.cs b/src/DotNetOpenAuth.AspNet/Clients/OAuth/IOAuthWebWorker.cs
index 91fca59..205d4c0 100644
--- a/src/DotNetOpenAuth.AspNet/Clients/OAuth/IOAuthWebWorker.cs
+++ b/src/DotNetOpenAuth.AspNet/Clients/OAuth/IOAuthWebWorker.cs
@@ -33,7 +33,10 @@ namespace DotNetOpenAuth.AspNet.Clients {
 		/// <summary>
 		/// The process user authorization.
 		/// </summary>
-		/// <returns>The response message.</returns>
+		/// <param name="cancellationToken">The cancellation token.</param>
+		/// <returns>
+		/// The response message.
+		/// </returns>
 		Task<AuthorizedTokenResponse> ProcessUserAuthorizationAsync(CancellationToken cancellationToken = default(CancellationToken));
 
 		/// <summary>
@@ -41,6 +44,7 @@ namespace DotNetOpenAuth.AspNet.Clients {
 		/// </summary>
 		/// <param name="callback">The callback.</param>
 		/// <param name="cancellationToken">The cancellation token.</param>
+		/// <returns>The response message</returns>
 		Task<HttpResponseMessage> RequestAuthenticationAsync(Uri callback, CancellationToken cancellationToken = default(CancellationToken));
 
 		#endregion
diff --git a/src/DotNetOpenAuth.AspNet/Clients/OAuth/InMemoryOAuthTokenManager.cs b/src/DotNetOpenAuth.AspNet/Clients/OAuth/InMemoryOAuthTokenManager.cs
index a7b641c..e5fd67f 100644
--- a/src/DotNetOpenAuth.AspNet/Clients/OAuth/InMemoryOAuthTokenManager.cs
+++ b/src/DotNetOpenAuth.AspNet/Clients/OAuth/InMemoryOAuthTokenManager.cs
@@ -92,9 +92,9 @@ namespace DotNetOpenAuth.AspNet.Clients {
 		/// 	                                	useful in an ASP.NET web application within the implementation of this method.
 		/// 	                                	Alternatively you may store the access token here without associating with a user account,
 		/// 	                                	and wait until
-		/// 	                                	<see cref="WebConsumer.ProcessUserAuthorization()"/>
+		/// 	                                	<see cref="WebConsumer.ProcessUserAuthorizationAsync()"/>
 		/// 	                                	or
-		/// 	                                	<see cref="DesktopConsumer.ProcessUserAuthorization(string, string)"/>
+		/// 	                                	<see cref="DesktopConsumer.ProcessUserAuthorizationAsync(string, string)"/>
 		/// 	                                	return the access
 		/// 	                                	token to associate the access token with a user account at that point.
 		/// </para>
diff --git a/src/DotNetOpenAuth.AspNet/Clients/OAuth/LinkedInClient.cs b/src/DotNetOpenAuth.AspNet/Clients/OAuth/LinkedInClient.cs
index 2445db5..8128cbb 100644
--- a/src/DotNetOpenAuth.AspNet/Clients/OAuth/LinkedInClient.cs
+++ b/src/DotNetOpenAuth.AspNet/Clients/OAuth/LinkedInClient.cs
@@ -82,11 +82,10 @@ namespace DotNetOpenAuth.AspNet.Clients {
 		/// <summary>
 		/// Check if authentication succeeded after user is redirected back from the service provider.
 		/// </summary>
-		/// <param name="response">
-		/// The response token returned from service provider 
-		/// </param>
+		/// <param name="response">The response token returned from service provider</param>
+		/// <param name="cancellationToken">The cancellation token.</param>
 		/// <returns>
-		/// Authentication result. 
+		/// Authentication result.
 		/// </returns>
 		[SuppressMessage("Microsoft.Design", "CA1031:DoNotCatchGeneralExceptionTypes",
 			Justification = "We don't care if the request fails.")]
diff --git a/src/DotNetOpenAuth.AspNet/Clients/OAuth/OAuthClient.cs b/src/DotNetOpenAuth.AspNet/Clients/OAuth/OAuthClient.cs
index fb6ba3d..ffe5c07 100644
--- a/src/DotNetOpenAuth.AspNet/Clients/OAuth/OAuthClient.cs
+++ b/src/DotNetOpenAuth.AspNet/Clients/OAuth/OAuthClient.cs
@@ -108,6 +108,9 @@ namespace DotNetOpenAuth.AspNet.Clients {
 		/// <param name="context">The context.</param>
 		/// <param name="returnUrl">The return url after users have completed authenticating against external website.</param>
 		/// <param name="cancellationToken">The cancellation token.</param>
+		/// <returns>
+		/// A task that completes with the asynchronous operation.
+		/// </returns>
 		public virtual Task RequestAuthenticationAsync(HttpContextBase context, Uri returnUrl, CancellationToken cancellationToken = default(CancellationToken)) {
 			Requires.NotNull(returnUrl, "returnUrl");
 			Requires.NotNull(context, "context");
diff --git a/src/DotNetOpenAuth.AspNet/Clients/OAuth2/OAuth2Client.cs b/src/DotNetOpenAuth.AspNet/Clients/OAuth2/OAuth2Client.cs
index 317a46d..c9bfafc 100644
--- a/src/DotNetOpenAuth.AspNet/Clients/OAuth2/OAuth2Client.cs
+++ b/src/DotNetOpenAuth.AspNet/Clients/OAuth2/OAuth2Client.cs
@@ -62,6 +62,9 @@ namespace DotNetOpenAuth.AspNet.Clients {
 		/// <param name="context">The context.</param>
 		/// <param name="returnUrl">The return url after users have completed authenticating against external website.</param>
 		/// <param name="cancellationToken">The cancellation token.</param>
+		/// <returns>
+		/// A task that completes with the asynchronous operation.
+		/// </returns>
 		public virtual async Task RequestAuthenticationAsync(HttpContextBase context, Uri returnUrl, CancellationToken cancellationToken = default(CancellationToken)) {
 			Requires.NotNull(context, "context");
 			Requires.NotNull(returnUrl, "returnUrl");
@@ -90,7 +93,7 @@ namespace DotNetOpenAuth.AspNet.Clients {
 		/// <param name="returnPageUrl">The return URL which should match the value passed to RequestAuthentication() method.</param>
 		/// <param name="cancellationToken">The cancellation token.</param>
 		/// <returns>
-		/// An instance of <see cref="AuthenticationResult"/> containing authentication result.
+		/// An instance of <see cref="AuthenticationResult" /> containing authentication result.
 		/// </returns>
 		public virtual async Task<AuthenticationResult> VerifyAuthenticationAsync(HttpContextBase context, Uri returnPageUrl, CancellationToken cancellationToken = default(CancellationToken)) {
 			Requires.NotNull(context, "context");
diff --git a/src/DotNetOpenAuth.AspNet/Clients/OpenID/OpenIDClient.cs b/src/DotNetOpenAuth.AspNet/Clients/OpenID/OpenIDClient.cs
index 0d6d6ca..68ea20f 100644
--- a/src/DotNetOpenAuth.AspNet/Clients/OpenID/OpenIDClient.cs
+++ b/src/DotNetOpenAuth.AspNet/Clients/OpenID/OpenIDClient.cs
@@ -81,13 +81,12 @@ namespace DotNetOpenAuth.AspNet.Clients {
 		/// <summary>
 		/// Attempts to authenticate users by forwarding them to an external website, and upon succcess or failure, redirect users back to the specified url.
 		/// </summary>
-		/// <param name="context">
-		/// The context of the current request. 
-		/// </param>
-		/// <param name="returnUrl">
-		/// The return url after users have completed authenticating against external website. 
-		/// </param>
+		/// <param name="context">The context of the current request.</param>
+		/// <param name="returnUrl">The return url after users have completed authenticating against external website.</param>
 		/// <param name="cancellationToken">The cancellation token.</param>
+		/// <returns>
+		/// A task that completes with the asynchronous operation.
+		/// </returns>
 		[SuppressMessage("Microsoft.Usage", "CA2234:PassSystemUriObjectsInsteadOfStrings",
 			Justification = "We don't have a Uri object handy.")]
 		public virtual async Task RequestAuthenticationAsync(HttpContextBase context, Uri returnUrl, CancellationToken cancellationToken = default(CancellationToken)) {
diff --git a/src/DotNetOpenAuth.AspNet/OpenAuthSecurityManager.cs b/src/DotNetOpenAuth.AspNet/OpenAuthSecurityManager.cs
index 794ba10..7669072 100644
--- a/src/DotNetOpenAuth.AspNet/OpenAuthSecurityManager.cs
+++ b/src/DotNetOpenAuth.AspNet/OpenAuthSecurityManager.cs
@@ -143,9 +143,11 @@ namespace DotNetOpenAuth.AspNet {
 		/// <summary>
 		/// Requests the specified provider to start the authentication by directing users to an external website
 		/// </summary>
-		/// <param name="returnUrl">
-		/// The return url after user is authenticated. 
-		/// </param>
+		/// <param name="returnUrl">The return url after user is authenticated.</param>
+		/// <param name="cancellationToken">The cancellation token.</param>
+		/// <returns>
+		/// A task that completes with the asynchronous operation.
+		/// </returns>
 		public async Task RequestAuthenticationAsync(string returnUrl, CancellationToken cancellationToken = default(CancellationToken)) {
 			// convert returnUrl to an absolute path
 			Uri uri;
@@ -185,12 +187,13 @@ namespace DotNetOpenAuth.AspNet {
 		/// Checks if user is successfully authenticated when user is redirected back to this user.
 		/// </summary>
 		/// <param name="returnUrl">The return Url which must match exactly the Url passed into RequestAuthentication() earlier.</param>
-		/// <remarks>
-		/// This returnUrl parameter only applies to OAuth2 providers. For other providers, it ignores the returnUrl parameter.
-		/// </remarks>
+		/// <param name="cancellationToken">The cancellation token.</param>
 		/// <returns>
 		/// The result of the authentication.
 		/// </returns>
+		/// <remarks>
+		/// This returnUrl parameter only applies to OAuth2 providers. For other providers, it ignores the returnUrl parameter.
+		/// </remarks>
 		public async Task<AuthenticationResult> VerifyAuthenticationAsync(string returnUrl, CancellationToken cancellationToken = default(CancellationToken)) {
 			// check for XSRF attack
 			string sessionId;
diff --git a/src/DotNetOpenAuth.Core/Messaging/Channel.cs b/src/DotNetOpenAuth.Core/Messaging/Channel.cs
index 0dc31b8..6aaf8ea 100644
--- a/src/DotNetOpenAuth.Core/Messaging/Channel.cs
+++ b/src/DotNetOpenAuth.Core/Messaging/Channel.cs
@@ -387,7 +387,10 @@ namespace DotNetOpenAuth.Messaging {
 		/// Gets the protocol message that may be embedded in the given HTTP request.
 		/// </summary>
 		/// <param name="httpRequest">The request to search for an embedded message.</param>
-		/// <returns>The deserialized message, if one is found.  Null otherwise.</returns>
+		/// <param name="cancellationToken">The cancellation token.</param>
+		/// <returns>
+		/// The deserialized message, if one is found.  Null otherwise.
+		/// </returns>
 		public async Task<IDirectedProtocolMessage> ReadFromRequestAsync(HttpRequestBase httpRequest, CancellationToken cancellationToken) {
 			Requires.NotNull(httpRequest, "httpRequest");
 
@@ -476,10 +479,11 @@ namespace DotNetOpenAuth.Messaging {
 		/// </summary>
 		/// <param name="message">The message just received.</param>
 		/// <param name="cancellationToken">The cancellation token.</param>
-		/// <exception cref="ProtocolException">
-		/// Thrown when the message is somehow invalid.
-		/// This can be due to tampering, replay attack or expiration, among other things.
-		/// </exception>
+		/// <returns>
+		/// A task that completes with the asynchronous operation.
+		/// </returns>
+		/// <exception cref="ProtocolException">Thrown when the message is somehow invalid.
+		/// This can be due to tampering, replay attack or expiration, among other things.</exception>
 		internal Task ProcessIncomingMessageTestHookAsync(IProtocolMessage message, CancellationToken cancellationToken) {
 			return this.ProcessIncomingMessageAsync(message, cancellationToken);
 		}
@@ -525,7 +529,9 @@ namespace DotNetOpenAuth.Messaging {
 		/// </summary>
 		/// <param name="message">The message to prepare for sending.</param>
 		/// <param name="cancellationToken">The cancellation token.</param>
-		/// <returns></returns>
+		/// <returns>
+		/// A task that completes with the asynchronous operation.
+		/// </returns>
 		/// <remarks>
 		/// This method should NOT be called by derived types
 		/// except when sending ONE WAY request messages.
@@ -962,7 +968,9 @@ namespace DotNetOpenAuth.Messaging {
 		/// </summary>
 		/// <param name="message">The message to prepare for sending.</param>
 		/// <param name="cancellationToken">The cancellation token.</param>
-		/// <returns></returns>
+		/// <returns>
+		/// A task that completes with the asynchronous operation.
+		/// </returns>
 		/// <exception cref="UnprotectedMessageException"></exception>
 		/// <remarks>
 		/// This method should NOT be called by derived types
@@ -1134,10 +1142,12 @@ namespace DotNetOpenAuth.Messaging {
 		/// </summary>
 		/// <param name="message">The message just received.</param>
 		/// <param name="cancellationToken">The cancellation token.</param>
-		/// <exception cref="ProtocolException">
-		/// Thrown when the message is somehow invalid.
-		/// This can be due to tampering, replay attack or expiration, among other things.
-		/// </exception>
+		/// <returns>
+		/// A task that completes with the asynchronous operation.
+		/// </returns>
+		/// <exception cref="UnprotectedMessageException"></exception>
+		/// <exception cref="ProtocolException">Thrown when the message is somehow invalid.
+		/// This can be due to tampering, replay attack or expiration, among other things.</exception>
 		protected virtual async Task ProcessIncomingMessageAsync(IProtocolMessage message, CancellationToken cancellationToken) {
 			Requires.NotNull(message, "message");
 
diff --git a/src/DotNetOpenAuth.Core/Reporting.cs b/src/DotNetOpenAuth.Core/Reporting.cs
index 20aeddc..432a833 100644
--- a/src/DotNetOpenAuth.Core/Reporting.cs
+++ b/src/DotNetOpenAuth.Core/Reporting.cs
@@ -370,6 +370,7 @@ namespace DotNetOpenAuth {
 		/// <summary>
 		/// Creates an HTTP client that can be used for outbound HTTP requests.
 		/// </summary>
+		/// <returns>The HTTP client to use.</returns>
 		private static HttpClient CreateHttpClient() {
 			var channel = new HttpClientHandler();
 			channel.AllowAutoRedirect = false;
diff --git a/src/DotNetOpenAuth.Core/Util.cs b/src/DotNetOpenAuth.Core/Util.cs
index 3463808..ebbaaa4 100644
--- a/src/DotNetOpenAuth.Core/Util.cs
+++ b/src/DotNetOpenAuth.Core/Util.cs
@@ -235,7 +235,7 @@ namespace DotNetOpenAuth {
 		/// <typeparam name="TResult">The type of the result.</typeparam>
 		/// <param name="source">The source.</param>
 		/// <param name="transform">The transform.</param>
-		/// <returns></returns>
+		/// <returns>A dictionary populated with the results of the transforms.</returns>
 		internal static async Task<Dictionary<TSource, TResult>> ToDictionaryAsync<TSource, TResult>(
 			this IEnumerable<TSource> source, Func<TSource, Task<TResult>> transform) {
 			var taskResults = source.ToDictionary(s => s, transform);
diff --git a/src/DotNetOpenAuth.OAuth.Consumer/OAuth/OAuth1HttpMessageHandler.cs b/src/DotNetOpenAuth.OAuth.Consumer/OAuth/OAuth1HttpMessageHandler.cs
index cfbb70e..a763d5e 100644
--- a/src/DotNetOpenAuth.OAuth.Consumer/OAuth/OAuth1HttpMessageHandler.cs
+++ b/src/DotNetOpenAuth.OAuth.Consumer/OAuth/OAuth1HttpMessageHandler.cs
@@ -1,4 +1,10 @@
-namespace DotNetOpenAuth.OAuth {
+//-----------------------------------------------------------------------
+// <copyright file="OAuth1HttpMessageHandler.cs" company="Andrew Arnott">
+//     Copyright (c) Andrew Arnott. All rights reserved.
+// </copyright>
+//-----------------------------------------------------------------------
+
+namespace DotNetOpenAuth.OAuth {
 	using System;
 	using System.Collections.Generic;
 	using System.Linq;
@@ -11,6 +17,9 @@
 
 	using Validation;
 
+	/// <summary>
+	/// A delegated HTTP handler that automatically signs outgoing requests.
+	/// </summary>
 	public class OAuth1HttpMessageHandler : DelegatingHandler {
 		/// <summary>
 		/// Initializes a new instance of the <see cref="OAuth1HttpMessageHandler" /> class.
@@ -34,10 +43,30 @@
 			this.AccessToken = accessToken;
 		}
 
+		/// <summary>
+		/// Gets or sets the access token.
+		/// </summary>
+		/// <value>
+		/// The access token.
+		/// </value>
 		public string AccessToken { get; set; }
 
+		/// <summary>
+		/// Gets or sets the consumer.
+		/// </summary>
+		/// <value>
+		/// The consumer.
+		/// </value>
 		public ConsumerBase Consumer { get; set; }
 
+		/// <summary>
+		/// Sends an HTTP request to the inner handler to send to the server as an asynchronous operation.
+		/// </summary>
+		/// <param name="request">The HTTP request message to send to the server.</param>
+		/// <param name="cancellationToken">A cancellation token to cancel operation.</param>
+		/// <returns>
+		/// Returns <see cref="T:System.Threading.Tasks.Task`1" />. The task object representing the asynchronous operation.
+		/// </returns>
 		protected override async Task<HttpResponseMessage> SendAsync(HttpRequestMessage request, CancellationToken cancellationToken) {
 			Verify.Operation(this.Consumer != null, Strings.RequiredPropertyNotYetPreset, "Consumer");
 			Verify.Operation(!string.IsNullOrEmpty(this.AccessToken), Strings.RequiredPropertyNotYetPreset, "AccessToken");
diff --git a/src/DotNetOpenAuth.OAuth.ServiceProvider/OAuth/ServiceProvider.cs b/src/DotNetOpenAuth.OAuth.ServiceProvider/OAuth/ServiceProvider.cs
index 71621e1..de7ff7c 100644
--- a/src/DotNetOpenAuth.OAuth.ServiceProvider/OAuth/ServiceProvider.cs
+++ b/src/DotNetOpenAuth.OAuth.ServiceProvider/OAuth/ServiceProvider.cs
@@ -151,6 +151,8 @@ namespace DotNetOpenAuth.OAuth {
 		/// Gets the standard state storage mechanism that uses ASP.NET's
 		/// HttpApplication state dictionary to store associations and nonces.
 		/// </summary>
+		/// <param name="context">The HTTP context. If <c>null</c>, this method must be called while <see cref="HttpContext.Current"/> is non-null.</param>
+		/// <returns>The nonce store.</returns>
 		public static INonceStore GetHttpApplicationStore(HttpContextBase context = null) {
 			if (context == null) {
 				ErrorUtilities.VerifyOperation(HttpContext.Current != null, Strings.StoreRequiredWhenNoHttpContextAvailable, typeof(INonceStore).Name);
@@ -203,7 +205,11 @@ namespace DotNetOpenAuth.OAuth {
 		/// <summary>
 		/// Reads any incoming OAuth message.
 		/// </summary>
-		/// <returns>The deserialized message.</returns>
+		/// <param name="request">The request.</param>
+		/// <param name="cancellationToken">The cancellation token.</param>
+		/// <returns>
+		/// The deserialized message.
+		/// </returns>
 		/// <remarks>
 		/// Requires HttpContext.Current.
 		/// </remarks>
diff --git a/src/DotNetOpenAuth.OAuth/OAuth/Messages/UserAuthorizationRequest.cs b/src/DotNetOpenAuth.OAuth/OAuth/Messages/UserAuthorizationRequest.cs
index 357220b..fd634da 100644
--- a/src/DotNetOpenAuth.OAuth/OAuth/Messages/UserAuthorizationRequest.cs
+++ b/src/DotNetOpenAuth.OAuth/OAuth/Messages/UserAuthorizationRequest.cs
@@ -62,7 +62,7 @@ namespace DotNetOpenAuth.OAuth.Messages {
 		}
 
 		/// <summary>
-		/// Gets or sets the Request Token obtained in the previous step.
+		/// Gets the Request Token obtained in the previous step.
 		/// </summary>
 		/// <remarks>
 		/// The Service Provider MAY declare this parameter as REQUIRED, or 
diff --git a/src/DotNetOpenAuth.OAuth2.AuthorizationServer/OAuth2/ChannelElements/MessageValidationBindingElement.cs b/src/DotNetOpenAuth.OAuth2.AuthorizationServer/OAuth2/ChannelElements/MessageValidationBindingElement.cs
index 6e78955..25720f6 100644
--- a/src/DotNetOpenAuth.OAuth2.AuthorizationServer/OAuth2/ChannelElements/MessageValidationBindingElement.cs
+++ b/src/DotNetOpenAuth.OAuth2.AuthorizationServer/OAuth2/ChannelElements/MessageValidationBindingElement.cs
@@ -84,7 +84,7 @@ namespace DotNetOpenAuth.OAuth2.ChannelElements {
 		/// The protections (if any) that this binding element applied to the message.
 		/// Null if this binding element did not even apply to this binding element.
 		/// </returns>
-		/// <exception cref="TokenEndpointProtocolException"></exception>
+		/// <exception cref="TokenEndpointProtocolException">Thrown when an authorization or protocol rule is violated.</exception>
 		/// <exception cref="ProtocolException">Thrown when the binding element rules indicate that this message is invalid and should
 		/// NOT be processed.</exception>
 		/// <remarks>
diff --git a/src/DotNetOpenAuth.OAuth2.Client.UI/OAuth2/ClientAuthorizationView.cs b/src/DotNetOpenAuth.OAuth2.Client.UI/OAuth2/ClientAuthorizationView.cs
index 8f27ae6..002202e 100644
--- a/src/DotNetOpenAuth.OAuth2.Client.UI/OAuth2/ClientAuthorizationView.cs
+++ b/src/DotNetOpenAuth.OAuth2.Client.UI/OAuth2/ClientAuthorizationView.cs
@@ -143,6 +143,9 @@ namespace DotNetOpenAuth.OAuth2 {
 		/// Processes changes in the URL the browser has navigated to.
 		/// </summary>
 		/// <param name="location">The location.</param>
+		/// <returns>
+		/// A task that completes with the asynchronous operation.
+		/// </returns>
 		private async Task ProcessLocationChangedAsync(Uri location) {
 			if (SignificantlyEqual(location, this.Authorization.Callback, UriComponents.SchemeAndServer | UriComponents.Path)) {
 				try {
diff --git a/src/DotNetOpenAuth.OAuth2.Client/OAuth2/ClientBase.cs b/src/DotNetOpenAuth.OAuth2.Client/OAuth2/ClientBase.cs
index bf56586..ea5dcf5 100644
--- a/src/DotNetOpenAuth.OAuth2.Client/OAuth2/ClientBase.cs
+++ b/src/DotNetOpenAuth.OAuth2.Client/OAuth2/ClientBase.cs
@@ -118,6 +118,9 @@ namespace DotNetOpenAuth.OAuth2 {
 		/// <param name="request">The request for protected resources from the service provider.</param>
 		/// <param name="authorization">The authorization for this request previously obtained via OAuth.</param>
 		/// <param name="cancellationToken">The cancellation token.</param>
+		/// <returns>
+		/// A task that completes with the asynchronous operation.
+		/// </returns>
 		public Task AuthorizeRequestAsync(HttpWebRequest request, IAuthorizationState authorization, CancellationToken cancellationToken) {
 			Requires.NotNull(request, "request");
 			Requires.NotNull(authorization, "authorization");
@@ -132,6 +135,9 @@ namespace DotNetOpenAuth.OAuth2 {
 		/// <param name="requestHeaders">The headers on the request for protected resources from the service provider.</param>
 		/// <param name="authorization">The authorization for this request previously obtained via OAuth.</param>
 		/// <param name="cancellationToken">The cancellation token.</param>
+		/// <returns>
+		/// A task that completes with the asynchronous operation.
+		/// </returns>
 		public async Task AuthorizeRequestAsync(WebHeaderCollection requestHeaders, IAuthorizationState authorization, CancellationToken cancellationToken) {
 			Requires.NotNull(requestHeaders, "requestHeaders");
 			Requires.NotNull(authorization, "authorization");
@@ -334,6 +340,9 @@ namespace DotNetOpenAuth.OAuth2 {
 		/// <param name="authorizationState">The authorization state to update.</param>
 		/// <param name="authorizationSuccess">The authorization success message obtained from the authorization server.</param>
 		/// <param name="cancellationToken">The cancellation token.</param>
+		/// <returns>
+		/// A task that completes with the asynchronous operation.
+		/// </returns>
 		internal async Task UpdateAuthorizationWithResponseAsync(IAuthorizationState authorizationState, EndUserAuthorizationSuccessAuthCodeResponse authorizationSuccess, CancellationToken cancellationToken) {
 			Requires.NotNull(authorizationState, "authorizationState");
 			Requires.NotNull(authorizationSuccess, "authorizationSuccess");
diff --git a/src/DotNetOpenAuth.OpenId.Provider.UI/OpenId/Provider/ProviderEndpoint.cs b/src/DotNetOpenAuth.OpenId.Provider.UI/OpenId/Provider/ProviderEndpoint.cs
index 3213206..65086d7 100644
--- a/src/DotNetOpenAuth.OpenId.Provider.UI/OpenId/Provider/ProviderEndpoint.cs
+++ b/src/DotNetOpenAuth.OpenId.Provider.UI/OpenId/Provider/ProviderEndpoint.cs
@@ -175,8 +175,12 @@ namespace DotNetOpenAuth.OpenId.Provider {
 		}
 
 		/// <summary>
-		/// Sends the response for the <see cref="PendingAuthenticationRequest"/> and clears the property.
+		/// Sends the response for the <see cref="PendingAuthenticationRequest" /> and clears the property.
 		/// </summary>
+		/// <param name="cancellationToken">The cancellation token.</param>
+		/// <returns>
+		/// The response message.
+		/// </returns>
 		public static Task<HttpResponseMessage> PrepareResponseAsync(CancellationToken cancellationToken = default(CancellationToken)) {
 			var pendingRequest = PendingRequest;
 			PendingRequest = null;
diff --git a/src/DotNetOpenAuth.OpenId.Provider/OpenId/Provider/AnonymousRequest.cs b/src/DotNetOpenAuth.OpenId.Provider/OpenId/Provider/AnonymousRequest.cs
index 23d1e3c..ecb8a40 100644
--- a/src/DotNetOpenAuth.OpenId.Provider/OpenId/Provider/AnonymousRequest.cs
+++ b/src/DotNetOpenAuth.OpenId.Provider/OpenId/Provider/AnonymousRequest.cs
@@ -77,8 +77,10 @@ namespace DotNetOpenAuth.OpenId.Provider {
 		}
 
 		/// <summary>
-		/// Gets the response message, once <see cref="IsResponseReady"/> is <c>true</c>.
+		/// Gets the response message, once <see cref="IsResponseReady" /> is <c>true</c>.
 		/// </summary>
+		/// <param name="cancellationToken">The cancellation token.</param>
+		/// <returns>The response message.</returns>
 		protected override async Task<IProtocolMessage> GetResponseMessageAsync(CancellationToken cancellationToken) {
 				if (this.IsApproved.HasValue) {
 					return this.IsApproved.Value ? (IProtocolMessage)this.positiveResponse : (await this.GetNegativeResponseAsync());
diff --git a/src/DotNetOpenAuth.OpenId.Provider/OpenId/Provider/AuthenticationRequest.cs b/src/DotNetOpenAuth.OpenId.Provider/OpenId/Provider/AuthenticationRequest.cs
index 80d8aeb..7d66ff8 100644
--- a/src/DotNetOpenAuth.OpenId.Provider/OpenId/Provider/AuthenticationRequest.cs
+++ b/src/DotNetOpenAuth.OpenId.Provider/OpenId/Provider/AuthenticationRequest.cs
@@ -214,8 +214,10 @@ namespace DotNetOpenAuth.OpenId.Provider {
 		}
 
 		/// <summary>
-		/// Gets the response message, once <see cref="IsResponseReady"/> is <c>true</c>.
+		/// Gets the response message, once <see cref="IsResponseReady" /> is <c>true</c>.
 		/// </summary>
+		/// <param name="cancellationToken">The cancellation token.</param>
+		/// <returns>The response message.</returns>
 		protected override async Task<IProtocolMessage> GetResponseMessageAsync(CancellationToken cancellationToken) {
 			if (this.IsAuthenticated.HasValue) {
 				return this.IsAuthenticated.Value ? (IProtocolMessage)this.positiveResponse : (await this.GetNegativeResponseAsync());
diff --git a/src/DotNetOpenAuth.OpenId.Provider/OpenId/Provider/AutoResponsiveRequest.cs b/src/DotNetOpenAuth.OpenId.Provider/OpenId/Provider/AutoResponsiveRequest.cs
index d9ed053..82b3f2e 100644
--- a/src/DotNetOpenAuth.OpenId.Provider/OpenId/Provider/AutoResponsiveRequest.cs
+++ b/src/DotNetOpenAuth.OpenId.Provider/OpenId/Provider/AutoResponsiveRequest.cs
@@ -64,15 +64,20 @@ namespace DotNetOpenAuth.OpenId.Provider {
 		}
 
 		/// <summary>
-		/// Gets the response message, once <see cref="IsResponseReady"/> is <c>true</c>.
+		/// Gets the response message, once <see cref="IsResponseReady" /> is <c>true</c>.
 		/// </summary>
+		/// <returns>The response message.</returns>
 		internal Task<IProtocolMessage> GetResponseMessageAsyncTestHook() {
 			return this.GetResponseMessageAsync(CancellationToken.None);
 		}
 
 		/// <summary>
-		/// Gets the response message, once <see cref="IsResponseReady"/> is <c>true</c>.
+		/// Gets the response message, once <see cref="IsResponseReady" /> is <c>true</c>.
 		/// </summary>
+		/// <param name="cancellationToken">The cancellation token.</param>
+		/// <returns>
+		/// The response message.
+		/// </returns>
 		protected override Task<IProtocolMessage> GetResponseMessageAsync(CancellationToken cancellationToken) {
 			return Task.FromResult(this.response);
 		}
diff --git a/src/DotNetOpenAuth.OpenId.Provider/OpenId/Provider/Extensions/ExtensionsInteropHelper.cs b/src/DotNetOpenAuth.OpenId.Provider/OpenId/Provider/Extensions/ExtensionsInteropHelper.cs
index a275647..aedf119 100644
--- a/src/DotNetOpenAuth.OpenId.Provider/OpenId/Provider/Extensions/ExtensionsInteropHelper.cs
+++ b/src/DotNetOpenAuth.OpenId.Provider/OpenId/Provider/Extensions/ExtensionsInteropHelper.cs
@@ -77,6 +77,9 @@ namespace DotNetOpenAuth.OpenId.Provider.Extensions {
 		/// </summary>
 		/// <param name="request">The authentication request with the response extensions already added.</param>
 		/// <param name="cancellationToken">The cancellation token.</param>
+		/// <returns>
+		/// A task that completes with the asynchronous operation.
+		/// </returns>
 		/// <remarks>
 		/// If the original attribute request came in as AX, the Simple Registration extension is converted
 		/// to an AX response and then the Simple Registration extension is removed from the response.
diff --git a/src/DotNetOpenAuth.OpenId.Provider/OpenId/Provider/HostProcessedRequest.cs b/src/DotNetOpenAuth.OpenId.Provider/OpenId/Provider/HostProcessedRequest.cs
index 07807d2..c4c2674 100644
--- a/src/DotNetOpenAuth.OpenId.Provider/OpenId/Provider/HostProcessedRequest.cs
+++ b/src/DotNetOpenAuth.OpenId.Provider/OpenId/Provider/HostProcessedRequest.cs
@@ -178,6 +178,7 @@ namespace DotNetOpenAuth.OpenId.Provider {
 		/// <summary>
 		/// Gets the negative response.
 		/// </summary>
+		/// <returns>The negative assertion message.</returns>
 		protected Task<NegativeAssertionResponse> GetNegativeResponseAsync() {
 			return this.negativeResponse.Value;
 		}
diff --git a/src/DotNetOpenAuth.OpenId.Provider/OpenId/Provider/OpenIdProvider.cs b/src/DotNetOpenAuth.OpenId.Provider/OpenId/Provider/OpenIdProvider.cs
index 0495299..3b44e59 100644
--- a/src/DotNetOpenAuth.OpenId.Provider/OpenId/Provider/OpenIdProvider.cs
+++ b/src/DotNetOpenAuth.OpenId.Provider/OpenId/Provider/OpenIdProvider.cs
@@ -176,6 +176,8 @@ namespace DotNetOpenAuth.OpenId.Provider {
 		/// Gets the standard state storage mechanism that uses ASP.NET's
 		/// HttpApplication state dictionary to store associations and nonces.
 		/// </summary>
+		/// <param name="context">The context.</param>
+		/// <returns>The application store.</returns>
 		public static IOpenIdApplicationStore GetHttpApplicationStore(HttpContextBase context = null) {
 			if (context == null) {
 				ErrorUtilities.VerifyOperation(HttpContext.Current != null, Strings.StoreRequiredWhenNoHttpContextAvailable, typeof(IOpenIdApplicationStore).Name);
@@ -421,7 +423,9 @@ namespace DotNetOpenAuth.OpenId.Provider {
 		/// </summary>
 		/// <param name="request">The request.</param>
 		/// <param name="cancellationToken">The cancellation token.</param>
-		/// <returns></returns>
+		/// <returns>
+		/// A task that completes with the asynchronous operation.
+		/// </returns>
 		private async Task ApplyBehaviorsToResponseAsync(IRequest request, CancellationToken cancellationToken) {
 			var authRequest = request as IAuthenticationRequest;
 			if (authRequest != null) {
diff --git a/src/DotNetOpenAuth.OpenId.Provider/OpenId/Provider/Request.cs b/src/DotNetOpenAuth.OpenId.Provider/OpenId/Provider/Request.cs
index cc44338..b937be9 100644
--- a/src/DotNetOpenAuth.OpenId.Provider/OpenId/Provider/Request.cs
+++ b/src/DotNetOpenAuth.OpenId.Provider/OpenId/Provider/Request.cs
@@ -203,9 +203,10 @@ using Validation;
 		}
 
 		/// <summary>
-		/// Gets the response message, once <see cref="IsResponseReady"/> is <c>true</c>.
+		/// Gets the response message, once <see cref="IsResponseReady" /> is <c>true</c>.
 		/// </summary>
 		/// <param name="cancellationToken">The cancellation token.</param>
+		/// <returns>The response message.</returns>
 		protected abstract Task<IProtocolMessage> GetResponseMessageAsync(CancellationToken cancellationToken);
 	}
 }
diff --git a/src/DotNetOpenAuth.OpenId.RelyingParty.UI/OpenId/RelyingParty/OpenIdAjaxRelyingParty.cs b/src/DotNetOpenAuth.OpenId.RelyingParty.UI/OpenId/RelyingParty/OpenIdAjaxRelyingParty.cs
index a08c323..cef5017 100644
--- a/src/DotNetOpenAuth.OpenId.RelyingParty.UI/OpenId/RelyingParty/OpenIdAjaxRelyingParty.cs
+++ b/src/DotNetOpenAuth.OpenId.RelyingParty.UI/OpenId/RelyingParty/OpenIdAjaxRelyingParty.cs
@@ -258,7 +258,10 @@ namespace DotNetOpenAuth.OpenId.RelyingParty {
 		/// <param name="request">The authentication request.</param>
 		/// <param name="immediate"><c>true</c>to create a checkid_immediate request;
 		/// <c>false</c> to create a checkid_setup request.</param>
-		/// <returns>The absolute URL that carries the entire OpenID message.</returns>
+		/// <param name="cancellationToken">The cancellation token.</param>
+		/// <returns>
+		/// The absolute URL that carries the entire OpenID message.
+		/// </returns>
 		private async Task<Uri> GetRedirectUrlAsync(IAuthenticationRequest request, bool immediate, CancellationToken cancellationToken) {
 			Requires.NotNull(request, "request");
 
diff --git a/src/DotNetOpenAuth.OpenId.RelyingParty.UI/OpenId/RelyingParty/OpenIdRelyingPartyAjaxControlBase.cs b/src/DotNetOpenAuth.OpenId.RelyingParty.UI/OpenId/RelyingParty/OpenIdRelyingPartyAjaxControlBase.cs
index 56b354e..9ad53b8 100644
--- a/src/DotNetOpenAuth.OpenId.RelyingParty.UI/OpenId/RelyingParty/OpenIdRelyingPartyAjaxControlBase.cs
+++ b/src/DotNetOpenAuth.OpenId.RelyingParty.UI/OpenId/RelyingParty/OpenIdRelyingPartyAjaxControlBase.cs
@@ -195,6 +195,7 @@ namespace DotNetOpenAuth.OpenId.RelyingParty {
 		/// Gets the completed authentication response.
 		/// </summary>
 		/// <param name="cancellationToken">The cancellation token.</param>
+		/// <returns>The response message.</returns>
 		public async Task<IAuthenticationResponse> GetAuthenticationResponseAsync(CancellationToken cancellationToken) {
 			if (this.authenticationResponse == null) {
 				// We will either validate a new response and return a live AuthenticationResponse
@@ -312,7 +313,9 @@ namespace DotNetOpenAuth.OpenId.RelyingParty {
 		/// </summary>
 		/// <param name="identifier">The identifier.</param>
 		/// <param name="cancellationToken">The cancellation token.</param>
-		/// <returns></returns>
+		/// <returns>
+		/// A task that completes with the asynchronous operation.
+		/// </returns>
 		protected Task PreloadDiscoveryAsync(Identifier identifier, CancellationToken cancellationToken) {
 			return this.PreloadDiscoveryAsync(new[] { identifier }, cancellationToken);
 		}
@@ -323,7 +326,9 @@ namespace DotNetOpenAuth.OpenId.RelyingParty {
 		/// </summary>
 		/// <param name="identifiers">The identifiers to perform discovery on.</param>
 		/// <param name="cancellationToken">The cancellation token.</param>
-		/// <returns></returns>
+		/// <returns>
+		/// A task that completes with the asynchronous operation.
+		/// </returns>
 		protected async Task PreloadDiscoveryAsync(IEnumerable<Identifier> identifiers, CancellationToken cancellationToken) {
 			var requests = await Task.WhenAll(identifiers.Select(id => this.CreateRequestsAsync(id, cancellationToken)));
 			string script = await this.AjaxRelyingParty.AsAjaxPreloadedDiscoveryResultAsync(requests.SelectMany(r => r), cancellationToken);
@@ -426,6 +431,9 @@ namespace DotNetOpenAuth.OpenId.RelyingParty {
 		/// Notifies the user agent via an AJAX response of a completed authentication attempt.
 		/// </summary>
 		/// <param name="cancellationToken">The cancellation token.</param>
+		/// <returns>
+		/// A task that completes with the asynchronous operation.
+		/// </returns>
 		protected override async Task ScriptClosingPopupOrIFrameAsync(CancellationToken cancellationToken) {
 			Action<AuthenticationStatus> callback = status => {
 				if (status == AuthenticationStatus.Authenticated) {
diff --git a/src/DotNetOpenAuth.OpenId.RelyingParty.UI/OpenId/RelyingParty/OpenIdRelyingPartyControlBase.cs b/src/DotNetOpenAuth.OpenId.RelyingParty.UI/OpenId/RelyingParty/OpenIdRelyingPartyControlBase.cs
index f527cee..6026d1a 100644
--- a/src/DotNetOpenAuth.OpenId.RelyingParty.UI/OpenId/RelyingParty/OpenIdRelyingPartyControlBase.cs
+++ b/src/DotNetOpenAuth.OpenId.RelyingParty.UI/OpenId/RelyingParty/OpenIdRelyingPartyControlBase.cs
@@ -514,7 +514,9 @@ namespace DotNetOpenAuth.OpenId.RelyingParty {
 		/// provided in the text box.
 		/// </summary>
 		/// <param name="cancellationToken">The cancellation token.</param>
-		/// <returns></returns>
+		/// <returns>
+		/// A task that completes with the asynchronous operation.
+		/// </returns>
 		public async Task LogOnAsync(CancellationToken cancellationToken) {
 			IAuthenticationRequest request = (await this.CreateRequestsAsync(cancellationToken)).FirstOrDefault();
 			ErrorUtilities.VerifyProtocol(request != null, OpenIdStrings.OpenIdEndpointNotFound);
diff --git a/src/DotNetOpenAuth.OpenId.RelyingParty/OpenId/RelyingParty/AuthenticationRequest.cs b/src/DotNetOpenAuth.OpenId.RelyingParty/OpenId/RelyingParty/AuthenticationRequest.cs
index a26b49e..6298f9c 100644
--- a/src/DotNetOpenAuth.OpenId.RelyingParty/OpenId/RelyingParty/AuthenticationRequest.cs
+++ b/src/DotNetOpenAuth.OpenId.RelyingParty/OpenId/RelyingParty/AuthenticationRequest.cs
@@ -189,6 +189,9 @@ namespace DotNetOpenAuth.OpenId.RelyingParty {
 		/// to redirect it to the OpenID Provider to start the OpenID authentication process.
 		/// </summary>
 		/// <param name="cancellationToken">The cancellation token.</param>
+		/// <returns>
+		/// The response message that will cause the client to redirect to the Provider.
+		/// </returns>
 		public async Task<HttpResponseMessage> GetRedirectingResponseAsync(CancellationToken cancellationToken) {
 			foreach (var behavior in this.RelyingParty.Behaviors) {
 				behavior.OnOutgoingAuthenticationRequest(this);
diff --git a/src/DotNetOpenAuth.OpenId.RelyingParty/OpenId/RelyingParty/ISetupRequiredAuthenticationResponse.cs b/src/DotNetOpenAuth.OpenId.RelyingParty/OpenId/RelyingParty/ISetupRequiredAuthenticationResponse.cs
index 4fc459f..af36a00 100644
--- a/src/DotNetOpenAuth.OpenId.RelyingParty/OpenId/RelyingParty/ISetupRequiredAuthenticationResponse.cs
+++ b/src/DotNetOpenAuth.OpenId.RelyingParty/OpenId/RelyingParty/ISetupRequiredAuthenticationResponse.cs
@@ -6,6 +6,7 @@
 
 namespace DotNetOpenAuth.OpenId.RelyingParty {
 	using System;
+	using System.Threading;
 
 	/// <summary>
 	/// An interface to expose useful properties and functionality for handling
@@ -14,7 +15,7 @@ namespace DotNetOpenAuth.OpenId.RelyingParty {
 	/// </summary>
 	public interface ISetupRequiredAuthenticationResponse {
 		/// <summary>
-		/// Gets the <see cref="Identifier"/> to pass to <see cref="OpenIdRelyingParty.CreateRequest(Identifier)"/>
+		/// Gets the <see cref="Identifier"/> to pass to <see cref="OpenIdRelyingParty.CreateRequestAsync(Identifier, HttpRequestBase, CancellationToken)"/>
 		/// in a subsequent authentication attempt.
 		/// </summary>
 		Identifier UserSuppliedIdentifier { get; }
diff --git a/src/DotNetOpenAuth.OpenId.RelyingParty/OpenId/RelyingParty/NegativeAuthenticationResponse.cs b/src/DotNetOpenAuth.OpenId.RelyingParty/OpenId/RelyingParty/NegativeAuthenticationResponse.cs
index bf52060..79fc5de 100644
--- a/src/DotNetOpenAuth.OpenId.RelyingParty/OpenId/RelyingParty/NegativeAuthenticationResponse.cs
+++ b/src/DotNetOpenAuth.OpenId.RelyingParty/OpenId/RelyingParty/NegativeAuthenticationResponse.cs
@@ -8,6 +8,7 @@ namespace DotNetOpenAuth.OpenId.RelyingParty {
 	using System;
 	using System.Collections.Generic;
 	using System.Linq;
+	using System.Threading.Tasks;
 	using System.Web;
 	using DotNetOpenAuth.Messaging;
 	using DotNetOpenAuth.OpenId.Messages;
@@ -126,10 +127,9 @@ namespace DotNetOpenAuth.OpenId.RelyingParty {
 		#region ISetupRequiredAuthenticationResponse Members
 
 		/// <summary>
-		/// Gets the <see cref="Identifier"/> to pass to <see cref="OpenIdRelyingParty.CreateRequest(Identifier)"/>
+		/// Gets the <see cref="Identifier"/> to pass to <see cref="OpenIdRelyingParty.CreateRequestAsync(Identifier, HttpRequestBase, CancellationToken)"/>
 		/// in a subsequent authentication attempt.
 		/// </summary>
-		/// <value></value>
 		public Identifier UserSuppliedIdentifier {
 			get {
 				ErrorUtilities.VerifyOperation(((IAuthenticationResponse)this).Status == AuthenticationStatus.SetupRequired, OpenIdStrings.OperationOnlyValidForSetupRequiredState);
diff --git a/src/DotNetOpenAuth.OpenId.RelyingParty/OpenId/RelyingParty/OpenIdRelyingParty.cs b/src/DotNetOpenAuth.OpenId.RelyingParty/OpenId/RelyingParty/OpenIdRelyingParty.cs
index b190ce3..db23cdb 100644
--- a/src/DotNetOpenAuth.OpenId.RelyingParty/OpenId/RelyingParty/OpenIdRelyingParty.cs
+++ b/src/DotNetOpenAuth.OpenId.RelyingParty/OpenId/RelyingParty/OpenIdRelyingParty.cs
@@ -415,7 +415,7 @@ namespace DotNetOpenAuth.OpenId.RelyingParty {
 		///   <para>Any individual generated request can satisfy the authentication.
 		/// The generated requests are sorted in preferred order.
 		/// Each request is generated as it is enumerated to.  Associations are created only as
-		///   <see cref="IAuthenticationRequest.RedirectingResponse" /> is called.</para>
+		///   <see cref="IAuthenticationRequest.GetRedirectingResponseAsync" /> is called.</para>
 		///   <para>No exception is thrown if no OpenID endpoints were discovered.
 		/// An empty enumerable is returned instead.</para>
 		/// </remarks>
@@ -446,7 +446,7 @@ namespace DotNetOpenAuth.OpenId.RelyingParty {
 		///   <para>Any individual generated request can satisfy the authentication.
 		/// The generated requests are sorted in preferred order.
 		/// Each request is generated as it is enumerated to.  Associations are created only as
-		///   <see cref="IAuthenticationRequest.RedirectingResponse" /> is called.</para>
+		///   <see cref="IAuthenticationRequest.GetRedirectingResponseAsync" /> is called.</para>
 		///   <para>No exception is thrown if no OpenID endpoints were discovered.
 		/// An empty enumerable is returned instead.</para>
 		///   <para>Requires an <see cref="HttpContext.Current">HttpContext.Current</see> context.</para>
diff --git a/src/DotNetOpenAuth.OpenId.RelyingParty/OpenId/RelyingParty/PositiveAuthenticationResponse.cs b/src/DotNetOpenAuth.OpenId.RelyingParty/OpenId/RelyingParty/PositiveAuthenticationResponse.cs
index f05abaa..d73d45f 100644
--- a/src/DotNetOpenAuth.OpenId.RelyingParty/OpenId/RelyingParty/PositiveAuthenticationResponse.cs
+++ b/src/DotNetOpenAuth.OpenId.RelyingParty/OpenId/RelyingParty/PositiveAuthenticationResponse.cs
@@ -135,12 +135,14 @@ namespace DotNetOpenAuth.OpenId.RelyingParty {
 		/// discovery on the Claimed Identifier.
 		/// </summary>
 		/// <param name="relyingParty">The relying party.</param>
-		/// <exception cref="ProtocolException">
-		/// Thrown when the Provider is asserting that a user controls an Identifier
+		/// <param name="cancellationToken">The cancellation token.</param>
+		/// <returns>
+		/// A task that completes with the asynchronous operation.
+		/// </returns>
+		/// <exception cref="ProtocolException">Thrown when the Provider is asserting that a user controls an Identifier
 		/// when discovery on that Identifier contradicts what the Provider says.
 		/// This would be an indication of either a misconfigured Provider or
-		/// an attempt by someone to spoof another user's identity with a rogue Provider.
-		/// </exception>
+		/// an attempt by someone to spoof another user's identity with a rogue Provider.</exception>
 		private async Task VerifyDiscoveryMatchesAssertionAsync(OpenIdRelyingParty relyingParty, CancellationToken cancellationToken) {
 			Logger.OpenId.Debug("Verifying assertion matches identifier discovery results...");
 
diff --git a/src/DotNetOpenAuth.OpenId/OpenId/ChannelElements/OpenIdChannel.cs b/src/DotNetOpenAuth.OpenId/OpenId/ChannelElements/OpenIdChannel.cs
index 0c93478..3b650fc 100644
--- a/src/DotNetOpenAuth.OpenId/OpenId/ChannelElements/OpenIdChannel.cs
+++ b/src/DotNetOpenAuth.OpenId/OpenId/ChannelElements/OpenIdChannel.cs
@@ -83,6 +83,9 @@ namespace DotNetOpenAuth.OpenId.ChannelElements {
 		/// </summary>
 		/// <param name="message">The message just received.</param>
 		/// <param name="cancellationToken">The cancellation token.</param>
+		/// <returns>
+		/// A task that completes with the asynchronous operation.
+		/// </returns>
 		/// <exception cref="ProtocolException">Thrown when the message is somehow invalid, except for check_authentication messages.
 		/// This can be due to tampering, replay attack or expiration, among other things.</exception>
 		protected override async Task ProcessIncomingMessageAsync(IProtocolMessage message, CancellationToken cancellationToken) {
diff --git a/src/DotNetOpenAuth.OpenId/OpenId/Messages/NegativeAssertionResponse.cs b/src/DotNetOpenAuth.OpenId/OpenId/Messages/NegativeAssertionResponse.cs
index ccb6a27..469c7ca 100644
--- a/src/DotNetOpenAuth.OpenId/OpenId/Messages/NegativeAssertionResponse.cs
+++ b/src/DotNetOpenAuth.OpenId/OpenId/Messages/NegativeAssertionResponse.cs
@@ -99,6 +99,7 @@ namespace DotNetOpenAuth.OpenId.Messages {
 		/// <param name="request">The request that the relying party sent.</param>
 		/// <param name="cancellationToken">The cancellation token.</param>
 		/// <param name="channel">The channel to use to simulate construction of the user_setup_url, if applicable.  May be null, but the user_setup_url will not be constructed.</param>
+		/// <returns>The negative assertion message that will indicate failure for the user to authenticate or an unwillingness to log into the relying party.</returns>
 		internal static async Task<NegativeAssertionResponse> CreateAsync(SignedResponseRequest request, CancellationToken cancellationToken, Channel channel = null) {
 			var result = new NegativeAssertionResponse(request);
 
diff --git a/src/DotNetOpenAuth.OpenId/OpenId/RelyingParty/IAuthenticationRequest.cs b/src/DotNetOpenAuth.OpenId/OpenId/RelyingParty/IAuthenticationRequest.cs
index 34a2595..10b0730 100644
--- a/src/DotNetOpenAuth.OpenId/OpenId/RelyingParty/IAuthenticationRequest.cs
+++ b/src/DotNetOpenAuth.OpenId/OpenId/RelyingParty/IAuthenticationRequest.cs
@@ -170,9 +170,11 @@ namespace DotNetOpenAuth.OpenId.RelyingParty {
 		void AddExtension(IOpenIdMessageExtension extension);
 
 		/// <summary>
-		/// Gets the HTTP response the relying party should send to the user agent 
+		/// Gets the HTTP response the relying party should send to the user agent
 		/// to redirect it to the OpenID Provider to start the OpenID authentication process.
 		/// </summary>
+		/// <param name="cancellationToken">The cancellation token.</param>
+		/// <returns>The response message that will cause the client to redirect to the Provider.</returns>
 		Task<HttpResponseMessage> GetRedirectingResponseAsync(CancellationToken cancellationToken);
 	}
 }
diff --git a/src/DotNetOpenAuth.OpenId/OpenId/UriDiscoveryService.cs b/src/DotNetOpenAuth.OpenId/OpenId/UriDiscoveryService.cs
index c5b7bb6..7cb2a9a 100644
--- a/src/DotNetOpenAuth.OpenId/OpenId/UriDiscoveryService.cs
+++ b/src/DotNetOpenAuth.OpenId/OpenId/UriDiscoveryService.cs
@@ -32,6 +32,12 @@ namespace DotNetOpenAuth.OpenId {
 		public UriDiscoveryService() {
 		}
 
+		/// <summary>
+		/// Gets or sets the host factories used by this instance.
+		/// </summary>
+		/// <value>
+		/// The host factories.
+		/// </value>
 		public IHostFactories HostFactories { get; set; }
 
 		#region IIdentifierDiscoveryService Members
@@ -40,8 +46,7 @@ namespace DotNetOpenAuth.OpenId {
 		/// Performs discovery on the specified identifier.
 		/// </summary>
 		/// <param name="identifier">The identifier to perform discovery on.</param>
-		/// <param name="requestHandler">The means to place outgoing HTTP requests.</param>
-		/// <param name="abortDiscoveryChain">if set to <c>true</c>, no further discovery services will be called for this identifier.</param>
+		/// <param name="cancellationToken">The cancellation token.</param>
 		/// <returns>
 		/// A sequence of service endpoints yielded by discovery.  Must not be null, but may be empty.
 		/// </returns>
diff --git a/src/DotNetOpenAuth.OpenId/OpenId/XriDiscoveryProxyService.cs b/src/DotNetOpenAuth.OpenId/OpenId/XriDiscoveryProxyService.cs
index e13b027..a04f568 100644
--- a/src/DotNetOpenAuth.OpenId/OpenId/XriDiscoveryProxyService.cs
+++ b/src/DotNetOpenAuth.OpenId/OpenId/XriDiscoveryProxyService.cs
@@ -78,8 +78,11 @@ namespace DotNetOpenAuth.OpenId {
 		/// Downloads the XRDS document for this XRI.
 		/// </summary>
 		/// <param name="identifier">The identifier.</param>
-		/// <param name="requestHandler">The request handler.</param>
-		/// <returns>The XRDS document.</returns>
+		/// <param name="hostFactories">The host factories.</param>
+		/// <param name="cancellationToken">The cancellation token.</param>
+		/// <returns>
+		/// The XRDS document.
+		/// </returns>
 		private static async Task<XrdsDocument> DownloadXrdsAsync(XriIdentifier identifier, IHostFactories hostFactories, CancellationToken cancellationToken) {
 			Requires.NotNull(identifier, "identifier");
 			Requires.NotNull(hostFactories, "hostFactories");
diff --git a/src/DotNetOpenAuth.OpenId/Yadis/DiscoveryResult.cs b/src/DotNetOpenAuth.OpenId/Yadis/DiscoveryResult.cs
index c993acd..c56a170 100644
--- a/src/DotNetOpenAuth.OpenId/Yadis/DiscoveryResult.cs
+++ b/src/DotNetOpenAuth.OpenId/Yadis/DiscoveryResult.cs
@@ -94,6 +94,9 @@ namespace DotNetOpenAuth.Yadis {
 		/// <summary>
 		/// Reverts to the HTML response after the XRDS response didn't work out.
 		/// </summary>
+		/// <returns>
+		/// A task that completes with the asynchronous operation.
+		/// </returns>
 		internal async Task TryRevertToHtmlResponseAsync() {
 			if (this.htmlFallback != null) {
 				await this.ApplyHtmlResponseAsync(this.htmlFallback);
@@ -105,6 +108,9 @@ namespace DotNetOpenAuth.Yadis {
 		/// Applies the HTML response to the object.
 		/// </summary>
 		/// <param name="response">The initial response.</param>
+		/// <returns>
+		/// A task that completes with the asynchronous operation.
+		/// </returns>
 		private async Task ApplyHtmlResponseAsync(HttpResponseMessage response) {
 			Requires.NotNull(response, "response");