Fixed formulation of the HTTP Authorization header.

6 files changed, 16 insertions, 105 deletions

diff --git a/src/DotNetOpenAuth/DotNetOpenAuth.csproj b/src/DotNetOpenAuth/DotNetOpenAuth.csproj
index 4d86797..c32eda4 100644
--- a/src/DotNetOpenAuth/DotNetOpenAuth.csproj
+++ b/src/DotNetOpenAuth/DotNetOpenAuth.csproj
@@ -613,7 +613,6 @@ http://opensource.org/licenses/ms-pl.html
     <Compile Include="Reporting.cs" />
     <Compile Include="OAuthWrap\ChannelElements\OAuthWrapChannel.cs" />
     <Compile Include="OAuthWrap\ChannelElements\OAuthWrapMessageFactory.cs" />
-    <Compile Include="OAuthWrap\ChannelElements\UriOrOutOfBandEncoding.cs" />
     <Compile Include="OAuthWrap\ClientBase.cs" />
     <Compile Include="OAuthWrap\Messages\WebApp\WebAppInitialAccessTokenSuccessResponse.cs" />
     <Compile Include="OAuthWrap\Messages\MessageBase.cs" />
diff --git a/src/DotNetOpenAuth/OAuthWrap/AuthorizationServerDescription.cs b/src/DotNetOpenAuth/OAuthWrap/AuthorizationServerDescription.cs
index 5e7c361..c04cec0 100644
--- a/src/DotNetOpenAuth/OAuthWrap/AuthorizationServerDescription.cs
+++ b/src/DotNetOpenAuth/OAuthWrap/AuthorizationServerDescription.cs
@@ -54,7 +54,7 @@ namespace DotNetOpenAuth.OAuthWrap {
 		public ProtocolVersion ProtocolVersion { get; set; }
 
 		/// <summary>
-		/// Gets or sets the version of the OAuth WRAP protocol to use with this Authorization Server.
+		/// Gets the version of the OAuth WRAP protocol to use with this Authorization Server.
 		/// </summary>
 		/// <value>The version.</value>
 		internal Version Version {
diff --git a/src/DotNetOpenAuth/OAuthWrap/ChannelElements/UriOrOutOfBandEncoding.cs b/src/DotNetOpenAuth/OAuthWrap/ChannelElements/UriOrOutOfBandEncoding.cs
deleted file mode 100644
index 2917cba..0000000
--- a/src/DotNetOpenAuth/OAuthWrap/ChannelElements/UriOrOutOfBandEncoding.cs
+++ /dev/null
@@ -1,83 +0,0 @@
-//-----------------------------------------------------------------------
-// <copyright file="UriOrOutOfBandEncoding.cs" company="Andrew Arnott">
-//     Copyright (c) Andrew Arnott. All rights reserved.
-// </copyright>
-//-----------------------------------------------------------------------
-
-namespace DotNetOpenAuth.OAuthWrap.ChannelElements {
-	using System;
-	using System.Collections.Generic;
-	using System.Linq;
-	using System.Text;
-	using DotNetOpenAuth.Messaging;
-	using DotNetOpenAuth.Messaging.Reflection;
-
-	/// <summary>
-	/// An URI encoder that translates null <see cref="Uri"/> references as "out_of_band" 
-	/// instead of an empty/missing argument.
-	/// </summary>
-	/// <remarks>
-	/// This class is functionality equivalent to the <see cref="DotNetOpenAuth.OAuth.ChannelElements.UriOrOobEncoding"/>
-	/// encoding element, except that instead of using "oob" for null Uri values,
-	/// "out_of_band" is used.
-	/// </remarks>
-	internal class UriOrOutOfBandEncoding : IMessagePartNullEncoder {
-		/// <summary>
-		/// The string constant "oob", used to indicate an out-of-band configuration.
-		/// </summary>
-		private const string OutOfBandConfiguration = "out_of_band";
-
-		/// <summary>
-		/// Initializes a new instance of the <see cref="UriOrOutOfBandEncoding"/> class.
-		/// </summary>
-		public UriOrOutOfBandEncoding() {
-		}
-
-		#region IMessagePartNullEncoder Members
-
-		/// <summary>
-		/// Gets the string representation to include in a serialized message
-		/// when the message part has a <c>null</c> value.
-		/// </summary>
-		/// <value></value>
-		public string EncodedNullValue {
-			get { return OutOfBandConfiguration; }
-		}
-
-		#endregion
-
-		#region IMessagePartEncoder Members
-
-		/// <summary>
-		/// Encodes the specified value.
-		/// </summary>
-		/// <param name="value">The value.  Guaranteed to never be null.</param>
-		/// <returns>
-		/// The <paramref name="value"/> in string form, ready for message transport.
-		/// </returns>
-		public string Encode(object value) {
-			ErrorUtilities.VerifyArgumentNotNull(value, "value");
-
-			Uri uriValue = (Uri)value;
-			return uriValue.AbsoluteUri;
-		}
-
-		/// <summary>
-		/// Decodes the specified value.
-		/// </summary>
-		/// <param name="value">The string value carried by the transport.  Guaranteed to never be null, although it may be empty.</param>
-		/// <returns>
-		/// The deserialized form of the given string.
-		/// </returns>
-		/// <exception cref="FormatException">Thrown when the string value given cannot be decoded into the required object type.</exception>
-		public object Decode(string value) {
-			if (string.Equals(value, OutOfBandConfiguration, StringComparison.Ordinal)) {
-				return null;
-			} else {
-				return new Uri(value, UriKind.Absolute);
-			}
-		}
-
-		#endregion
-	}
-}
diff --git a/src/DotNetOpenAuth/OAuthWrap/ClientBase.cs b/src/DotNetOpenAuth/OAuthWrap/ClientBase.cs
index 5fbbef2..bec86c6 100644
--- a/src/DotNetOpenAuth/OAuthWrap/ClientBase.cs
+++ b/src/DotNetOpenAuth/OAuthWrap/ClientBase.cs
@@ -7,6 +7,8 @@
 namespace DotNetOpenAuth.OAuthWrap {
 	using System;
 	using System.Collections.Generic;
+	using System.Diagnostics.Contracts;
+	using System.Globalization;
 	using System.Linq;
 	using System.Net;
 	using System.Text;
@@ -21,27 +23,11 @@ namespace DotNetOpenAuth.OAuthWrap {
 		/// </summary>
 		/// <param name="authorizationServer">The token issuer.</param>
 		protected ClientBase(AuthorizationServerDescription authorizationServer) {
-			ErrorUtilities.VerifyArgumentNotNull(authorizationServer, "authorizationServer");
+			Contract.Requires<ArgumentNullException>(authorizationServer != null);
 			this.AuthorizationServer = authorizationServer;
 		}
 
 		/// <summary>
-		/// Initializes a new instance of the <see cref="ClientBase"/> class.
-		/// </summary>
-		/// <param name="authorizationServer">The token issuer endpoint.</param>
-		protected ClientBase(Uri authorizationServer)
-			: this(new AuthorizationServerDescription(authorizationServer)) {
-		}
-
-		/// <summary>
-		/// Initializes a new instance of the <see cref="ClientBase"/> class.
-		/// </summary>
-		/// <param name="authorizationServer">The token issuer endpoint.</param>
-		protected ClientBase(string authorizationServer)
-			: this(new Uri(authorizationServer)) {
-		}
-
-		/// <summary>
 		/// Gets the token issuer.
 		/// </summary>
 		/// <value>The token issuer.</value>
@@ -60,8 +46,12 @@ namespace DotNetOpenAuth.OAuthWrap {
 		/// <param name="request">The request for protected resources from the service provider.</param>
 		/// <param name="accessToken">The access token previously obtained from the Authorization Server.</param>
 		public static void AuthorizeRequest(HttpWebRequest request, string accessToken) {
-			ErrorUtilities.VerifyArgumentNotNull(request, "request");
-			request.Headers[HttpRequestHeader.Authorization] = Protocol.HttpAuthorizationScheme + " " + accessToken;
+			Contract.Requires<ArgumentNullException>(request != null);
+			Contract.Requires<ArgumentException>(!string.IsNullOrEmpty(accessToken));
+			request.Headers[HttpRequestHeader.Authorization] = string.Format(
+				CultureInfo.InvariantCulture,
+				Protocol.HttpAuthorizationHeaderFormat,
+				accessToken);
 		}
 	}
 }
diff --git a/src/DotNetOpenAuth/OAuthWrap/Protocol.cs b/src/DotNetOpenAuth/OAuthWrap/Protocol.cs
index aa8c19b..b8e3962 100644
--- a/src/DotNetOpenAuth/OAuthWrap/Protocol.cs
+++ b/src/DotNetOpenAuth/OAuthWrap/Protocol.cs
@@ -29,6 +29,11 @@ namespace DotNetOpenAuth.OAuthWrap {
 		internal const string HttpAuthorizationScheme = "WRAP";
 
 		/// <summary>
+		/// The format of the HTTP Authorization header value that authorizes OAuth WRAP requests.
+		/// </summary>
+		internal const string HttpAuthorizationHeaderFormat = "WRAP access_token=\"{0}\"";
+
+		/// <summary>
 		/// The "wrap_client_state" string.
 		/// </summary>
 		internal const string wrap_client_state = "wrap_client_state";
diff --git a/src/DotNetOpenAuth/OAuthWrap/WebAppClient.cs b/src/DotNetOpenAuth/OAuthWrap/WebAppClient.cs
index ffa2d80..a21b587 100644
--- a/src/DotNetOpenAuth/OAuthWrap/WebAppClient.cs
+++ b/src/DotNetOpenAuth/OAuthWrap/WebAppClient.cs
@@ -80,7 +80,7 @@ namespace DotNetOpenAuth.OAuthWrap {
 		}
 
 		public IDirectedProtocolMessage ProcessUserAuthorization(HttpRequestInfo request) {
-			ErrorUtilities.VerifyArgumentNotNull(request, "request");
+			Contract.Requires<ArgumentNullException>(request != null);
 			IDirectedProtocolMessage message = this.Channel.ReadFromRequest();
 			if (message != null) {
 				ErrorUtilities.VerifyProtocol(