Merge branch 'master' into splitDlls

12 files changed, 46 insertions, 14 deletions

diff --git a/samples/DotNetOpenAuth.ApplicationBlock/GoogleConsumer.cs b/samples/DotNetOpenAuth.ApplicationBlock/GoogleConsumer.cs
index 19f1c2b..7be629e 100644
--- a/samples/DotNetOpenAuth.ApplicationBlock/GoogleConsumer.cs
+++ b/samples/DotNetOpenAuth.ApplicationBlock/GoogleConsumer.cs
@@ -182,7 +182,7 @@ namespace DotNetOpenAuth.ApplicationBlock {
 			};
 			Uri callback = Util.GetCallbackUrlFromContext();
 			var request = consumer.PrepareRequestUserAuthorization(callback, extraParameters, null);
-			consumer.Channel.Respond(request);
+			consumer.Channel.Send(request);
 		}
 
 		/// <summary>
diff --git a/samples/OAuthClient/SignInWithTwitter.aspx.cs b/samples/OAuthClient/SignInWithTwitter.aspx.cs
index 4268c7f..04b302c 100644
--- a/samples/OAuthClient/SignInWithTwitter.aspx.cs
+++ b/samples/OAuthClient/SignInWithTwitter.aspx.cs
@@ -33,7 +33,7 @@
 		}
 
 		protected void signInButton_Click(object sender, ImageClickEventArgs e) {
-			TwitterConsumer.StartSignInWithTwitter(this.forceLoginCheckbox.Checked).Respond();
+			TwitterConsumer.StartSignInWithTwitter(this.forceLoginCheckbox.Checked).Send();
 		}
 	}
 }
\ No newline at end of file
diff --git a/samples/OAuthClient/Twitter.aspx.cs b/samples/OAuthClient/Twitter.aspx.cs
index 03824a8..9c0cb9a 100644
--- a/samples/OAuthClient/Twitter.aspx.cs
+++ b/samples/OAuthClient/Twitter.aspx.cs
@@ -47,7 +47,7 @@
 						this.AccessToken = accessTokenResponse.AccessToken;
 					} else if (this.AccessToken == null) {
 						// If we don't yet have access, immediately request it.
-						twitter.Channel.Respond(twitter.PrepareRequestUserAuthorization());
+						twitter.Channel.Send(twitter.PrepareRequestUserAuthorization());
 					}
 				}
 			}
diff --git a/samples/OpenIdProviderWebForms/Default.aspx.cs b/samples/OpenIdProviderWebForms/Default.aspx.cs
index 81e15a5..4843639 100644
--- a/samples/OpenIdProviderWebForms/Default.aspx.cs
+++ b/samples/OpenIdProviderWebForms/Default.aspx.cs
@@ -37,7 +37,7 @@
 			try {
 				// Send user input through identifier parser so we accept more free-form input.
 				string rpSite = Identifier.Parse(relyingPartyRealm);
-				op.PrepareUnsolicitedAssertion(providerEndpoint, rpSite, Util.BuildIdentityUrl(), Util.BuildIdentityUrl()).Respond();
+				op.PrepareUnsolicitedAssertion(providerEndpoint, rpSite, Util.BuildIdentityUrl(), Util.BuildIdentityUrl()).Send();
 			} catch (ProtocolException ex) {
 				Label errorLabel = (Label)this.loginView.FindControl("errorLabel");
 				errorLabel.Visible = true;
diff --git a/src/DotNetOpenAuth.Messaging/Messaging/Channel.cs b/src/DotNetOpenAuth.Messaging/Messaging/Channel.cs
index 7f83612..f017214 100644
--- a/src/DotNetOpenAuth.Messaging/Messaging/Channel.cs
+++ b/src/DotNetOpenAuth.Messaging/Messaging/Channel.cs
@@ -298,7 +298,7 @@ namespace DotNetOpenAuth.Messaging {
 		/// <remarks>
 		/// Requires an HttpContext.Current context.
 		/// </remarks>
-		[EditorBrowsable(EditorBrowsableState.Never), Obsolete("Use the Respond method instead, and prepare for execution to continue on this page beyond the call to Respond.")]
+		[EditorBrowsable(EditorBrowsableState.Never)]
 		public void Send(IProtocolMessage message) {
 			Requires.ValidState(HttpContext.Current != null, MessagingStrings.CurrentHttpContextRequired);
 			Requires.NotNull(message, "message");
@@ -309,10 +309,14 @@ namespace DotNetOpenAuth.Messaging {
 		/// Sends an indirect message (either a request or response) 
 		/// or direct message response for transmission to a remote party
 		/// and skips most of the remaining ASP.NET request handling pipeline.
+		/// Not safe to call from ASP.NET web forms.
 		/// </summary>
 		/// <param name="message">The one-way message to send</param>
 		/// <remarks>
 		/// Requires an HttpContext.Current context.
+		/// This call is not safe to make from an ASP.NET web form (.aspx file or code-behind) because
+		/// ASP.NET will render HTML after the protocol message has been sent, which will corrupt the response.
+		/// Use the <see cref="Send"/> method instead for web forms.
 		/// </remarks>
 		public void Respond(IProtocolMessage message) {
 			Requires.ValidState(HttpContext.Current != null, MessagingStrings.CurrentHttpContextRequired);
diff --git a/src/DotNetOpenAuth.Messaging/Messaging/OutgoingWebResponse.cs b/src/DotNetOpenAuth.Messaging/Messaging/OutgoingWebResponse.cs
index b48ab5e..59c0be7 100644
--- a/src/DotNetOpenAuth.Messaging/Messaging/OutgoingWebResponse.cs
+++ b/src/DotNetOpenAuth.Messaging/Messaging/OutgoingWebResponse.cs
@@ -126,7 +126,7 @@ namespace DotNetOpenAuth.Messaging {
 		/// <remarks>
 		/// Requires a current HttpContext.
 		/// </remarks>
-		[EditorBrowsable(EditorBrowsableState.Never), Obsolete("Use the Respond method instead, and prepare for execution to continue on this page beyond the call to Respond.")]
+		[EditorBrowsable(EditorBrowsableState.Never)]
 		public virtual void Send() {
 			Requires.ValidState(HttpContext.Current != null && HttpContext.Current.Request != null, MessagingStrings.HttpContextRequired);
 
@@ -140,7 +140,7 @@ namespace DotNetOpenAuth.Messaging {
 		/// <param name="context">The context of the HTTP request whose response should be set.
 		/// Typically this is <see cref="HttpContext.Current"/>.</param>
 		/// <exception cref="ThreadAbortException">Typically thrown by ASP.NET in order to prevent additional data from the page being sent to the client and corrupting the response.</exception>
-		[EditorBrowsable(EditorBrowsableState.Never), Obsolete("Use the Respond method instead, and prepare for execution to continue on this page beyond the call to Respond.")]
+		[EditorBrowsable(EditorBrowsableState.Never)]
 		public virtual void Send(HttpContext context) {
 			this.Respond(context, true);
 		}
@@ -149,9 +149,13 @@ namespace DotNetOpenAuth.Messaging {
 		/// Automatically sends the appropriate response to the user agent
 		/// and signals ASP.NET to short-circuit the page execution pipeline
 		/// now that the response has been completed.
+		/// Not safe to call from ASP.NET web forms.
 		/// </summary>
 		/// <remarks>
 		/// Requires a current HttpContext.
+		/// This call is not safe to make from an ASP.NET web form (.aspx file or code-behind) because
+		/// ASP.NET will render HTML after the protocol message has been sent, which will corrupt the response.
+		/// Use the <see cref="Send"/> method instead for web forms.
 		/// </remarks>
 		public virtual void Respond() {
 			Requires.ValidState(HttpContext.Current != null && HttpContext.Current.Request != null, MessagingStrings.HttpContextRequired);
@@ -163,9 +167,15 @@ namespace DotNetOpenAuth.Messaging {
 		/// Automatically sends the appropriate response to the user agent
 		/// and signals ASP.NET to short-circuit the page execution pipeline
 		/// now that the response has been completed.
+		/// Not safe to call from ASP.NET web forms.
 		/// </summary>
 		/// <param name="context">The context of the HTTP request whose response should be set.
 		/// Typically this is <see cref="HttpContext.Current"/>.</param>
+		/// <remarks>
+		/// This call is not safe to make from an ASP.NET web form (.aspx file or code-behind) because
+		/// ASP.NET will render HTML after the protocol message has been sent, which will corrupt the response.
+		/// Use the <see cref="Send"/> method instead for web forms.
+		/// </remarks>
 		public virtual void Respond(HttpContext context) {
 			Requires.NotNull(context, "context");
 
diff --git a/src/DotNetOpenAuth.OAuth.ServiceProvider/OAuth/ChannelElements/OAuthPrincipal.cs b/src/DotNetOpenAuth.OAuth.ServiceProvider/OAuth/ChannelElements/OAuthPrincipal.cs
index b274265..f4d167d 100644
--- a/src/DotNetOpenAuth.OAuth.ServiceProvider/OAuth/ChannelElements/OAuthPrincipal.cs
+++ b/src/DotNetOpenAuth.OAuth.ServiceProvider/OAuth/ChannelElements/OAuthPrincipal.cs
@@ -7,6 +7,7 @@
 namespace DotNetOpenAuth.OAuth.ChannelElements {
 	using System;
 	using System.Collections.Generic;
+	using System.Collections.ObjectModel;
 	using System.Diagnostics.CodeAnalysis;
 	using System.Diagnostics.Contracts;
 	using System.Linq;
@@ -61,6 +62,14 @@ namespace DotNetOpenAuth.OAuth.ChannelElements {
 		/// <value>A non-empty string.</value>
 		public string AccessToken { get; private set; }
 
+		/// <summary>
+		/// Gets the roles that this principal has as a ReadOnlyCollection.
+		/// </summary>
+		public ReadOnlyCollection<string> Roles
+		{
+			get { return new ReadOnlyCollection<string>(this.roles.ToList()); }
+		}
+
 		#region IPrincipal Members
 
 		/// <summary>
@@ -87,5 +96,14 @@ namespace DotNetOpenAuth.OAuth.ChannelElements {
 		}
 
 		#endregion
+
+		/// <summary>
+		/// Creates a new instance of GenericPrincipal based on this OAuthPrincipal.
+		/// </summary>
+		/// <returns>A new instance of GenericPrincipal with a GenericIdentity, having the same username and roles as this OAuthPrincipal and OAuthIdentity</returns>
+		public GenericPrincipal CreateGenericPrincipal()
+		{
+			return new GenericPrincipal(new GenericIdentity(this.Identity.Name), this.roles.ToArray());
+		}
 	}
 }
diff --git a/src/DotNetOpenAuth.OAuth2.Client/OAuth2/WebServerClient.cs b/src/DotNetOpenAuth.OAuth2.Client/OAuth2/WebServerClient.cs
index fc14bcf..4f793a5 100644
--- a/src/DotNetOpenAuth.OAuth2.Client/OAuth2/WebServerClient.cs
+++ b/src/DotNetOpenAuth.OAuth2.Client/OAuth2/WebServerClient.cs
@@ -45,7 +45,7 @@ namespace DotNetOpenAuth.OAuth2 {
 			var authorizationState = new AuthorizationState(scope) {
 				Callback = returnTo,
 			};
-			this.PrepareRequestUserAuthorization(authorizationState, state).Respond();
+			this.PrepareRequestUserAuthorization(authorizationState, state).Send();
 		}
 
 		/// <summary>
diff --git a/src/DotNetOpenAuth.OpenId.Provider.UI/OpenId/Provider/ProviderEndpoint.cs b/src/DotNetOpenAuth.OpenId.Provider.UI/OpenId/Provider/ProviderEndpoint.cs
index 7b33695..d0dee75 100644
--- a/src/DotNetOpenAuth.OpenId.Provider.UI/OpenId/Provider/ProviderEndpoint.cs
+++ b/src/DotNetOpenAuth.OpenId.Provider.UI/OpenId/Provider/ProviderEndpoint.cs
@@ -180,7 +180,7 @@ namespace DotNetOpenAuth.OpenId.Provider {
 		public static void SendResponse() {
 			var pendingRequest = PendingRequest;
 			PendingRequest = null;
-			Provider.Respond(pendingRequest);
+			Provider.SendResponse(pendingRequest);
 		}
 
 		/// <summary>
@@ -222,8 +222,8 @@ namespace DotNetOpenAuth.OpenId.Provider {
 						}
 					}
 					if (request.IsResponseReady) {
-						Provider.Respond(request);
 						PendingAuthenticationRequest = null;
+						Provider.SendResponse(request);
 					}
 				}
 			}
diff --git a/src/DotNetOpenAuth.OpenId.Provider/OpenId/Provider/OpenIdProvider.cs b/src/DotNetOpenAuth.OpenId.Provider/OpenId/Provider/OpenIdProvider.cs
index 5be2427..93fced6 100644
--- a/src/DotNetOpenAuth.OpenId.Provider/OpenId/Provider/OpenIdProvider.cs
+++ b/src/DotNetOpenAuth.OpenId.Provider/OpenId/Provider/OpenIdProvider.cs
@@ -338,7 +338,7 @@ namespace DotNetOpenAuth.OpenId.Provider {
 		/// </remarks>
 		/// <exception cref="InvalidOperationException">Thrown if <see cref="IRequest.IsResponseReady"/> is <c>false</c>.</exception>
 		[SuppressMessage("Microsoft.Performance", "CA1800:DoNotCastUnnecessarily", Justification = "Code Contract requires that we cast early.")]
-		[EditorBrowsable(EditorBrowsableState.Never), Obsolete("Use the Respond method instead, and prepare for execution to continue on this page beyond the call to Respond.")]
+		[EditorBrowsable(EditorBrowsableState.Never)]
 		public void SendResponse(IRequest request) {
 			Requires.ValidState(HttpContext.Current != null, MessagingStrings.CurrentHttpContextRequired);
 			Requires.NotNull(request, "request");
@@ -409,7 +409,7 @@ namespace DotNetOpenAuth.OpenId.Provider {
 			Requires.NotNull(claimedIdentifier, "claimedIdentifier");
 			Requires.NotNull(localIdentifier, "localIdentifier");
 
-			this.PrepareUnsolicitedAssertion(providerEndpoint, relyingPartyRealm, claimedIdentifier, localIdentifier, extensions).Respond();
+			this.PrepareUnsolicitedAssertion(providerEndpoint, relyingPartyRealm, claimedIdentifier, localIdentifier, extensions).Send();
 		}
 
 		/// <summary>
diff --git a/src/DotNetOpenAuth.OpenId.RelyingParty.UI/OpenId/RelyingParty/OpenIdRelyingPartyAjaxControlBase.cs b/src/DotNetOpenAuth.OpenId.RelyingParty.UI/OpenId/RelyingParty/OpenIdRelyingPartyAjaxControlBase.cs
index 9c0004b..54f3a07 100644
--- a/src/DotNetOpenAuth.OpenId.RelyingParty.UI/OpenId/RelyingParty/OpenIdRelyingPartyAjaxControlBase.cs
+++ b/src/DotNetOpenAuth.OpenId.RelyingParty.UI/OpenId/RelyingParty/OpenIdRelyingPartyAjaxControlBase.cs
@@ -428,7 +428,7 @@ namespace DotNetOpenAuth.OpenId.RelyingParty {
 				this.RelyingParty.Channel.GetRequestFromContext(),
 				callback);
 
-			response.Respond();
+			response.Send();
 		}
 
 		/// <summary>
diff --git a/src/DotNetOpenAuth.OpenId.RelyingParty/OpenId/RelyingParty/AuthenticationRequest.cs b/src/DotNetOpenAuth.OpenId.RelyingParty/OpenId/RelyingParty/AuthenticationRequest.cs
index f742a3d..c85c0c5 100644
--- a/src/DotNetOpenAuth.OpenId.RelyingParty/OpenId/RelyingParty/AuthenticationRequest.cs
+++ b/src/DotNetOpenAuth.OpenId.RelyingParty/OpenId/RelyingParty/AuthenticationRequest.cs
@@ -300,7 +300,7 @@ namespace DotNetOpenAuth.OpenId.RelyingParty {
 		/// This method requires an ASP.NET HttpContext.
 		/// </remarks>
 		public void RedirectToProvider() {
-			this.RedirectingResponse.Respond();
+			this.RedirectingResponse.Send();
 		}
 
 		#endregion