Got the OAuthConsumerWpf sample working with Facebook OAuth 2.0 again.

6 files changed, 48 insertions, 25 deletions

diff --git a/samples/OAuthConsumerWpf/Authorize2.xaml.cs b/samples/OAuthConsumerWpf/Authorize2.xaml.cs
index 4a0a969..9c5c2dc 100644
--- a/samples/OAuthConsumerWpf/Authorize2.xaml.cs
+++ b/samples/OAuthConsumerWpf/Authorize2.xaml.cs
@@ -14,6 +14,7 @@
 	using System.Windows.Navigation;
 	using System.Windows.Shapes;
 	using DotNetOpenAuth.OAuth2;
+	using DotNetOpenAuth.Messaging;
 
 	/// <summary>
 	/// Interaction logic for Authorize2.xaml
@@ -38,10 +39,15 @@
 		}
 
 		private void locationChanged(Uri location) {
-			if (location == this.Authorization.Callback) {
-				this.client.ProcessUserAuthorization(location, this.Authorization);
-				this.DialogResult = !string.IsNullOrEmpty(this.Authorization.AccessToken);
-				this.Close();
+			if (SignificantlyEqual(location, this.Authorization.Callback, UriComponents.SchemeAndServer | UriComponents.Path)) {
+				try {
+					this.client.ProcessUserAuthorization(location, this.Authorization);
+				} catch (ProtocolException ex) {
+					MessageBox.Show(ex.ToStringDescriptive());
+				} finally {
+					this.DialogResult = !string.IsNullOrEmpty(this.Authorization.AccessToken);
+					this.Close();
+				}
 			}
 		}
 
@@ -52,5 +58,11 @@
 		private void webBrowser_LocationChanged(object sender, EventArgs e) {
 			this.locationChanged(webBrowser.Url);
 		}
+
+		private static bool SignificantlyEqual(Uri location1, Uri location2, UriComponents components) {
+			string value1 = location1.GetComponents(components, UriFormat.Unescaped);
+			string value2 = location2.GetComponents(components, UriFormat.Unescaped);
+			return string.Equals(value1, value2, StringComparison.Ordinal);
+		}
 	}
-}
+}
\ No newline at end of file
diff --git a/samples/OAuthConsumerWpf/MainWindow.xaml b/samples/OAuthConsumerWpf/MainWindow.xaml
index 05370d7..4488fab 100644
--- a/samples/OAuthConsumerWpf/MainWindow.xaml
+++ b/samples/OAuthConsumerWpf/MainWindow.xaml
@@ -152,7 +152,7 @@
                     <ColumnDefinition Width="auto" />
                 </Grid.ColumnDefinitions>
                 <Label Grid.Row="1">Token Endpoint URL</Label>
-                <TextBox Grid.Row="1" Grid.Column="1" x:Name="wrapTokenUrlBox" />
+                <TextBox Grid.Row="1" Grid.Column="1" x:Name="wrapTokenUrlBox" Text="https://graph.facebook.com/oauth/access_token" />
                 <Label Grid.Row="1" Grid.Column="2">POST</Label>
                 <Label Grid.Row="2">User Authorization URL</Label>
                 <TextBox Grid.Row="2" Grid.Column="1" x:Name="wrapAuthorizationUrlBox" Text="https://graph.facebook.com/oauth/authorize?display=popup" />
@@ -180,11 +180,11 @@
                 <Label Grid.Row="4">Client Identifier</Label>
                 <TextBox Grid.Row="4" Grid.Column="1" x:Name="wrapClientIdentifierBox" Grid.ColumnSpan="2" Text="367207604173" />
                 <Label Grid.Row="5">Client Secret</Label>
-                <TextBox Grid.Row="5" Grid.Column="1" x:Name="wrapClientSecretBox" Grid.ColumnSpan="2"/>
+                <TextBox Grid.Row="5" Grid.Column="1" x:Name="wrapClientSecretBox" Grid.ColumnSpan="2" Text="1df77e64055c4d7d3583cefdf2bc62d7"/>
                 <Label Grid.Row="6">OAuth 2.0 version</Label>
                 <ComboBox Grid.Row="6" Grid.Column="1" SelectedIndex="0" x:Name="wrapVersion">
                     <ComboBox.Items>
-                        <ComboBoxItem>2.0 DRAFT 5</ComboBoxItem>
+                        <ComboBoxItem>2.0 DRAFT 9</ComboBoxItem>
                     </ComboBox.Items>
                 </ComboBox>
                 <Button Grid.Row="7" Grid.Column="1" x:Name="wrapBeginButton" Click="wrapBeginButton_Click">Begin</Button>
diff --git a/samples/OAuthConsumerWpf/MainWindow.xaml.cs b/samples/OAuthConsumerWpf/MainWindow.xaml.cs
index f315922..b7da074 100644
--- a/samples/OAuthConsumerWpf/MainWindow.xaml.cs
+++ b/samples/OAuthConsumerWpf/MainWindow.xaml.cs
@@ -212,9 +212,7 @@
 			try {
 				////var client = new DotNetOpenAuth.OAuth2.WebAppClient(authServer);
 				////client.PrepareRequestUserAuthorization();
-				var client = new OAuth2.UserAgentClient(authServer) {
-					ClientIdentifier = wrapClientIdentifierBox.Text,
-				};
+				var client = new OAuth2.UserAgentClient(authServer, wrapClientIdentifierBox.Text, wrapClientSecretBox.Text);
 
 				var authorizePopup = new Authorize2(client);
 				authorizePopup.Owner = this;
diff --git a/samples/OAuthServiceProvider/Code/OAuthAuthorizationManager.cs b/samples/OAuthServiceProvider/Code/OAuthAuthorizationManager.cs
index be6d671..41b1d23 100644
--- a/samples/OAuthServiceProvider/Code/OAuthAuthorizationManager.cs
+++ b/samples/OAuthServiceProvider/Code/OAuthAuthorizationManager.cs
@@ -7,10 +7,14 @@
 	using System.ServiceModel;
 	using System.ServiceModel.Channels;
 	using System.ServiceModel.Security;
+
+	using DotNetOpenAuth.Messaging;
 	using DotNetOpenAuth.OAuth;
 	using DotNetOpenAuth.OAuth.ChannelElements;
 	using DotNetOpenAuth.OAuth2;
 
+	using ProtocolException = System.ServiceModel.ProtocolException;
+
 	/// <summary>
 	/// A WCF extension to authenticate incoming messages using OAuth.
 	/// </summary>
@@ -23,8 +27,8 @@
 				return false;
 			}
 
-			HttpRequestMessageProperty httpDetails = operationContext.RequestContext.RequestMessage.Properties[HttpRequestMessageProperty.Name] as HttpRequestMessageProperty;
-			Uri requestUri = operationContext.RequestContext.RequestMessage.Properties["OriginalHttpRequestUri"] as Uri;
+			var httpDetails = operationContext.RequestContext.RequestMessage.Properties[HttpRequestMessageProperty.Name] as HttpRequestMessageProperty;
+			var requestUri = operationContext.RequestContext.RequestMessage.Properties["OriginalHttpRequestUri"] as Uri;
 
 			try {
 				var principal = this.VerifyOAuth2(httpDetails, requestUri);
@@ -80,7 +84,7 @@
 					OAuth2AuthorizationServer.AsymmetricKey));
 
 			string username, scope;
-			var error = resourceServer.VerifyAccess(new DotNetOpenAuth.Messaging.HttpRequestInfo(httpDetails, requestUri), out username, out scope);
+			var error = resourceServer.VerifyAccess(new HttpRequestInfo(httpDetails, requestUri), out username, out scope);
 			if (error == null) {
 				string[] scopes = scope.Split(new char[] { ' ' });
 				var principal = new OAuthPrincipal(username, scopes);
diff --git a/src/DotNetOpenAuth/Messaging/MessageSerializer.cs b/src/DotNetOpenAuth/Messaging/MessageSerializer.cs
index 950791f..d6448ae 100644
--- a/src/DotNetOpenAuth/Messaging/MessageSerializer.cs
+++ b/src/DotNetOpenAuth/Messaging/MessageSerializer.cs
@@ -114,7 +114,7 @@ namespace DotNetOpenAuth.Messaging {
 		/// <param name="messageDictionary">The message to be serialized.</param>
 		/// <param name="writer">The writer to use for the serialized form.</param>
 		/// <remarks>
-		/// Use <see cref="System.Runtime.Serialization.Json.JsonReaderWriterFactory.CreateJsonWriter"/>
+		/// Use <see cref="System.Runtime.Serialization.Json.JsonReaderWriterFactory.CreateJsonWriter(System.IO.Stream)"/>
 		/// to create the <see cref="XmlDictionaryWriter"/> instance capable of emitting JSON.
 		/// </remarks>
 		[Pure]
@@ -186,7 +186,7 @@ namespace DotNetOpenAuth.Messaging {
 		/// <param name="reader">The XML/JSON to read into the message.</param>
 		/// <exception cref="ProtocolException">Thrown when protocol rules are broken by the incoming message.</exception>
 		/// <remarks>
-		/// Use <see cref="System.Runtime.Serialization.Json.JsonReaderWriterFactory.CreateJsonReader"/>
+		/// Use <see cref="System.Runtime.Serialization.Json.JsonReaderWriterFactory.CreateJsonReader(System.IO.Stream, System.Xml.XmlDictionaryReaderQuotas)"/>
 		/// to create the <see cref="XmlDictionaryReader"/> instance capable of reading JSON.
 		/// </remarks>
 		internal void Deserialize(MessageDictionary messageDictionary, XmlDictionaryReader reader) {
diff --git a/src/DotNetOpenAuth/OAuth2/UserAgentClient.cs b/src/DotNetOpenAuth/OAuth2/UserAgentClient.cs
index 7815858..621fa97 100644
--- a/src/DotNetOpenAuth/OAuth2/UserAgentClient.cs
+++ b/src/DotNetOpenAuth/OAuth2/UserAgentClient.cs
@@ -22,8 +22,10 @@ namespace DotNetOpenAuth.OAuth2 {
 		/// Initializes a new instance of the <see cref="UserAgentClient"/> class.
 		/// </summary>
 		/// <param name="authorizationServer">The token issuer.</param>
-		public UserAgentClient(AuthorizationServerDescription authorizationServer)
-			: base(authorizationServer) {
+		/// <param name="clientIdentifier">The client identifier.</param>
+		/// <param name="clientSecret">The client secret.</param>
+		public UserAgentClient(AuthorizationServerDescription authorizationServer, string clientIdentifier = null, string clientSecret = null)
+			: base(authorizationServer, clientIdentifier, clientSecret) {
 		}
 
 		/// <summary>
@@ -39,16 +41,23 @@ namespace DotNetOpenAuth.OAuth2 {
 		/// Generates a URL that the user's browser can be directed to in order to authorize
 		/// this client to access protected data at some resource server.
 		/// </summary>
+		/// <param name="scope">The scope of authorized access requested.</param>
+		/// <returns>A fully-qualified URL suitable to initiate the authorization flow.</returns>
+		public Uri RequestUserAuthoroization(string scope = null) {
+			var authorization = new AuthorizationState { Scope = scope };
+			return this.RequestUserAuthorization(authorization);
+		}
+
+		/// <summary>
+		/// Generates a URL that the user's browser can be directed to in order to authorize
+		/// this client to access protected data at some resource server.
+		/// </summary>
 		/// <param name="authorization">The authorization state that is tracking this particular request.  Optional.</param>
-		/// <param name="immediate">If set to <c>true</c>, the authorization server will return immediately instead of interacting with the user.  Authorization will only be granted if the authorization server determines it is safe to do so without asking the user first.</param>
 		/// <returns>A fully-qualified URL suitable to initiate the authorization flow.</returns>
-		public Uri RequestUserAuthorization(IAuthorizationState authorization = null) {
+		public Uri RequestUserAuthorization(IAuthorizationState authorization) {
+			Contract.Requires<ArgumentNullException>(authorization != null, "authorization");
 			Contract.Requires<InvalidOperationException>(!string.IsNullOrEmpty(this.ClientIdentifier));
 
-			if (authorization == null) {
-				authorization = new AuthorizationState();
-			}
-
 			if (authorization.Callback == null) {
 				authorization.Callback = new Uri("http://localhost/");
 			}
@@ -66,7 +75,7 @@ namespace DotNetOpenAuth.OAuth2 {
 		/// Scans the incoming request for an authorization response message.
 		/// </summary>
 		/// <param name="actualRedirectUrl">The actual URL of the incoming HTTP request.</param>
-		/// <param name="authorization">The authorization.</param>
+		/// <param name="authorizationState">The authorization.</param>
 		/// <returns>The granted authorization, or <c>null</c> if the incoming HTTP request did not contain an authorization server response or authorization was rejected.</returns>
 		public IAuthorizationState ProcessUserAuthorization(Uri actualRedirectUrl, IAuthorizationState authorizationState = null) {
 			Contract.Requires<ArgumentNullException>(actualRedirectUrl != null, "actualRedirectUrl");