Wraps IOException with ProtocolException while decoding access tokens.

Related to #178

1 files changed, 7 insertions, 1 deletions

diff --git a/src/DotNetOpenAuth.OAuth2.ResourceServer/OAuth2/StandardAccessTokenAnalyzer.cs b/src/DotNetOpenAuth.OAuth2.ResourceServer/OAuth2/StandardAccessTokenAnalyzer.cs
index bd28821..3e74937 100644
--- a/src/DotNetOpenAuth.OAuth2.ResourceServer/OAuth2/StandardAccessTokenAnalyzer.cs
+++ b/src/DotNetOpenAuth.OAuth2.ResourceServer/OAuth2/StandardAccessTokenAnalyzer.cs
@@ -8,6 +8,7 @@ namespace DotNetOpenAuth.OAuth2 {
 	using System;
 	using System.Collections.Generic;
 	using System.Diagnostics.Contracts;
+	using System.IO;
 	using System.Security.Cryptography;
 	using DotNetOpenAuth.Messaging;
 	using DotNetOpenAuth.OAuth2.ChannelElements;
@@ -52,7 +53,12 @@ namespace DotNetOpenAuth.OAuth2 {
 			ErrorUtilities.VerifyProtocol(!string.IsNullOrEmpty(accessToken), ResourceServerStrings.MissingAccessToken);
 			var accessTokenFormatter = AccessToken.CreateFormatter(this.AuthorizationServerPublicSigningKey, this.ResourceServerPrivateEncryptionKey);
 			var token = new AccessToken();
-			accessTokenFormatter.Deserialize(token, message, accessToken, Protocol.access_token);
+			try {
+				accessTokenFormatter.Deserialize(token, message, accessToken, Protocol.access_token);
+			} catch (IOException ex) {
+				throw new ProtocolException(ResourceServerStrings.InvalidAccessToken, ex);
+			}
+
 			return token;
 		}
 	}