A bunch more moving of OAuth2 classes between assemblies.

10 files changed, 0 insertions, 716 deletions

diff --git a/src/DotNetOpenAuth.OAuth2/OAuth2/AccessTokenParameters.cs b/src/DotNetOpenAuth.OAuth2/OAuth2/AccessTokenParameters.cs
deleted file mode 100644
index a214f20..0000000
--- a/src/DotNetOpenAuth.OAuth2/OAuth2/AccessTokenParameters.cs
+++ /dev/null
@@ -1,80 +0,0 @@
-//-----------------------------------------------------------------------
-// <copyright file="AccessTokenParameters.cs" company="Andrew Arnott">
-//     Copyright (c) Andrew Arnott. All rights reserved.
-// </copyright>
-//-----------------------------------------------------------------------
-
-namespace DotNetOpenAuth.OAuth2 {
-	using System;
-	using System.Collections.Generic;
-	using System.Linq;
-	using System.Security.Cryptography;
-	using System.Text;
-
-	/// <summary>
-	/// Describes the parameters to be fed into creating a response to an access token request.
-	/// </summary>
-	public class AccessTokenParameters : IDisposable {
-		/// <summary>
-		/// Initializes a new instance of the <see cref="AccessTokenParameters"/> class.
-		/// </summary>
-		public AccessTokenParameters() {
-			this.IncludeRefreshToken = true;
-			this.AccessTokenLifetime = TimeSpan.FromHours(1);
-		}
-
-		/// <summary>
-		/// Gets or sets the access token lifetime.
-		/// </summary>
-		/// <value>
-		/// A positive timespan.
-		/// </value>
-		/// <remarks>
-		/// Note that within this lifetime, authorization <i>may</i> not be revokable.  
-		/// Short lifetimes are recommended (e.g. one hour), particularly when the client is not authenticated or
-		/// the resources to which access is being granted are sensitive.
-		/// </remarks>
-		public TimeSpan AccessTokenLifetime { get; set; }
-
-		/// <summary>
-		/// Gets or sets the key to encrypt the access token.
-		/// </summary>
-		public RSACryptoServiceProvider ResourceServerEncryptionKey { get; set; }
-
-		/// <summary>
-		/// Gets or sets a value indicating whether to provide the client with a refresh token, when applicable.
-		/// </summary>
-		/// <value>The default value is <c>true</c>.</value>
-		/// <remarks>>
-		/// The refresh token will never be provided when this value is false.
-		/// The refresh token <em>may</em> be provided when this value is true.
-		/// </remarks>
-		public bool IncludeRefreshToken { get; set; }
-
-		#region Implementation of IDisposable
-
-		/// <summary>
-		/// Performs application-defined tasks associated with freeing, releasing, or resetting unmanaged resources.
-		/// </summary>
-		/// <filterpriority>2</filterpriority>
-		public void Dispose() {
-			this.Dispose(true);
-			GC.SuppressFinalize(this);
-		}
-
-		/// <summary>
-		/// Releases unmanaged and - optionally - managed resources
-		/// </summary>
-		/// <param name="disposing"><c>true</c> to release both managed and unmanaged resources; <c>false</c> to release only unmanaged resources.</param>
-		protected virtual void Dispose(bool disposing) {
-			if (disposing) {
-				if (this.ResourceServerEncryptionKey != null) {
-					IDisposable value = this.ResourceServerEncryptionKey;
-					value.Dispose();
-				}
-			}
-		}
-
-		#endregion
-	}
-}
diff --git a/src/DotNetOpenAuth.OAuth2/OAuth2/AuthorizationServerDescription.cs b/src/DotNetOpenAuth.OAuth2/OAuth2/AuthorizationServerDescription.cs
deleted file mode 100644
index 38a9ff9..0000000
--- a/src/DotNetOpenAuth.OAuth2/OAuth2/AuthorizationServerDescription.cs
+++ /dev/null
@@ -1,62 +0,0 @@
-//-----------------------------------------------------------------------
-// <copyright file="AuthorizationServerDescription.cs" company="Outercurve Foundation">
-//     Copyright (c) Outercurve Foundation. All rights reserved.
-// </copyright>
-//-----------------------------------------------------------------------
-
-namespace DotNetOpenAuth.OAuth2 {
-	using System;
-	using System.Collections.Generic;
-	using System.Linq;
-	using System.Text;
-
-	/// <summary>
-	/// A description of an OAuth Authorization Server as seen by an OAuth Client.
-	/// </summary>
-	public class AuthorizationServerDescription {
-		/// <summary>
-		/// Initializes a new instance of the <see cref="AuthorizationServerDescription"/> class.
-		/// </summary>
-		public AuthorizationServerDescription() {
-			this.ProtocolVersion = Protocol.Default.ProtocolVersion;
-		}
-
-		/// <summary>
-		/// Gets or sets the Authorization Server URL from which an Access Token is requested by the Client.
-		/// </summary>
-		/// <value>An HTTPS URL.</value>
-		/// <remarks>
-		/// <para>After obtaining authorization from the resource owner, clients request an access token from the authorization server's token endpoint.</para>
-		/// <para>The URI of the token endpoint can be found in the service documentation, or can be obtained by the client by making an unauthorized protected resource request (from the WWW-Authenticate response header token-uri (The 'authorization-uri' Attribute) attribute).</para>
-		/// <para>The token endpoint advertised by the resource server MAY include a query component as defined by [RFC3986] (Berners-Lee, T., Fielding, R., and L. Masinter, “Uniform Resource Identifier (URI): Generic Syntax,” January 2005.) section 3.</para>
-		/// <para>Since requests to the token endpoint result in the transmission of plain text credentials in the HTTP request and response, the authorization server MUST require the use of a transport-layer mechanism such as TLS/SSL (or a secure channel with equivalent protections) when sending requests to the token endpoints. </para>
-		/// </remarks>
-		public Uri TokenEndpoint { get; set; }
-
-		/// <summary>
-		/// Gets or sets the Authorization Server URL where the Client (re)directs the User
-		/// to make an authorization request.
-		/// </summary>
-		/// <value>An HTTPS URL.</value>
-		/// <remarks>
-		/// <para>Clients direct the resource owner to the authorization endpoint to approve their access request. Before granting access, the resource owner first authenticates with the authorization server. The way in which the authorization server authenticates the end-user (e.g. username and password login, OpenID, session cookies) and in which the authorization server obtains the end-user's authorization, including whether it uses a secure channel such as TLS/SSL, is beyond the scope of this specification. However, the authorization server MUST first verify the identity of the end-user.</para>
-		/// <para>The URI of the authorization endpoint can be found in the service documentation, or can be obtained by the client by making an unauthorized protected resource request (from the WWW-Authenticate response header auth-uri (The 'authorization-uri' Attribute) attribute).</para>
-		/// <para>The authorization endpoint advertised by the resource server MAY include a query component as defined by [RFC3986] (Berners-Lee, T., Fielding, R., and L. Masinter, “Uniform Resource Identifier (URI): Generic Syntax,” January 2005.) section 3.</para>
-		/// <para>Since requests to the authorization endpoint result in user authentication and the transmission of sensitive values, the authorization server SHOULD require the use of a transport-layer mechanism such as TLS/SSL (or a secure channel with equivalent protections) when sending requests to the authorization endpoints.</para>
-		/// </remarks>
-		public Uri AuthorizationEndpoint { get; set; }
-
-		/// <summary>
-		/// Gets or sets the OAuth version supported by the Authorization Server.
-		/// </summary>
-		public ProtocolVersion ProtocolVersion { get; set; }
-
-		/// <summary>
-		/// Gets the version of the OAuth protocol to use with this Authorization Server.
-		/// </summary>
-		/// <value>The version.</value>
-		internal Version Version {
-			get { return Protocol.Lookup(this.ProtocolVersion).Version; }
-		}
-	}
-}
diff --git a/src/DotNetOpenAuth.OAuth2/OAuth2/AuthorizationState.cs b/src/DotNetOpenAuth.OAuth2/OAuth2/AuthorizationState.cs
deleted file mode 100644
index 4117b3c..0000000
--- a/src/DotNetOpenAuth.OAuth2/OAuth2/AuthorizationState.cs
+++ /dev/null
@@ -1,93 +0,0 @@
-//-----------------------------------------------------------------------
-// <copyright file="AuthorizationState.cs" company="Outercurve Foundation">
-//     Copyright (c) Outercurve Foundation. All rights reserved.
-// </copyright>
-//-----------------------------------------------------------------------
-
-namespace DotNetOpenAuth.OAuth2 {
-	using System;
-	using System.Collections.Generic;
-
-	using DotNetOpenAuth.Messaging;
-
-	/// <summary>
-	/// A simple in-memory copy of an authorization state.
-	/// </summary>
-	[Serializable]
-	public class AuthorizationState : IAuthorizationState {
-		/// <summary>
-		/// Initializes a new instance of the <see cref="AuthorizationState"/> class.
-		/// </summary>
-		/// <param name="scopes">The scopes of access being requested or that was obtained.</param>
-		public AuthorizationState(IEnumerable<string> scopes = null) {
-			this.Scope = new HashSet<string>(OAuthUtilities.ScopeStringComparer);
-			if (scopes != null) {
-				this.Scope.AddRange(scopes);
-			}
-		}
-
-		/// <summary>
-		/// Gets or sets the callback URL used to obtain authorization.
-		/// </summary>
-		/// <value>The callback URL.</value>
-		public Uri Callback { get; set; }
-
-		/// <summary>
-		/// Gets or sets the long-lived token used to renew the short-lived <see cref="AccessToken"/>.
-		/// </summary>
-		/// <value>The refresh token.</value>
-		public string RefreshToken { get; set; }
-
-		/// <summary>
-		/// Gets or sets the access token.
-		/// </summary>
-		/// <value>The access token.</value>
-		public string AccessToken { get; set; }
-
-		/// <summary>
-		/// Gets or sets the access token UTC expiration date.
-		/// </summary>
-		/// <value></value>
-		public DateTime? AccessTokenExpirationUtc { get; set; }
-
-		/// <summary>
-		/// Gets or sets the access token issue date UTC.
-		/// </summary>
-		/// <value>The access token issue date UTC.</value>
-		public DateTime? AccessTokenIssueDateUtc { get; set; }
-
-		/// <summary>
-		/// Gets the scope the token is (to be) authorized for.
-		/// </summary>
-		/// <value>The scope.</value>
-		public HashSet<string> Scope { get; private set; }
-
-		/// <summary>
-		/// Gets or sets a value indicating whether this instance is deleted.
-		/// </summary>
-		/// <value>
-		/// 	<c>true</c> if this instance is deleted; otherwise, <c>false</c>.
-		/// </value>
-		public bool IsDeleted { get; set; }
-
-		/// <summary>
-		/// Deletes this authorization, including access token and refresh token where applicable.
-		/// </summary>
-		/// <remarks>
-		/// This method is invoked when an authorization attempt fails, is rejected, is revoked, or
-		/// expires and cannot be renewed.
-		/// </remarks>
-		public virtual void Delete() {
-			this.IsDeleted = true;
-		}
-
-		/// <summary>
-		/// Saves any changes made to this authorization object's properties.
-		/// </summary>
-		/// <remarks>
-		/// This method is invoked after DotNetOpenAuth changes any property.
-		/// </remarks>
-		public virtual void SaveChanges() {
-		}
-	}
-}
\ No newline at end of file
diff --git a/src/DotNetOpenAuth.OAuth2/OAuth2/ClientDescription.cs b/src/DotNetOpenAuth.OAuth2/OAuth2/ClientDescription.cs
deleted file mode 100644
index 76c3ea6..0000000
--- a/src/DotNetOpenAuth.OAuth2/OAuth2/ClientDescription.cs
+++ /dev/null
@@ -1,71 +0,0 @@
-//-----------------------------------------------------------------------
-// <copyright file="ClientDescription.cs" company="Outercurve Foundation">
-//     Copyright (c) Outercurve Foundation. All rights reserved.
-// </copyright>
-//-----------------------------------------------------------------------
-
-namespace DotNetOpenAuth.OAuth2 {
-	using System;
-	using System.Collections.Generic;
-	using System.Linq;
-	using System.Text;
-
-	/// <summary>
-	/// A default implementation of the <see cref="IClientDescription"/> interface.
-	/// </summary>
-	public class ClientDescription : IClientDescription {
-		/// <summary>
-		/// A delegate that determines whether the callback is allowed.
-		/// </summary>
-		private readonly Func<Uri, bool> isCallbackAllowed;
-
-		/// <summary>
-		/// Initializes a new instance of the <see cref="ClientDescription"/> class.
-		/// </summary>
-		/// <param name="secret">The secret.</param>
-		/// <param name="defaultCallback">The default callback.</param>
-		/// <param name="clientType">Type of the client.</param>
-		/// <param name="isCallbackAllowed">A delegate that determines whether the callback is allowed.</param>
-		public ClientDescription(string secret, Uri defaultCallback, ClientType clientType, Func<Uri, bool> isCallbackAllowed = null) {
-			this.Secret = secret;
-			this.DefaultCallback = defaultCallback;
-			this.ClientType = clientType;
-			this.isCallbackAllowed = isCallbackAllowed;
-		}
-
-		/// <summary>
-		/// Gets the client secret.
-		/// </summary>
-		public string Secret { get; private set; }
-
-		/// <summary>
-		/// Gets the callback to use when an individual authorization request
-		/// does not include an explicit callback URI.
-		/// </summary>
-		/// <value>
-		/// An absolute URL; or <c>null</c> if none is registered.
-		/// </value>
-		public Uri DefaultCallback { get; private set; }
-
-		/// <summary>
-		/// Gets the type of the client.
-		/// </summary>
-		public ClientType ClientType { get; private set; }
-
-		/// <summary>
-		/// Determines whether a callback URI included in a client's authorization request
-		/// is among those allowed callbacks for the registered client.
-		/// </summary>
-		/// <param name="callback">The absolute URI the client has requested the authorization result be received at.</param>
-		/// <returns>
-		///   <c>true</c> if the callback URL is allowable for this client; otherwise, <c>false</c>.
-		/// </returns>
-		public bool IsCallbackAllowed(Uri callback) {
-			if (this.isCallbackAllowed != null) {
-				return this.isCallbackAllowed(callback);
-			}
-
-			return EqualityComparer<Uri>.Default.Equals(this.DefaultCallback, callback);
-		}
-	}
-}
diff --git a/src/DotNetOpenAuth.OAuth2/OAuth2/ClientType.cs b/src/DotNetOpenAuth.OAuth2/OAuth2/ClientType.cs
deleted file mode 100644
index 9e8ed2a..0000000
--- a/src/DotNetOpenAuth.OAuth2/OAuth2/ClientType.cs
+++ /dev/null
@@ -1,47 +0,0 @@
-//-----------------------------------------------------------------------
-// <copyright file="ClientType.cs" company="Outercurve Foundation">
-//     Copyright (c) Outercurve Foundation. All rights reserved.
-// </copyright>
-//-----------------------------------------------------------------------
-
-namespace DotNetOpenAuth.OAuth2 {
-	/// <summary>
-	/// OAuth 2 Client types
-	/// </summary>
-	/// <remarks>
-	/// <para>Based on their ability to
-	/// authenticate securely with the authorization server (i.e. ability to
-	/// maintain the confidentiality of their client credentials).</para>
-	/// <para>The client type designation is based on the authorization server's
-	/// definition of secure authentication and its acceptable exposure
-	/// levels of client credentials.</para>
-	/// <para>The authorization server SHOULD NOT make assumptions about the client
-	/// type, nor accept the type information provided by the client
-	/// developer without first establishing trust.</para>
-	/// <para>A client application consisting of multiple components, each with its
-	/// own client type (e.g. a distributed client with both a confidential
-	/// server-based component and a public browser-based component), MUST
-	/// register each component separately as a different client to ensure
-	/// proper handling by the authorization server.  The authorization
-	/// server MAY provider tools to manage such complex clients through a
-	/// single administration interface.</para>
-	/// </remarks>
-	public enum ClientType {
-		/// <summary>
-		/// Clients capable of maintaining the confidentiality of their
-		/// credentials (e.g. client implemented on a secure server with
-		/// restricted access to the client credentials), or capable of secure
-		/// client authentication using other means.
-		/// </summary>
-		Confidential,
-
-		/// <summary>
-		/// Clients incapable of maintaining the confidentiality of their
-		/// credentials (e.g. clients executing on the device used by the
-		/// resource owner such as an installed native application or a web
-		/// browser-based application), and incapable of secure client
-		/// authentication via any other means.
-		/// </summary>
-		Public,
-	}
-}
diff --git a/src/DotNetOpenAuth.OAuth2/OAuth2/IAccessTokenAnalyzer.cs b/src/DotNetOpenAuth.OAuth2/OAuth2/IAccessTokenAnalyzer.cs
deleted file mode 100644
index 5aa1bb6..0000000
--- a/src/DotNetOpenAuth.OAuth2/OAuth2/IAccessTokenAnalyzer.cs
+++ /dev/null
@@ -1,64 +0,0 @@
-//-----------------------------------------------------------------------
-// <copyright file="IAccessTokenAnalyzer.cs" company="Outercurve Foundation">
-//     Copyright (c) Outercurve Foundation. All rights reserved.
-// </copyright>
-//-----------------------------------------------------------------------
-
-namespace DotNetOpenAuth.OAuth2 {
-	using System;
-	using System.Collections.Generic;
-	using System.Diagnostics.CodeAnalysis;
-	using System.Diagnostics.Contracts;
-	using System.Linq;
-	using System.Text;
-	using DotNetOpenAuth.Messaging;
-
-	/// <summary>
-	/// An interface that resource server hosts should implement if they accept access tokens
-	/// issued by non-DotNetOpenAuth authorization servers.
-	/// </summary>
-	[ContractClass((typeof(IAccessTokenAnalyzerContract)))]
-	public interface IAccessTokenAnalyzer {
-		/// <summary>
-		/// Reads an access token to find out what data it authorizes access to.
-		/// </summary>
-		/// <param name="message">The message carrying the access token.</param>
-		/// <param name="accessToken">The access token.</param>
-		/// <param name="user">The user whose data is accessible with this access token.</param>
-		/// <param name="scope">The scope of access authorized by this access token.</param>
-		/// <returns>A value indicating whether this access token is valid.</returns>
-		[SuppressMessage("Microsoft.Design", "CA1021:AvoidOutParameters", MessageId = "1#", Justification = "Try pattern")]
-		[SuppressMessage("Microsoft.Design", "CA1021:AvoidOutParameters", MessageId = "2#", Justification = "Try pattern")]
-		bool TryValidateAccessToken(IDirectedProtocolMessage message, string accessToken, out string user, out HashSet<string> scope);
-	}
-
-	/// <summary>
-	/// Code contract for the <see cref="IAccessTokenAnalyzer"/> interface.
-	/// </summary>
-	[ContractClassFor(typeof(IAccessTokenAnalyzer))]
-	internal abstract class IAccessTokenAnalyzerContract : IAccessTokenAnalyzer {
-		/// <summary>
-		/// Prevents a default instance of the <see cref="IAccessTokenAnalyzerContract"/> class from being created.
-		/// </summary>
-		private IAccessTokenAnalyzerContract() {
-		}
-
-		/// <summary>
-		/// Reads an access token to find out what data it authorizes access to.
-		/// </summary>
-		/// <param name="message">The message carrying the access token.</param>
-		/// <param name="accessToken">The access token.</param>
-		/// <param name="user">The user whose data is accessible with this access token.</param>
-		/// <param name="scope">The scope of access authorized by this access token.</param>
-		/// <returns>
-		/// A value indicating whether this access token is valid.
-		/// </returns>
-		bool IAccessTokenAnalyzer.TryValidateAccessToken(IDirectedProtocolMessage message, string accessToken, out string user, out HashSet<string> scope) {
-			Requires.NotNull(message, "message");
-			Requires.NotNullOrEmpty(accessToken, "accessToken");
-			Contract.Ensures(Contract.Result<bool>() == (Contract.ValueAtReturn<string>(out user) != null));
-
-			throw new NotImplementedException();
-		}
-	}
-}
diff --git a/src/DotNetOpenAuth.OAuth2/OAuth2/IAuthorizationState.cs b/src/DotNetOpenAuth.OAuth2/OAuth2/IAuthorizationState.cs
deleted file mode 100644
index f38df9a..0000000
--- a/src/DotNetOpenAuth.OAuth2/OAuth2/IAuthorizationState.cs
+++ /dev/null
@@ -1,67 +0,0 @@
-//-----------------------------------------------------------------------
-// <copyright file="IAuthorizationState.cs" company="Outercurve Foundation">
-//     Copyright (c) Outercurve Foundation. All rights reserved.
-// </copyright>
-//-----------------------------------------------------------------------
-
-namespace DotNetOpenAuth.OAuth2 {
-	using System;
-	using System.Collections.Generic;
-
-	/// <summary>
-	/// Provides access to a persistent object that tracks the state of an authorization.
-	/// </summary>
-	public interface IAuthorizationState {
-		/// <summary>
-		/// Gets or sets the callback URL used to obtain authorization.
-		/// </summary>
-		/// <value>The callback URL.</value>
-		Uri Callback { get; set; }
-
-		/// <summary>
-		/// Gets or sets the long-lived token used to renew the short-lived <see cref="AccessToken"/>.
-		/// </summary>
-		/// <value>The refresh token.</value>
-		string RefreshToken { get; set; }
-
-		/// <summary>
-		/// Gets or sets the access token.
-		/// </summary>
-		/// <value>The access token.</value>
-		string AccessToken { get; set; }
-
-		/// <summary>
-		/// Gets or sets the access token issue date UTC.
-		/// </summary>
-		/// <value>The access token issue date UTC.</value>
-		DateTime? AccessTokenIssueDateUtc { get; set; }
-
-		/// <summary>
-		/// Gets or sets the access token UTC expiration date.
-		/// </summary>
-		DateTime? AccessTokenExpirationUtc { get; set; }
-
-		/// <summary>
-		/// Gets the scope the token is (to be) authorized for.
-		/// </summary>
-		/// <value>The scope.</value>
-		HashSet<string> Scope { get; }
-
-		/// <summary>
-		/// Deletes this authorization, including access token and refresh token where applicable.
-		/// </summary>
-		/// <remarks>
-		/// This method is invoked when an authorization attempt fails, is rejected, is revoked, or
-		/// expires and cannot be renewed.
-		/// </remarks>
-		void Delete();
-
-		/// <summary>
-		/// Saves any changes made to this authorization object's properties.
-		/// </summary>
-		/// <remarks>
-		/// This method is invoked after DotNetOpenAuth changes any property.
-		/// </remarks>
-		void SaveChanges();
-	}
-}
\ No newline at end of file
diff --git a/src/DotNetOpenAuth.OAuth2/OAuth2/IClientAuthorizationTracker.cs b/src/DotNetOpenAuth.OAuth2/OAuth2/IClientAuthorizationTracker.cs
deleted file mode 100644
index 73b7a44..0000000
--- a/src/DotNetOpenAuth.OAuth2/OAuth2/IClientAuthorizationTracker.cs
+++ /dev/null
@@ -1,53 +0,0 @@
-//-----------------------------------------------------------------------
-// <copyright file="IClientAuthorizationTracker.cs" company="Outercurve Foundation">
-//     Copyright (c) Outercurve Foundation. All rights reserved.
-// </copyright>
-//-----------------------------------------------------------------------
-
-namespace DotNetOpenAuth.OAuth2 {
-	using System;
-	using System.Diagnostics.Contracts;
-
-	/// <summary>
-	/// A token manager implemented by some clients to assist in tracking authorization state.
-	/// </summary>
-	[ContractClass(typeof(IClientAuthorizationTrackerContract))]
-	public interface IClientAuthorizationTracker {
-		/// <summary>
-		/// Gets the state of the authorization for a given callback URL and client state.
-		/// </summary>
-		/// <param name="callbackUrl">The callback URL.</param>
-		/// <param name="clientState">State of the client stored at the beginning of an authorization request.</param>
-		/// <returns>The authorization state; may be <c>null</c> if no authorization state matches.</returns>
-		IAuthorizationState GetAuthorizationState(Uri callbackUrl, string clientState);
-	}
-
-	/// <summary>
-	/// Contract class for the <see cref="IClientAuthorizationTracker"/> interface.
-	/// </summary>
-	[ContractClassFor(typeof(IClientAuthorizationTracker))]
-	internal abstract class IClientAuthorizationTrackerContract : IClientAuthorizationTracker {
-		/// <summary>
-		/// Prevents a default instance of the <see cref="IClientAuthorizationTrackerContract"/> class from being created.
-		/// </summary>
-		private IClientAuthorizationTrackerContract() {
-		}
-
-		#region IClientTokenManager Members
-
-		/// <summary>
-		/// Gets the state of the authorization for a given callback URL and client state.
-		/// </summary>
-		/// <param name="callbackUrl">The callback URL.</param>
-		/// <param name="clientState">State of the client stored at the beginning of an authorization request.</param>
-		/// <returns>
-		/// The authorization state; may be <c>null</c> if no authorization state matches.
-		/// </returns>
-		IAuthorizationState IClientAuthorizationTracker.GetAuthorizationState(Uri callbackUrl, string clientState) {
-			Requires.NotNull(callbackUrl, "callbackUrl");
-			throw new NotImplementedException();
-		}
-
-		#endregion
-	}
-}
diff --git a/src/DotNetOpenAuth.OAuth2/OAuth2/IClientDescription.cs b/src/DotNetOpenAuth.OAuth2/OAuth2/IClientDescription.cs
deleted file mode 100644
index d30151b..0000000
--- a/src/DotNetOpenAuth.OAuth2/OAuth2/IClientDescription.cs
+++ /dev/null
@@ -1,113 +0,0 @@
-//-----------------------------------------------------------------------
-// <copyright file="IClientDescription.cs" company="Outercurve Foundation">
-//     Copyright (c) Outercurve Foundation. All rights reserved.
-// </copyright>
-//-----------------------------------------------------------------------
-
-namespace DotNetOpenAuth.OAuth2 {
-	using System;
-	using System.Collections.Generic;
-	using System.Diagnostics.Contracts;
-
-	/// <summary>
-	/// A description of a client from an Authorization Server's point of view.
-	/// </summary>
-	[ContractClass(typeof(IClientDescriptionContract))]
-	public interface IClientDescription {
-		/// <summary>
-		/// Gets the client secret.
-		/// </summary>
-		string Secret { get; }
-
-		/// <summary>
-		/// Gets the callback to use when an individual authorization request
-		/// does not include an explicit callback URI.
-		/// </summary>
-		/// <value>An absolute URL; or <c>null</c> if none is registered.</value>
-		Uri DefaultCallback { get; }
-
-		/// <summary>
-		/// Gets the type of the client.
-		/// </summary>
-		ClientType ClientType { get; }
-
-		/// <summary>
-		/// Determines whether a callback URI included in a client's authorization request 
-		/// is among those allowed callbacks for the registered client.
-		/// </summary>
-		/// <param name="callback">The absolute URI the client has requested the authorization result be received at.</param>
-		/// <returns>
-		/// <c>true</c> if the callback URL is allowable for this client; otherwise, <c>false</c>.
-		/// </returns>
-		/// <remarks>
-		/// <para>
-		/// At the point this method is invoked, the identity of the client has <em>not</em>
-		/// been confirmed.  To avoid open redirector attacks, the alleged client's identity
-		/// is used to lookup a list of allowable callback URLs to make sure that the callback URL
-		/// the actual client is requesting is one of the expected ones.
-		/// </para>
-		/// <para>
-		/// From OAuth 2.0 section 2.1: 
-		/// The authorization server SHOULD require the client to pre-register
-		/// their redirection URI or at least certain components such as the
-		/// scheme, host, port and path.  If a redirection URI was registered,
-		/// the authorization server MUST compare any redirection URI received at
-		/// the authorization endpoint with the registered URI.
-		/// </para>
-		/// </remarks>
-		bool IsCallbackAllowed(Uri callback);
-	}
-
-	/// <summary>
-	/// Contract class for the <see cref="IClientDescription"/> interface.
-	/// </summary>
-	[ContractClassFor(typeof(IClientDescription))]
-	internal abstract class IClientDescriptionContract : IClientDescription {
-		#region IClientDescription Members
-
-		/// <summary>
-		/// Gets the client secret.
-		/// </summary>
-		/// <value></value>
-		string IClientDescription.Secret {
-			get { throw new NotImplementedException(); }
-		}
-
-		/// <summary>
-		/// Gets the type of the client.
-		/// </summary>
-		ClientType IClientDescription.ClientType {
-			get { throw new NotImplementedException(); }
-		}
-
-		/// <summary>
-		/// Gets the callback to use when an individual authorization request
-		/// does not include an explicit callback URI.
-		/// </summary>
-		/// <value>
-		/// An absolute URL; or <c>null</c> if none is registered.
-		/// </value>
-		Uri IClientDescription.DefaultCallback {
-			get {
-				Contract.Ensures(Contract.Result<Uri>() == null || Contract.Result<Uri>().IsAbsoluteUri);
-				throw new NotImplementedException();
-			}
-		}
-
-		/// <summary>
-		/// Determines whether a callback URI included in a client's authorization request
-		/// is among those allowed callbacks for the registered client.
-		/// </summary>
-		/// <param name="callback">The requested callback URI.</param>
-		/// <returns>
-		///   <c>true</c> if the callback is allowed; otherwise, <c>false</c>.
-		/// </returns>
-		bool IClientDescription.IsCallbackAllowed(Uri callback) {
-			Requires.NotNull(callback, "callback");
-			Requires.True(callback.IsAbsoluteUri, "callback");
-			throw new NotImplementedException();
-		}
-
-		#endregion
-	}
-}
diff --git a/src/DotNetOpenAuth.OAuth2/OAuth2/StandardAccessTokenAnalyzer.cs b/src/DotNetOpenAuth.OAuth2/OAuth2/StandardAccessTokenAnalyzer.cs
deleted file mode 100644
index 636f490..0000000
--- a/src/DotNetOpenAuth.OAuth2/OAuth2/StandardAccessTokenAnalyzer.cs
+++ /dev/null
@@ -1,66 +0,0 @@
-//-----------------------------------------------------------------------
-// <copyright file="StandardAccessTokenAnalyzer.cs" company="Outercurve Foundation">
-//     Copyright (c) Outercurve Foundation. All rights reserved.
-// </copyright>
-//-----------------------------------------------------------------------
-
-namespace DotNetOpenAuth.OAuth2 {
-	using System;
-	using System.Collections.Generic;
-	using System.Diagnostics.Contracts;
-	using System.Security.Cryptography;
-	using DotNetOpenAuth.Messaging;
-	using DotNetOpenAuth.OAuth2.ChannelElements;
-
-	/// <summary>
-	/// An access token reader that understands DotNetOpenAuth authorization server issued tokens.
-	/// </summary>
-	public class StandardAccessTokenAnalyzer : IAccessTokenAnalyzer {
-		/// <summary>
-		/// Initializes a new instance of the <see cref="StandardAccessTokenAnalyzer"/> class.
-		/// </summary>
-		/// <param name="authorizationServerPublicSigningKey">The crypto service provider with the authorization server public signing key.</param>
-		/// <param name="resourceServerPrivateEncryptionKey">The crypto service provider with the resource server private encryption key.</param>
-		public StandardAccessTokenAnalyzer(RSACryptoServiceProvider authorizationServerPublicSigningKey, RSACryptoServiceProvider resourceServerPrivateEncryptionKey) {
-			Requires.NotNull(authorizationServerPublicSigningKey, "authorizationServerPublicSigningKey");
-			Requires.NotNull(resourceServerPrivateEncryptionKey, "resourceServerPrivateEncryptionKey");
-			Requires.True(!resourceServerPrivateEncryptionKey.PublicOnly, "resourceServerPrivateEncryptionKey");
-			this.AuthorizationServerPublicSigningKey = authorizationServerPublicSigningKey;
-			this.ResourceServerPrivateEncryptionKey = resourceServerPrivateEncryptionKey;
-		}
-
-		/// <summary>
-		/// Gets the authorization server public signing key.
-		/// </summary>
-		/// <value>The authorization server public signing key.</value>
-		public RSACryptoServiceProvider AuthorizationServerPublicSigningKey { get; private set; }
-
-		/// <summary>
-		/// Gets the resource server private encryption key.
-		/// </summary>
-		/// <value>The resource server private encryption key.</value>
-		public RSACryptoServiceProvider ResourceServerPrivateEncryptionKey { get; private set; }
-
-		/// <summary>
-		/// Reads an access token to find out what data it authorizes access to.
-		/// </summary>
-		/// <param name="message">The message carrying the access token.</param>
-		/// <param name="accessToken">The access token.</param>
-		/// <param name="user">The user whose data is accessible with this access token.</param>
-		/// <param name="scope">The scope of access authorized by this access token.</param>
-		/// <returns>
-		/// A value indicating whether this access token is valid.
-		/// </returns>
-		/// <remarks>
-		/// This method also responsible to throw a <see cref="ProtocolException"/> or return
-		/// <c>false</c> when the access token is expired, invalid, or from an untrusted authorization server.
-		/// </remarks>
-		public virtual bool TryValidateAccessToken(IDirectedProtocolMessage message, string accessToken, out string user, out HashSet<string> scope) {
-			var accessTokenFormatter = AccessToken.CreateFormatter(this.AuthorizationServerPublicSigningKey, this.ResourceServerPrivateEncryptionKey);
-			var token = accessTokenFormatter.Deserialize(message, accessToken, Protocol.access_token);
-			user = token.User;
-			scope = new HashSet<string>(token.Scope, OAuthUtilities.ScopeStringComparer);
-			return true;
-		}
-	}
-}