Lots of stylecop fixes.

9 files changed, 115 insertions, 56 deletions

diff --git a/src/DotNetOpenAuth.OpenId.RelyingParty/OpenId/ChannelElements/RelyingPartySecurityOptions.cs b/src/DotNetOpenAuth.OpenId.RelyingParty/OpenId/ChannelElements/RelyingPartySecurityOptions.cs
index 90910b7..b3a3f79 100644
--- a/src/DotNetOpenAuth.OpenId.RelyingParty/OpenId/ChannelElements/RelyingPartySecurityOptions.cs
+++ b/src/DotNetOpenAuth.OpenId.RelyingParty/OpenId/ChannelElements/RelyingPartySecurityOptions.cs
@@ -15,8 +15,14 @@ namespace DotNetOpenAuth.OpenId.ChannelElements {
 	/// Helps ensure compliance to some properties in the <see cref="RelyingPartySecuritySettings"/>.
 	/// </summary>
 	internal class RelyingPartySecurityOptions : IChannelBindingElement {
+		/// <summary>
+		/// A reusable pre-completed task that may be returned multiple times to reduce GC pressure.
+		/// </summary>
 		private static readonly Task<MessageProtections?> NullTask = Task.FromResult<MessageProtections?>(null);
 
+		/// <summary>
+		/// A reusable pre-completed task that may be returned multiple times to reduce GC pressure.
+		/// </summary>
 		private static readonly Task<MessageProtections?> NoneTask =
 			Task.FromResult<MessageProtections?>(MessageProtections.None);
 
diff --git a/src/DotNetOpenAuth.OpenId.RelyingParty/OpenId/ChannelElements/ReturnToNonceBindingElement.cs b/src/DotNetOpenAuth.OpenId.RelyingParty/OpenId/ChannelElements/ReturnToNonceBindingElement.cs
index 1948215..a919560 100644
--- a/src/DotNetOpenAuth.OpenId.RelyingParty/OpenId/ChannelElements/ReturnToNonceBindingElement.cs
+++ b/src/DotNetOpenAuth.OpenId.RelyingParty/OpenId/ChannelElements/ReturnToNonceBindingElement.cs
@@ -48,8 +48,14 @@ namespace DotNetOpenAuth.OpenId.ChannelElements {
 	/// only on the RP side and only on some messages.</para>
 	/// </remarks>
 	internal class ReturnToNonceBindingElement : IChannelBindingElement {
+		/// <summary>
+		/// A reusable, precompleted task that can be returned many times to reduce GC pressure.
+		/// </summary>
 		private static readonly Task<MessageProtections?> NullTask = Task.FromResult<MessageProtections?>(null);
 
+		/// <summary>
+		/// A reusable, precompleted task that can be returned many times to reduce GC pressure.
+		/// </summary>
 		private static readonly Task<MessageProtections?> ReplayProtectionTask =
 			Task.FromResult<MessageProtections?>(MessageProtections.ReplayProtection);
 
diff --git a/src/DotNetOpenAuth.OpenId.RelyingParty/OpenId/HostMetaDiscoveryService.cs b/src/DotNetOpenAuth.OpenId.RelyingParty/OpenId/HostMetaDiscoveryService.cs
index fb4006c..80a1665 100644
--- a/src/DotNetOpenAuth.OpenId.RelyingParty/OpenId/HostMetaDiscoveryService.cs
+++ b/src/DotNetOpenAuth.OpenId.RelyingParty/OpenId/HostMetaDiscoveryService.cs
@@ -193,6 +193,9 @@ namespace DotNetOpenAuth.OpenId {
 		/// <param name="identifier">The identifier under discovery.</param>
 		/// <param name="response">The response.</param>
 		/// <param name="signingHost">The host name on the certificate that should be used to verify the signature in the XRDS.</param>
+		/// <returns>
+		/// A task that completes with the asynchronous operation.
+		/// </returns>
 		/// <exception cref="ProtocolException">Thrown if the XRDS document has an invalid or a missing signature.</exception>
 		[SuppressMessage("Microsoft.Naming", "CA2204:Literals should be spelled correctly", MessageId = "XmlDSig", Justification = "xml")]
 		private static async Task ValidateXmlDSigAsync(XrdsDocument document, UriIdentifier identifier, HttpResponseMessage response, string signingHost) {
@@ -259,6 +262,47 @@ namespace DotNetOpenAuth.OpenId {
 		}
 
 		/// <summary>
+		/// Verifies that a certificate chain is trusted.
+		/// </summary>
+		/// <param name="certificates">The chain of certificates to verify.</param>
+		private static void VerifyCertificateChain(IList<X509Certificate2> certificates) {
+			Requires.NotNullEmptyOrNullElements(certificates, "certificates");
+
+			// Before calling into the OS to validate the certificate, since that can for some bizzare reason hang for 5 seconds
+			// on some systems, check a cache of previously verified certificates first.
+			if (OpenIdElement.Configuration.RelyingParty.HostMetaDiscovery.EnableCertificateValidationCache) {
+				lock (ApprovedCertificateThumbprintCache) {
+					// HashSet<T> isn't thread-safe.
+					if (ApprovedCertificateThumbprintCache.Contains(certificates[0].Thumbprint)) {
+						return;
+					}
+				}
+			}
+
+			// Verify that we trust the signer of the certificates.
+			// Start by trying to validate just the certificate used to sign the XRDS document,
+			// since we can do that with partial trust.
+			Logger.OpenId.Debug("Verifying that we trust the certificate used to sign the discovery document.");
+			if (!certificates[0].Verify()) {
+				// We couldn't verify just the signing certificate, so try to verify the whole certificate chain.
+				try {
+					Logger.OpenId.Debug("Verifying the whole certificate chain.");
+					VerifyCertChain(certificates);
+					Logger.OpenId.Debug("Certificate chain verified.");
+				} catch (SecurityException) {
+					Logger.Yadis.Warn("Signing certificate verification failed and we have insufficient code access security permissions to perform certificate chain validation.");
+					ErrorUtilities.ThrowProtocol(OpenIdStrings.X509CertificateNotTrusted);
+				}
+			}
+
+			if (OpenIdElement.Configuration.RelyingParty.HostMetaDiscovery.EnableCertificateValidationCache) {
+				lock (ApprovedCertificateThumbprintCache) {
+					ApprovedCertificateThumbprintCache.Add(certificates[0].Thumbprint);
+				}
+			}
+		}
+
+		/// <summary>
 		/// Gets the services for an identifier that are described by an external XRDS document.
 		/// </summary>
 		/// <param name="xrds">The XRD elements to search for described-by services.</param>
@@ -332,47 +376,6 @@ namespace DotNetOpenAuth.OpenId {
 		}
 
 		/// <summary>
-		/// Verifies that a certificate chain is trusted.
-		/// </summary>
-		/// <param name="certificates">The chain of certificates to verify.</param>
-		private static void VerifyCertificateChain(IList<X509Certificate2> certificates) {
-			Requires.NotNullEmptyOrNullElements(certificates, "certificates");
-
-			// Before calling into the OS to validate the certificate, since that can for some bizzare reason hang for 5 seconds
-			// on some systems, check a cache of previously verified certificates first.
-			if (OpenIdElement.Configuration.RelyingParty.HostMetaDiscovery.EnableCertificateValidationCache) {
-				lock (ApprovedCertificateThumbprintCache) {
-					// HashSet<T> isn't thread-safe.
-					if (ApprovedCertificateThumbprintCache.Contains(certificates[0].Thumbprint)) {
-						return;
-					}
-				}
-			}
-
-			// Verify that we trust the signer of the certificates.
-			// Start by trying to validate just the certificate used to sign the XRDS document,
-			// since we can do that with partial trust.
-			Logger.OpenId.Debug("Verifying that we trust the certificate used to sign the discovery document.");
-			if (!certificates[0].Verify()) {
-				// We couldn't verify just the signing certificate, so try to verify the whole certificate chain.
-				try {
-					Logger.OpenId.Debug("Verifying the whole certificate chain.");
-					VerifyCertChain(certificates);
-					Logger.OpenId.Debug("Certificate chain verified.");
-				} catch (SecurityException) {
-					Logger.Yadis.Warn("Signing certificate verification failed and we have insufficient code access security permissions to perform certificate chain validation.");
-					ErrorUtilities.ThrowProtocol(OpenIdStrings.X509CertificateNotTrusted);
-				}
-			}
-
-			if (OpenIdElement.Configuration.RelyingParty.HostMetaDiscovery.EnableCertificateValidationCache) {
-				lock (ApprovedCertificateThumbprintCache) {
-					ApprovedCertificateThumbprintCache.Add(certificates[0].Thumbprint);
-				}
-			}
-		}
-
-		/// <summary>
 		/// Gets the XRDS HTTP response for a given identifier.
 		/// </summary>
 		/// <param name="identifier">The identifier.</param>
@@ -479,17 +482,35 @@ namespace DotNetOpenAuth.OpenId {
 			return result;
 		}
 
+		/// <summary>
+		/// A compound result of some value with the signing host.
+		/// </summary>
+		/// <typeparam name="T">The type of the primary result.</typeparam>
 		private struct ResultWithSigningHost<T> : IDisposable {
+			/// <summary>
+			/// Initializes a new instance of the <see cref="ResultWithSigningHost{T}"/> struct.
+			/// </summary>
+			/// <param name="result">The result.</param>
+			/// <param name="signingHost">The signing host.</param>
 			internal ResultWithSigningHost(T result, string signingHost)
 				: this() {
 				this.Result = result;
 				this.SigningHost = signingHost;
 			}
 
+			/// <summary>
+			/// Gets the result.
+			/// </summary>
 			public T Result { get; private set; }
 
+			/// <summary>
+			/// Gets the signing host.
+			/// </summary>
 			public string SigningHost { get; private set; }
 
+			/// <summary>
+			/// Performs application-defined tasks associated with freeing, releasing, or resetting unmanaged resources.
+			/// </summary>
 			public void Dispose() {
 				var disposable = this.Result as IDisposable;
 				disposable.DisposeIfNotNull();
diff --git a/src/DotNetOpenAuth.OpenId.RelyingParty/OpenId/RelyingParty/AssociationManager.cs b/src/DotNetOpenAuth.OpenId.RelyingParty/OpenId/RelyingParty/AssociationManager.cs
index 367c146..86f178b 100644
--- a/src/DotNetOpenAuth.OpenId.RelyingParty/OpenId/RelyingParty/AssociationManager.cs
+++ b/src/DotNetOpenAuth.OpenId.RelyingParty/OpenId/RelyingParty/AssociationManager.cs
@@ -187,7 +187,7 @@ namespace DotNetOpenAuth.OpenId.RelyingParty {
 		/// The newly created association, or null if no association can be created with
 		/// the given Provider given the current security settings.
 		/// </returns>
-		/// <exception cref="ProtocolException"></exception>
+		/// <exception cref="ProtocolException">Create if an error occurs while creating the new association.</exception>
 		private async Task<Association> CreateNewAssociationAsync(IProviderEndpoint provider, AssociateRequest associateRequest, int retriesRemaining, CancellationToken cancellationToken) {
 			Requires.NotNull(provider, "provider");
 
diff --git a/src/DotNetOpenAuth.OpenId.RelyingParty/OpenId/RelyingParty/AuthenticationRequest.cs b/src/DotNetOpenAuth.OpenId.RelyingParty/OpenId/RelyingParty/AuthenticationRequest.cs
index 6298f9c..c7c1fe3 100644
--- a/src/DotNetOpenAuth.OpenId.RelyingParty/OpenId/RelyingParty/AuthenticationRequest.cs
+++ b/src/DotNetOpenAuth.OpenId.RelyingParty/OpenId/RelyingParty/AuthenticationRequest.cs
@@ -355,7 +355,8 @@ namespace DotNetOpenAuth.OpenId.RelyingParty {
 			// Perform discovery right now (not deferred).
 			IEnumerable<IdentifierDiscoveryResult> serviceEndpoints;
 			try {
-				var results = (await relyingParty.DiscoverAsync(userSuppliedIdentifier, cancellationToken)).CacheGeneratedResults();
+				var identifierDiscoveryResults = await relyingParty.DiscoverAsync(userSuppliedIdentifier, cancellationToken);
+				var results = identifierDiscoveryResults.CacheGeneratedResults();
 
 				// If any OP Identifier service elements were found, we must not proceed
 				// to use any Claimed Identifier services, per OpenID 2.0 sections 7.3.2.2 and 11.2.
@@ -404,7 +405,7 @@ namespace DotNetOpenAuth.OpenId.RelyingParty {
 		}
 
 		/// <summary>
-		/// Performs deferred request generation for the <see cref="Create" /> method.
+		/// Performs deferred request generation for the <see cref="CreateAsync" /> method.
 		/// </summary>
 		/// <param name="userSuppliedIdentifier">The user supplied identifier.</param>
 		/// <param name="relyingParty">The relying party.</param>
@@ -534,7 +535,10 @@ namespace DotNetOpenAuth.OpenId.RelyingParty {
 		/// Creates the request message to send to the Provider,
 		/// based on the properties in this instance.
 		/// </summary>
-		/// <returns>The message to send to the Provider.</returns>
+		/// <param name="cancellationToken">The cancellation token.</param>
+		/// <returns>
+		/// The message to send to the Provider.
+		/// </returns>
 		private async Task<SignedResponseRequest> CreateRequestMessageAsync(CancellationToken cancellationToken) {
 			Association association = await this.GetAssociationAsync(cancellationToken);
 
@@ -565,7 +569,10 @@ namespace DotNetOpenAuth.OpenId.RelyingParty {
 		/// <summary>
 		/// Gets the association to use for this authentication request.
 		/// </summary>
-		/// <returns>The association to use; <c>null</c> to use 'dumb mode'.</returns>
+		/// <param name="cancellationToken">The cancellation token.</param>
+		/// <returns>
+		/// The association to use; <c>null</c> to use 'dumb mode'.
+		/// </returns>
 		private async Task<Association> GetAssociationAsync(CancellationToken cancellationToken) {
 			Association association = null;
 			switch (this.associationPreference) {
diff --git a/src/DotNetOpenAuth.OpenId.RelyingParty/OpenId/RelyingParty/ISetupRequiredAuthenticationResponse.cs b/src/DotNetOpenAuth.OpenId.RelyingParty/OpenId/RelyingParty/ISetupRequiredAuthenticationResponse.cs
index af36a00..f4fdeb1 100644
--- a/src/DotNetOpenAuth.OpenId.RelyingParty/OpenId/RelyingParty/ISetupRequiredAuthenticationResponse.cs
+++ b/src/DotNetOpenAuth.OpenId.RelyingParty/OpenId/RelyingParty/ISetupRequiredAuthenticationResponse.cs
@@ -7,6 +7,7 @@
 namespace DotNetOpenAuth.OpenId.RelyingParty {
 	using System;
 	using System.Threading;
+	using System.Web;
 
 	/// <summary>
 	/// An interface to expose useful properties and functionality for handling
diff --git a/src/DotNetOpenAuth.OpenId.RelyingParty/OpenId/RelyingParty/NegativeAuthenticationResponse.cs b/src/DotNetOpenAuth.OpenId.RelyingParty/OpenId/RelyingParty/NegativeAuthenticationResponse.cs
index 79fc5de..fdd3529 100644
--- a/src/DotNetOpenAuth.OpenId.RelyingParty/OpenId/RelyingParty/NegativeAuthenticationResponse.cs
+++ b/src/DotNetOpenAuth.OpenId.RelyingParty/OpenId/RelyingParty/NegativeAuthenticationResponse.cs
@@ -8,6 +8,7 @@ namespace DotNetOpenAuth.OpenId.RelyingParty {
 	using System;
 	using System.Collections.Generic;
 	using System.Linq;
+	using System.Threading;
 	using System.Threading.Tasks;
 	using System.Web;
 	using DotNetOpenAuth.Messaging;
diff --git a/src/DotNetOpenAuth.OpenId.RelyingParty/OpenId/RelyingParty/OpenIdRelyingParty.cs b/src/DotNetOpenAuth.OpenId.RelyingParty/OpenId/RelyingParty/OpenIdRelyingParty.cs
index db23cdb..ad20356 100644
--- a/src/DotNetOpenAuth.OpenId.RelyingParty/OpenId/RelyingParty/OpenIdRelyingParty.cs
+++ b/src/DotNetOpenAuth.OpenId.RelyingParty/OpenId/RelyingParty/OpenIdRelyingParty.cs
@@ -336,7 +336,8 @@ namespace DotNetOpenAuth.OpenId.RelyingParty {
 			Requires.NotNull(realm, "realm");
 			Requires.NotNull(returnToUrl, "returnToUrl");
 			try {
-				return (await this.CreateRequestsAsync(userSuppliedIdentifier, realm, returnToUrl)).First();
+				var requests = await this.CreateRequestsAsync(userSuppliedIdentifier, realm, returnToUrl);
+				return requests.First();
 			} catch (InvalidOperationException ex) {
 				throw ErrorUtilities.Wrap(ex, OpenIdStrings.OpenIdEndpointNotFound);
 			}
@@ -364,7 +365,8 @@ namespace DotNetOpenAuth.OpenId.RelyingParty {
 			Requires.NotNull(userSuppliedIdentifier, "userSuppliedIdentifier");
 			Requires.NotNull(realm, "realm");
 			try {
-				var result = (await this.CreateRequestsAsync(userSuppliedIdentifier, realm, cancellationToken: cancellationToken)).First();
+				var request = await this.CreateRequestsAsync(userSuppliedIdentifier, realm, cancellationToken: cancellationToken);
+				var result = request.First();
 				Assumes.True(result != null);
 				return result;
 			} catch (InvalidOperationException ex) {
@@ -391,7 +393,8 @@ namespace DotNetOpenAuth.OpenId.RelyingParty {
 		public async Task<IAuthenticationRequest> CreateRequestAsync(Identifier userSuppliedIdentifier, HttpRequestBase requestContext = null, CancellationToken cancellationToken = default(CancellationToken)) {
 			Requires.NotNull(userSuppliedIdentifier, "userSuppliedIdentifier");
 			try {
-				return (await this.CreateRequestsAsync(userSuppliedIdentifier, requestContext, cancellationToken)).First();
+				var authenticationRequests = await this.CreateRequestsAsync(userSuppliedIdentifier, requestContext, cancellationToken);
+				return authenticationRequests.First();
 			} catch (InvalidOperationException ex) {
 				throw ErrorUtilities.Wrap(ex, OpenIdStrings.OpenIdEndpointNotFound);
 			}
@@ -495,7 +498,7 @@ namespace DotNetOpenAuth.OpenId.RelyingParty {
 		///   <para>Any individual generated request can satisfy the authentication.
 		/// The generated requests are sorted in preferred order.
 		/// Each request is generated as it is enumerated to.  Associations are created only as
-		///   <see cref="IAuthenticationRequest.RedirectingResponse" /> is called.</para>
+		///   <see cref="IAuthenticationRequest.GetRedirectingResponseAsync" /> is called.</para>
 		///   <para>No exception is thrown if no OpenID endpoints were discovered.
 		/// An empty enumerable is returned instead.</para>
 		///   <para>Requires an <see cref="HttpContext.Current">HttpContext.Current</see> context.</para>
@@ -509,9 +512,12 @@ namespace DotNetOpenAuth.OpenId.RelyingParty {
 		/// <summary>
 		/// Gets an authentication response from a Provider.
 		/// </summary>
-		/// <returns>The processed authentication response if there is any; <c>null</c> otherwise.</returns>
+		/// <param name="cancellationToken">The cancellation token.</param>
+		/// <returns>
+		/// The processed authentication response if there is any; <c>null</c> otherwise.
+		/// </returns>
 		/// <remarks>
-		/// <para>Requires an <see cref="HttpContext.Current">HttpContext.Current</see> context.</para>
+		/// Requires an <see cref="HttpContext.Current">HttpContext.Current</see> context.
 		/// </remarks>
 		public Task<IAuthenticationResponse> GetResponseAsync(CancellationToken cancellationToken) {
 			RequiresEx.ValidState(HttpContext.Current != null && HttpContext.Current.Request != null, MessagingStrings.HttpContextRequired);
@@ -565,9 +571,12 @@ namespace DotNetOpenAuth.OpenId.RelyingParty {
 		/// <summary>
 		/// Processes the response received in a popup window or iframe to an AJAX-directed OpenID authentication.
 		/// </summary>
-		/// <returns>The HTTP response to send to this HTTP request.</returns>
+		/// <param name="cancellationToken">The cancellation token.</param>
+		/// <returns>
+		/// The HTTP response to send to this HTTP request.
+		/// </returns>
 		/// <remarks>
-		/// <para>Requires an <see cref="HttpContext.Current">HttpContext.Current</see> context.</para>
+		/// Requires an <see cref="HttpContext.Current">HttpContext.Current</see> context.
 		/// </remarks>
 		public Task<HttpResponseMessage> ProcessResponseFromPopupAsync(CancellationToken cancellationToken) {
 			RequiresEx.ValidState(HttpContext.Current != null && HttpContext.Current.Request != null, MessagingStrings.HttpContextRequired);
@@ -597,7 +606,7 @@ namespace DotNetOpenAuth.OpenId.RelyingParty {
 		/// <typeparam name="T">The extension <i>response</i> type that will read data from the assertion.</typeparam>
 		/// <param name="propertyName">The property name on the openid_identifier input box object that will be used to store the extension data.  For example: sreg</param>
 		/// <remarks>
-		/// This method should be called before <see cref="ProcessResponseFromPopup()"/>.
+		/// This method should be called before <see cref="ProcessResponseFromPopupAsync()"/>.
 		/// </remarks>
 		[SuppressMessage("Microsoft.Design", "CA1004:GenericMethodsShouldProvideTypeParameter", Justification = "By design")]
 		public void RegisterClientScriptExtension<T>(string propertyName) where T : IClientScriptExtensionResponse {
diff --git a/src/DotNetOpenAuth.OpenId.RelyingParty/OpenId/RelyingParty/PositiveAuthenticationResponse.cs b/src/DotNetOpenAuth.OpenId.RelyingParty/OpenId/RelyingParty/PositiveAuthenticationResponse.cs
index d73d45f..79e9f65 100644
--- a/src/DotNetOpenAuth.OpenId.RelyingParty/OpenId/RelyingParty/PositiveAuthenticationResponse.cs
+++ b/src/DotNetOpenAuth.OpenId.RelyingParty/OpenId/RelyingParty/PositiveAuthenticationResponse.cs
@@ -16,7 +16,7 @@ namespace DotNetOpenAuth.OpenId.RelyingParty {
 	using Validation;
 
 	/// <summary>
-	/// Wraps a positive assertion response in an <see cref="IAuthenticationResponse"/> instance
+	/// Wraps a positive assertion response in an <see cref="IAuthenticationResponse" /> instance
 	/// for public consumption by the host web site.
 	/// </summary>
 	[DebuggerDisplay("Status: {Status}, ClaimedIdentifier: {ClaimedIdentifier}")]
@@ -123,6 +123,14 @@ namespace DotNetOpenAuth.OpenId.RelyingParty {
 			get { return (PositiveAssertionResponse)base.Response; }
 		}
 
+		/// <summary>
+		/// Initializes a new instance of the <see cref="PositiveAuthenticationResponse"/> class
+		/// after verifying that discovery on the identifier matches the asserted data.
+		/// </summary>
+		/// <param name="response">The response.</param>
+		/// <param name="relyingParty">The relying party.</param>
+		/// <param name="cancellationToken">The cancellation token.</param>
+		/// <returns>The newly initialized instance.</returns>
 		internal static async Task<PositiveAuthenticationResponse> CreateAsync(
 			PositiveAssertionResponse response, OpenIdRelyingParty relyingParty, CancellationToken cancellationToken) {
 			var result = new PositiveAuthenticationResponse(response, relyingParty);