More work toward OAuth 2.0 working in the project templates.

7 files changed, 56 insertions, 27 deletions

diff --git a/src/DotNetOpenAuth/OAuth2/ChannelElements/AccessRequestBindingElement.cs b/src/DotNetOpenAuth/OAuth2/ChannelElements/AccessRequestBindingElement.cs
index b71b66d..eaa444d 100644
--- a/src/DotNetOpenAuth/OAuth2/ChannelElements/AccessRequestBindingElement.cs
+++ b/src/DotNetOpenAuth/OAuth2/ChannelElements/AccessRequestBindingElement.cs
@@ -7,6 +7,7 @@
 namespace DotNetOpenAuth.OAuth2.ChannelElements {
 	using System;
 	using System.Collections.Generic;
+	using System.Globalization;
 	using System.Linq;
 	using System.Text;
 	using DotNetOpenAuth.Messaging;
@@ -52,12 +53,18 @@ namespace DotNetOpenAuth.OAuth2.ChannelElements {
 		/// <see cref="MessagePartAttribute.RequiredProtection"/> properties where applicable.
 		/// </remarks>
 		public override MessageProtections? ProcessOutgoingMessage(IProtocolMessage message) {
-			var tokenRequest = message as ITokenCarryingRequest;
-			if (tokenRequest != null) {
-				ErrorUtilities.VerifyInternal(tokenRequest.CodeOrTokenType == CodeOrTokenType.AuthorizationCode, "Only verification codes are expected here.");
-				var tokenBag = (AuthorizationCode)tokenRequest.AuthorizationDescription;
-				var formatter = AuthorizationCode.CreateFormatter(this.AuthorizationServer);
-				tokenRequest.CodeOrToken = formatter.Serialize(tokenBag);
+			var response = message as ITokenCarryingRequest;
+			if (response != null) {
+				switch (response.CodeOrTokenType)
+				{
+					case CodeOrTokenType.AuthorizationCode:
+						var codeFormatter = AuthorizationCode.CreateFormatter(this.AuthorizationServer);
+						var code = (AuthorizationCode)response.AuthorizationDescription;
+						response.CodeOrToken = codeFormatter.Serialize(code);
+						break;
+					default:
+						throw ErrorUtilities.ThrowInternal(string.Format(CultureInfo.CurrentCulture, "Unexpected outgoing code or token type: {0}", response.CodeOrTokenType));
+				}
 
 				return MessageProtections.None;
 			}
diff --git a/src/DotNetOpenAuth/OAuth2/ClientBase.cs b/src/DotNetOpenAuth/OAuth2/ClientBase.cs
index b2b63aa..46b6af4 100644
--- a/src/DotNetOpenAuth/OAuth2/ClientBase.cs
+++ b/src/DotNetOpenAuth/OAuth2/ClientBase.cs
@@ -184,6 +184,28 @@ namespace DotNetOpenAuth.OAuth2 {
 			authorizationState.SaveChanges();
 		}
 
+		internal void UpdateAuthorizationWithResponse(IAuthorizationState authorizationState, EndUserAuthorizationSuccessAuthCodeResponse authorizationSuccess) {
+			Contract.Requires<ArgumentNullException>(authorizationState != null, "authorizationState");
+			Contract.Requires<ArgumentNullException>(authorizationSuccess != null, "authorizationSuccess");
+
+			var accessTokenRequest = new AccessTokenAuthorizationCodeRequest(this.AuthorizationServer) {
+				ClientIdentifier = this.ClientIdentifier,
+				ClientSecret = this.ClientSecret,
+				Callback = authorizationState.Callback,
+				AuthorizationCode = authorizationSuccess.AuthorizationCode,
+			};
+			IProtocolMessage accessTokenResponse = this.Channel.Request(accessTokenRequest);
+			var accessTokenSuccess = accessTokenResponse as AccessTokenSuccessResponse;
+			var failedAccessTokenResponse = accessTokenResponse as AccessTokenFailedResponse;
+			if (accessTokenSuccess != null) {
+				this.UpdateAuthorizationWithResponse(authorizationState, accessTokenSuccess);
+			} else {
+				authorizationState.Delete();
+				string error = failedAccessTokenResponse != null ? failedAccessTokenResponse.Error : "(unknown)";
+				ErrorUtilities.ThrowProtocol(OAuthWrapStrings.CannotObtainAccessTokenWithReason, error);
+			}
+		}
+
 		/// <summary>
 		/// Calculates the fraction of life remaining in an access token.
 		/// </summary>
diff --git a/src/DotNetOpenAuth/OAuth2/Messages/UnauthorizedResponse.cs b/src/DotNetOpenAuth/OAuth2/Messages/UnauthorizedResponse.cs
index 90ef662..0f12a8c 100644
--- a/src/DotNetOpenAuth/OAuth2/Messages/UnauthorizedResponse.cs
+++ b/src/DotNetOpenAuth/OAuth2/Messages/UnauthorizedResponse.cs
@@ -19,6 +19,17 @@ namespace DotNetOpenAuth.OAuth2.Messages {
 		/// <summary>
 		/// Initializes a new instance of the <see cref="UnauthorizedResponse"/> class.
 		/// </summary>
+		/// <param name="exception">The exception.</param>
+		/// <param name="version">The protocol version.</param>
+		internal UnauthorizedResponse(ProtocolException exception, Version version = null)
+			: base(version ?? Protocol.Default.Version) {
+			Contract.Requires<ArgumentNullException>(exception != null, "exception");
+			this.ErrorMessage = exception.Message;
+		}
+
+		/// <summary>
+		/// Initializes a new instance of the <see cref="UnauthorizedResponse"/> class.
+		/// </summary>
 		/// <param name="request">The request.</param>
 		internal UnauthorizedResponse(IDirectedProtocolMessage request)
 			: base(request) {
diff --git a/src/DotNetOpenAuth/OAuth2/ResourceServer.cs b/src/DotNetOpenAuth/OAuth2/ResourceServer.cs
index 3a86d29..25af340 100644
--- a/src/DotNetOpenAuth/OAuth2/ResourceServer.cs
+++ b/src/DotNetOpenAuth/OAuth2/ResourceServer.cs
@@ -92,7 +92,7 @@ namespace DotNetOpenAuth.OAuth2 {
 					throw ErrorUtilities.ThrowProtocol("Missing access token.");
 				}
 			} catch (ProtocolException ex) {
-				var response = new UnauthorizedResponse(request, ex);
+				var response = request != null ? new UnauthorizedResponse(request, ex) : new UnauthorizedResponse(ex);
 
 				username = null;
 				scope = null;
diff --git a/src/DotNetOpenAuth/OAuth2/UserAgentClient.cs b/src/DotNetOpenAuth/OAuth2/UserAgentClient.cs
index 1a30af0..f7e1a9f 100644
--- a/src/DotNetOpenAuth/OAuth2/UserAgentClient.cs
+++ b/src/DotNetOpenAuth/OAuth2/UserAgentClient.cs
@@ -90,10 +90,13 @@ namespace DotNetOpenAuth.OAuth2 {
 				return null;
 			}
 
-			EndUserAuthorizationSuccessAccessTokenResponse success;
+			EndUserAuthorizationSuccessAccessTokenResponse accessTokenSuccess;
+			EndUserAuthorizationSuccessAuthCodeResponse authCodeSuccess;
 			EndUserAuthorizationFailedResponse failure;
-			if ((success = response as EndUserAuthorizationSuccessAccessTokenResponse) != null) {
-				this.UpdateAuthorizationWithResponse(authorizationState, success);
+			if ((accessTokenSuccess = response as EndUserAuthorizationSuccessAccessTokenResponse) != null) {
+				this.UpdateAuthorizationWithResponse(authorizationState, accessTokenSuccess);
+			} else if ((authCodeSuccess = response as EndUserAuthorizationSuccessAuthCodeResponse) != null) {
+				this.UpdateAuthorizationWithResponse(authorizationState, authCodeSuccess);
 			} else if ((failure = response as EndUserAuthorizationFailedResponse) != null) {
 				authorizationState.Delete();
 				return null;
diff --git a/src/DotNetOpenAuth/OAuth2/WebServerAuthorizationServer.cs b/src/DotNetOpenAuth/OAuth2/WebServerAuthorizationServer.cs
index 66bc96d..8800efd 100644
--- a/src/DotNetOpenAuth/OAuth2/WebServerAuthorizationServer.cs
+++ b/src/DotNetOpenAuth/OAuth2/WebServerAuthorizationServer.cs
@@ -70,7 +70,8 @@ namespace DotNetOpenAuth.OAuth2 {
 			if (request != null) {
 				// This convenience method only encrypts access tokens assuming that this auth server
 				// doubles as the resource server.
-				response = this.PrepareAccessTokenResponse(request, this.AuthorizationServer.AccessTokenSigningPrivateKey);
+				RSAParameters resourceServerPublicKey = this.AuthorizationServer.AccessTokenSigningPrivateKey;
+				response = this.PrepareAccessTokenResponse(request, resourceServerPublicKey);
 				return true;
 			}
 
diff --git a/src/DotNetOpenAuth/OAuth2/WebServerClient.cs b/src/DotNetOpenAuth/OAuth2/WebServerClient.cs
index d7116df..9b95677 100644
--- a/src/DotNetOpenAuth/OAuth2/WebServerClient.cs
+++ b/src/DotNetOpenAuth/OAuth2/WebServerClient.cs
@@ -120,22 +120,7 @@ namespace DotNetOpenAuth.OAuth2 {
 				var failure = response as EndUserAuthorizationFailedResponse;
 				ErrorUtilities.VerifyProtocol(success != null || failure != null, MessagingStrings.UnexpectedMessageReceivedOfMany);
 				if (success != null) {
-					var accessTokenRequest = new AccessTokenAuthorizationCodeRequest(this.AuthorizationServer) {
-						ClientIdentifier = this.ClientIdentifier,
-						ClientSecret = this.ClientSecret,
-						Callback = authorizationState.Callback,
-						AuthorizationCode = success.AuthorizationCode,
-					};
-					IProtocolMessage accessTokenResponse = this.Channel.Request(accessTokenRequest);
-					var accessTokenSuccess = accessTokenResponse as AccessTokenSuccessResponse;
-					var failedAccessTokenResponse = accessTokenResponse as AccessTokenFailedResponse;
-					if (accessTokenSuccess != null) {
-						this.UpdateAuthorizationWithResponse(authorizationState, accessTokenSuccess);
-					} else {
-						authorizationState.Delete();
-						string error = failedAccessTokenResponse != null ? failedAccessTokenResponse.Error : "(unknown)";
-						ErrorUtilities.ThrowProtocol(OAuthWrapStrings.CannotObtainAccessTokenWithReason, error);
-					}
+					UpdateAuthorizationWithResponse(authorizationState, success);
 				} else { // failure
 					Logger.OAuth.Info("User refused to grant the requested authorization at the Authorization Server.");
 					authorizationState.Delete();