Merge branch 'v4.3' of https://github.com/DotNetOpenAuth/DotNetOpenAuth into v4.3

4 files changed, 56 insertions, 16 deletions

diff --git a/src/.nuget/NuGet.exe b/src/.nuget/NuGet.exe
new file mode 100644
index 0000000..8d13fd8
--- /dev/null
+++ b/src/.nuget/NuGet.exe
diff --git a/src/DotNetOpenAuth.AspNet/Clients/OAuth2/AzureADClient.cs b/src/DotNetOpenAuth.AspNet/Clients/OAuth2/AzureADClient.cs
index 6ff93e7..381e8ab 100644
--- a/src/DotNetOpenAuth.AspNet/Clients/OAuth2/AzureADClient.cs
+++ b/src/DotNetOpenAuth.AspNet/Clients/OAuth2/AzureADClient.cs
@@ -30,17 +30,17 @@ namespace DotNetOpenAuth.AspNet.Clients {
 		/// <summary>
 		/// The authorization endpoint.
 		/// </summary>
-		private const string AuthorizationEndpoint = "https://login.windows.net/global/oauth2/authorize";
+		private const string AuthorizationEndpoint = "https://login.windows.net/common/oauth2/authorize";
 
 		/// <summary>
 		/// The token endpoint.
 		/// </summary>
-		private const string TokenEndpoint = "https://login.windows.net/global/oauth2/token";
+		private const string TokenEndpoint = "https://login.windows.net/common/oauth2/token";
 
 		/// <summary>
 		/// The name of the graph resource.
 		/// </summary>
-		private const string GraphResource = "00000002-0000-0000-c000-000000000000/graph.windows.net";
+		private const string GraphResource = "https://graph.windows.net";
 
 		/// <summary>
 		/// The URL to get the token decoding certificate from.
@@ -149,7 +149,7 @@ namespace DotNetOpenAuth.AspNet.Clients {
 					{ "response_type", "code" },
 					{ "resource", this.resource },
 				});
-			return builder.Uri;
+				return builder.Uri;
 		}
 
 		/// <summary>
@@ -165,7 +165,7 @@ namespace DotNetOpenAuth.AspNet.Clients {
 				AzureADGraph graphData;
 				WebRequest request =
 					WebRequest.Create(
-						GraphEndpoint + this.tenantid + "/users/" + this.userid + "?api-version=0.9");
+						GraphEndpoint + this.tenantid + "/users/" + this.userid + "?api-version=2013-04-05");
 				request.Headers = new WebHeaderCollection();
 				request.Headers.Add("authorization", accessToken);
 				using (var response = request.GetResponse()) {
@@ -208,6 +208,7 @@ namespace DotNetOpenAuth.AspNet.Clients {
 						{ "client_secret", this.appSecret },
 						{ "code", authorizationCode },
 						{ "grant_type", "authorization_code" },
+						{ "api_version", "1.0" },
 					});
 
 				WebRequest tokenRequest = WebRequest.Create(TokenEndpoint);
diff --git a/src/DotNetOpenAuth.AspNet/Clients/OAuth2/FacebookClient.cs b/src/DotNetOpenAuth.AspNet/Clients/OAuth2/FacebookClient.cs
index a8c121d..45804d1 100644
--- a/src/DotNetOpenAuth.AspNet/Clients/OAuth2/FacebookClient.cs
+++ b/src/DotNetOpenAuth.AspNet/Clients/OAuth2/FacebookClient.cs
@@ -39,12 +39,18 @@ namespace DotNetOpenAuth.AspNet.Clients {
 		/// </summary>
 		private readonly string appSecret;
 
+		/// <summary>
+		/// The scope.
+		/// </summary>
+		private readonly string[] scope;
+
 		#endregion
 
 		#region Constructors and Destructors
 
 		/// <summary>
-		/// Initializes a new instance of the <see cref="FacebookClient"/> class.
+		/// Initializes a new instance of the <see cref="FacebookClient"/> class
+		/// with "email" as the scope.
 		/// </summary>
 		/// <param name="appId">
 		/// The app id.
@@ -53,12 +59,30 @@ namespace DotNetOpenAuth.AspNet.Clients {
 		/// The app secret.
 		/// </param>
 		public FacebookClient(string appId, string appSecret)
+			: this(appId, appSecret, "email") {
+		}
+
+		/// <summary>
+		/// Initializes a new instance of the <see cref="FacebookClient"/> class.
+		/// </summary>
+		/// <param name="appId">
+		/// The app id.
+		/// </param>
+		/// <param name="appSecret">
+		/// The app secret.
+		/// </param>
+		/// <param name="scope">
+		/// The scope of authorization to request when authenticating with Facebook. The default is "email".
+		/// </param>
+		public FacebookClient(string appId, string appSecret, params string[] scope)
 			: base("facebook") {
 			Requires.NotNullOrEmpty(appId, "appId");
 			Requires.NotNullOrEmpty(appSecret, "appSecret");
+			Requires.NotNullOrEmpty(scope, "scope");
 
 			this.appId = appId;
 			this.appSecret = appSecret;
+			this.scope = scope;
 		}
 
 		#endregion
@@ -79,7 +103,7 @@ namespace DotNetOpenAuth.AspNet.Clients {
 				new Dictionary<string, string> {
 					{ "client_id", this.appId },
 					{ "redirect_uri", returnUrl.AbsoluteUri },
-					{ "scope", "email" },
+					{ "scope", string.Join(" ", this.scope) },
 				});
 			return builder.Uri;
 		}
diff --git a/src/DotNetOpenAuth.AspNet/Clients/OAuth2/MicrosoftClient.cs b/src/DotNetOpenAuth.AspNet/Clients/OAuth2/MicrosoftClient.cs
index 653a0b0..1fb219e 100644
--- a/src/DotNetOpenAuth.AspNet/Clients/OAuth2/MicrosoftClient.cs
+++ b/src/DotNetOpenAuth.AspNet/Clients/OAuth2/MicrosoftClient.cs
@@ -37,21 +37,34 @@ namespace DotNetOpenAuth.AspNet.Clients {
 		/// </summary>
 		private readonly string appSecret;
 
+		/// <summary>
+		/// The requested scopes.
+		/// </summary>
+		private readonly string[] requestedScopes;
+
 		#endregion
 
 		#region Constructors and Destructors
 
 		/// <summary>
 		/// Initializes a new instance of the <see cref="MicrosoftClient"/> class.
+		/// Requests a scope of "wl.basic" by default, but "wl.signin" is a good minimal alternative.
 		/// </summary>
-		/// <param name="appId">
-		/// The app id.
-		/// </param>
-		/// <param name="appSecret">
-		/// The app secret.
-		/// </param>
+		/// <param name="appId">The app id.</param>
+		/// <param name="appSecret">The app secret.</param>
 		public MicrosoftClient(string appId, string appSecret)
-			: this("microsoft", appId, appSecret) {
+			: this(appId, appSecret, "wl.basic")
+		{
+		}
+
+		/// <summary>
+		/// Initializes a new instance of the <see cref="MicrosoftClient"/> class.
+		/// </summary>
+		/// <param name="appId">The app id.</param>
+		/// <param name="appSecret">The app secret.</param>
+		/// <param name="requestedScopes">One or more requested scopes.</param>
+		public MicrosoftClient(string appId, string appSecret, params string[] requestedScopes)
+			: this("microsoft", appId, appSecret, requestedScopes) {
 		}
 
 		/// <summary>
@@ -60,13 +73,15 @@ namespace DotNetOpenAuth.AspNet.Clients {
 		/// <param name="providerName">The provider name.</param>
 		/// <param name="appId">The app id.</param>
 		/// <param name="appSecret">The app secret.</param>
-		protected MicrosoftClient(string providerName, string appId, string appSecret)
+		/// <param name="requestedScopes">One or more requested scopes.</param>
+		protected MicrosoftClient(string providerName, string appId, string appSecret, string[] requestedScopes)
 			: base(providerName) {
 			Requires.NotNullOrEmpty(appId, "appId");
 			Requires.NotNullOrEmpty(appSecret, "appSecret");
 
 			this.appId = appId;
 			this.appSecret = appSecret;
+			this.requestedScopes = requestedScopes;
 		}
 
 		#endregion
@@ -92,7 +107,7 @@ namespace DotNetOpenAuth.AspNet.Clients {
 			builder.AppendQueryArgs(
 				new Dictionary<string, string> {
 					{ "client_id", this.appId },
-					{ "scope", "wl.basic" },
+					{ "scope", string.Join(" ", this.requestedScopes) },
 					{ "response_type", "code" },
 					{ "redirect_uri", returnUrl.AbsoluteUri },
 				});