6 files changed, 54 insertions, 115 deletions
diff --git a/samples/OAuthClient/Facebook.aspx.cs b/samples/OAuthClient/Facebook.aspx.cs
index 0f71712..4701d24 100644
--- a/samples/OAuthClient/Facebook.aspx.cs
+++ b/samples/OAuthClient/Facebook.aspx.cs
@@ -10,7 +10,7 @@
 	public partial class Facebook : System.Web.UI.Page {
 		private static readonly FacebookClient client = new FacebookClient {
 			ClientIdentifier = ConfigurationManager.AppSettings["facebookAppID"],
-			ClientSecret = ConfigurationManager.AppSettings["facebookAppSecret"],
+			ClientCredentialApplicator = ClientCredentialApplicator.PostParameter(ConfigurationManager.AppSettings["facebookAppSecret"]),
 		};
 
 		protected void Page_Load(object sender, EventArgs e) {
diff --git a/samples/OAuthClient/OAuthClient.csproj b/samples/OAuthClient/OAuthClient.csproj
index cd9da61..036a913 100644
--- a/samples/OAuthClient/OAuthClient.csproj
+++ b/samples/OAuthClient/OAuthClient.csproj
@@ -1,6 +1,16 @@
 <?xml version="1.0" encoding="utf-8"?>
 <Project ToolsVersion="4.0" DefaultTargets="Build" xmlns="http://schemas.microsoft.com/developer/msbuild/2003">
   <Import Project="$([MSBuild]::GetDirectoryNameOfFileAbove($(MSBuildProjectDirectory), EnlistmentInfo.props))\EnlistmentInfo.props" Condition=" '$([MSBuild]::GetDirectoryNameOfFileAbove($(MSBuildProjectDirectory), EnlistmentInfo.props))' != '' " />
+  <Import Project="$(MSBuildExtensionsPath)\$(MSBuildToolsVersion)\Microsoft.Common.props" Condition="Exists('$(MSBuildExtensionsPath)\$(MSBuildToolsVersion)\Microsoft.Common.props')" />
+  <PropertyGroup>
+    <VisualStudioVersion Condition="'$(VisualStudioVersion)' == ''">10.0</VisualStudioVersion>
+    <VSToolsPath Condition="'$(VSToolsPath)' == ''">$(MSBuildExtensionsPath32)\Microsoft\VisualStudio\v$(VisualStudioVersion)</VSToolsPath>
+    <OldToolsVersion>4.0</OldToolsVersion>
+    <IISExpressSSLPort />
+    <IISExpressAnonymousAuthentication />
+    <IISExpressWindowsAuthentication />
+    <IISExpressUseClassicPipelineMode />
+  </PropertyGroup>
   <PropertyGroup>
     <Configuration Condition=" '$(Configuration)' == '' ">Debug</Configuration>
     <Platform Condition=" '$(Platform)' == '' ">AnyCPU</Platform>
@@ -13,9 +23,9 @@
     <AppDesignerFolder>Properties</AppDesignerFolder>
     <RootNamespace>OAuthClient</RootNamespace>
     <AssemblyName>OAuthClient</AssemblyName>
-    <TargetFrameworkVersion>v3.5</TargetFrameworkVersion>
+    <TargetFrameworkVersion>v4.0</TargetFrameworkVersion>
     <TargetFrameworkProfile />
-    <UseIISExpress>false</UseIISExpress>
+    <UseIISExpress>true</UseIISExpress>
   </PropertyGroup>
   <PropertyGroup Condition=" '$(Configuration)|$(Platform)' == 'Debug|AnyCPU' ">
     <DebugSymbols>true</DebugSymbols>
@@ -47,9 +57,10 @@
     <Reference Include="System.Runtime.Serialization" />
     <Reference Include="System.ServiceModel" />
     <Reference Include="System.Web.Abstractions" />
-    <Reference Include="System.Web.Extensions" />
     <Reference Include="System.Drawing" />
     <Reference Include="System.Web" />
+    <Reference Include="System.Web.ApplicationServices" />
+    <Reference Include="System.Web.Extensions" />
     <Reference Include="System.Xml" />
     <Reference Include="System.Configuration" />
     <Reference Include="System.Web.Services" />
@@ -222,17 +233,17 @@
     <WCFMetadataStorage Include="Service References\SampleResourceServer\" />
   </ItemGroup>
   <Import Project="$(MSBuildBinPath)\Microsoft.CSharp.targets" />
-  <Import Project="$(MSBuildExtensionsPath32)\Microsoft\VisualStudio\v10.0\WebApplications\Microsoft.WebApplication.targets" />
+  <Import Project="$(VSToolsPath)\WebApplications\Microsoft.WebApplication.targets" Condition="'$(VSToolsPath)' != ''" />
+  <Import Project="$(MSBuildExtensionsPath32)\Microsoft\VisualStudio\v10.0\WebApplications\Microsoft.WebApplication.targets" Condition="false" />
   <ProjectExtensions>
     <VisualStudio>
       <FlavorProperties GUID="{349c5851-65df-11da-9384-00065b846f21}">
         <WebProjectProperties>
-          <UseIIS>False</UseIIS>
+          <UseIIS>True</UseIIS>
           <AutoAssignPort>False</AutoAssignPort>
           <DevelopmentServerPort>59722</DevelopmentServerPort>
           <DevelopmentServerVPath>/</DevelopmentServerVPath>
-          <IISUrl>
-          </IISUrl>
+          <IISUrl>http://localhost:59722/</IISUrl>
           <NTLMAuthentication>False</NTLMAuthentication>
           <UseCustomServer>False</UseCustomServer>
           <CustomServerUrl>
diff --git a/samples/OAuthClient/SampleWcf2.aspx.cs b/samples/OAuthClient/SampleWcf2.aspx.cs
index f4d2dd5..06bbe9b 100644
--- a/samples/OAuthClient/SampleWcf2.aspx.cs
+++ b/samples/OAuthClient/SampleWcf2.aspx.cs
@@ -87,6 +87,8 @@
 				this.nameLabel.Text = this.CallService(client => client.GetName());
 			} catch (SecurityAccessDeniedException) {
 				this.nameLabel.Text = "Access denied!";
+			} catch (MessageSecurityException) {
+				this.nameLabel.Text = "Access denied!";
 			}
 		}
 
@@ -96,6 +98,8 @@
 				this.ageLabel.Text = age.HasValue ? age.Value.ToString(CultureInfo.CurrentCulture) : "not available";
 			} catch (SecurityAccessDeniedException) {
 				this.ageLabel.Text = "Access denied!";
+			} catch (MessageSecurityException) {
+				this.ageLabel.Text = "Access denied!";
 			}
 		}
 
@@ -105,6 +109,8 @@
 				this.favoriteSitesLabel.Text = string.Join(", ", favoriteSites);
 			} catch (SecurityAccessDeniedException) {
 				this.favoriteSitesLabel.Text = "Access denied!";
+			} catch (MessageSecurityException) {
+				this.favoriteSitesLabel.Text = "Access denied!";
 			}
 		}
 
diff --git a/samples/OAuthClient/Service References/SampleResourceServer/Reference.cs b/samples/OAuthClient/Service References/SampleResourceServer/Reference.cs
index 10f4265..5e6deaf 100644
--- a/samples/OAuthClient/Service References/SampleResourceServer/Reference.cs
+++ b/samples/OAuthClient/Service References/SampleResourceServer/Reference.cs
@@ -1,7 +1,7 @@
 //------------------------------------------------------------------------------
 // <auto-generated>
 //     This code was generated by a tool.
-//     Runtime Version:4.0.30319.1
+//     Runtime Version:4.0.30319.17614
 //
 //     Changes to this file may cause incorrect behavior and will be lost if
 //     the code is regenerated.
diff --git a/samples/OAuthClient/Web.config b/samples/OAuthClient/Web.config
index a5b9f06..b17ae43 100644
--- a/samples/OAuthClient/Web.config
+++ b/samples/OAuthClient/Web.config
@@ -1,7 +1,6 @@
 <?xml version="1.0"?>
 <configuration>
 	<configSections>
-		<section name="uri" type="System.Configuration.UriSection, System, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089"/>
 		<section name="log4net" type="log4net.Config.Log4NetConfigurationSectionHandler" requirePermission="false" />
 		<sectionGroup name="dotNetOpenAuth" type="DotNetOpenAuth.Configuration.DotNetOpenAuthSection, DotNetOpenAuth.Core">
 			<section name="openid" type="DotNetOpenAuth.Configuration.OpenIdElement, DotNetOpenAuth.OpenId" requirePermission="false" allowLocation="true" />
@@ -9,17 +8,6 @@
 			<section name="messaging" type="DotNetOpenAuth.Configuration.MessagingElement, DotNetOpenAuth.Core" requirePermission="false" allowLocation="true" />
 			<section name="reporting" type="DotNetOpenAuth.Configuration.ReportingElement, DotNetOpenAuth.Core" requirePermission="false" allowLocation="true" />
 		</sectionGroup>
-		<sectionGroup name="system.web.extensions" type="System.Web.Configuration.SystemWebExtensionsSectionGroup, System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35">
-			<sectionGroup name="scripting" type="System.Web.Configuration.ScriptingSectionGroup, System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35">
-				<section name="scriptResourceHandler" type="System.Web.Configuration.ScriptingScriptResourceHandlerSection, System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35" requirePermission="false" allowDefinition="MachineToApplication"/>
-				<sectionGroup name="webServices" type="System.Web.Configuration.ScriptingWebServicesSectionGroup, System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35">
-					<section name="jsonSerialization" type="System.Web.Configuration.ScriptingJsonSerializationSection, System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35" requirePermission="false" allowDefinition="Everywhere"/>
-					<section name="profileService" type="System.Web.Configuration.ScriptingProfileServiceSection, System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35" requirePermission="false" allowDefinition="MachineToApplication"/>
-					<section name="authenticationService" type="System.Web.Configuration.ScriptingAuthenticationServiceSection, System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35" requirePermission="false" allowDefinition="MachineToApplication"/>
-					<section name="roleService" type="System.Web.Configuration.ScriptingRoleServiceSection, System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35" requirePermission="false" allowDefinition="MachineToApplication"/>
-				</sectionGroup>
-			</sectionGroup>
-		</sectionGroup>
 	</configSections>
 
 	<!-- The uri section is necessary to turn on .NET 3.5 support for IDN (international domain names),
@@ -77,12 +65,8 @@
             affects performance, set this value to true only 
             during development.
         -->
-		<compilation debug="true">
+		<compilation debug="true" targetFramework="4.0">
 			<assemblies>
-				<add assembly="System.Core, Version=3.5.0.0, Culture=neutral, PublicKeyToken=B77A5C561934E089"/>
-				<add assembly="System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35"/>
-				<add assembly="System.Data.DataSetExtensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=B77A5C561934E089"/>
-				<add assembly="System.Xml.Linq, Version=3.5.0.0, Culture=neutral, PublicKeyToken=B77A5C561934E089"/>
 				<remove assembly="DotNetOpenAuth.Contracts"/>
 			</assemblies>
 		</compilation>
@@ -104,67 +88,12 @@
             <error statusCode="404" redirect="FileNotFound.htm" />
         </customErrors>
         -->
-		<pages>
-			<controls>
-				<add tagPrefix="asp" namespace="System.Web.UI" assembly="System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35"/>
-				<add tagPrefix="asp" namespace="System.Web.UI.WebControls" assembly="System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35"/>
-			</controls>
-		</pages>
-		<httpHandlers>
-			<remove verb="*" path="*.asmx"/>
-			<add verb="*" path="*.asmx" validate="false" type="System.Web.Script.Services.ScriptHandlerFactory, System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35"/>
-			<add verb="*" path="*_AppService.axd" validate="false" type="System.Web.Script.Services.ScriptHandlerFactory, System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35"/>
-			<add verb="GET,HEAD" path="ScriptResource.axd" type="System.Web.Handlers.ScriptResourceHandler, System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35" validate="false"/>
-		</httpHandlers>
-		<httpModules>
-			<add name="ScriptModule" type="System.Web.Handlers.ScriptModule, System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35"/>
-		</httpModules>
+		<pages controlRenderingCompatibilityVersion="3.5" clientIDMode="AutoID" />
 	</system.web>
-	<system.codedom>
-		<compilers>
-			<compiler language="c#;cs;csharp" extension=".cs" warningLevel="4" type="Microsoft.CSharp.CSharpCodeProvider, System, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089">
-				<providerOption name="CompilerVersion" value="v3.5"/>
-				<providerOption name="WarnAsError" value="false"/>
-			</compiler>
-			<compiler language="vb;vbs;visualbasic;vbscript" extension=".vb" warningLevel="4" type="Microsoft.VisualBasic.VBCodeProvider, System, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089">
-				<providerOption name="CompilerVersion" value="v3.5"/>
-				<providerOption name="OptionInfer" value="true"/>
-				<providerOption name="WarnAsError" value="false"/>
-			</compiler>
-		</compilers>
-	</system.codedom>
 	<!-- 
         The system.webServer section is required for running ASP.NET AJAX under Internet
         Information Services 7.0.  It is not necessary for previous version of IIS.
     -->
-	<system.webServer>
-		<validation validateIntegratedModeConfiguration="false"/>
-		<modules>
-			<remove name="ScriptModule"/>
-			<add name="ScriptModule" preCondition="managedHandler" type="System.Web.Handlers.ScriptModule, System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35"/>
-		</modules>
-		<handlers>
-			<remove name="WebServiceHandlerFactory-Integrated"/>
-			<remove name="ScriptHandlerFactory"/>
-			<remove name="ScriptHandlerFactoryAppServices"/>
-			<remove name="ScriptResource"/>
-			<add name="ScriptHandlerFactory" verb="*" path="*.asmx" preCondition="integratedMode" type="System.Web.Script.Services.ScriptHandlerFactory, System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35"/>
-			<add name="ScriptHandlerFactoryAppServices" verb="*" path="*_AppService.axd" preCondition="integratedMode" type="System.Web.Script.Services.ScriptHandlerFactory, System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35"/>
-			<add name="ScriptResource" preCondition="integratedMode" verb="GET,HEAD" path="ScriptResource.axd" type="System.Web.Handlers.ScriptResourceHandler, System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35"/>
-		</handlers>
-	</system.webServer>
-	<runtime>
-		<assemblyBinding xmlns="urn:schemas-microsoft-com:asm.v1">
-			<dependentAssembly>
-				<assemblyIdentity name="System.Web.Extensions" publicKeyToken="31bf3856ad364e35"/>
-				<bindingRedirect oldVersion="1.0.0.0-1.1.0.0" newVersion="3.5.0.0"/>
-			</dependentAssembly>
-			<dependentAssembly>
-				<assemblyIdentity name="System.Web.Extensions.Design" publicKeyToken="31bf3856ad364e35"/>
-				<bindingRedirect oldVersion="1.0.0.0-1.1.0.0" newVersion="3.5.0.0"/>
-			</dependentAssembly>
-		</assemblyBinding>
-	</runtime>
 	<log4net>
 		<appender name="TracePageAppender" type="OAuthClient.TracePageAppender, OAuthClient">
 			<layout type="log4net.Layout.PatternLayout">
@@ -182,35 +111,28 @@
 			<level value="ALL" />
 		</logger>
 	</log4net>
- <system.serviceModel>
-  <bindings>
-   <wsHttpBinding>
-    <binding name="WSHttpBinding_IDataApi" closeTimeout="00:01:00"
-     openTimeout="00:01:00" receiveTimeout="00:10:00" sendTimeout="00:01:00"
-     bypassProxyOnLocal="false" transactionFlow="false" hostNameComparisonMode="StrongWildcard"
-     maxBufferPoolSize="524288" maxReceivedMessageSize="65536" messageEncoding="Text"
-     textEncoding="utf-8" useDefaultWebProxy="true" allowCookies="false">
-     <readerQuotas maxDepth="32" maxStringContentLength="8192" maxArrayLength="16384"
-      maxBytesPerRead="4096" maxNameTableCharCount="16384" />
-     <reliableSession ordered="true" inactivityTimeout="00:10:00"
-      enabled="false" />
-     <security mode="Message">
-      <transport clientCredentialType="Windows" proxyCredentialType="None"
-       realm="" />
-      <message clientCredentialType="Windows" negotiateServiceCredential="true"
-       algorithmSuite="Default" />
-     </security>
-    </binding>
-   </wsHttpBinding>
-  </bindings>
-  <client>
-   <endpoint address="http://localhost:65170/DataApi.svc" binding="wsHttpBinding"
-    bindingConfiguration="WSHttpBinding_IDataApi" contract="SampleResourceServer.IDataApi"
-    name="WSHttpBinding_IDataApi">
-    <identity>
-     <dns value="localhost" />
-    </identity>
-   </endpoint>
-  </client>
- </system.serviceModel>
-</configuration>
+	<system.serviceModel>
+		<bindings>
+			<wsHttpBinding>
+				<binding name="WSHttpBinding_IDataApi" closeTimeout="00:01:00" openTimeout="00:01:00" receiveTimeout="00:10:00" sendTimeout="00:01:00" bypassProxyOnLocal="false" transactionFlow="false" hostNameComparisonMode="StrongWildcard" maxBufferPoolSize="524288" maxReceivedMessageSize="65536" messageEncoding="Text" textEncoding="utf-8" useDefaultWebProxy="true" allowCookies="false">
+					<readerQuotas maxDepth="32" maxStringContentLength="8192" maxArrayLength="16384" maxBytesPerRead="4096" maxNameTableCharCount="16384" />
+					<reliableSession ordered="true" inactivityTimeout="00:10:00" enabled="false" />
+					<security mode="Message">
+						<transport clientCredentialType="Windows" proxyCredentialType="None" realm="" />
+						<message clientCredentialType="Windows" negotiateServiceCredential="true" algorithmSuite="Default" />
+					</security>
+				</binding>
+			</wsHttpBinding>
+		</bindings>
+		<client>
+			<endpoint address="http://localhost:65170/DataApi.svc" binding="wsHttpBinding" bindingConfiguration="WSHttpBinding_IDataApi" contract="SampleResourceServer.IDataApi" name="WSHttpBinding_IDataApi">
+				<identity>
+					<dns value="localhost" />
+				</identity>
+			</endpoint>
+		</client>
+	</system.serviceModel>
+	<system.webServer>
+		<modules runAllManagedModulesForAllRequests="true" />
+	</system.webServer>
+</configuration>
+\ No newline at end of file
diff --git a/samples/OAuthClient/WindowsLive.aspx.cs b/samples/OAuthClient/WindowsLive.aspx.cs
index b550e17..05101a7 100644
--- a/samples/OAuthClient/WindowsLive.aspx.cs
+++ b/samples/OAuthClient/WindowsLive.aspx.cs
@@ -14,7 +14,7 @@
 	public partial class WindowsLive : System.Web.UI.Page {
 		private static readonly WindowsLiveClient client = new WindowsLiveClient {
 			ClientIdentifier = ConfigurationManager.AppSettings["windowsLiveAppID"],
-			ClientSecret = ConfigurationManager.AppSettings["WindowsLiveAppSecret"],
+			ClientCredentialApplicator = ClientCredentialApplicator.PostParameter(ConfigurationManager.AppSettings["WindowsLiveAppSecret"]),
 		};
 
 		protected void Page_Load(object sender, EventArgs e) {